Rename buildkite-snap to buildkite-secondary

* Configure GPU type/count from command line in GCE scripts

* Change CLI to input full leader machine type information with GPU

.buildkite/hooks/post-command

@@ -41,5 +41,5 @@ else
 
   point="job_stats,$point_tags $point_fields"
 
-  multinode-demo/metrics_write_datapoint.sh "$point" || true
+  scripts/metrics-write-datapoint.sh "$point" || true
 fi

.buildkite/hooks/pre-command

@@ -1,13 +1,27 @@
 #!/bin/bash -e
 
-[[ -n "$CARGO_TARGET_CACHE_NAME" ]] || exit 0
+# Ensure the pattern "+++ ..." never occurs when |set -x| is set, as buildkite
+# interprets this as the start of a log group.
+# Ref: https://buildkite.com/docs/pipelines/managing-log-output
+export PS4="++"
 
 #
 # Restore target/ from the previous CI build on this machine
 #
-(
+[[ -n "$CARGO_TARGET_CACHE_NAME" ]] || (
   d=$HOME/cargo-target-cache/"$CARGO_TARGET_CACHE_NAME"
+
+  if [[ -d $d ]]; then
+    du -hs "$d"
+    read -r cacheSizeInGB _ < <(du -s --block-size=1000000000 "$d")
+    if [[ $cacheSizeInGB -gt 5 ]]; then
+      echo "$d has gotten too large, removing it"
+      rm -rf "$d"
+    fi
+  fi
+
   mkdir -p "$d"/target
   set -x
   rsync -a --delete --link-dest="$d" "$d"/target .
 )
+

.github/RELEASE_TEMPLATE.md

@@ -0,0 +1,28 @@
+# Release v0.X.Y <milestone name>
+
+fun blurb about the name, what's in the release
+
+## Major Features And Improvements
+
+* bulleted
+* list of features and improvements
+
+## Breaking Changes
+
+* bulleted
+* list
+* of
+* protocol changes/breaks
+* API breaks
+* CLI changes
+* etc.
+
+## Bug Fixes and Other Changes
+
+* can be pulled from commit log, or synthesized
+
+## Thanks to our Contributors
+
+This release contains contributions from many people at Solana, as well as:
+
+  pull from commit log

Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "solana"
 description = "Blockchain, Rebuilt for Scale"
-version = "0.7.1"
+version = "0.9.0"
 documentation = "https://docs.rs/solana"
 homepage = "http://solana.com/"
 readme = "README.md"
@@ -18,17 +18,25 @@ authors = [
 license = "Apache-2.0"
 
 [[bin]]
-name = "solana-bench-tps"
-path = "src/bin/bench-tps.rs"
+name = "solana-upload-perf"
+path = "src/bin/upload-perf.rs"
 
 [[bin]]
 name = "solana-bench-streamer"
 path = "src/bin/bench-streamer.rs"
 
+[[bin]]
+name = "solana-bench-tps"
+path = "src/bin/bench-tps.rs"
+
 [[bin]]
 name = "solana-drone"
 path = "src/bin/drone.rs"
 
+[[bin]]
+name = "solana-replicator"
+path = "src/bin/replicator.rs"
+
 [[bin]]
 name = "solana-fullnode"
 path = "src/bin/fullnode.rs"
@@ -61,59 +69,80 @@ unstable = []
 ipv6 = []
 cuda = []
 erasure = []
+test = []
 
 [dependencies]
 atty = "0.2"
 bincode = "1.0.0"
 bs58 = "0.2.0"
 byteorder = "1.2.1"
+bytes = "0.4"
 chrono = { version = "0.4.0", features = ["serde"] }
 clap = "2.31"
 dirs = "1.0.2"
 env_logger = "0.5.12"
-futures = "0.1.21"
-generic-array = { version = "0.11.1", default-features = false, features = ["serde"] }
+generic-array = { version = "0.12.0", default-features = false, features = ["serde"] }
 getopts = "0.2"
 influx_db_client = "0.3.4"
+solana-jsonrpc-core = "0.1"
+solana-jsonrpc-http-server = "0.1"
+solana-jsonrpc-macros = "0.1"
+ipnetwork = "0.12.7"
 itertools = "0.7.8"
-libc = "0.2.1"
+libc = "0.2.43"
+libloading = "0.5.0"
 log = "0.4.2"
 matches = "0.1.6"
+nix = "0.11.0"
 pnet_datalink = "0.21.0"
 rand = "0.5.1"
 rayon = "1.0.0"
-reqwest = "0.8.6"
+reqwest = "0.9.0"
 ring = "0.13.2"
 sha2 = "0.7.0"
 serde = "1.0.27"
+serde_cbor = "0.9.0"
 serde_derive = "1.0.27"
 serde_json = "1.0.10"
+socket2 = "0.3.8"
+solana_program_interface = { path = "common", version="0.1.0" }
 sys-info = "0.5.6"
 tokio = "0.1"
 tokio-codec = "0.1"
-tokio-core = "0.1.17"
-tokio-io = "0.1"
 untrusted = "0.6.2"
 
 [dev-dependencies]
-criterion = "0.2"
+noop = { path = "programs/noop", version="0.1.0" }
+print = { path = "programs/print", version="0.1.0" }
+move_funds = { path = "programs/move_funds", version="0.1.0" }
 
 [[bench]]
 name = "bank"
-harness = false
 
 [[bench]]
 name = "banking_stage"
-harness = false
 
 [[bench]]
 name = "ledger"
-harness = false
 
 [[bench]]
 name = "signature"
-harness = false
 
 [[bench]]
 name = "sigverify"
-harness = false
+
+[workspace]
+members = [
+    ".",
+    "common",
+    "programs/noop",
+    "programs/print",
+    "programs/move_funds",
+]
+default-members = [
+    ".",
+    "common",
+    "programs/noop",
+    "programs/print",
+    "programs/move_funds",
+]

README.md

@@ -17,7 +17,11 @@ All claims, content, designs, algorithms, estimates, roadmaps, specifications, a
 Introduction
 ===
 
-It's possible for a centralized database to process 710,000 transactions per second on a standard gigabit network if the transactions are, on average, no more than 176 bytes. A centralized database can also replicate itself and maintain high availability without significantly compromising that transaction rate using the distributed system technique known as Optimistic Concurrency Control [H.T.Kung, J.T.Robinson (1981)]. At Solana, we're demonstrating that these same theoretical limits apply just as well to blockchain on an adversarial network. The key ingredient? Finding a way to share time when nodes can't trust one-another. Once nodes can trust time, suddenly ~40 years of distributed systems research becomes applicable to blockchain! Furthermore, and much to our surprise, it can implemented using a mechanism that has existed in Bitcoin since day one. The Bitcoin feature is called nLocktime and it can be used to postdate transactions using block height instead of a timestamp. As a Bitcoin client, you'd use block height instead of a timestamp if you don't trust the network. Block height turns out to be an instance of what's being called a Verifiable Delay Function in cryptography circles. It's a cryptographically secure way to say time has passed. In Solana, we use a far more granular verifiable delay function, a SHA 256 hash chain, to checkpoint the ledger and coordinate consensus. With it, we implement Optimistic Concurrency Control and are now well in route towards that theoretical limit of 710,000 transactions per second.
+It's possible for a centralized database to process 710,000 transactions per second on a standard gigabit network if the transactions are, on average, no more than 176 bytes. A centralized database can also replicate itself and maintain high availability without significantly compromising that transaction rate using the distributed system technique known as Optimistic Concurrency Control [\[H.T.Kung, J.T.Robinson (1981)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.4735). At Solana, we're demonstrating that these same theoretical limits apply just as well to blockchain on an adversarial network. The key ingredient? Finding a way to share time when nodes can't trust one-another. Once nodes can trust time, suddenly ~40 years of distributed systems research becomes applicable to blockchain!
+
+> Perhaps the most striking difference between algorithms obtained by our method and ones based upon timeout is that using timeout produces a traditional distributed algorithm in which the processes operate asynchronously, while our method produces a globally synchronous one in which every process does the same thing at (approximately) the same time. Our method seems to contradict the whole purpose of distributed processing, which is to permit different processes to operate independently and perform different functions. However, if a distributed system is really a single system, then the processes must be synchronized in some way. Conceptually, the easiest way to synchronize processes is to get them all to do the same thing at the same time. Therefore, our method is used to implement a kernel that performs the necessary synchronization--for example, making sure that two different processes do not try to modify a file at the same time. Processes might spend only a small fraction of their time executing the synchronizing kernel; the rest of the time, they can operate independently--e.g., accessing different files. This is an approach we have advocated even when fault-tolerance is not required. The method's basic simplicity makes it easier to understand the precise properties of a system, which is crucial if one is to know just how fault-tolerant the system is. [\[L.Lamport (1984)\]](http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.71.1078)
+
+Furthermore, and much to our surprise, it can be implemented using a mechanism that has existed in Bitcoin since day one. The Bitcoin feature is called nLocktime and it can be used to postdate transactions using block height instead of a timestamp. As a Bitcoin client, you'd use block height instead of a timestamp if you don't trust the network. Block height turns out to be an instance of what's being called a Verifiable Delay Function in cryptography circles. It's a cryptographically secure way to say time has passed. In Solana, we use a far more granular verifiable delay function, a SHA 256 hash chain, to checkpoint the ledger and coordinate consensus. With it, we implement Optimistic Concurrency Control and are now well in route towards that theoretical limit of 710,000 transactions per second.
 
 
 Testnet Demos
@@ -58,7 +62,7 @@ your odds of success if you check out the
 before proceeding:
 
 ```bash
-$ git checkout v0.7.0-beta
+$ git checkout v0.8.0
 ```
 
 Configuration Setup
@@ -92,45 +96,47 @@ Before you start a fullnode, make sure you know the IP address of the machine yo
 want to be the leader for the demo, and make sure that udp ports 8000-10000 are
 open on all the machines you want to test with.
 
-Now start the server:
+Now start the server in a separate shell:
 
 ```bash
 $ ./multinode-demo/leader.sh
 ```
 
-Wait a few seconds for the server to initialize. It will print "Ready." when it's ready to
+Wait a few seconds for the server to initialize. It will print "leader ready..." when it's ready to
 receive transactions. The leader will request some tokens from the drone if it doesn't have any.
 The drone does not need to be running for subsequent leader starts.
 
