[main] Update 2025-01-21.23 (#284)

Reference commit: d794e7a005

Co-authored-by: Canton <canton@digitalasset.com>

UNRELEASED.md

@@ -6,6 +6,37 @@ Please also consult the [full documentation of this release](https://docs.daml.c
 ## Until 2025-01-22 (Exclusive)
 
 - Added metric `daml.mediator.approved-requests.total` to count the number of approved confirmation requests
+- Topology related error codes have been renamed to contain the prefix `TOPOLOGY_`:
+  - Simple additions of prefix
+    - `SECRET_KEY_NOT_IN_STORE` -> `TOPOLOGY_SECRET_KEY_NOT_IN_STORE`
+    - `SERIAL_MISMATCH` -> `TOPOLOGY_SERIAL_MISMATCH`
+    - `INVALID_SYNCHRONIZER` -> `TOPOLOGY_INVALID_SYNCHRONIZER`
+    - `NO_APPROPRIATE_SIGNING_KEY_IN_STORE` -> `TOPOLOGY_NO_APPROPRIATE_SIGNING_KEY_IN_STORE`
+    - `NO_CORRESPONDING_ACTIVE_TX_TO_REVOKE` -> `TOPOLOGY_NO_CORRESPONDING_ACTIVE_TX_TO_REVOKE`
+    - `REMOVING_LAST_KEY_MUST_BE_FORCED` -> `TOPOLOGY_REMOVING_LAST_KEY_MUST_BE_FORCED`
+    - `DANGEROUS_COMMAND_REQUIRES_FORCE_ALIEN_MEMBER` -> `TOPOLOGY_DANGEROUS_COMMAND_REQUIRES_FORCE_ALIEN_MEMBER`
+    - `REMOVING_KEY_DANGLING_TRANSACTIONS_MUST_BE_FORCED` -> `TOPOLOGY_REMOVING_KEY_DANGLING_TRANSACTIONS_MUST_BE_FORCED`
+    - `INCREASE_OF_SUBMISSION_TIME_TOLERANCE` -> `TOPOLOGY_INCREASE_OF_SUBMISSION_TIME_TOLERANCE`
+    - `INSUFFICIENT_KEYS` -> `TOPOLOGY_INSUFFICIENT_KEYS`
+    - `UNKNOWN_MEMBERS` -> `TOPOLOGY_UNKNOWN_MEMBERS`
+    - `UNKNOWN_PARTIES` -> `TOPOLOGY_UNKNOWN_PARTIES`
+    - `ILLEGAL_REMOVAL_OF_SYNCHRONIZER_TRUST_CERTIFICATE` -> `TOPOLOGY_ILLEGAL_REMOVAL_OF_SYNCHRONIZER_TRUST_CERTIFICATE`
+    - `PARTICIPANT_ONBOARDING_REFUSED` -> `TOPOLOGY_PARTICIPANT_ONBOARDING_REFUSED`
+    - `MEDIATORS_ALREADY_IN_OTHER_GROUPS` -> `TOPOLOGY_MEDIATORS_ALREADY_IN_OTHER_GROUPS`
+    - `MEMBER_CANNOT_REJOIN_SYNCHRONIZER` -> `TOPOLOGY_MEMBER_CANNOT_REJOIN_SYNCHRONIZER`
+    - `NAMESPACE_ALREADY_IN_USE` -> `TOPOLOGY_NAMESPACE_ALREADY_IN_USE`
+    - `DANGEROUS_VETTING_COMMAND_REQUIRES_FORCE_FLAG` -> `TOPOLOGY_DANGEROUS_VETTING_COMMAND_REQUIRES_FORCE_FLAG`
+    - `DEPENDENCIES_NOT_VETTED` -> `TOPOLOGY_DEPENDENCIES_NOT_VETTED`
+    - `CANNOT_VET_DUE_TO_MISSING_PACKAGES` -> `TOPOLOGY_CANNOT_VET_DUE_TO_MISSING_PACKAGES`
+  - Additional minor renaming
+    - `INVALID_TOPOLOGY_TX_SIGNATURE_ERROR` -> `TOPOLOGY_INVALID_TOPOLOGY_TX_SIGNATURE`
+    - `DUPLICATE_TOPOLOGY_TRANSACTION` -> `TOPOLOGY_DUPLICATE_TRANSACTION`
+    - `UNAUTHORIZED_TOPOLOGY_TRANSACTION` -> `TOPOLOGY_UNAUTHORIZED_TRANSACTION`
+    - `INVALID_TOPOLOGY_MAPPING` -> `TOPOLOGY_INVALID_MAPPING`
+    - `INCONSISTENT_TOPOLOGY_SNAPSHOT` -> `TOPOLOGY_INCONSISTENT_SNAPSHOT`
+    - `MISSING_TOPOLOGY_MAPPING` -> `TOPOLOGY_MISSING_MAPPING`
+- Added last_descendant_node_id in the exercised event of the ledger api. This field specifies the upper boundary of the
+  node ids of the events in the same transaction that appeared as a result of the exercised event.
 
