Protocol Delphi¶
This page contains all the relevant information for protocol 007 Delphi (007_PsDELPH1). Each of the main changes is briefly described with links to relevant external documentation and commits. The changelog section contains the most significant commit messages and instructions to regenerate the protocol sources from the Gitlab branch.
Test network Delphinet is available to test Delphi. See details in Test Networks and instructions to join in How to get Tezos.
The source code of this proposal is available in this tar archive and its
full hash is PsDELPH1Kxsxt8f9eWbxQeRxkjfbxoqM52jvs5Y5fBxWWh4ifpo
.
This protocol contains several breaking changes with respect to Carthage. Developers are particularly encouraged to carefully read this page and to monitor it for updates.
Summary of changes
Performance Improvements¶
Some effort was directed to streamline the Michelson interpreter and
improve its performance. This mostly consisted in factoring gas
consumption, simplifying logging and removing some calls to Lwt
(cf. the dedicated section on that last point).
Patches:
217b4fd025 Proto/Michelson: abstract logging facility
7504b35b94 Proto/Michelson: make lists carry their size and type of elements
c744b2e36e Proto/Michelson: hoist gas consumption in Slice_{string,bytes}
9854ddc12a Proto/Michelson: hoist Gas.consume out of interp. pattern matching
Gas Changes¶
Gas accounting has seen a significant update. Even though gas limits are the same as in Carthage, the amount of computation per unit of gas should see a significant increase in Delphi.
More precisely, the following parts of the gas subsystem have been updated. - Following the optimization work on the interpreter, gas costs for all instructions have been recomputed. - The cost model for IOs has been updated and should account better for performances of modern storage hardware. - The typechecking system has an entirely new cost model. - Finally, the base gas cost of manager operations has been reduced from 10000 to 1000 units of gas.
Overall, users should see significant gas cost reductions accross the board.
Patches:
8747f0a987 Proto/Michelson: Use the right cost function for SET_DELEGATE instr
6825b14cc0 Protocol/Michelson: fix gas consumption in Loop exit case
267ddd55d9 Protocol/gas: fix scaling of gas accounting for number of writes
f1397bffb6 Proto/gas: make internal gas visible in interpreter traces
1a874fb990 Proto/gas: rescale gas by 2^7, making internal_gas always 0
866fa99e71 Proto/gas: remove internal_gas
3eab3718a4 Proto/Michelson: properly carbonate extract_big_map_updates and collect_big_maps
a5baf0ed59 Proto/Michelson: Remove gas cost of ‘map_to_list’ and ‘set_to_list’ conversions
1ae30c0932 Protocol/Migration: scale gas limit constants in the context by 128
76918bf6fa Proto/Gas: remove intermediary cost record
3e11d74d91 Proto/Gas: factor calls to scaling function
07f89a7a9e Proto/Gas: inline calls to scale
c67f0dd61c Proto/Gas: perform rescaling from x128 to x1000
786bdb360f Proto/Gas: arithmetic optimization (remove multiplication by 1)
6c611b948d Protocol/Migration: scale gas limit constants in the context by 1000
5dfb79a814 Revert “Protocol/Migration: scale gas limit constants in the context by 1000”
fbccb2390a Revert “Vendors/flextesa: scale gas limit constants in the context by 1000”
f3201231f2 Revert “Protocol/Migration: scale gas limit constants in the context by 128”
b50d6f870a Revert “Vendors/flextesa: scale gas limit constants in the context by 128”
27bb7aeb2d Proto/gas: set 1 milligas = 1 atomic_step_cost
7e50a74755 Proto/Gas: add new gas cost functions in dedicated module
097e79f626 Proto/Gas: inject new cost functions in
Gas.cost
, expose in .mli78a2e8069c Proto/Gas: plug new costs on the interpreter
02b5fc516c Proto/Gas: fix gas for Concat_string & Concat_bytes
e00ec5eff8 Proto/Gas: unplug 006 interpreter gas
1838b7da21 Proto/Gas: introduce Storage_costs module
a21c1ed287 Proto/Gas: use Storage_costs in carbonated storage functors
3281de90c2 Proto/Gas: introduce Contract.get_balance_carbonated
2e1a9d88e3 Proto/Gas: adding encoding/decoding cost constants
68b4c2c37d Proto/Gas: injecting Gas_limit_repr.cost into Alpha_context.Gas.cost
33a0d8f015 Proto/Gas: expose 007 typechecking costs
be9c3159d8 Proto/Gas: Adapt translator to 007 typechecking costs
bd205ad65e Proto/Gas: expose 007 unparsing costs
eb784b35be Proto/Gas: adapt translator to 007 unparsing costs
9b478326fd Proto/Gas: add cost functions and helpers for strip_locations
b574bff205 Proto/Gas: carbonate calls to Micheline.strip_locations
6e6d59f578 Proto/Gas: Unplug 006 translator gas
9ae9b3c771 Proto/Gas: prettify constants
987c4f93a7 Proto/Gas: remove useless
let
bindings in cost functions4ffc37e769 Proto/tests: add basic unit test for cost functions
5ef9a9aae1 Proto/Gas: reduce gas cost of manager op
Lowered storage costs¶
In Tezos, storing data in the state leads to a burn of tez proportional to the size of the storage increase. This happens when creating a new account, originationg a new smart contract or making the storage of a smart contract grow above its historical higher size. This is different from fees that are paid to the baker proportionally to the size of operations. Indeed, operations are transient (and can be forgotten by nodes in the lighweight rolling mode), while data in the state is replicated by all nodes and can be so forever.