 Multinode Testnet
 ---
 
-To run a multinode testnet, after starting a leader node, spin up some validator nodes:
+To run a multinode testnet, after starting a leader node, spin up some validator nodes in
+separate shells:
 
 ```bash
-$ ./multinode-demo/validator.sh ubuntu@10.0.1.51:~/solana 10.0.1.51
+$ ./multinode-demo/validator.sh
 ```
 
 To run a performance-enhanced leader or validator (on Linux),
 [CUDA 9.2](https://developer.nvidia.com/cuda-downloads) must be installed on
 your system:
+
 ```bash
 $ ./fetch-perf-libs.sh
 $ SOLANA_CUDA=1 ./multinode-demo/leader.sh
-$ SOLANA_CUDA=1 ./multinode-demo/validator.sh ubuntu@10.0.1.51:~/solana 10.0.1.51
-
+$ SOLANA_CUDA=1 ./multinode-demo/validator.sh
 ```
 
 
-
 Testnet Client Demo
 ---
 
-Now that your singlenode or multinode testnet is up and running, in a separate shell, let's send it some transactions! Note we pass in
-the JSON configuration file here, not the genesis ledger.
+Now that your singlenode or multinode testnet is up and running let's send it
+some transactions!
+
+In a separate shell start the client:
 
 ```bash
-$ ./multinode-demo/client.sh ubuntu@10.0.1.51:~/solana 2 #The leader machine and the total number of nodes in the network
+$ ./multinode-demo/client.sh # runs against localhost by default
 ```
 
 What just happened? The client demo spins up several threads to send 500,000 transactions
@@ -142,21 +148,35 @@ demo completes after it has convinced itself the testnet won't process any addit
 transactions. You should see several TPS measurements printed to the screen. In the
 multinode variation, you'll see TPS measurements for each validator node as well.
 
+Public Testnet
+--------------
+In this example the client connects to our public testnet. To run validators on the testnet you would need to open udp ports `8000-10000`.
+
+```bash
+$ ./multinode-demo/client.sh --network $(dig +short testnet.solana.com):8001 --identity config-private/client-id.json --duration 60
+```
+
+You can observe the effects of your client's transactions on our [dashboard](https://metrics.solana.com:3000/d/testnet/testnet-hud?orgId=2&from=now-30m&to=now&refresh=5s&var-testnet=testnet)
+
+
 Linux Snap
 ---
 A Linux [Snap](https://snapcraft.io/) is available, which can be used to
 easily get Solana running on supported Linux systems without building anything
 from source.  The `edge` Snap channel is updated daily with the latest
 development from the `master` branch.  To install:
+
 ```bash
 $ sudo snap install solana --edge --devmode
 ```
+
 (`--devmode` flag is required only for `solana.fullnode-cuda`)
 
 Once installed the usual Solana programs will be available as `solona.*` instead
 of `solana-*`.  For example, `solana.fullnode` instead of `solana-fullnode`.
 
 Update to the latest version at any time with:
+
 ```bash
 $ snap info solana
 $ sudo snap refresh solana --devmode
@@ -176,6 +196,7 @@ contains the latest log, and the files `*.s` (if present) contain older rotated
 logs.
 
 Disable the daemon at any time by running:
+
 ```bash
 $ sudo snap set solana mode=
 ```
@@ -184,11 +205,13 @@ Runtime configuration files for the daemon can be found in
 `/var/snap/solana/current/config`.
 
 #### Leader daemon
+
 ```bash
 $ sudo snap set solana mode=leader
 ```
 
 If CUDA is available:
+
 ```bash
 $ sudo snap set solana mode=leader enable-cuda=1
 ```
@@ -211,26 +234,31 @@ to port tcp:873, tcp:9900 and the port range udp:8000-udp:10000**
 
 
 To run both the Leader and Drone:
+
 ```bash
 $ sudo snap set solana mode=leader+drone
 
 ```
 
 #### Validator daemon
+
 ```bash
 $ sudo snap set solana mode=validator
 
 ```
 If CUDA is available:
+
 ```bash
 $ sudo snap set solana mode=validator enable-cuda=1
 ```
 
 By default the validator will connect to **testnet.solana.com**, override
 the leader IP address by running:
+
 ```bash
 $ sudo snap set solana mode=validator leader-address=127.0.0.1 #<-- change IP address
 ```
+
 It's assumed that the leader will be running `rsync` configured as described in
 the previous **Leader daemon** section.
 
@@ -254,9 +282,10 @@ If your rustc version is lower than 1.26.1, please update it:
 $ rustup update
 ```
 
-On Linux systems you may need to install libssl-dev and pkg-config.  On Ubuntu:
+On Linux systems you may need to install libssl-dev, pkg-config, zlib1g-dev, etc.  On Ubuntu:
+
 ```bash
-$ sudo apt-get install libssl-dev pkg-config
+$ sudo apt-get install libssl-dev pkg-config zlib1g-dev
 ```
 
 Download the source code:
@@ -276,6 +305,7 @@ $ cargo test
 ```
 
 To emulate all the tests that will run on a Pull Request, run:
+
 ```bash
 $ ./ci/run-local.sh
 ```
@@ -284,17 +314,21 @@ Debugging
 ---
 
 There are some useful debug messages in the code, you can enable them on a per-module and per-level
-basis with the normal RUST\_LOG environment variable. Run the fullnode with this syntax:
+basis.  Before running a leader or validator set the normal RUST\_LOG environment variable.
+
+For example, to enable info everywhere and debug only in the solana::banking_stage module:
+
 ```bash
-$ RUST_LOG=solana::streamer=debug,solana::server=info cat genesis.log | ./target/release/solana-fullnode > transactions0.log
+$ export RUST_LOG=info,solana::banking_stage=debug
 ```
-to see the debug and info sections for streamer and server respectively. Generally
-we are using debug for infrequent debug messages, trace for potentially frequent messages and
-info for performance-related logging.
 
-Attaching to a running process with gdb:
+Generally we are using debug for infrequent debug messages, trace for potentially frequent
+messages and info for performance-related logging.
 
-```
+You can also attach to a running process with GDB.  The leader's process is named
+_solana-fullnode_:
+
+```bash
 $ sudo gdb
 attach <PID>
 set logging on
@@ -318,6 +352,11 @@ Run the benchmarks:
 $ cargo +nightly bench --features="unstable"
 ```
 
+Release Process
+---
+The release process for this project is described [here](rfcs/rfc-005-branches-tags-and-channels.md).
+
+
 Code coverage
 ---
 

RELEASE.md

@@ -0,0 +1,32 @@
+# Solana Release process
+
+## Introduction
+
+Solana uses a channel-oriented, date-based branching process described [here](https://github.com/solana-labs/solana/blob/master/rfcs/rfc-005-branches-tags-and-channels.md).
+
+## Release Steps
+
+### Changing channels
+
+When cutting a new channel branch these pre-steps are required:
+
+1. Pick your branch point for release on master.
+2. Create the branch.  The name should be "v" + the first 2 "version" fields from Cargo.toml.  For example, a Cargo.toml with version = "0.9.0" implies the next branch name is "v0.9".
+3. Update Cargo.toml to the next semantic version (e.g. 0.9.0 -> 0.10.0).
+4. Push your new branch to solana.git
+5. Land your Carto.toml change as a master PR.
+
+At this point, ci/channel-info.sh should show your freshly cut release branch as "BETA_CHANNEL" and the previous release branch as "STABLE_CHANNEL".
+
+### Updating channels (i.e. "making a release")
+
+We use [github's Releases UI](https://github.com/solana-labs/solana/releases) for tagging a release.
+
+1. Go [there ;)](https://github.com/solana-labs/solana/releases).
+2. Click "Draft new release".
+3. If the first major release on the branch (e.g. v0.8.0), paste in [this template](https://raw.githubusercontent.com/solana-labs/solana/master/.github/RELEASE_TEMPLATE.md) and fill it in.
+4. Test the release by generating a tag using semver's rules.  First try at a release should be <branchname>.X-rc.0.
+5. Verify release automation:
+   1. [Crates.io](https://crates.io/crates/solana) should have an updated Solana version.
+   2. ...
+6. After testnet deployment, verify that testnets are running correct software.  http://metrics.solana.com should show testnet running on a hash from your newly created branch.

_config.yml

@@ -1 +0,0 @@
-theme: jekyll-theme-slate

benches/bank.rs

@@ -1,18 +1,20 @@
-#[macro_use]
-extern crate criterion;
+#![feature(test)]
 extern crate bincode;
 extern crate rayon;
 extern crate solana;
+extern crate test;
 
 use bincode::serialize;
-use criterion::{Bencher, Criterion};
 use rayon::prelude::*;
 use solana::bank::*;
 use solana::hash::hash;
 use solana::mint::Mint;
 use solana::signature::{Keypair, KeypairUtil};
+use solana::system_transaction::SystemTransaction;
 use solana::transaction::Transaction;
+use test::Bencher;
 
+#[bench]
 fn bench_process_transaction(bencher: &mut Bencher) {
     let mint = Mint::new(100_000_000);
     let bank = Bank::new(&mint);
@@ -23,7 +25,13 @@ fn bench_process_transaction(bencher: &mut Bencher) {
         .map(|i| {
             // Seed the 'from' account.
             let rando0 = Keypair::new();
-            let tx = Transaction::new(&mint.keypair(), rando0.pubkey(), 10_000, mint.last_id());
+            let tx = Transaction::system_move(
+                &mint.keypair(),
+                rando0.pubkey(),
+                10_000,
+                mint.last_id(),
+                0,
+            );
             assert!(bank.process_transaction(&tx).is_ok());
 
             // Seed the 'to' account and a cell for its signature.
@@ -31,36 +39,17 @@ fn bench_process_transaction(bencher: &mut Bencher) {
             bank.register_entry_id(&last_id);
 
             let rando1 = Keypair::new();
-            let tx = Transaction::new(&rando0, rando1.pubkey(), 1, last_id);
+            let tx = Transaction::system_move(&rando0, rando1.pubkey(), 1, last_id, 0);
             assert!(bank.process_transaction(&tx).is_ok());
 
             // Finally, return the transaction to the benchmark.
             tx
-        })
-        .collect();
+        }).collect();
 
-    bencher.iter_with_setup(
-        || {
-            // Since benchmarker runs this multiple times, we need to clear the signatures.
-            bank.clear_signatures();
-            transactions.clone()
-        },
-        |transactions| {
-            let results = bank.process_transactions(transactions);
-            assert!(results.iter().all(Result::is_ok));
-        },
-    )
+    bencher.iter(|| {
+        // Since benchmarker runs this multiple times, we need to clear the signatures.
+        bank.clear_signatures();
+        let results = bank.process_transactions(&transactions);
+        assert!(results.iter().all(Result::is_ok));
+    })
 }
-
-fn bench(criterion: &mut Criterion) {
-    criterion.bench_function("bench_process_transaction", |bencher| {
-        bench_process_transaction(bencher);
-    });
-}
-
-criterion_group!(
-    name = benches;
-    config = Criterion::default().sample_size(2);
-    targets = bench
-);
-criterion_main!(benches);

benches/banking_stage.rs

@@ -1,229 +1,110 @@
+#![feature(test)]
 extern crate bincode;
-#[macro_use]
-extern crate criterion;
+extern crate rand;
 extern crate rayon;
 extern crate solana;
+extern crate solana_program_interface;
+extern crate test;
 