 ## Until 2025-01-15 (Exclusive)
 
@@ -15,8 +46,11 @@ Please also consult the [full documentation of this release](https://docs.daml.c
   - The fields `max_inflight_validation_requests` and `max_submission_rate` are now declared as `optional uint32`,
     which also means that absent values are not encoded anymore as negative values, but as absent values.
     Negative values will result in a parsing error and a rejected request.
+- Moved the `canton.monitoring.log-query-cost` option to `canton.monitoring.logging.query-cost`
+- Changed the `signedBy` parameter of the console command `topology.party_to_participant_mapping.propose` from `Optional`
+  to `Seq`.
 
-## Until 2025-01-010 (Exclusive)
+## Until 2025-01-10 (Exclusive)
 
 ### Initial Topology Snapshot Validation
 The initial topology snapshot, both for initializing a new domain and for onboarding a new member,

community/app-base/src/main/scala/com/digitalasset/canton/admin/api/client/commands/SequencerAdminCommands.scala

@@ -18,16 +18,13 @@ import com.digitalasset.canton.config.RequireTypes.{NonNegativeLong, PositiveInt
 import com.digitalasset.canton.data.CantonTimestamp
 import com.digitalasset.canton.sequencer.admin.v30 as proto
 import com.digitalasset.canton.sequencing.protocol.TrafficState
-import com.digitalasset.canton.synchronizer.sequencing.admin.grpc.InitializeSequencerResponse
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.traffic.TimestampSelector.TimestampSelector
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.traffic.{
+import com.digitalasset.canton.synchronizer.sequencer.admin.grpc.InitializeSequencerResponse
+import com.digitalasset.canton.synchronizer.sequencer.traffic.TimestampSelector.TimestampSelector
+import com.digitalasset.canton.synchronizer.sequencer.traffic.{
   SequencerTrafficStatus,
   TimestampSelector,
 }
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.{
-  SequencerPruningStatus,
-  SequencerSnapshot,
-}
+import com.digitalasset.canton.synchronizer.sequencer.{SequencerPruningStatus, SequencerSnapshot}
 import com.digitalasset.canton.topology.{Member, SequencerId}
 import com.digitalasset.canton.util.GrpcStreamingUtils
 import com.google.protobuf.ByteString

community/app-base/src/main/scala/com/digitalasset/canton/admin/api/client/commands/SequencerBftAdminCommands.scala

@@ -17,7 +17,7 @@ import com.digitalasset.canton.sequencer.admin.v30.{
   RemovePeerEndpointResponse,
   SequencerBftAdministrationServiceGrpc,
 }
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.block.bftordering.admin.SequencerBftAdminData.{
+import com.digitalasset.canton.synchronizer.sequencer.block.bftordering.admin.SequencerBftAdminData.{
   OrderingTopology,
   PeerNetworkStatus,
   endpointToProto,

community/app-base/src/main/scala/com/digitalasset/canton/config/CantonCommunityConfig.scala