In Delphi, the amount of tez burned to store data in the ledger’s state is decreased by a factor of 4, going from 1 tez to 0.25 tez for a kilobyte. The price to create a new account is thus lowered from 0.257 tez to 0.06425.
Patches:
8f808e8317 proto/parameters: reduce cost_per_byte to 0.000250tz
ffaba729db proto/migration: set cost_per_byte to 0.000250tz
Bug fixes¶
Compatibility with 32-bit platforms¶
Carthage has some parts that assume a 64-bit runtime. These modifications restore the compatibility with 32-bit systems, and in general make the code clearer and less dependent on the underlying word size.
Patches:
da91297c0d Protocol/Michelson: avoid overflowing [Int32.to_int Int32.max_int]
377af3acb0 Proto/Michelson: Simplify parse_uint30
06c2f6f97b Protocol: Safer Int64.to_int
40f9a2c9a3 Storage: rename Int -> UInt16
ceb4ef33ba Storage: rename Int_index -> Int31_index
70c0aa4641 Proto/Gas: Zarith-ify some cost functions
BREAKING CHANGE: Michelson annotations¶
Field annotations in Michelson types were not properly checked and could contain invalid characters. In particular, it was possible to use a digit as the first meaningful character of a field annotation but only if it appeared in a type; a few contracts on Mainnet contain such numerals as first meaningful character. We have added the missing check and extended the syntax of Michelson annotations to allow digits. At the time of writing, all Mainnet and Carthagenet contracts successfully typecheck.
BREAKING CHANGE: If a smart contract containing a non-numeral invalid character in a field annotation inside a type were to be originated before the activation of Delphi, such a contract would be locked by the activation.
Patches:
ec1d992e5c Use plain algebraic types for the Michelson annotations
642bab2f97 Proto/Michelson: ensures all annotations are checked
0f12f628e9 Proto/Michelson: extend the set of allowed Michelson annotations
1b179aeb0b Proto/Michleson: make annotations on
Right
andElt
consistent
Miscellanous bug fixes¶
Patches:
8c1dd8e53b Proto/Michelson: fix the arity check for chain_id
dde9e19d55 Proto/RPC: return all delegates if no flags were used
28b8181a8c Proto/Michelson: fix registration of error Invalid_syntactic_constant
7f329a1700 Proto/Michelson: add missing cases in typechecking error reporting
083e9c6f9b Proto: Add missing case for keyword namespace encoding
b1af688dfd Proto: for transfers with 0 tz, check if target exists
982dd6ec77 Proto: Update
max_revelations_per_block
to include anon ops508b3ae5f4 Proto/Michelson: readable unparsing of chain ids
b03b8b0883 Proto: Fix double encoding of big_map_diff
ae0626d708 Proto: make signature check of operation packs more efficient
General code cleanup and refactoring¶
Removal of Lwt
when possible¶
A large batch of changes consists in mostly trivial modifications that drop parts of the code that don’t perform IOs out of the IO monad. This makes the code a bit less uniform, but helps with safety and future refactoring, and in some cases increases performance (in particular in the interpreter).
Patches:
9e38b8fece Proto/Michelson: remove some Lwt wrappers
eda54e8ba3 Proto/Michelson: avoid Lwt.bind when logging
187d9d7cab Proto: bind -> to
b2f8aac20c List.map -> fold_left_s
85592c26e9 Proto: filter_map_s -> filter_s
14eda1e7a9 List.fold_left -> Error_monad.map
43306a4b89 Script: force_decode/bytes, get rid of Lwt.t
7b1199d76d Baking: minimal_(valid_)time, get rid of Lwt
c5a0f66bb0 Baking.earlier_predecessor_timestamp: get rid of Lwt
e112d592b2 Baking: baking/endorsing_reward, get rid of Lwt
622ac83eaf Baking/tests: baking/endorsing_reward, get rid of Lwt
287985b4c7 Baking.check_fitness_gap: get rid of Lwt
a9cdf7e3bc Contract_storage.fresh_contract_from_current_nonce: get rid of Lwt
aef7541f69 Delegate_services.required_endorsements/minimal_valid_time: get rid of Lwt
3854c15614 Fees_storage.origination_burn: get rid of Lwt
d71fe7c127 Operation.check_signature: get rid of Lwt
419d29b41b Proto: Lwt.return >>=? -> >>?=
36172136a2 Raw_context.add_fees/rewards/deposit: get rid of Lwt
f19e52bd86 Script_ir_annot: get rid of fail_unexpected_annot
b55bfc4673 Script_ir_translator: remove lots of Lwt in parse_instr
4381c2b266 Script_ir_translator.parse_data: remove lots of Lwt
509decd748 Script_ir_translator.parse_data: traced
8da99eff1a Script_ir_translator: less Lwt
407e460bce Script_ir_translator.collect_big_maps: get rid of Lwt
1c94741b2b Storage: less Lwt
30fad4cb40 Proto: fail_unless/when -> error_unless/when
01aeae86a3 Proto: use predefined ok constants
0b8964ad8f Proto: lift some Lwt.return
Miscellanous code improvements & refactors¶
A long series of patches consists in minor improvements to the code style and contents of comments or error messages. Part of this work is thanks to the automated transcription of the code of the protocol into Coq (as part of our formal verification effort).