-use criterion::{Bencher, Criterion};
+use rand::{thread_rng, Rng};
 use rayon::prelude::*;
 use solana::bank::Bank;
-use solana::banking_stage::BankingStage;
+use solana::banking_stage::{BankingStage, NUM_THREADS};
+use solana::entry::Entry;
 use solana::mint::Mint;
-use solana::packet::{to_packets_chunked, PacketRecycler};
-use solana::record_stage::Signal;
-use solana::signature::{Keypair, KeypairUtil};
+use solana::packet::to_packets_chunked;
+use solana::signature::{KeypairUtil, Signature};
+use solana::system_transaction::SystemTransaction;
 use solana::transaction::Transaction;
+use solana_program_interface::pubkey::Pubkey;
 use std::iter;
 use std::sync::mpsc::{channel, Receiver};
 use std::sync::Arc;
+use std::time::Duration;
+use test::Bencher;
 
-// use self::test::Bencher;
-// use bank::{Bank, MAX_ENTRY_IDS};
-// use bincode::serialize;
-// use hash::hash;
-// use mint::Mint;
-// use rayon::prelude::*;
-// use signature::{Keypair, KeypairUtil};
-// use std::collections::HashSet;
-// use std::time::Instant;
-// use transaction::Transaction;
-//
-// fn bench_process_transactions(_bencher: &mut Bencher) {
-//     let mint = Mint::new(100_000_000);
-//     let bank = Bank::new(&mint);
-//     // Create transactions between unrelated parties.
-//     let txs = 100_000;
-//     let last_ids: Mutex<HashSet<Hash>> = Mutex::new(HashSet::new());
-//     let transactions: Vec<_> = (0..txs)
-//         .into_par_iter()
-//         .map(|i| {
-//             // Seed the 'to' account and a cell for its signature.
-//             let dummy_id = i % (MAX_ENTRY_IDS as i32);
-//             let last_id = hash(&serialize(&dummy_id).unwrap()); // Semi-unique hash
-//             {
-//                 let mut last_ids = last_ids.lock().unwrap();
-//                 if !last_ids.contains(&last_id) {
-//                     last_ids.insert(last_id);
-//                     bank.register_entry_id(&last_id);
-//                 }
-//             }
-//
-//             // Seed the 'from' account.
-//             let rando0 = Keypair::new();
-//             let tx = Transaction::new(&mint.keypair(), rando0.pubkey(), 1_000, last_id);
-//             bank.process_transaction(&tx).unwrap();
-//
-//             let rando1 = Keypair::new();
-//             let tx = Transaction::new(&rando0, rando1.pubkey(), 2, last_id);
-//             bank.process_transaction(&tx).unwrap();
-//
-//             // Finally, return a transaction that's unique
-//             Transaction::new(&rando0, rando1.pubkey(), 1, last_id)
-//         })
-//         .collect();
-//
-//     let banking_stage = EventProcessor::new(bank, &mint.last_id(), None);
-//
-//     let now = Instant::now();
-//     assert!(banking_stage.process_transactions(transactions).is_ok());
-//     let duration = now.elapsed();
-//     let sec = duration.as_secs() as f64 + duration.subsec_nanos() as f64 / 1_000_000_000.0;
-//     let tps = txs as f64 / sec;
-//
-//     // Ensure that all transactions were successfully logged.
-//     drop(banking_stage.historian_input);
-//     let entries: Vec<Entry> = banking_stage.output.lock().unwrap().iter().collect();
-//     assert_eq!(entries.len(), 1);
-//     assert_eq!(entries[0].transactions.len(), txs as usize);
-//
-//     println!("{} tps", tps);
-// }
-
-fn check_txs(receiver: &Receiver<Signal>, ref_tx_count: usize) {
+fn check_txs(receiver: &Receiver<Vec<Entry>>, ref_tx_count: usize) {
     let mut total = 0;
     loop {
-        let signal = receiver.recv().unwrap();
-        if let Signal::Transactions(transactions) = signal {
-            total += transactions.len();
-            if total >= ref_tx_count {
-                break;
+        let entries = receiver.recv_timeout(Duration::new(1, 0));
+        if let Ok(entries) = entries {
+            for entry in &entries {
+                total += entry.transactions.len();
             }
         } else {
-            assert!(false);
+            break;
+        }
+        if total >= ref_tx_count {
+            break;
         }
     }
     assert_eq!(total, ref_tx_count);
 }
 
+#[bench]
 fn bench_banking_stage_multi_accounts(bencher: &mut Bencher) {
-    let tx = 10_000_usize;
+    let txes = 1000 * NUM_THREADS;
     let mint_total = 1_000_000_000_000;
     let mint = Mint::new(mint_total);
-    let num_dst_accounts = 8 * 1024;
-    let num_src_accounts = 8 * 1024;
-
-    let srckeys: Vec<_> = (0..num_src_accounts).map(|_| Keypair::new()).collect();
-    let dstkeys: Vec<_> = (0..num_dst_accounts)
-        .map(|_| Keypair::new().pubkey())
-        .collect();
-
-    let transactions: Vec<_> = (0..tx)
-        .map(|i| {
-            Transaction::new(
-                &srckeys[i % num_src_accounts],
-                dstkeys[i % num_dst_accounts],
-                i as i64,
-                mint.last_id(),
-            )
-        })
-        .collect();
 
     let (verified_sender, verified_receiver) = channel();
-    let (signal_sender, signal_receiver) = channel();
-    let packet_recycler = PacketRecycler::default();
-
-    let setup_transactions: Vec<_> = (0..num_src_accounts)
-        .map(|i| {
-            Transaction::new(
-                &mint.keypair(),
-                srckeys[i].pubkey(),
-                mint_total / num_src_accounts as i64,
-                mint.last_id(),
-            )
-        })
-        .collect();
-
-    bencher.iter(move || {
-        let bank = Arc::new(Bank::new(&mint));
-
-        let verified_setup: Vec<_> =
-            to_packets_chunked(&packet_recycler, &setup_transactions.clone(), tx)
-                .into_iter()
-                .map(|x| {
-                    let len = (*x).read().unwrap().packets.len();
-                    (x, iter::repeat(1).take(len).collect())
-                })
-                .collect();
-
-        let verified_setup_len = verified_setup.len();
-        verified_sender.send(verified_setup).unwrap();
-        BankingStage::process_packets(&bank, &verified_receiver, &signal_sender, &packet_recycler)
-            .unwrap();
-
-        check_txs(&signal_receiver, num_src_accounts);
-
-        let verified: Vec<_> = to_packets_chunked(&packet_recycler, &transactions.clone(), 192)
-            .into_iter()
-            .map(|x| {
-                let len = (*x).read().unwrap().packets.len();
-                (x, iter::repeat(1).take(len).collect())
-            })
-            .collect();
-
-        let verified_len = verified.len();
-        verified_sender.send(verified).unwrap();
-        BankingStage::process_packets(&bank, &verified_receiver, &signal_sender, &packet_recycler)
-            .unwrap();
-
-        check_txs(&signal_receiver, tx);
-    });
-}
-
-fn bench_banking_stage_single_from(bencher: &mut Bencher) {
-    let tx = 10_000_usize;
-    let mint = Mint::new(1_000_000_000_000);
-    let mut pubkeys = Vec::new();
-    let num_keys = 8;
-    for _ in 0..num_keys {
-        pubkeys.push(Keypair::new().pubkey());
-    }
-
-    let transactions: Vec<_> = (0..tx)
+    let bank = Arc::new(Bank::new(&mint));
+    let dummy = Transaction::system_move(
+        &mint.keypair(),
+        mint.keypair().pubkey(),
+        1,
+        mint.last_id(),
+        0,
+    );
+    let transactions: Vec<_> = (0..txes)
         .into_par_iter()
-        .map(|i| {
-            Transaction::new(
-                &mint.keypair(),
-                pubkeys[i % num_keys],
-                i as i64,
-                mint.last_id(),
-            )
-        })
-        .collect();
-
-    let (verified_sender, verified_receiver) = channel();
-    let (signal_sender, signal_receiver) = channel();
-    let packet_recycler = PacketRecycler::default();
-
+        .map(|_| {
+            let mut new = dummy.clone();
+            let from: Vec<u8> = (0..64).map(|_| thread_rng().gen()).collect();
+            let to: Vec<u8> = (0..64).map(|_| thread_rng().gen()).collect();
+            let sig: Vec<u8> = (0..64).map(|_| thread_rng().gen()).collect();
+            new.keys[0] = Pubkey::new(&from[0..32]);
+            new.keys[1] = Pubkey::new(&to[0..32]);
+            new.signature = Signature::new(&sig[0..64]);
+            new
+        }).collect();
+    // fund all the accounts
+    transactions.iter().for_each(|tx| {
+        let fund = Transaction::system_move(
+            &mint.keypair(),
+            tx.keys[0],
+            mint_total / txes as i64,
+            mint.last_id(),
+            0,
+        );
+        assert!(bank.process_transaction(&fund).is_ok());
+    });
+    //sanity check, make sure all the transactions can execute sequentially
+    transactions.iter().for_each(|tx| {
+        let res = bank.process_transaction(&tx);
+        assert!(res.is_ok(), "sanity test transactions");
+    });
+    bank.clear_signatures();
+    //sanity check, make sure all the transactions can execute in parallel
+    let res = bank.process_transactions(&transactions);
+    for r in res {
+        assert!(r.is_ok(), "sanity parallel execution");
+    }
+    bank.clear_signatures();
+    let verified: Vec<_> = to_packets_chunked(&transactions.clone(), 192)
+        .into_iter()
+        .map(|x| {
+            let len = x.read().unwrap().packets.len();
+            (x, iter::repeat(1).take(len).collect())
+        }).collect();
+    let (_stage, signal_receiver) = BankingStage::new(&bank, verified_receiver, Default::default());
     bencher.iter(move || {
-        let bank = Arc::new(Bank::new(&mint));
-        let verified: Vec<_> = to_packets_chunked(&packet_recycler, &transactions.clone(), tx)
-            .into_iter()
-            .map(|x| {
-                let len = (*x).read().unwrap().packets.len();
-                (x, iter::repeat(1).take(len).collect())
-            })
-            .collect();
-        let verified_len = verified.len();
-        verified_sender.send(verified).unwrap();
-        BankingStage::process_packets(&bank, &verified_receiver, &signal_sender, &packet_recycler)
-            .unwrap();
-
-        check_txs(&signal_receiver, tx);
+        for v in verified.chunks(verified.len() / NUM_THREADS) {
+            verified_sender.send(v.to_vec()).unwrap();
+        }
+        check_txs(&signal_receiver, txes);
+        bank.clear_signatures();
+        // make sure the tx last id is still registered
+        bank.register_entry_id(&mint.last_id());
     });
 }
-
-fn bench(criterion: &mut Criterion) {
-    criterion.bench_function("bench_banking_stage_multi_accounts", |bencher| {
-        bench_banking_stage_multi_accounts(bencher);
-    });
-    criterion.bench_function("bench_process_stage_single_from", |bencher| {
-        bench_banking_stage_single_from(bencher);
-    });
-}
-
-criterion_group!(
-    name = benches;
-    config = Criterion::default().sample_size(2);
-    targets = bench
-);
-criterion_main!(benches);

benches/ledger.rs

@@ -1,40 +1,25 @@
-#[macro_use]
-extern crate criterion;
+#![feature(test)]
 extern crate solana;
+extern crate test;
 