@@ -18,7 +18,7 @@ import com.digitalasset.canton.synchronizer.mediator.{
   CommunityMediatorNodeConfig,
   RemoteMediatorConfig,
 }
-import com.digitalasset.canton.synchronizer.sequencing.config.{
+import com.digitalasset.canton.synchronizer.sequencer.config.{
   CommunitySequencerNodeConfig,
   RemoteSequencerConfig,
 }

community/app-base/src/main/scala/com/digitalasset/canton/config/CantonConfig.scala

@@ -71,20 +71,20 @@ import com.digitalasset.canton.synchronizer.mediator.{
   MediatorPruningConfig,
   RemoteMediatorConfig,
 }
-import com.digitalasset.canton.synchronizer.sequencing.config.{
+import com.digitalasset.canton.synchronizer.sequencer.*
+import com.digitalasset.canton.synchronizer.sequencer.block.DriverBlockSequencerFactory
+import com.digitalasset.canton.synchronizer.sequencer.block.bftordering.core.driver.{
+  BftBlockOrderer,
+  BftSequencerFactory,
+}
+import com.digitalasset.canton.synchronizer.sequencer.config.{
   RemoteSequencerConfig,
   SequencerNodeConfigCommon,
   SequencerNodeInitConfig,
   SequencerNodeParameterConfig,
   SequencerNodeParameters,
 }
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.*
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.block.DriverBlockSequencerFactory
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.block.bftordering.core.driver.{
-  BftBlockOrderer,
-  BftSequencerFactory,
-}
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.traffic.SequencerTrafficConfig
+import com.digitalasset.canton.synchronizer.sequencer.traffic.SequencerTrafficConfig
 import com.digitalasset.canton.tracing.TracingConfig
 import com.typesafe.config.ConfigException.UnresolvedSubstitution
 import com.typesafe.config.{
@@ -129,16 +129,13 @@ final case class DeadlockDetectionConfig(
   * @param deadlockDetection Should we regularly check our environment EC for deadlocks?
   * @param metrics Optional Metrics Reporter used to expose internally captured metrics
   * @param tracing       Tracing configuration
-  * @param logQueryCost Determines whether to log the 15 most expensive db queries
   *
   * @param dumpNumRollingLogFiles How many of the rolling log files shold be included in the remote dump. Default is 0.
   */
 final case class MonitoringConfig(
     deadlockDetection: DeadlockDetectionConfig = DeadlockDetectionConfig(),
     metrics: MetricsConfig = MetricsConfig(),
     tracing: TracingConfig = TracingConfig(),
-    // TODO(i9014) rename to queries
-    logQueryCost: Option[QueryCostMonitoringConfig] = None,
     logging: LoggingConfig = LoggingConfig(),
     dumpNumRollingLogFiles: NonNegativeInt = MonitoringConfig.defaultDumpNumRollingLogFiles,
 ) extends LazyLogging
@@ -229,8 +226,8 @@ final case class RetentionPeriodDefaults(
   * @param startupParallelism Start up to N nodes in parallel (default is num-threads)
   * @param nonStandardConfig don't fail config validation on non-standard configuration settings
   * @param sessionSigningKeys Configure the use of session signing keys in the protocol
-  * @param alphaVersionSupport If true, allow synchronizer nodes to use alpha protocol versions and participant nodes to connect to such domains
-  * @param betaVersionSupport If true, allow synchronizer nodes to use beta protocol versions and participant nodes to connect to such domains
+  * @param alphaVersionSupport If true, allow synchronizer nodes to use alpha protocol versions and participant nodes to connect to such synchronizers
+  * @param betaVersionSupport If true, allow synchronizer nodes to use beta protocol versions and participant nodes to connect to such synchronizers
   * @param timeouts Sets the timeouts used for processing and console
   * @param portsFile A ports file name, where the ports of all participants will be written to after startup
   * @param exitOnFatalFailures If true the node will exit/stop the process in case of fatal failures
@@ -502,7 +499,6 @@ private[canton] object CantonNodeParameterConverter {
     CantonNodeParameters.General.Impl(
       tracing = parent.monitoring.tracing,
       delayLoggingThreshold = parent.monitoring.logging.delayLoggingThreshold.toInternal,
-      logQueryCost = parent.monitoring.logQueryCost,
       loggingConfig = parent.monitoring.logging,
       enableAdditionalConsistencyChecks = parent.parameters.enableAdditionalConsistencyChecks,
       enablePreviewFeatures = parent.features.enablePreviewCommands,

community/app-base/src/main/scala/com/digitalasset/canton/console/ConsoleEnvironmentBinding.scala