Patches:
88bc601fe9 Proto: Uniform variable names for context + comments clean-up
6d59b3f32a Michelson: exposes parsing without specifying storage
bef609828f Proto: expose parse_storage
abb3a3a48c Include ty_eq in merge_types
b1519b85e2 Express (comparable_)ty_eq in terms of merge_(comparable_)ty
d96d1cc2d1 Migration: remove leftovers Alpha_previous and Babylon_005
cd4bcec080 Proto/Michelson: remove dead code in parse_instr
74db352afd Remove mutual dependency between numeric types
60b8998900 Proto: remove unused exported vals
83aa3f49a5 Rewrite some when clauses for Coq
4b5307d995 Remove useless recursion
f34ec2a28d Proto: Fix formatting
99d7b81533 Proto: Move and export Michelson prim namespace function
29153f27ff Proto/Michelson: simplify the interpreter
36cbee348b Michelson: rename Left/Right as Cons_left/right
c6cba0db30 Michelson: simplify GADT matchings in script_ir_translator 1/4
e828029fb3 Michelson: simplify GADT matchings in script_ir_translator 2/4
0bff45c7f2 Michelson: simplify GADT matchings in script_ir_translator 3/4
edfae2bcf8 Michelson: simplify GADT matchings in script_ir_translator 4/4
cff2ab3b69 Proto/Michelson: extract_big_map_updates: aux
425f3eaaa1 Proto/Michelson: compute has_big_map only when needed
3b59480b92 Proto/Michelson: get rid of has_big_map flag and old function
dd34270a63 Proto/Michelson: factorize parse_storage_ty
8d17e58cc4 Proto/RPCs: use parse_packable/parameter_ty instead of parse_ty in services
09013da929 Proto/Contracts: big_map_diff/Copy: use inline record
084037dc9c Proto/Michelson: remove dead code
5e83fe9126 Proto/Michelson: simplify Big_map.fresh
0172dec928 Proto/Michelson: expose parse_ty for convenience to external tools
6c8e8a7f46 Proto/Michelson: expose unparse_code in Script_ir_translator
d793d30003 Proto_alpha: spell check
5807a28c44 Proto/coq-of-ocaml: Remove a polymorphic variant in raw_context
5da72db33f Proto: update the old operator to regular naming scheme
03ab590364 Protocol/coq-of-ocaml: name the signatures of the protocol
a06caece9f Protocol/coq-of-ocaml: avoid a name collision on encoding in the generated Coq
a25feb04f5 Use Option.value
12c7cf2f81 Protocol/coq-of-ocaml: rename of_seconds to prevent a collision of name
b8dd4fc1f9 Protocol/coq-of-ocaml: renaming of force_decode / force_bytes to prevent collision
c42b58c8c3 Protocol/coq-of-ocaml: rename consume and check_enough to prevent collisions
c4ac279d65 Protocol/coq-of-ocaml: renaming to compile alpha_context
d6ec7dd8c7 Protocol/coq-of-ocaml: lint the interpreter
da7d945551 Protocol/coq-of-ocaml: changes to compile storage.ml
75dad446a4 Protocol/coq-of-ocaml: add signature annotations
036c287157 Script_ir_translator.parse_data: rename error
b25d542877 Proto: fix typo in docstring
fe988f439c Proto: remove dead code
Safety of Michelson¶
Explicit limitations in the Michelson typechecker and interpreter¶
Up until now, some features of Michelson were implicitly limited by gas. This series of changes add explicit limits that will help with safety, future refactoring, and debugging (more precise errors).
Deep stack instructions
DIG
,DUG
,DROP
, andDIP
are now bounded to stacks of less than 1024 elementsThe interpreter (resp. typechecker) now have explicit recursion limits, setting a maximum depths for terms that can be interpreted (resp. typechecked).
Both changes set limits to high enough values, and should thus be invisible to almost all contract authors. Reaching the limits is only likely to happen when debugging erroneous (such as non-terminating) code.
Patches:
4c019e1004 Proto/Michelson: fix error message for DIP with wrong constant
7d0211b648 Michelson: fix number_of_generated_growing_types
6a7bbf17a4 Proto: add max stack depth
040abed403 Proto: normalize stackoverflows in typechecking and unparsing
95c31f963c Michelson: restrict deep stack instructions to 1023