-use criterion::{Bencher, Criterion};
 use solana::hash::{hash, Hash};
 use solana::ledger::{next_entries, reconstruct_entries_from_blobs, Block};
-use solana::packet::BlobRecycler;
 use solana::signature::{Keypair, KeypairUtil};
+use solana::system_transaction::SystemTransaction;
 use solana::transaction::Transaction;
-use std::collections::VecDeque;
+use test::Bencher;
 
+#[bench]
 fn bench_block_to_blobs_to_block(bencher: &mut Bencher) {
     let zero = Hash::default();
     let one = hash(&zero.as_ref());
     let keypair = Keypair::new();
-    let tx0 = Transaction::new(&keypair, keypair.pubkey(), 1, one);
+    let tx0 = Transaction::system_move(&keypair, keypair.pubkey(), 1, one, 0);
     let transactions = vec![tx0; 10];
     let entries = next_entries(&zero, 1, transactions);
 
-    let blob_recycler = BlobRecycler::default();
     bencher.iter(|| {
-        let mut blob_q = VecDeque::new();
-        entries.to_blobs(&blob_recycler, &mut blob_q);
-        assert_eq!(reconstruct_entries_from_blobs(blob_q).unwrap(), entries);
+        let blobs = entries.to_blobs();
+        assert_eq!(reconstruct_entries_from_blobs(blobs).unwrap(), entries);
     });
 }
-
-fn bench(criterion: &mut Criterion) {
-    criterion.bench_function("bench_block_to_blobs_to_block", |bencher| {
-        bench_block_to_blobs_to_block(bencher);
-    });
-}
-
-criterion_group!(
-    name = benches;
-    config = Criterion::default().sample_size(2);
-    targets = bench
-);
-criterion_main!(benches);

benches/signature.rs

@@ -1,24 +1,12 @@
-#[macro_use]
-extern crate criterion;
+#![feature(test)]
 extern crate solana;
+extern crate test;
 
-use criterion::{Bencher, Criterion};
 use solana::signature::GenKeys;
+use test::Bencher;
 
+#[bench]
 fn bench_gen_keys(b: &mut Bencher) {
     let mut rnd = GenKeys::new([0u8; 32]);
     b.iter(|| rnd.gen_n_keypairs(1000));
 }
-
-fn bench(criterion: &mut Criterion) {
-    criterion.bench_function("bench_gen_keys", |bencher| {
-        bench_gen_keys(bencher);
-    });
-}
-
-criterion_group!(
-    name = benches;
-    config = Criterion::default().sample_size(2);
-    targets = bench
-);
-criterion_main!(benches);

benches/sigverify.rs

@@ -1,36 +1,23 @@
-#[macro_use]
-extern crate criterion;
+#![feature(test)]
 extern crate bincode;
 extern crate rayon;
 extern crate solana;
+extern crate test;
 
-use criterion::{Bencher, Criterion};
-use solana::packet::{to_packets, PacketRecycler};
+use solana::packet::to_packets;
 use solana::sigverify;
-use solana::transaction::test_tx;
+use solana::system_transaction::test_tx;
+use test::Bencher;
 
+#[bench]
 fn bench_sigverify(bencher: &mut Bencher) {
     let tx = test_tx();
 
     // generate packet vector
-    let packet_recycler = PacketRecycler::default();
-    let batches = to_packets(&packet_recycler, &vec![tx; 128]);
+    let batches = to_packets(&vec![tx; 128]);
 
     // verify packets
     bencher.iter(|| {
         let _ans = sigverify::ed25519_verify(&batches);
     })
 }
-
-fn bench(criterion: &mut Criterion) {
-    criterion.bench_function("bench_sigverify", |bencher| {
-        bench_sigverify(bencher);
-    });
-}
-
-criterion_group!(
-    name = benches;
-    config = Criterion::default().sample_size(2);
-    targets = bench
-);
-criterion_main!(benches);

build.rs

@@ -1,15 +1,33 @@
 use std::env;
+use std::fs;
 
 fn main() {
-    println!("cargo:rustc-link-search=native=.");
-    if !env::var("CARGO_FEATURE_CUDA").is_err() {
+    println!("cargo:rerun-if-changed=target/perf-libs");
+    println!("cargo:rerun-if-changed=build.rs");
+
+    // Ensure target/perf-libs/ exists.  It's been observed that
+    // a cargo:rerun-if-changed= directive with a non-existent
+    // directory triggers a rebuild on every |cargo build| invocation
+    fs::create_dir("target/perf-libs").unwrap_or_else(|err| {
+        if err.kind() != std::io::ErrorKind::AlreadyExists {
+            panic!("Unable to create target/perf-libs: {:?}", err);
+        }
+    });
+
+    let cuda = !env::var("CARGO_FEATURE_CUDA").is_err();
+    let erasure = !env::var("CARGO_FEATURE_ERASURE").is_err();
+
+    if cuda || erasure {
+        println!("cargo:rustc-link-search=native=target/perf-libs");
+    }
+    if cuda {
         println!("cargo:rustc-link-lib=static=cuda_verify_ed25519");
         println!("cargo:rustc-link-search=native=/usr/local/cuda/lib64");
         println!("cargo:rustc-link-lib=dylib=cudart");
         println!("cargo:rustc-link-lib=dylib=cuda");
         println!("cargo:rustc-link-lib=dylib=cudadevrt");
     }
-    if !env::var("CARGO_FEATURE_ERASURE").is_err() {
+    if erasure {
         println!("cargo:rustc-link-lib=dylib=Jerasure");
         println!("cargo:rustc-link-lib=dylib=gf_complete");
     }

ci/audit.sh

@@ -16,10 +16,10 @@ _() {
 
 maybe_cargo_install() {
   for cmd in "$@"; do
-    set +e 
+    set +e
     cargo "$cmd" --help > /dev/null 2>&1
     declare exitcode=$?
-    set -e 
+    set -e
     if [[ $exitcode -eq 101 ]]; then
       _ cargo install cargo-"$cmd"
     fi
@@ -29,4 +29,4 @@ maybe_cargo_install() {
 maybe_cargo_install audit tree
 
 _ cargo tree
-_ cargo audit
+_ cargo audit || true

ci/buildkite-secondary.yml

@@ -0,0 +1,7 @@
+steps:
+  - command: "ci/snap.sh"
+    timeout_in_minutes: 40
+    name: "snap [public]"
+  - command: "ci/docker-solana/build.sh"
+    timeout_in_minutes: 20
+    name: "docker-solana"

ci/buildkite-snap.yml

@@ -1,4 +0,0 @@
-steps:
-  - command: "ci/snap.sh"
-    timeout_in_minutes: 40
-    name: "snap [public]"

ci/buildkite.yml

@@ -1,18 +1,18 @@
 steps:
-  - command: "ci/docker-run.sh solanalabs/rust ci/test-stable.sh"
+  - command: "ci/docker-run.sh solanalabs/rust:1.29.1 ci/test-stable.sh"
     name: "stable [public]"
     env:
       CARGO_TARGET_CACHE_NAME: "stable"
     timeout_in_minutes: 30
-  - command: "ci/docker-run.sh solanalabs/rust ci/test-bench.sh"
+  - command: "ci/docker-run.sh solanalabs/rust-nightly ci/test-bench.sh"
     name: "bench [public]"
     env:
-      CARGO_TARGET_CACHE_NAME: "stable"
+      CARGO_TARGET_CACHE_NAME: "nightly"
     timeout_in_minutes: 30
   - command: "ci/shellcheck.sh"
     name: "shellcheck [public]"
     timeout_in_minutes: 20
-  - command: "ci/docker-run.sh solanalabs/rust-nightly ci/test-nightly.sh"
+  - command: "ci/docker-run.sh solanalabs/rust-nightly:2018-09-03 ci/test-nightly.sh || true"
     name: "nightly [public]"
     env:
       CARGO_TARGET_CACHE_NAME: "nightly"
@@ -24,13 +24,14 @@ steps:
     timeout_in_minutes: 20
     agents:
       - "queue=cuda"
-  - command: "ci/test-large-network.sh"
-    name: "large-network [public]"
-    env:
-      CARGO_TARGET_CACHE_NAME: "stable"
-    timeout_in_minutes: 20
-    agents:
-      - "queue=large"
+  # TODO: Fix and re-enable test-large-network.sh
+  # - command: "ci/test-large-network.sh || true"
+  #   name: "large-network [public] [ignored]"
+  #   env:
+  #     CARGO_TARGET_CACHE_NAME: "stable"
+  #   timeout_in_minutes: 20
+  #   agents:
+  #     - "queue=large"
   - command: "ci/pr-snap.sh"
     timeout_in_minutes: 20
     name: "snap [public]"
@@ -38,7 +39,7 @@ steps:
   - command: "ci/publish-crate.sh"
     timeout_in_minutes: 20
     name: "publish crate [public]"
-  - trigger: "solana-snap"
+  - trigger: "solana-secondary"
     branches: "!pull/*"
     async: true
     build:

