Skip to content

Feature/gateway upgrade mode #5986

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jstuczyn wants to merge 10 commits into from
Closed

Feature/gateway upgrade mode #5986

jstuczyn wants to merge 10 commits into from

Conversation

@jstuczyn
Copy link
Contributor

@jstuczyn jstuczyn commented Aug 28, 2025
edited
Loading

implements naive versions NET-451 and NET-450 as part of NET-341

depends on #5957

relevant API changes:

nym-gateway-requests

Changed

  • bumped up CURRENT_PROTOCOL_VERSION from 5 to 6 ('upgrade mode')
  • ServerResponse::Authenticate contains upgrade_mode flag to indicate whether gateway thinks the system is undergoing the upgrade
  • ServerResponse::Register contains upgrade_mode flag to indicate whether gateway thinks the system is undergoing the upgrade
  • ServerResponse::Bandwidth contains upgrade_mode flag to indicate whether gateway thinks the system is undergoing the upgrade
  • ServerResponse::Send contains upgrade_mode flag to indicate whether gateway thinks the system is undergoing the upgrade

nym-credentials-interface

Added

  • BandwidthCredential to act as a wrapper for different types of credentials. current the old CredentialSpendingData (i.e. ticketbooks) and jwt tokens issued during upgrade mode. in the future it will also include emergency mode credentials issued by signer quorum:

nym-authenticator-requests

Added

  • BandwidthClaim type to wrap around BandwidthCredential and to also include an explicit type (i.e. mixnet/wg entry/exit)
  • v6 version of authenticator messages
    • each response type includes additional upgrade_mode_enabled: bool field
    • FinalMessage uses BandwidthClaim instead of CredentialSpendingData for the credential field

Changed

  • FinalMessage trait method credential() now returns Option<BandwidthClaim> rather than Option<CredentialSpendingData> to allow the upgrade mode flow where user would not have a valid zk-nym

This change is Reviewable

@vercel
Copy link

vercel bot commented Aug 28, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
nym-explorer-v2 Ready Ready Preview Comment Nov 3, 2025 4:51pm
nym-node-status Ready Ready Preview Comment Nov 3, 2025 4:51pm
1 Skipped Deployment
Project Deployment Preview Comments Updated (UTC)
docs-nextra Ignored Ignored Preview Nov 3, 2025 4:51pm

@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from 3d8a06a to a1b46ad Compare August 28, 2025 08:19
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from 8317741 to df53d25 Compare August 28, 2025 08:35
@jstuczyn jstuczyn force-pushed the feature/credential-proxy-jwt branch from 5f8be2d to df54ef8 Compare September 2, 2025 08:41
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from de7e53b to d69e499 Compare September 2, 2025 09:06
@jstuczyn jstuczyn force-pushed the feature/credential-proxy-jwt branch 4 times, most recently from be69a8f to 038c496 Compare October 10, 2025 09:14
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from d69e499 to 199df96 Compare October 10, 2025 12:08
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from 199df96 to 0573b9f Compare October 13, 2025 09:03
@jstuczyn jstuczyn force-pushed the feature/credential-proxy-jwt branch from 17259f6 to 106cba0 Compare October 30, 2025 12:30
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from 8f4b896 to 8ea0088 Compare October 30, 2025 12:30
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from 8ea0088 to bb3055a Compare October 30, 2025 13:13
@jstuczyn jstuczyn force-pushed the feature/credential-proxy-jwt branch from 106cba0 to 8c15a5c Compare October 30, 2025 13:13
@jstuczyn jstuczyn force-pushed the feature/credential-proxy-jwt branch from a0eafc0 to 737b465 Compare November 3, 2025 15:21
Base automatically changed from feature/credential-proxy-jwt to develop November 3, 2025 16:42
jstuczyn added 10 commits November 3, 2025 16:44
@jstuczyn
squashing before rebasing
7f43f38 
post rebasing fixes

AuthenticatorVersion helpers

additional nits

allow unwraps in mocks

fixed linux build

clippy

integrating upgrade mode into authenticator

fixed build after adding wrappers to response types

conditionally updating peer handle bandwidth

cleanup

negotiate initial protocol during registration

change auth to use highest protocol

handler for JWT message

dont meter client bandwidth in upgrade mode

handling recheck requests

sending information about upgrade_mode on client messages

gateway watching for upgrade mode attestation

wip: gateways to disable bandwidth metering on upgrade mode
@jstuczyn
fix gateway probe and remove code duplication for finalizing registra…
3f82cf6 
…tion
@jstuczyn
bugfix: make sure to immediately poll for attestation after spawning …
5827937 
…task
@jstuczyn
v2 wireguard private metadata
d078ca8
@jstuczyn
passing upgrade mode information in metadata endpoint
130f2d6
@jstuczyn
adding tests for new v2 server
410dd6f
@jstuczyn
expose upgrade mode information in authenticator responses
17894e5
@jstuczyn
bugfix: default bandwidth response for authenticator
fb29b6f
@jstuczyn
placeholder handling of wg registration with upgrade mode token
d28f54d
@jstuczyn
include upgrade mode credentials as part of credential storage
b10e8db
@jstuczyn jstuczyn force-pushed the feature/gateway-upgrade-mode branch from bb3055a to b10e8db Compare November 3, 2025 16:44
@jstuczyn
Copy link
Contributor Author

jstuczyn commented Nov 4, 2025

superseded by #6174

@jstuczyn jstuczyn closed this Nov 4, 2025
@jstuczyn jstuczyn mentioned this pull request Nov 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mfahampshire mfahampshire Awaiting requested review from mfahampshire

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jstuczyn @benedettadavico