fe2edca1ba
* refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): use newer google auth action * fix (cd): use newer secret as gcp credential * fix (docker): do not create extra directories * fix (docker): ignore .github for caching purposes * fix (docker): use latest rust * fix (cd): bump build timeout * fix: use a better name for manual deployment * refactor (docker): use standard directories for executable * fix (cd): most systems expect a "latest" tag Caching from the latest image is one of the main reasons to add this extra tag. Before this commit, the inline cache was not being used. * fix (cd): push the build image and the cache separately The inline cache exporter only supports `min` cache mode. To enable `max` cache mode, push the image and the cache separately by using the registry cache exporter. This also allows for smaller release images. * fix (cd): remove unused GHA cache We're leveraging the registry to cache the actions, instead of using the 10GB limits from Github Actions cache storage * refactor (cd): use cargo-chef for caching rust deps * fix: move build system deps before cargo cheg cook * fix (release): use newer debian to reduce vulnerabilities * fix (cd): use same zone, region and service accounts * fix (cd): use same disk size and type for all deployments * refactor (cd): activate interactive shells Use interactive shells for manual and test deployments. This allow greater flexibility if troubleshooting is needed inside the machines * refactor (test): use docker artifact from registry Instead of using a VM to SSH into in to build and test. Build in GHA (to have the logs available), run the workspace tests in GHA, and just run the sync tests in GCP Use a cintainer VM with zebra's image directly on it, and pass the needed parameters to run the Sync past mandatory checkpoint. * tmp (cd): bump timeout for building from scratch * tmp (test): bump build time * fix (cd, test): bump build time-out to 210 minutes * fix (docker): do not build with different settings Compiling might be slow because different steps are compiling the same code 2-4 times because of the variations * revert (docker): do not fix the rust version * fix (docker): build on the root directory * refactor(docker): Use base image commands and tools * fix (cd): use correct variables & values, add build concurrency * fix(cd): use Mainnet instead of mainnet * imp: remove checkout as Buildkit uses the git context * fix (docker): just Buildkit uses a .dockerignore in a path * imp (cd): just use needed variables in the right place * imp (cd): do not checkout if not needed * test: run on push * refactor(docker): reduce build changes * fix(cd): not checking out was limiting some variables * refactor(test): add an multistage exclusive for testing * fix(cd): remove tests as a runtime dependency * fix(cd): use default service account with cloud-platform scope * fix(cd): revert checkout actions * fix: use GA c2 instead of Preview c2d machine types * fix(actions): remove workflow_dispatch from patched actions This causes GitHub confusion as it can't determined which of the actions using workflow_dispatch is the right one * fix(actions): remove patches from push actions * test: validate changes on each push * fix(test): wrong file syntax on test job * fix(test): add missing env parameters * fix(docker): Do not rebuild to download params and run tests * fix(test): setup gcloud and loginto artifact just when needed Try not to rebuild the tests * fix(test): use GCP container to sync past mandatory checkpoint * fix(test): missing separators * test * fix(test): mount the available disk * push * refactor(test): merge disk regeneration into test.yml * fix(cd): minor typo fixes * fix(docker): rebuild on .github changes * fix(cd): keep compatibility with gcr.io To prevent conflicts between registries, and migrate when the time is right, we'll keep pushing to both registries and use github actions cache to prevent conflicts between artifacts. * fix(cd): typo and scope * fix(cd): typos everywhere * refactor(test): use smarter docker wait and keep old registry * fix(cd): do not constraint the CPUs for bigger machines * revert(cd): reduce PR diff as there's a separate one for tests * fix(docker): add .github as it has no impact on caching * fix(test): run command correctly * fix(test): wiat and create image if previous step succeded * force rebuild * fix(test): do not restrict interdependant steps based on event * force push * feat(docker): add google OS Config agent Use a separate step to have better flexibility in case a better approach is available * fix(test): remove all hardoced values and increase disks * fix(test): use correct commands on deploy * fix(test): use args as required by google * fix(docker): try not to invalidate zebrad download cache * fix(test): minor typo * refactor(test): decouple jobs for better modularity This also allows faster tests as testing Zunstable won't be a dependency and it can't stop already started jobs if it fails. * fix(test): Do not try to execute ss and commands in one line * fix(test): do not show undeeded information in the terminal * fix(test): sleep befor/after