ci/channel-info.sh

@@ -0,0 +1,91 @@
+#!/bin/bash
+#
+# Computes the current branch names of the edge, beta and stable
+# channels, as well as the latest tagged release for beta and stable.
+#
+# stdout of this script may be eval-ed
+#
+
+here="$(dirname "$0")"
+
+# shellcheck source=ci/semver_bash/semver.sh
+source "$here"/semver_bash/semver.sh
+
+remote=https://github.com/solana-labs/solana.git
+
+# Fetch all vX.Y.Z tags
+#
+# NOTE: pre-release tags are explicitly ignored
+#
+# shellcheck disable=SC2207
+tags=( \
+  $(git ls-remote --tags $remote \
+    | cut -c52- \
+    | grep '^v[[:digit:]][[:digit:]]*\.[[:digit:]][[:digit:]]*.[[:digit:]][[:digit:]]*$' \
+    | cut -c2- \
+  ) \
+)
+
+# Fetch all the vX.Y branches
+#
+# shellcheck disable=SC2207
+heads=( \
+  $(git ls-remote --heads $remote \
+    | cut -c53- \
+    | grep '^v[[:digit:]][[:digit:]]*\.[[:digit:]][[:digit:]]*$' \
+    | cut -c2- \
+  ) \
+)
+
+# Figure the beta channel by looking for the largest vX.Y branch
+beta=
+for head in "${heads[@]}"; do
+  if [[ -n $beta ]]; then
+    if semverLT "$head.0" "$beta.0"; then
+      continue
+    fi
+  fi
+  beta=$head
+done
+
+# Figure the stable channel by looking for the second largest vX.Y branch
+stable=
+for head in "${heads[@]}"; do
+  if [[ $head = "$beta" ]]; then
+    continue
+  fi
+  if [[ -n $stable ]]; then
+    if semverLT "$head.0" "$stable.0"; then
+      continue
+    fi
+  fi
+  stable=$head
+done
+
+for tag in "${tags[@]}"; do
+  if [[ -n $beta && $tag = $beta* ]]; then
+    if [[ -n $beta_tag ]]; then
+      if semverLT "$tag" "$beta_tag"; then
+        continue
+      fi
+    fi
+    beta_tag=$tag
+  fi
+
+  if [[ -n $stable && $tag = $stable* ]]; then
+    if [[ -n $stable_tag ]]; then
+      if semverLT "$tag" "$stable_tag"; then
+        continue
+      fi
+    fi
+    stable_tag=$tag
+  fi
+done
+
+echo EDGE_CHANNEL=master
+echo BETA_CHANNEL="${beta:+v$beta}"
+echo STABLE_CHANNEL="${stable:+v$stable}"
+echo BETA_CHANNEL_LATEST_TAG="${beta_tag:+v$beta_tag}"
+echo STABLE_CHANNEL_LATEST_TAG="${stable_tag:+v$stable_tag}"
+
+exit 0

ci/docker-run.sh

@@ -1,22 +1,37 @@
 #!/bin/bash -e
 
 usage() {
-  echo "Usage: $0 [docker image name] [command]"
+  echo "Usage: $0 [--nopull] [docker image name] [command]"
   echo
   echo Runs command in the specified docker image with
-  echo a CI-appropriate environment
+  echo a CI-appropriate environment.
+  echo
+  echo "--nopull   Skip the dockerhub image update"
+  echo "--shell    Skip command and enter an interactive shell"
   echo
 }
 
 cd "$(dirname "$0")/.."
 
+INTERACTIVE=false
+if [[ $1 = --shell ]]; then
+  INTERACTIVE=true
+  shift
+fi
+
+NOPULL=false
+if [[ $1 = --nopull ]]; then
+  NOPULL=true
+  shift
+fi
+
 IMAGE="$1"
 if [[ -z "$IMAGE" ]]; then
   echo Error: image not defined
   exit 1
 fi
 
-docker pull "$IMAGE"
+$NOPULL || docker pull "$IMAGE"
 shift
 
 ARGS=(
@@ -26,9 +41,14 @@ ARGS=(
 )
 
 if [[ -n $CI ]]; then
+  # Share the real ~/.cargo between docker containers in CI for speed
   ARGS+=(--volume "$HOME:/home")
-  ARGS+=(--env "CARGO_HOME=/home/.cargo")
+else
+  # Avoid sharing ~/.cargo when building locally to avoid a mixed macOS/Linux
+  # ~/.cargo
+  ARGS+=(--volume "$PWD:/home")
 fi
+ARGS+=(--env "CARGO_HOME=/home/.cargo")
 
 # kcov tries to set the personality of the binary which docker
 # doesn't allow by default.
@@ -51,5 +71,15 @@ ARGS+=(
   --env SNAPCRAFT_CREDENTIALS_KEY
 )
 
+if $INTERACTIVE; then
+  if [[ -n $1 ]]; then
+    echo
+    echo "Note: '$*' ignored due to --shell argument"
+    echo
+  fi
+  set -x
+  exec docker run --interactive --tty "${ARGS[@]}" "$IMAGE" bash
+fi
+
 set -x
 exec docker run "${ARGS[@]}" "$IMAGE" "$@"

ci/docker-rust-nightly/Dockerfile

@@ -1,9 +1,10 @@
-FROM rustlang/rust:nightly
+FROM solanalabs/rust
+ARG date
 
-RUN rustup component add clippy-preview --toolchain=nightly && \
-    echo deb http://ftp.debian.org/debian stretch-backports main >> /etc/apt/sources.list && \
-    apt update && \
-    apt install -y \
-      llvm-6.0 \
-      && \
-    rm -rf /var/lib/apt/lists/*
+RUN set -x && \
+    rustup install nightly-$date && \
+    rustup default nightly-$date && \
+    rustup component add clippy-preview --toolchain=nightly-$date && \
+    rustc --version && \
+    cargo --version && \
+    cargo +nightly-$date install cargo-cov

ci/docker-rust-nightly/README.md

@@ -1,6 +1,36 @@
 Docker image containing rust nightly and some preinstalled crates used in CI.
 
-This image may be manually updated by running `./build.sh` if you are a member
+This image may be manually updated by running `CI=true ./build.sh` if you are a member
 of the [Solana Labs](https://hub.docker.com/u/solanalabs/) Docker Hub
 organization, but it is also automatically updated periodically by
 [this automation](https://buildkite.com/solana-labs/solana-ci-docker-rust-nightly).
+
+## Moving to a newer nightly
+
+We pin the version of nightly (see the `ARG nightly=xyz` line in `Dockerfile`)
+to avoid the build breaking at unexpected times, as occasionally nightly will
+introduce breaking changes.
+
+To update the pinned version:
+1. Run `ci/docker-rust-nightly/build.sh` to rebuild the nightly image locally,
+   or potentially `ci/docker-rust-nightly/build.sh YYYY-MM-DD` if there's a
+   specific YYYY-MM-DD that is desired (default is today's build).
+1. Run `SOLANA_DOCKER_RUN_NOSETUID=1 ci/docker-run.sh --nopull solanalabs/rust-nightly:YYYY-MM-DD ci/test-nightly.sh`
+   to confirm the new nightly image builds.  Fix any issues as needed
+1. Run `docker login` to enable pushing images to Docker Hub, if you're authorized.
+1. Run `CI=true ci/docker-rust-nightly/build.sh YYYY-MM-DD` to push the new nightly image to dockerhub.com.
+1. Modify the `solanalabs/rust-nightly:YYYY-MM-DD` reference in `ci/buildkite.yml` from the previous to
+   new *YYYY-MM-DD* value, send a PR with this change and any codebase adjustments needed.
+
+## Troubleshooting
+
+### Resource is denied
+
+When running `CI=true ci/docker-rust-nightly/build.sh`, you see:
+
+```
+denied: requested access to the resource is denied
+```
+
+Run `docker login` to enable pushing images to Docker Hub. Contact @mvines or @garious
+to get write access.

ci/docker-rust-nightly/build.sh

@@ -2,5 +2,12 @@
 
 cd "$(dirname "$0")"
 
-docker build -t solanalabs/rust-nightly .
-docker push solanalabs/rust-nightly
+nightlyDate=${1:-$(date +%Y-%m-%d)}
+docker build -t solanalabs/rust-nightly:"$nightlyDate" --build-arg date="$nightlyDate" .
+
+maybeEcho=
+if [[ -z $CI ]]; then
+  echo "Not CI, skipping |docker push|"
+  maybeEcho="echo"
+fi
+$maybeEcho docker push solanalabs/rust-nightly:"$nightlyDate"

ci/docker-rust/Dockerfile

@@ -1,15 +1,24 @@
-FROM rust:1.28
+# Note: when the rust version is changed also modify
+# ci/buildkite.yml to pick up the new image tag
+FROM rust:1.29.1
 
-RUN apt update && \
+RUN set -x && \
+    apt update && \
     apt-get install apt-transport-https && \
     echo deb https://apt.buildkite.com/buildkite-agent stable main > /etc/apt/sources.list.d/buildkite-agent.list && \
+    echo deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main > /etc/apt/sources.list.d/llvm.list && \
     apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 32A37959C2FA5C3C99EFBC32A79206696452D198 && \
+    wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - && \
     apt update && \
     apt install -y \
       buildkite-agent \
+      cmake \
+      llvm-6.0 \
       rsync \
       sudo \
-      cmake \
       && \
     rustup component add rustfmt-preview && \
-    rm -rf /var/lib/apt/lists/*
+    rustup component add clippy-preview && \
+    rm -rf /var/lib/apt/lists/* && \
+    rustc --version && \
+    cargo --version

ci/docker-rust/build.sh

@@ -3,4 +3,9 @@
 cd "$(dirname "$0")"
 
 docker build -t solanalabs/rust .
+
+read -r rustc version _ < <(docker run solanalabs/rust rustc --version)
+[[ $rustc = rustc ]]
+docker tag solanalabs/rust:latest solanalabs/rust:"$version"
+
 docker push solanalabs/rust

ci/docker-solana/.gitignore

@@ -0,0 +1 @@
+cargo-install/

ci/docker-solana/Dockerfile

@@ -0,0 +1,13 @@
+FROM debian:stretch
+
+# JSON RPC port
+EXPOSE 8899/tcp
+
+# Install libssl
+RUN apt update && \
+    apt-get install -y libssl-dev && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY usr/bin /usr/bin/
+ENTRYPOINT [ "/usr/bin/solana-entrypoint.sh" ]
+CMD [""]

ci/docker-solana/README.md

@@ -0,0 +1,17 @@
+## Minimal Solana Docker image
+This image is automatically updated by CI
+
+https://hub.docker.com/r/solanalabs/solana/
+
+### Usage:
+Run the latest beta image:
+```bash
+$ docker run --rm -p 8899:8899 solanalabs/solana:beta
+```
+
+Run the latest edge image:
+```bash
+$ docker run --rm -p 8899:8899 solanalabs/solana:edge
+```
+
+Port *8899* is the JSON RPC port, which is used by clients to communicate with the network.