@@ -21,6 +21,7 @@ class ConsoleEnvironmentBinding {
        |interp.configureCompiler(_.settings.processArgumentString("-Xsource:2.13"))
        |import $consoleEnvClassName._
        |import com.digitalasset.canton.topology.store.TimeQuery
+       |import com.digitalasset.canton.topology.store.TopologyStoreId.AuthorizedStore
        |import com.digitalasset.canton.topology._
        |import com.digitalasset.canton.topology.transaction._
        |import com.digitalasset.canton.crypto._

community/app-base/src/main/scala/com/digitalasset/canton/console/ConsoleMacros.scala

@@ -873,7 +873,6 @@ trait ConsoleMacros extends NamedLogging with NoTracing {
       val initialTopologyState = (foundingTxs ++ seqMedIdentityTxs ++ synchronizerGenesisTxs)
         .mapFilter(_.selectOp[TopologyChangeOp.Replace])
 
-      // TODO(#12390) replace this merge / active with proper tooling and checks that things are really fully authorized
       val orderingMap =
         Seq(
           NamespaceDelegation.code,
@@ -1027,10 +1026,10 @@ trait ConsoleMacros extends NamedLogging with NoTracing {
         | Writes to files the contracts that cause the mismatch and the transactions that activated them.
         | Assumes that the console is connected to both participants that observed the mismatch.
         | The commands outputs an error if the counter-participant sent several commitments for the same interval end
-        | and domain, because, e.g., it executed a repair command in the meantime and it cannot retrieve the data for the
+        | and synchronizer, because, e.g., it executed a repair command in the meantime and it cannot retrieve the data for the
         | given commitment anymore.
         | The arguments are:
-        | - domain: The synchronizer where the mismatch occurred
+        | - synchronizerId: The synchronizer where the mismatch occurred
         | - mismatchTimestamp: The synchronizer timestamp of the commitment mismatch. Needs to correspond to a commitment tick.
         | - targetParticipant: The participant that reported the mismatch and wants to fix it on its side.
         | - counterParticipant: The counter participant that sent the mismatching commitment, and with which we interact

community/app-base/src/main/scala/com/digitalasset/canton/console/InstanceReference.scala

@@ -40,19 +40,20 @@ import com.digitalasset.canton.synchronizer.mediator.{
   MediatorNodeConfigCommon,
   RemoteMediatorConfig,
 }
-import com.digitalasset.canton.synchronizer.sequencing.config.{
-  RemoteSequencerConfig,
-  SequencerNodeConfigCommon,
-}
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.block.bftordering.admin.SequencerBftAdminData.{
+import com.digitalasset.canton.synchronizer.sequencer.block.bftordering.admin.SequencerBftAdminData.{
   OrderingTopology,
   PeerNetworkStatus,
 }
-import com.digitalasset.canton.synchronizer.sequencing.sequencer.{
+import com.digitalasset.canton.synchronizer.sequencer.config.{
+  RemoteSequencerConfig,
+  SequencerNodeConfigCommon,
+}
+import com.digitalasset.canton.synchronizer.sequencer.{
   SequencerClients,
+  SequencerNode,
+  SequencerNodeBootstrap,
   SequencerPruningStatus,
 }
-import com.digitalasset.canton.synchronizer.sequencing.{SequencerNode, SequencerNodeBootstrap}
 import com.digitalasset.canton.time.{DelegatingSimClock, SimClock}
 import com.digitalasset.canton.topology.*
 import com.digitalasset.canton.topology.store.TimeQuery

community/app-base/src/main/scala/com/digitalasset/canton/console/ParticipantReferencesExtensions.scala