machine creation/deletion * fix(docker): do not download zcash params twice * feat(docker): add google OS Config agent Use a separate step to have better flexibility in case a better approach is available * merge: docker-actions-refactor into docker-test-refactor * test docker wait scenarios * fix(docker): $HOME variables is not being expanded * fix(test): allow docker wait to work correctly * fix(docker): do not use variables while using COPY * fix(docker): allow to use zebrad as a command * fix(cd): use test .yml from main * fix(cd): Do not duplicate network values The Dockerfile has an ARG with a default value of 'Mainnet', if this value is changed it will be done manually on a workflow_dispatch, making the ENV option a uneeded duplicate in this workflow * fix(test): use bigger machine type for compute intensive tasks * refactor(test): add tests in CI file * fix(test): remove duplicated tests * fix(test): typo * test: build on .github changes temporarily * fix(test): bigger machines have no effect on sync times * feat: add an image to inherit from with zcash params * fix(cd): use the right image name and allow push to test * fix(cd): use the right docker target and remove extra builds * refactor(docker): use cached zcash params from previous build * fix(cd): finalize for merging * imp(cd): add double safety measure for production * fix(cd): use specific SHA for containers * fix(cd): use latest gcloud action version * fix(test): use the network as Mainnet and remove the uppercase from tests * fix(test): run disk regeneration on specific file change Just run this regeneration when changing the following files: https://github.com/ZcashFoundation/zebra/blob/main/zebra-state/src/service/finalized_state/disk_format.rs https://github.com/ZcashFoundation/zebra/blob/main/zebra-state/src/service/finalized_state.rs https://github.com/ZcashFoundation/zebra/blob/main/zebra-state/src/constants.rs * refactor(test): seggregate disks regeneration from tests Allow to regenerate disks without running tests, and to run tests from previous disk regeneration. Disk will be regenerated just if specific files were changed, or triggered manually. Tests will run just if a disk regeneration was not manually triggered. * fix(test): gcp disks require lower case conventions * fix(test): validate logs being emmited by docker GHA is transforming is somehow transforwing the variable to lowercase also, so we're changint it to adapt to it * test * fix(test): force tty terminal * fix(test): use a one line command to test terminal output * fix(test): always delete test instance * fix(test): use short SHA from the PR head Using the SHA from the base, creates confusion and it's not accurate with the SHA being shown and used on GitHub. We have to keep both as manual runs with `workflow_dispatch` does not have a PR SHA * fix(ci): do not trigger CI on docker changes There's no impact in this workflow when a change is done in the dockerfile * Instead of runing cargo test when the instance gets created, run this commands afterwards in a different step. As GHA TTY is not working as expected, and workarounds does not play nicely with `gcloud compute ssh` actions/runner#241 (comment) we decided to get the container name from the logs, log directly to the container and run the cargo command from there. * doc(test): document reasoning for new steps * fix(test): increase machine type and ssh timeout * fix(test): run tests on creation and follow container logs This allows to follow logs in Github Actions terminal, while the GCP container is still running. Just delete the instance when following the logs ends successfully or fails * finalize(test): do not rebuild image when changing actions * fix(test): run tests on creation and follow container logs This allows to follow logs in Github Actions terminal, while the GCP container is still running. Just delete the instance when following the logs ends successfully or fails Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> |
||
|---|---|---|
| .cargo | ||
| .github | ||
| book | ||
| docker | ||
| grafana | ||
| tower-batch | ||
| tower-fallback | ||
| zebra-chain | ||
| zebra-client | ||
| zebra-consensus | ||
| zebra-network | ||
| zebra-rpc | ||
| zebra-script | ||
| zebra-state | ||
| zebra-test | ||
| zebra-utils | ||
| zebrad | ||
| .dockerignore | ||
| .gitignore | ||
| CHANGELOG.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| LICENSE-APACHE | ||
| LICENSE-MIT | ||
| README.md | ||
| SECURITY.md | ||
| clippy.toml | ||
| codecov.yml | ||
| deny.toml | ||
| firebase.json | ||
| katex-header.html | ||
| prometheus.yaml | ||
README.md
Contents
- Contents
- About
- Beta Releases
- Getting Started
- Known Issues
- Future Work
- Documentation
- Security
- License
About
Zebra is the Zcash Foundation's independent, consensus-compatible implementation of a Zcash node, currently under development. It can be used to join the Zcash peer-to-peer network, which helps keeping Zcash working by validating and broadcasting transactions, and maintaining the Zcash blockchain state in a distributed manner. Please join us on Discord if you'd like to find out more or get involved!