ci/docker-solana/build.sh

@@ -0,0 +1,38 @@
+#!/bin/bash -ex
+
+cd "$(dirname "$0")"
+eval "$(../channel-info.sh)"
+
+if [[ $BUILDKITE_BRANCH = "$STABLE_CHANNEL" ]]; then
+  CHANNEL=stable
+elif [[ $BUILDKITE_BRANCH = "$EDGE_CHANNEL" ]]; then
+  CHANNEL=edge
+elif [[ $BUILDKITE_BRANCH = "$BETA_CHANNEL" ]]; then
+  CHANNEL=beta
+fi
+
+if [[ -z $CHANNEL ]]; then
+  echo Unable to determine channel to publish into, exiting.
+  exit 0
+fi
+
+rm -rf usr/
+../docker-run.sh solanalabs/rust:1.29.1 \
+  cargo install --path . --root ci/docker-solana/usr
+cp -f entrypoint.sh usr/bin/solana-entrypoint.sh
+
+docker build -t solanalabs/solana:$CHANNEL .
+
+maybeEcho=
+if [[ -z $CI ]]; then
+  echo "Not CI, skipping |docker push|"
+  maybeEcho="echo"
+else
+  (
+    set +x
+    if [[ -n $DOCKER_PASSWORD && -n $DOCKER_USERNAME ]]; then
+      echo "$DOCKER_PASSWORD" | docker login --username "$DOCKER_USERNAME" --password-stdin
+    fi
+  )
+fi
+$maybeEcho docker push solanalabs/solana:$CHANNEL

ci/docker-solana/entrypoint.sh

@@ -0,0 +1,23 @@
+#!/bin/bash -ex
+
+export RUST_LOG=solana=info
+export RUST_BACKTRACE=1
+
+solana-keygen -o /config/leader-keypair.json
+solana-keygen -o /config/drone-keypair.json
+
+solana-genesis --tokens=1000000000 --ledger /ledger < /config/drone-keypair.json
+solana-fullnode-config --keypair=/config/leader-keypair.json -l > /config/leader-config.json
+
+solana-drone --keypair /config/drone-keypair.json --network 127.0.0.1:8001 &
+drone=$!
+solana-fullnode --identity /config/leader-config.json --ledger /ledger/ &
+fullnode=$!
+
+abort() {
+  kill "$drone" "$fullnode"
+}
+
+trap abort SIGINT SIGTERM
+wait "$fullnode"
+kill "$drone" "$fullnode"

ci/hoover.sh

@@ -40,10 +40,10 @@ echo --- Remove unused docker networks
   docker network prune -f
 )
 
-echo "--- Delete /tmp files older than 1 day owned by $(whoami)"
+echo "--- Delete /tmp files older than 1 day owned by $(id -un)"
 (
   set -x
-  find /tmp -maxdepth 1 -user "$(whoami)" -mtime +1 -print0 | xargs -0 rm -rf
+  find /tmp -maxdepth 1 -user "$(id -un)" -mtime +1 -print0 | xargs -0 rm -rf
 )
 
 echo --- Deleting stale buildkite agent build directories

ci/install-earlyoom.sh

@@ -1,32 +0,0 @@
-#!/bin/bash -x
-#
-# Install EarlyOOM
-#
-
-[[ $(uname) = Linux ]] || exit 1
-
-# 64 - enable signalling of processes (term, kill, oom-kill)
-# TODO: This setting will not persist across reboots
-sysrq=$(( $(cat /proc/sys/kernel/sysrq) | 64 ))
-sudo sysctl -w kernel.sysrq=$sysrq
-
-if command -v earlyoom; then
-  sudo systemctl status earlyoom
-  exit 0
-fi
-
-wget http://ftp.us.debian.org/debian/pool/main/e/earlyoom/earlyoom_1.1-2_amd64.deb
-sudo apt install --quiet --yes ./earlyoom_1.1-2_amd64.deb
-
-cat > earlyoom <<OOM
-# use the kernel OOM killer, trigger at 20% available RAM,
-EARLYOOM_ARGS="-k -m 20"
-OOM
-sudo cp earlyoom /etc/default/
-rm earlyoom
-
-sudo systemctl stop earlyoom
-sudo systemctl enable earlyoom
-sudo systemctl start earlyoom
-
-exit 0

ci/localnet-sanity.sh

@@ -6,9 +6,9 @@
 
 cd "$(dirname "$0")"/..
 source ci/upload_ci_artifact.sh
-source multinode-demo/common.sh
+source scripts/configure-metrics.sh
 
-./multinode-demo/setup.sh
+multinode-demo/setup.sh
 
 backgroundCommands="drone leader validator validator-x"
 pids=()
@@ -16,7 +16,7 @@ pids=()
 for cmd in $backgroundCommands; do
   echo "--- Start $cmd"
   rm -f log-"$cmd".txt
-  ./multinode-demo/"$cmd".sh > log-"$cmd".txt 2>&1 &
+  multinode-demo/"$cmd".sh > log-"$cmd".txt 2>&1 &
   declare pid=$!
   pids+=("$pid")
   echo "pid: $pid"
@@ -64,21 +64,28 @@ flag_error() {
 echo "--- Wallet sanity"
 (
   set -x
-  multinode-demo/test/wallet-sanity.sh
+  scripts/wallet-sanity.sh
 ) || flag_error
 
 echo "--- Node count"
 (
+  source multinode-demo/common.sh
   set -x
-  ./multinode-demo/client.sh "$PWD" 3 -c --addr 127.0.0.1
+  client_id=/tmp/client-id.json-$$
+  $solana_keygen -o $client_id
+  $solana_bench_tps --identity $client_id --num-nodes 3 --reject-extra-nodes --converge-only
+  rm -rf $client_id
 ) || flag_error
 
 killBackgroundCommands
 
 echo "--- Ledger verification"
 (
+  source multinode-demo/common.sh
   set -x
-  $solana_ledger_tool --ledger "$SOLANA_CONFIG_DIR"/ledger verify
+  cp -R "$SOLANA_CONFIG_DIR"/ledger /tmp/ledger-$$
+  $solana_ledger_tool --ledger /tmp/ledger-$$ verify
+  rm -rf /tmp/ledger-$$
 ) || flag_error
 
 echo +++

ci/semver_bash/LICENSE

@@ -0,0 +1,26 @@
+Copyright (c) 2013, Ray Bejjani
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met: 
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer. 
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution. 
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+The views and conclusions contained in the software and documentation are those
+of the authors and should not be interpreted as representing official policies, 
+either expressed or implied, of the FreeBSD Project.

ci/semver_bash/README.md

@@ -0,0 +1,31 @@
+semver_bash is a bash parser for semantic versioning
+====================================================
+
+[Semantic Versioning](http://semver.org/) is a set of guidelines that help keep
+version and version management sane. This is a bash based parser to help manage
+a project's versions. Use it from a Makefile or any scripts you use in your
+project.
+
+Usage
+-----
+semver_bash can be used from the command line as:  
+
+    $ ./semver.sh "3.2.1" "3.2.1-alpha"  
+    3.2.1 -> M: 3 m:2 p:1 s:  
+    3.2.1-alpha -> M: 3 m:2 p:1 s:-alpha  
+    3.2.1 == 3.2.1-alpha -> 1.  
+    3.2.1 < 3.2.1-alpha -> 1.  
+    3.2.1 > 3.2.1-alpha -> 0.
+
+
+Alternatively, you can source it from within a script:
+
+    . ./semver.sh  
+    
+    local MAJOR=0  
+    local MINOR=0  
+    local PATCH=0  
+    local SPECIAL=""
+    
+    semverParseInto "1.2.3" MAJOR MINOR PATCH SPECIAL  
+    semverParseInto "3.2.1" MAJOR MINOR PATCH SPECIAL  

ci/semver_bash/semver.sh

@@ -0,0 +1,130 @@
+#!/usr/bin/env sh
+
+function semverParseInto() {
+    local RE='[^0-9]*\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\)\([0-9A-Za-z-]*\)'
+    #MAJOR
+    eval $2=`echo $1 | sed -e "s#$RE#\1#"`
+    #MINOR
+    eval $3=`echo $1 | sed -e "s#$RE#\2#"`
+    #MINOR
+    eval $4=`echo $1 | sed -e "s#$RE#\3#"`
+    #SPECIAL
+    eval $5=`echo $1 | sed -e "s#$RE#\4#"`
+}
+
+function semverEQ() {
+    local MAJOR_A=0
+    local MINOR_A=0
+    local PATCH_A=0
+    local SPECIAL_A=0
+
+    local MAJOR_B=0
+    local MINOR_B=0
+    local PATCH_B=0
+    local SPECIAL_B=0
+
+    semverParseInto $1 MAJOR_A MINOR_A PATCH_A SPECIAL_A
+    semverParseInto $2 MAJOR_B MINOR_B PATCH_B SPECIAL_B
+
+    if [ $MAJOR_A -ne $MAJOR_B ]; then
+        return 1
+    fi
+
+    if [ $MINOR_A -ne $MINOR_B ]; then
+        return 1
+    fi
+
+    if [ $PATCH_A -ne $PATCH_B ]; then
+        return 1
+    fi
+
+    if [[ "_$SPECIAL_A" != "_$SPECIAL_B" ]]; then
+        return 1
+    fi
+
+
+    return 0
+
+}
+
+function semverLT() {
+    local MAJOR_A=0
+    local MINOR_A=0
+    local PATCH_A=0
+    local SPECIAL_A=0
+
+    local MAJOR_B=0
+    local MINOR_B=0
+    local PATCH_B=0
+    local SPECIAL_B=0
+
+    semverParseInto $1 MAJOR_A MINOR_A PATCH_A SPECIAL_A
+    semverParseInto $2 MAJOR_B MINOR_B PATCH_B SPECIAL_B
+
+    if [ $MAJOR_A -lt $MAJOR_B ]; then
+        return 0
+    fi
+
+    if [[ $MAJOR_A -le $MAJOR_B  && $MINOR_A -lt $MINOR_B ]]; then
+        return 0
+    fi
+    
+    if [[ $MAJOR_A -le $MAJOR_B  && $MINOR_A -le $MINOR_B && $PATCH_A -lt $PATCH_B ]]; then
+        return 0
+    fi
+
+    if [[ "_$SPECIAL_A"  == "_" ]] && [[ "_$SPECIAL_B"  == "_" ]] ; then
+        return 1
+    fi
+    if [[ "_$SPECIAL_A"  == "_" ]] && [[ "_$SPECIAL_B"  != "_" ]] ; then
+        return 1
+    fi
+    if [[ "_$SPECIAL_A"  != "_" ]] && [[ "_$SPECIAL_B"  == "_" ]] ; then
+        return 0
+    fi
+
+    if [[ "_$SPECIAL_A" < "_$SPECIAL_B" ]]; then
+        return 0
+    fi
+
+    return 1
+
+}
+
+function semverGT() {
+    semverEQ $1 $2
+    local EQ=$?
+
+    semverLT $1 $2
+    local LT=$?
+
+    if [ $EQ -ne 0 ] && [ $LT -ne 0 ]; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+if [ "___semver.sh" == "___`basename $0`" ]; then
+
+MAJOR=0
+MINOR=0
+PATCH=0
+SPECIAL=""
+
+semverParseInto $1 MAJOR MINOR PATCH SPECIAL
+echo "$1 -> M: $MAJOR m:$MINOR p:$PATCH s:$SPECIAL"
+
+semverParseInto $2 MAJOR MINOR PATCH SPECIAL
+echo "$2 -> M: $MAJOR m:$MINOR p:$PATCH s:$SPECIAL"
+
+semverEQ $1 $2
+echo "$1 == $2 -> $?."
+
+semverLT $1 $2
+echo "$1 < $2 -> $?."
+
+semverGT $1 $2
+echo "$1 > $2 -> $?."
+
+fi