@@ -133,10 +133,11 @@ class ParticipantReferencesExtensions(participants: Seq[ParticipantReference])(i
         )
         .discard
 
-    @Help.Summary("Register and potentially connect to new local domain")
+    @Help.Summary("Register and potentially connect to new local synchronizer")
     @Help.Description("""
         The arguments are:
-          synchronizer - A local synchronizer or sequencer reference
+          sequencer - A local sequencer reference
+          alias - A synchronizer alias to register this connection for.
           manualConnect - Whether this connection should be handled manually and also excluded from automatic re-connect.
           synchronize - A timeout duration indicating how long to wait for all topology changes to have been effected on all local nodes.
         """)

community/app-base/src/main/scala/com/digitalasset/canton/console/commands/ParticipantRepairAdministration.scala

@@ -51,7 +51,7 @@ class ParticipantRepairAdministration(
       |stakeholders are no longer available to agree to their archival. The participant needs to be disconnected from
       |the synchronizer on which the contracts with "contractIds" reside at the time of the call, and as of now the synchronizer
       |cannot have had any inflight requests.
-      |The effects of the command will take affect upon reconnecting to the sync domain.
+      |The effects of the command will take affect upon reconnecting to the synchronizer.
       |The "ignoreAlreadyPurged" flag makes it possible to invoke the command multiple times with the same
       |parameters in case an earlier command invocation has failed.
       |As repair commands are powerful tools to recover from unforeseen data corruption, but dangerous under normal
@@ -76,9 +76,9 @@ class ParticipantRepairAdministration(
 
   @Help.Summary("Migrate contracts from one synchronizer to another one.")
   @Help.Description(
-    """Migrates all contracts associated with a synchronizer to a new domain.
-        |This method will register the new domain, connect to it and then re-associate all contracts from the source
-        |domain to the target synchronizer. Please note that this migration needs to be done by all participants
+    """Migrates all contracts associated with a synchronizer to a new synchronizer.
+        |This method will register the new synchronizer, connect to it and then re-associate all contracts from the source
+        |synchronizer to the target synchronizer. Please note that this migration needs to be done by all participants
         |at the same time. The target synchronizer should only be used once all participants have finished their migration.
         |
         |WARNING: The migration does not start in case of in-flight transactions on the source synchronizer. Forcing the
@@ -109,7 +109,7 @@ class ParticipantRepairAdministration(
   @Help.Description(
     """This is a last resort command to recover from data corruption in scenarios in which a synchronizer is
         |irreparably broken and formerly connected participants need to change the assignation of contracts to another,
-        |healthy domain. The participant needs to be disconnected from both the "sourceSynchronizer" and the "targetSynchronizer".
+        |healthy synchronizer. The participant needs to be disconnected from both the "sourceSynchronizer" and the "targetSynchronizer".
         |The target synchronizer cannot have had any inflight requests.
         |Contracts already assigned to the target synchronizer will be skipped, and this makes it possible to invoke this
         |command in an "idempotent" fashion in case an earlier attempt had resulted in an error.
@@ -162,8 +162,8 @@ class ParticipantRepairAdministration(
         |- parties: identifying contracts having at least one stakeholder from the given set
         |- partiesOffboarding: true if the parties will be offboarded (party migration)
         |- outputFile: the output file name where to store the data. Use .gz as a suffix to get a  compressed file (recommended)
-        |- filterSynchronizerId: restrict the export to a given domain
-        |- timestamp: optionally a timestamp for which we should take the state (useful to reconcile states of a domain)
+        |- filterSynchronizerId: restrict the export to a given synchronizer
+        |- timestamp: optionally a timestamp for which we should take the state (useful to reconcile states of a synchronizer)
         |- contractSynchronizerRenames: As part of the export, allow to rename the associated synchronizer id of contracts from one synchronizer to another based on the mapping.
         |- force: if is set to true, then the check that the timestamp is clean will not be done.
         |         For this option to yield a consistent snapshot, you need to wait at least