Zcash is a cryptocurrency designed to preserve the user's privacy. Like most cryptocurrencies, it works by a collection of software nodes run by members of the Zcash community or any other interested parties. The nodes talk to each other in peer-to-peer fashion in order to maintain the state of the Zcash blockchain. They also communicate with miners who create new blocks. When a Zcash user sends Zcash, their wallet broadcasts transactions to these nodes which will eventually reach miners, and the mined transaction will then go through Zcash nodes until they reach the recipient's wallet which will report the received Zcash to the recipient.
The original Zcash node is named zcashd and is developed by the Electric Coin
Company as a fork of the original Bitcoin node. Zebra, on the other hand, is
an independent Zcash node implementation developed from scratch. Since they
implement the same protocol, zcashd and Zebra nodes can communicate with each
other and maintain the Zcash network interoperably.
If you just want to send and receive Zcash then you don't need to use Zebra directly. You can download a Zcash wallet application which will handle that for you. (Eventually, Zebra can be used by wallets to implement their functionality.) You would want to run Zebra if you want to contribute to the Zcash network: the more nodes are run, the more reliable the network will be in terms of speed and resistance to denial of service attacks, for example.
These are some of the advantages or benefits of Zebra:
- Better performance: since it was implemented from scratch in an async, parallelized way, Zebra
is currently faster than
zcashd. - Better security: since it is developed in a memory-safe language (Rust), Zebra is less likely to be affected by memory-safety and correctness security bugs that could compromise the environment where it is run.
- Better governance: with a new node deployment, there will be more developers who can implement different features for the Zcash network.
- Dev accessibility: supports more developers, which gives new developers options for contributing to Zcash protocol development.
- Runtime safety: with an independent implementation, the detection of consensus bugs can happen quicker, reducing the risk of consensus splits.
- Spec safety: with several node implementations, it is much easier to notice bugs and ambiguity in protocol specification.
- User options: different nodes present different features and tradeoffs for users to decide on their preferred options.
- Additional contexts: wider target deployments for people to use a consensus node in more contexts e.g. mobile, wasm, etc.
Beta Releases
Every few weeks, we release a new Zebra beta release.
Zebra's network stack is interoperable with zcashd,
and Zebra implements all the features required to reach Zcash network consensus.
The goals of the beta release series are for Zebra to act as a fully validating Zcash node, for all active consensus rules as of NU5 activation.
Currently, Zebra validates all of the documented Zcash consensus rules, but it may not validate any:
Other
- Undocumented rules derived from Bitcoin
- Undocumented network protocol requirements
Getting Started
Building zebrad requires Rust,
libclang, and a C++ compiler.