ci/semver_bash/semver_test.sh

@@ -0,0 +1,151 @@
+#!/usr/bin/env bash
+
+. ./semver.sh
+
+semverTest() {
+local A=R1.3.2
+local B=R2.3.2
+local C=R1.4.2
+local D=R1.3.3
+local E=R1.3.2a
+local F=R1.3.2b
+local G=R1.2.3
+
+local MAJOR=0
+local MINOR=0
+local PATCH=0
+local SPECIAL=""
+
+semverParseInto $A MAJOR MINOR PATCH SPECIAL
+echo "$A -> M:$MAJOR m:$MINOR p:$PATCH s:$SPECIAL. Expect M:1 m:3 p:2 s:"
+semverParseInto $E MAJOR MINOR PATCH SPECIAL
+echo "$E -> M:$MAJOR m:$MINOR p:$PATCH s:$SPECIAL. Expect M:1 m:3 p:2 s:a"
+
+echo "Equality comparisions"
+semverEQ $A $A
+echo "$A == $A -> $?. Expect 0."
+
+semverLT $A $A
+echo "$A < $A -> $?. Expect 1."
+
+semverGT $A $A
+echo "$A > $A -> $?. Expect 1."
+
+
+echo "Major number comparisions"
+semverEQ $A $B
+echo "$A == $B -> $?. Expect 1."
+
+semverLT $A $B
+echo "$A < $B -> $?. Expect 0."
+
+semverGT $A $B
+echo "$A > $B -> $?. Expect 1."
+
+semverEQ $B $A
+echo "$B == $A -> $?. Expect 1."
+
+semverLT $B $A
+echo "$B < $A -> $?. Expect 1."
+
+semverGT $B $A
+echo "$B > $A -> $?. Expect 0."
+
+
+echo "Minor number comparisions"
+semverEQ $A $C
+echo "$A == $C -> $?. Expect 1."
+
+semverLT $A $C
+echo "$A < $C -> $?. Expect 0."
+
+semverGT $A $C
+echo "$A > $C -> $?. Expect 1."
+
+semverEQ $C $A
+echo "$C == $A -> $?. Expect 1."
+
+semverLT $C $A
+echo "$C < $A -> $?. Expect 1."
+
+semverGT $C $A
+echo "$C > $A -> $?. Expect 0."
+
+echo "patch number comparisions"
+semverEQ $A $D
+echo "$A == $D -> $?. Expect 1."
+
+semverLT $A $D
+echo "$A < $D -> $?. Expect 0."
+
+semverGT $A $D
+echo "$A > $D -> $?. Expect 1."
+
+semverEQ $D $A
+echo "$D == $A -> $?. Expect 1."
+
+semverLT $D $A
+echo "$D < $A -> $?. Expect 1."
+
+semverGT $D $A
+echo "$D > $A -> $?. Expect 0."
+
+echo "special section vs no special comparisions"
+semverEQ $A $E
+echo "$A == $E -> $?. Expect 1."
+
+semverLT $A $E
+echo "$A < $E -> $?. Expect 1."
+
+semverGT $A $E
+echo "$A > $E -> $?. Expect 0."
+
+semverEQ $E $A
+echo "$E == $A -> $?. Expect 1."
+
+semverLT $E $A
+echo "$E < $A -> $?. Expect 0."
+
+semverGT $E $A
+echo "$E > $A -> $?. Expect 1."
+
+echo "special section vs special comparisions"
+semverEQ $E $F
+echo "$E == $F -> $?. Expect 1."
+
+semverLT $E $F
+echo "$E < $F -> $?. Expect 0."
+
+semverGT $E $F
+echo "$E > $F -> $?. Expect 1."
+
+semverEQ $F $E
+echo "$F == $E -> $?. Expect 1."
+
+semverLT $F $E
+echo "$F < $E -> $?. Expect 1."
+
+semverGT $F $E
+echo "$F > $E -> $?. Expect 0."
+
+echo "Minor and patch number comparisons"
+semverEQ $A $G
+echo "$A == $G -> $?. Expect 1."
+
+semverLT $A $G
+echo "$A < $G -> $?. Expect 1."
+
+semverGT $A $G
+echo "$A > $G -> $?. Expect 0."
+
+semverEQ $G $A
+echo "$G == $A -> $?. Expect 1."
+
+semverLT $G $A
+echo "$G < $A -> $?. Expect 0."
+
+semverGT $G $A
+echo "$G > $A -> $?. Expect 1."
+}
+
+semverTest

ci/shellcheck.sh

@@ -6,6 +6,7 @@ cd "$(dirname "$0")/.."
 
 set -x
 find . -name "*.sh" \
+    -not -regex ".*/ci/semver_bash/.*" \
     -not -regex ".*/.cargo/.*" \
     -not -regex ".*/node_modules/.*" \
     -not -regex ".*/target/.*" \

ci/snap.sh

@@ -7,14 +7,19 @@ if [[ -z $BUILDKITE_BRANCH ]] || ./ci/is-pr.sh; then
   DRYRUN="echo"
 fi
 
-# BUILDKITE_TAG is the normal environment variable set by Buildkite.  However
-# when this script is run from a triggered pipeline, TRIGGERED_BUILDKITE_TAG is
-# used instead of BUILDKITE_TAG (due to Buildkite limitations that prevents
-# BUILDKITE_TAG from propagating through to triggered pipelines)
-if [[ -z "$BUILDKITE_TAG" && -z "$TRIGGERED_BUILDKITE_TAG" ]]; then
-  SNAP_CHANNEL=edge
-else
-  SNAP_CHANNEL=beta
+eval "$(ci/channel-info.sh)"
+
+if [[ $BUILDKITE_BRANCH = "$STABLE_CHANNEL" ]]; then
+  CHANNEL=stable
+elif [[ $BUILDKITE_BRANCH = "$EDGE_CHANNEL" ]]; then
+  CHANNEL=edge
+elif [[ $BUILDKITE_BRANCH = "$BETA_CHANNEL" ]]; then
+  CHANNEL=beta
+fi
+
+if [[ -z $CHANNEL ]]; then
+  echo Unable to determine channel to publish into, exiting.
+  exit 0
 fi
 
 if [[ -z $DRYRUN ]]; then
@@ -39,15 +44,18 @@ set -x
 
 echo --- checking for multilog
 if [[ ! -x /usr/bin/multilog ]]; then
-  echo "multilog not found, install with: sudo apt-get install -y daemontools"
-  exit 1
+  if [[ -z $CI ]]; then
+    echo "multilog not found, install with: sudo apt-get install -y daemontools"
+    exit 1
+  fi
+  sudo apt-get install -y daemontools
 fi
 
-echo --- build
+echo --- build: $CHANNEL channel
 snapcraft
 
 source ci/upload_ci_artifact.sh
 upload_ci_artifact solana_*.snap
 
-echo --- publish
-$DRYRUN snapcraft push solana_*.snap --release $SNAP_CHANNEL
+echo --- publish: $CHANNEL channel
+$DRYRUN snapcraft push solana_*.snap --release $CHANNEL

ci/test-bench.sh

@@ -2,7 +2,7 @@
 
 cd "$(dirname "$0")/.."
 
-ci/version-check.sh stable
+ci/version-check.sh nightly
 export RUST_BACKTRACE=1
 
 _() {
@@ -10,4 +10,8 @@ _() {
   "$@"
 }
 
-_ cargo bench --verbose
+set -o pipefail
+
+BENCH_FILE=bench_output.log
+_ cargo bench --features=unstable --verbose -- -Z unstable-options --format=json | tee $BENCH_FILE
+_ cargo run --release --bin solana-upload-perf -- $BENCH_FILE

ci/test-large-network.sh

@@ -12,7 +12,7 @@ fi
 export RUST_BACKTRACE=1
 
 ./fetch-perf-libs.sh
-export LD_LIBRARY_PATH+=:$PWD
+export LD_LIBRARY_PATH=$PWD/target/perf-libs:$LD_LIBRARY_PATH
 
 export RUST_LOG=multinode=info
 

ci/test-nightly.sh

@@ -11,8 +11,7 @@ _() {
 }
 
 _ cargo build --verbose --features unstable
-_ cargo test --verbose --features unstable
-_ cargo clippy -- --deny=warnings
+_ cargo test --verbose --features=unstable
 
 exit 0
 
@@ -28,4 +27,3 @@ if [[ -z "$CODECOV_TOKEN" ]]; then
 else
   bash <(curl -s https://codecov.io/bash) -x 'llvm-cov-6.0 gcov'
 fi
-

ci/test-stable-perf.sh

@@ -9,9 +9,10 @@ if ! ci/version-check.sh stable; then
   ci/version-check.sh stable
 fi
 export RUST_BACKTRACE=1
+export RUSTFLAGS="-D warnings"
 
 ./fetch-perf-libs.sh
-export LD_LIBRARY_PATH=$PWD:/usr/local/cuda/lib64
+export LD_LIBRARY_PATH=$PWD/target/perf-libs:/usr/local/cuda/lib64:$LD_LIBRARY_PATH
 export PATH=$PATH:/usr/local/cuda/bin
 
 _() {

ci/test-stable.sh

@@ -4,6 +4,7 @@ cd "$(dirname "$0")/.."
 
 ci/version-check.sh stable
 export RUST_BACKTRACE=1
+export RUSTFLAGS="-D warnings"
 
 _() {
   echo "--- $*"
@@ -22,4 +23,4 @@ echo --- ci/localnet-sanity.sh
   USE_INSTALL=1 ci/localnet-sanity.sh
 )
 
-_ ci/audit.sh
+_ ci/audit.sh || true

ci/testnet-deploy.sh

@@ -1,471 +1,136 @@
 #!/bin/bash -e
-#
-# Deploys the Solana software running on the testnet full nodes
-#
-# This script must be run by a user/machine that has successfully authenticated
-# with GCP and has sufficient permission.
-#
-here=$(dirname "$0")
-metrics_write_datapoint="$here"/../multinode-demo/metrics_write_datapoint.sh
 
-# TODO: Switch over to rolling updates
-ROLLING_UPDATE=false
-#ROLLING_UPDATE=true
+cd "$(dirname "$0")"/..
 
-if [[ -z $SOLANA_METRICS_CONFIG ]]; then
-  echo Error: SOLANA_METRICS_CONFIG environment variable is unset
-  exit 1
-fi
+zone=
+leaderAddress=
+leaderMachineType=
+clientNodeCount=0
+validatorNodeCount=10
+publicNetwork=false
+snapChannel=edge
+delete=false
+enableGpu=false
 
-# Default to edge channel.  To select the beta channel:
-#   export SOLANA_SNAP_CHANNEL=beta
-if [[ -z $SOLANA_SNAP_CHANNEL ]]; then
-  SOLANA_SNAP_CHANNEL=edge
-fi
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
+  fi
+  cat <<EOF
+usage: $0 [name] [zone] [options...]
 
