Conversation
- Add full implementation of CVM-EVM hybrid architecture - Integrate EVMC host interface with comprehensive trust features - Implement enhanced VM engine with cross-format contract execution - Add new modules for block validation, storage, and gas management - Introduce trust context and reputation-based execution controls - Complete bytecode detection and optimization utilities - Update build configuration and Makefile to support new CVM components - Implement EVM RPC and transaction priority management - Add reputation signature and resource management modules Completes Phase 1 and Phase 2 of CVM-EVM enhancement, providing full Ethereum Virtual Machine compatibility with Cascoin's trust-aware architecture.
This reverts commit 1589874.
…upport - Bump version from 4.0.0 to 4.1.0 across configure scripts and version headers - Fix EVMC/EVMOne library linking for Windows cross-compilation by adding libevmone-standalone - Update liboqs minimal build configuration to use correct SIG_ prefix format - Add qttools support to native Qt build with lrelease and linguist tools - Enable linguist feature flags in native Qt configuration for translation support - Add native Qt patches directory for qttools dependency handling - Create quantum registry stub implementation for script validation - Update encrypted mempool and L2 faucet implementations - Improve Falcon quantum signature algorithm implementation - Add Windows build documentation updates - Consolidate build system makefiles for better cross-platform compatibility
…m handling - Add quantum endianness fix specification documents (.kiro/specs/) - Reverse byte order in DecodeDestination() to store LE in WitnessV2Quantum - Add LE→BE reversal in EncodeDestination() visitor for Bech32m encoding - Remove compensating byte reversals from VerifyWitnessV2Quantum() in interpreter.cpp - Remove compensating byte reversals from ProduceSignature() in sign.cpp - Remove compensating byte reversals from IsSolvable() in sign.cpp - Remove compensating byte reversals from IsMine() in ismine.cpp - Fix hash function mismatch in VerifyQuantumTransaction() (Hash→CSHA256) - Add quantum endianness property tests in quantum_endianness_property_tests.cpp - Update quantum_tests.cpp with additional test coverage - Add SafeInvoke utility header for Qt thread-safe operations - Update Makefile.test.include to include new test files - Update base58.cpp, block_validator.cpp, enhanced_vm.cpp for consistency - Update Qt models (beenftpage.cpp, beenfttablemodel.cpp/h, hivetablemodel.cpp) Establishes LE as canonical byte order throughout the quantum witness pipeline, eliminating ad-hoc compensating reversals and fixing the hash function mismatch between GetQuantumID() and VerifyQuantumTransaction().
- Add template parameter T to allow QPointer of any QObject-derived type - Extract guard.data() to intermediate QObject* variable for clarity - Maintain null-check safety before invoking queued method - Improve code readability by separating pointer extraction from method invocation
- Add three new RPC endpoints for contract management: listmycontracts, getcontractstorage, and getcontractreceipts - Implement listmycontracts to enumerate all contracts deployed by wallet addresses with metadata - Implement getcontractstorage to retrieve all storage entries for a given contract address - Implement getcontractreceipts to fetch transaction receipts associated with a contract - Create new cvmdashboard_contracts.h UI component for contract list, details, storage browser, and transaction history - Add contract interaction interface with ABI-based function call support - Update CVMDatabase with new query methods for contract enumeration and receipt filtering - Add comprehensive test suite in cvm_dashboard_contracts_tests.cpp - Update build system Makefiles to include new components and tests - Add detailed specification documents (design.md, requirements.md, tasks.md) for contract management feature - Enables wallet users to view, manage, and interact with deployed contracts through the dashboard
- Fix for showing 0 mices after a day running
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| description: 'Release-Job überspringen?' | ||
| required: false | ||
| default: 'true' | ||
| type: boolean |
There was a problem hiding this comment.
skip_release input defined but never checked
Medium Severity
The skip_release workflow input is defined with default: 'true', suggesting the intent is to skip the release job by default on manual triggers. However, the release job's if condition only checks github.event_name == 'workflow_dispatch' and never references inputs.skip_release. This means every manual workflow dispatch will attempt to create a release, which is the opposite of the intended behavior implied by the default value of 'true'.