Build and Run Instructions
zebrad is still under development, so there is no supported packaging or
install mechanism. To run zebrad, follow the instructions to compile zebrad
for your platform:
- Install
cargoandrustc. - Install Zebra's build dependencies:
- libclang: the
libclang,libclang-dev,llvm, orllvm-devpackages, depending on your package manager - clang or another C++ compiler:
g++,Xcode, orMSVC
- libclang: the
- Run
cargo install --locked --git https://github.com/ZcashFoundation/zebra --tag v1.0.0-beta.4 zebrad - Run
zebrad start(see Running Zebra for more information)
If you're interested in testing out zebrad please feel free, but keep in mind
that there is a lot of key functionality still missing.
For more detailed instructions, refer to the documentation.
System Requirements
The recommended requirements for compiling and running zebrad are:
- 4+ CPU cores
- 16+ GB RAM
- 50GB+ available disk space for finalized state
- 100+ Mbps network connections
We continuously test that our builds and tests pass on:
The latest GitHub Runners for:
- Windows Server
- macOS
- Ubuntu
Docker:
- Debian Buster
Zebra's tests can take over an hour, depending on your machine. We're working on making them faster.
zebrad might build and run fine on smaller and slower systems - we haven't
tested its exact limits yet.
For more detailed requirements, refer to the documentation.
Memory Troubleshooting
If Zebra's build runs out of RAM, try setting:
export CARGO_BUILD_JOBS=2
If Zebra's tests timeout or run out of RAM, try running:
cargo test -- --test-threads=2
(cargo uses all the processor cores on your machine by default.)
macOS Test Troubleshooting
Some of Zebra's tests deliberately cause errors that make Zebra panic. macOS records these panics as crash reports.
If you are seeing "Crash Reporter" dialogs during Zebra tests, you can disable them using this Terminal.app command:
defaults write com.apple.CrashReporter DialogType none
Network Ports and Data Usage
By default, Zebra uses the following inbound TCP listener ports:
- 8233 on Mainnet
- 18233 on Testnet
zebrad's typical network usage is:
- Initial sync: 30 GB download
- Ongoing updates: 10-50 MB upload and download per day, depending on peer requests
For more detailed information, refer to the documentation.
Network Troubleshooting
Some of Zebra's tests download Zcash blocks, so they might be unreliable depending on your network connection.
You can set ZEBRA_SKIP_NETWORK_TESTS=1 to skip the network tests.
Zebra may be unreliable on Testnet, and under less-than-perfect network conditions. See our roadmap for details.
Known Issues
There are a few bugs in Zebra that we're still working on fixing:
- In rare cases, Zebra panics on shutdown #1678
- Interrupt handler does not work when a blocking task is running #1351
- Zebra should eventually exit once the task finishes. Or you can forcibly terminate the process.
Zebra's state commits changes using database transactions. If you forcibly terminate it, or it panics, any incomplete changes will be rolled back the next time it starts.
Future Work
In 2021, we intend to finish NU5 validation, start adding RPC support and start adding wallet integrations. This phased approach allows us to test Zebra's independent implementation of the consensus rules, before asking users to entrust it with their funds.
Features:
- Full consensus rule validation
- Wallet functionality
- RPC functionality
Performance and Reliability:
- Reliable syncing on Testnet
- Reliable syncing under poor network conditions
- Batch verification
- Performance tuning
Currently, the following features are out of scope:
- Mining support
- Optional Zcash network protocol messages
- Consensus rules removed before Canopy activation (Zebra checkpoints on Canopy activation)
Documentation
The Zebra website contains user documentation, such as how to run or configure Zebra, set up metrics integrations, etc., as well as developer documentation, such as design documents. We also render API documentation for the external API of our crates, as well as internal documentation for private APIs.
Security
Zebra has a responsible disclosure policy, which we encourage security researchers to follow.
License
Zebra is distributed under the terms of both the MIT license and the Apache License (Version 2.0).
See LICENSE-APACHE and LICENSE-MIT.