Release 3.7.0 #965

## Description Quite a while ago we added the possibility to directly fund an XCC sub-account using a Near function call. The purpose of this function is to enable sponsoring XCC for an address without needing to use bridged wrapped $NEAR (which is somewhat inconvenient to work with). To make this function work with Aurora Cloud instances, which may not bridge wNEAR at all, the args allow specifying the wNEAR account ID. But the field is optional because on the public Aurora Engine instances you do not need to specify it since the Engine can figure it out independently based on its own configuration. Previously this XCC funding function was owner-only because if the wNEAR account ID is specified then it must be correct. However, this security restriction is only important if the optional field is actually specified since otherwise the Engine fills in the value itself. This PR makes XCC funding a public function if the wNEAR account ID is not specified. ## Performance / NEAR gas cost considerations N/A ## Testing Existing tests.

## Description ➡️ Implementation of [EIP-3607](https://eips.ethereum.org/EIPS/eip-3607) - reject transaction for accounts with not empty code.

## Description ➡️ Added **EVM CANCUN** hard fork support. Based on SputnikVM release [v0.42.0-aurora](https://github.com/aurora-is-near/sputnikvm/releases/tag/v0.42.0-aurora) ➡️ Changed `engine-tests` that related to **CACUN** changes ➡️ Solidity: updated to `0.8.25` which support **CANCUN** Features ➡️ Extended Transactions fields for **CANCUN** hard fork requirements ### Cancun hard fork ➡️ EVM impelentation of Cancun hard fork: aurora-is-near/sputnikvm/pull/39 ### Breaking changes ➡️ Transaction extended according to [EIP-4844](https://eips.ethereum.org/EIPS/eip-4844) requirements ### Gas cost Gas cost changed as expected insignificantly. - 2 tests: gas increased to `1 TGas` - 1 test: gas decreased to `1 TGas`

Co-authored-by: dwiekawki <[email protected]>

The `test` task is duplicated in the README. Co-authored-by: dwiekawki <[email protected]>

Co-authored-by: Oleksandr Anyshchenko <[email protected]>

) Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d"><code>74b2db2</code></a> 3.0.3</li> <li><a href="https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e"><code>88f1429</code></a> update eslint. lint, fix unit tests.</li> <li><a href="https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"><code>415d660</code></a> Snyk js braces 6838727 (<a href="https://redirect.github.com/micromatch/braces/issues/40">#40</a>)</li> <li><a href="https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6"><code>190510f</code></a> fix tests, skip 1 test in test/braces.expand</li> <li><a href="https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856"><code>716eb9f</code></a> readme bump</li> <li><a href="https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3"><code>a5851e5</code></a> Merge pull request <a href="https://redirect.github.com/micromatch/braces/issues/37">#37</a> from coderaiser/fix/vulnerability</li> <li><a href="https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538"><code>2092bd1</code></a> feature: braces: add maxSymbols (<a href="https://github.com/micromatch/braces/issues/">https://github.com/micromatch/braces/issues/</a>...</li> <li><a href="https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3"><code>9f5b4cf</code></a> fix: vulnerability (<a href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727</a>)</li> <li><a href="https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d"><code>98414f9</code></a> remove funding file</li> <li><a href="https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14"><code>665ab5d</code></a> update keepEscaping doc (<a href="https://redirect.github.com/micromatch/braces/issues/27">#27</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=braces&package-manager=npm_and_yarn&previous-version=3.0.2&new-version=3.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aurora-is-near/aurora-engine/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This PR adds the lang guards to the README for code formatting and highlighting

## Description Based on `SputnikVM` EVM optimizations: aurora-is-near/sputnikvm/pull/48 ### Gas cost ➡️ A lot of tests show gas decreased to: `1-2%` ➡️ For some tests gas cost increased, it'is related to: aurora-is-near/sputnikvm/pull/46 as it's requires additional NEAR storage read operation.

`It's` (possessive) rather than `Its`.

### Description To be fully compatible with EVM, we should: :arrow_right: Success| Revert :arrow_right: ExitError - Execution errors should charge gas from users :arrow_right: ExitFatal - shouldn't charge user gas :arrow_right: Transactions validation errors should not charge user gas This PR changed the logic for EVM exit reason gas charge for users, which includes EVM execution errors gas charge. Previously transaction just panicked, and user's gas was not charged. #### EVM Related to EVM changes: aurora-is-near/sputnikvm/pull/52 --------- Co-authored-by: Oleksandr Anyshchenko <[email protected]>

@birchmd

## Description After some investigation, we realised that the problem was caused by a change in gas costs after switching to near protocol version 66. The change relates to the amount of gas used to load contract data, which was [changed](https://github.com/near/nearcore/blob/master/core/parameters/res/runtime_configs/66.yaml#L15) from 216750 to 1089295 Gas per byte. The change increases the amount of gas used in the `mirror_erc20_token_callback` to approximately to 1TGas. So, more than 5TGas is needed now. Thanks to @birchmd for his help with this investigation. ## Performance / NEAR gas cost considerations There are no changes in the performance. ## Testing #950 bumps `near-workspace` to 0.12, which contains updated `near-sandbox` 2.1.1. on which the error is reproduced. ## How should this be reviewed Check that the problem no longer reproduces after this commit is included in #950.

## Description The motivation for adding this PR is the potentially incontinent behaviour of the Aurora contract on-chain and in our tests, due to the outdated version of the `neard-sandbox` that could be used in the `near-workspaces`. The PR adds a script that builds an actual version of the `neard-sandbox` for each network (mainnet and testnet) for use in the scheduled tests in the Github CI. The PR fixes the `test_exit_to_near_wnear*` tests that started failing after the near-workspace was bumped to 0.12 (near-sandbox 2.1.1).

## Description After switching to the new version of the `near-vm-runner` we can see increased consumption of the NEAR gas almost in every test. The reason is expected since the amount of gas per byte of loaded contract was [increased](https://github.com/near/nearcore/blob/master/core/parameters/res/runtime_configs/66.yaml#L15) from `216750` to `1089295`. In our case it's `1220709 * 1089295` instead of `1220709 * 216750` where the difference is `1065123534405 Gas` or `1,07 TGas`. ## Performance / NEAR gas cost considerations NEAR gas consumption was increased for obvious reasons.

## Description The PR fixes a path to the `neard-sandbox` in the schedule CI script.

## Description The PR decreases the number of parallel tasks in scheduled action in the CI, which is executed on the self-hoted runner.

Co-authored-by: Oleksandr Anyshchenko <[email protected]>

## Description This PR modifies `hardhat.config.js` to support contract verification on a desired network. It also includes README.md that describes all necessary steps. ## Performance / NEAR gas cost considerations This does not affect performance or gas usage since it does not introduce any changes to the engine ## Testing Just follow steps described in README.md --------- Co-authored-by: Oleksandr Anyshchenko <[email protected]>

## Description The PR adds Slack notifications in case of failure of scheduled tasks.

## Description The release notes for upcoming Release 3.7.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release 3.7.0 #965

Release 3.7.0 #965

Commits on Oct 10, 2024