Additional Locations (1)
| --with-boost="$BOOST_ROOT" \ | ||
| MOC="$QT_HOST_BINS/moc" \ | ||
| UIC="$QT_HOST_BINS/uic" \ | ||
| RCC="$QT_HOST_BINS/rcc" |
There was a problem hiding this comment.
macOS build missing CVM and quantum support flags
Low Severity
The macOS build's configure step omits --enable-evmc, --with-evmc, --with-evmone, and --enable-quantum flags that are present in the Linux build, and it doesn't install the required dependencies (liboqs, EVMC, evmone). Given this PR is specifically about CVM (EVM Compatible) support, the macOS distribution will lack the core feature being introduced.
| else | ||
| echo "::error::Keine Run-ID angegeben und kein workflow_run Event" | ||
| exit 1 | ||
| fi |
There was a problem hiding this comment.
Deploy workflow fails when run_id is empty
Medium Severity
The run_id input description says "leer = letzter erfolgreicher Build" (empty = last successful build), but when a user triggers workflow_dispatch with an empty run_id, the logic falls through to the else branch and exits with an error. The promised fallback to the last successful build is never implemented, so the documented default behavior doesn't work.
| chmod +x cascoind cascoin-cli cascoin-tx cascoin-qt cascoind-wrapper cascoin-qt-wrapper 2>/dev/null || true | ||
|
|
||
| echo "==> Starting testnet daemon..." | ||
| nohup /root/testnetcascoin/cascoind -testnet -shrinkdebugfile > /dev/null 2>&1 & |
There was a problem hiding this comment.
Seed server deploy missing shared libraries for new dependencies
High Severity
The seed server deployment copies only binaries (no shared libraries) and starts cascoind without setting LD_LIBRARY_PATH. Server 1 and Server 2 deploy the full distribution archive including lib/x86_64-linux-gnu/ and set LD_LIBRARY_PATH, but the seed server path copies individual binaries from the bin/ directory only. With the newly added dynamic dependencies on libevmone, liboqs, and libevmc, the daemon on the seed server will fail to start due to missing shared libraries. The error is also silenced since stdout/stderr goes to /dev/null.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
- Remove access control enforcement from block validation (moved to TX submission) - Log deployment operations for auditing without blocking block acceptance - Update bytecode extraction to check full witness stack with legacy fallback support - Fix nonce management by removing duplicate GetNextNonce() calls in DeployContract - Change failed deployments to consume gas and advance nonce instead of invalidating block - Add deployment metadata tracking (TX hash and block height) to contract records - Update contract call failures to not invalidate blocks, matching EVM semantics - Improve error logging with transaction hash, caller/deployer, and contract address context - Initialize TrustContext with database reference for reputation lookups - Ensure failed executions consume full gas limit when VM cannot report actual usage
…zation - Rename variable `final` to `final_val` in reputation calculation to avoid naming conflicts - Add serialization support for `unique_partners` std::set in BehaviorMetrics using vector conversion - Include `securehat.h` header in block_validator.cpp for HAT integration - Implement `UpdateActivityMetrics()` helper function to update behavior and temporal metrics after CVM activity - Call `UpdateActivityMetrics()` after contract deployment (both metadata-only and full execution) - Call `UpdateActivityMetrics()` after contract execution calls to track caller interactions - Add purple "deploy" edge type to trust graph visualization for contract deployment relationships - Implement fallback visualization showing contract deployers as standalone nodes when no trust relationships exist - Display wallet-centric contract deployment graph with contract metadata (format, code size)
|
1 participant
Complete your own CVM (Cascoin Virtual Machine) with EVM compatibility
Note
Medium Risk
Moderate risk because it significantly changes CI/release behavior, builds third-party crypto/EVM libraries from source in CI, and adds an SSH-based deployment workflow that can affect testnet environments if misconfigured.
Overview
The build workflow is expanded to compile and package additional dependencies for EVM compatibility and post-quantum crypto on Linux by building
EVMC/evmoneandliboqsfrom source, enabling--enable-evmc/--enable-quantumat./configure, and bundling these libraries into the Linux distribution tarball.CI is reworked to run on
defaultrunners, adds a new macOS (macos-14) build + distribution artifact, and tweaks the Windows cross-build to use the MinGW POSIX threading toolchain and updated cache keys; artifacts are now suffixed with${{ github.run_id }}and the release job is updated to download and publish Linux/Windows/macOS assets accordingly.A new
Deploy Testnetworkflow is added that can run automatically after a successful build (or manually via arun_id), downloads the Linux distribution artifact, then deploys it over SSH to multiple testnet servers, restarts daemons, verifies processes, and cleans up SSH materials. Documentation/spec files under.kiro/specs/are added (no runtime code changes), and.gitignorenow ignoresmcp.json.Written by Cursor Bugbot for commit 80b0afe. This will update automatically on new commits. Configure here.