-# Select default network URL based on SOLANA_SNAP_CHANNEL if SOLANA_NET_ENTRYPOINT is
-# unspecified
-if [[ -z $SOLANA_NET_ENTRYPOINT ]]; then
-  case $SOLANA_SNAP_CHANNEL in
-  edge)
-    SOLANA_NET_ENTRYPOINT=master.testnet.solana.com
-    unset SOLANA_NET_NAME
+Deploys a CD testnet
+
+  name  - name of the network
+  zone  - zone to deploy the network into
+
+  options:
+   -s edge|beta|stable  - Deploy the specified Snap release channel
+                          (default: $snapChannel)
+   -n [number]          - Number of validator nodes (default: $validatorNodeCount)
+   -c [number]          - Number of client nodes (default: $clientNodeCount)
+   -P                   - Use public network IP addresses (default: $publicNetwork)
+   -G                   - Enable GPU, and set count/type of GPUs to use (e.g n1-standard-16 --accelerator count=4,type=nvidia-tesla-k80)
+   -g                   - Enable GPU (default: $enableGpu)
+   -a [address]         - Set the leader node's external IP address to this GCE address
+   -d                   - Delete the network
+
+   Note: the SOLANA_METRICS_CONFIG environment variable is used to configure
+         metrics
+EOF
+  exit $exitcode
+}
+
+netName=$1
+zone=$2
+[[ -n $netName ]] || usage
+[[ -n $zone ]] || usage "Zone not specified"
+shift 2
+
+while getopts "h?p:Pn:c:s:gG:a:d" opt; do
+  case $opt in
+  h | \?)
+    usage
     ;;
-  beta)
-    SOLANA_NET_ENTRYPOINT=testnet.solana.com
-    unset SOLANA_NET_NAME
+  P)
+    publicNetwork=true
+    ;;
+  n)
+    validatorNodeCount=$OPTARG
+    ;;
+  c)
+    clientNodeCount=$OPTARG
+    ;;
+  s)
+    case $OPTARG in
+    edge|beta|stable)
+      snapChannel=$OPTARG
+      ;;
+    *)
+      usage "Invalid snap channel: $OPTARG"
+      ;;
+    esac
+    ;;
+  g)
+    enableGpu=true
+    ;;
+  G)
+    enableGpu=true
+    leaderMachineType=$OPTARG
+    ;;
+  a)
+    leaderAddress=$OPTARG
+    ;;
+  d)
+    delete=true
     ;;
   *)
-    echo Error: Unknown SOLANA_SNAP_CHANNEL=$SOLANA_SNAP_CHANNEL
-    exit 1
+    usage "Error: unhandled option: $opt"
     ;;
   esac
-fi
+done
 
-if [[ -z $SOLANA_NET_NAME ]]; then
-  SOLANA_NET_NAME=${SOLANA_NET_ENTRYPOINT//./-}
-fi
 
-: ${SOLANA_NET_NAME:?$SOLANA_NET_ENTRYPOINT}
-netBasename=${SOLANA_NET_NAME/-*/}
-if [[ $netBasename != testnet ]]; then
-  netBasename="testnet-$netBasename"
-fi
+gce_create_args=(
+  -a "$leaderAddress"
+  -c "$clientNodeCount"
+  -n "$validatorNodeCount"
+  -p "$netName"
+  -z "$zone"
+)
 
-# Figure installation command
-SNAP_INSTALL_CMD="\
-  for i in {1..3}; do \
-    sudo snap install solana --$SOLANA_SNAP_CHANNEL --devmode && break;
-    sleep 1; \
-  done \
-"
-LOCAL_SNAP=$1
-if [[ -n $LOCAL_SNAP ]]; then
-  if [[ ! -f $LOCAL_SNAP ]]; then
-    echo "Error: $LOCAL_SNAP is not a file"
-    exit 1
+if $enableGpu; then
+  if [[ -z $leaderMachineType ]]; then
+    gce_create_args+=(-g)
+  else
+    gce_create_args+=(-G "$leaderMachineType")
   fi
-  SNAP_INSTALL_CMD="sudo snap install ~/solana_local.snap --devmode --dangerous"
-fi
-SNAP_INSTALL_CMD="sudo snap remove solana; $SNAP_INSTALL_CMD"
-
-EARLYOOM_INSTALL_CMD="\
-  wget -O install-earlyoom.sh https://raw.githubusercontent.com/solana-labs/solana/master/ci/install-earlyoom.sh; \
-  bash install-earlyoom.sh \
-"
-SNAP_INSTALL_CMD="$EARLYOOM_INSTALL_CMD; $SNAP_INSTALL_CMD"
-
-# `export SKIP_INSTALL=1` to reset the network without reinstalling the snap
-if [[ -n $SKIP_INSTALL ]]; then
-  SNAP_INSTALL_CMD="echo Install skipped"
 fi
 
-echo "+++ Configuration for $netBasename"
-publicUrl="$SOLANA_NET_ENTRYPOINT"
-if [[ $publicUrl = testnet.solana.com ]]; then
-  publicIp="" # Use default value
-else
-  publicIp=$(dig +short $publicUrl | head -n1)
+if $publicNetwork; then
+  gce_create_args+=(-P)
 fi
 
-echo "Network name: $SOLANA_NET_NAME"
-echo "Network entry point URL: $publicUrl ($publicIp)"
-echo "Snap channel: $SOLANA_SNAP_CHANNEL"
-echo "Install command: $SNAP_INSTALL_CMD"
-echo "Setup args: $SOLANA_SETUP_ARGS"
-[[ -z $LOCAL_SNAP ]] || echo "Local snap: $LOCAL_SNAP"
+set -x
 
-vmlist=() # Each array element is formatted as "class:vmName:vmZone:vmPublicIp"
-
-vm_exec() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-  declare message=$4
-  declare cmd=$5
-
-  echo "--- $message $vmName in zone $vmZone ($vmPublicIp)"
-  ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
-    testnet-deploy@"$vmPublicIp" "$cmd"
-}
-
-#
-# vm_foreach [cmd] [extra args to cmd]
-# where
-#   cmd   - the command to execute on each VM
-#           The command will receive three fixed arguments, followed by any
-#           additionl arguments supplied to vm_foreach:
-#               vmName - GCP name of the VM
-#               vmZone - The GCP zone the VM is located in
-#               vmPublicIp - The public IP address of this VM
-#               vmClass - The 'class' of this VM
-#               count  - Monotonically increasing count for each
-#                        invocation of cmd, starting at 1
-#               ...    - Extra args to cmd..
-#
-#
-vm_foreach() {
-  declare cmd=$1
-  shift
-
-  declare count=1
-  for info in "${vmlist[@]}"; do
-    declare vmClass vmName vmZone vmPublicIp
-    IFS=: read -r vmClass vmName vmZone vmPublicIp < <(echo "$info")
-
-    eval "$cmd" "$vmName" "$vmZone" "$vmPublicIp" "$vmClass" "$count" "$@"
-    count=$((count + 1))
-  done
-}
-
-#
-# vm_foreach_in_class [class] [cmd]
-# where
-#   class - the desired VM class to operate on
-#   cmd   - the command to execute on each VM in the desired class.
-#           The command will receive three arguments:
-#               vmName - GCP name of the VM
-#               vmZone - The GCP zone the VM is located in
-#               vmPublicIp - The public IP address of this VM
-#               count  - Monotonically increasing count for each
-#                        invocation of cmd, starting at 1
-#
-#
-_run_cmd_if_class() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-  declare vmClass=$4
-  declare count=$5
-  declare class=$6
-  declare cmd=$7
-  if [[ $class = "$vmClass" ]]; then
-    eval "$cmd" "$vmName" "$vmZone" "$vmPublicIp" "$count"
-  fi
-}
-
-vm_foreach_in_class() {
-  declare class=$1
-  declare cmd=$2
-  vm_foreach _run_cmd_if_class "$1" "$2"
-}
-
-#
-# Load all VMs matching the specified filter and tag them with the specified
-# class into the `vmlist` array.
-findVms() {
-  declare class="$1"
-  declare filter="$2"
-  gcloud compute instances list --filter="$filter"
-  while read -r vmName vmZone vmPublicIp status; do
-    if [[ $status != RUNNING ]]; then
-      echo "Warning: $vmName is not RUNNING, ignoring it."
-      continue
-    fi
-    vmlist+=("$class:$vmName:$vmZone:$vmPublicIp")
-  done < <(gcloud compute instances list \
-             --filter="$filter" \
-             --format 'value(name,zone,networkInterfaces[0].accessConfigs[0].natIP,status)')
-}
-
-wait_for_pids() {
-  echo "--- Waiting for $*"
-  for pid in "${pids[@]}"; do
-    declare ok=true
-    wait "$pid" || ok=false
-    cat "log-$pid.txt"
-    if ! $ok; then
-      echo ^^^ +++
-      exit 1
-    fi
-    rm "log-$pid.txt"
-  done
-}
-
-delete_unreachable_validators() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-
-  touch "log-$vmName.txt"
-  (
-    SECONDS=0
-    if ! vm_exec "$vmName" "$vmZone" "$vmPublicIp" "Checking $vmName" uptime; then
-      echo "^^^ +++"
-
-      # Validators are managed by a Compute Engine Instance Group, so deleting
-      # one will just cause a new one to be spawned.
-      echo "Warning: $vmName is unreachable, deleting it"
-      gcloud compute instances delete "$vmName" --zone "$vmZone"
-    fi
-    echo "validator checked in ${SECONDS} seconds"
-  ) >> "log-$vmName.txt" 2>&1 &
-  declare pid=$!
-
-  # Rename log file so it can be discovered later by $pid
-  mv "log-$vmName.txt" "log-$pid.txt"
-  pids+=("$pid")
-}
-
-
-echo "Validator nodes (unverified):"
-findVms validator "name~^$SOLANA_NET_NAME-validator-"
-pids=()
-vm_foreach_in_class validator delete_unreachable_validators
-wait_for_pids validator sanity check
-vmlist=()
-
-echo "Leader node:"
-findVms leader "name=$SOLANA_NET_NAME"
-[[ ${#vmlist[@]} = 1 ]] || {
-  echo "Unable to find $SOLANA_NET_NAME"
-  exit 1
-}
-
-echo "Client node(s):"
-findVms client "name~^$SOLANA_NET_NAME-client"
-
-echo "Validator nodes:"
-findVms validator "name~^$SOLANA_NET_NAME-validator-"
-
-fullnode_count=0
-inc_fullnode_count() {
-  fullnode_count=$((fullnode_count + 1))
-}
-vm_foreach_in_class leader inc_fullnode_count
-vm_foreach_in_class validator inc_fullnode_count
-
-# Add "network stopping" datapoint
-$metrics_write_datapoint "testnet-deploy,name=$netBasename stop=1"
-
-client_start() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-  declare count=$4
-
-  vm_exec "$vmName" "$vmZone" "$vmPublicIp" \
-    "Starting client $count:" \
-    "\
-      set -x;
-      snap info solana; \
-      sudo snap get solana; \
-      threadCount=\$(nproc); \
-      if [[ \$threadCount -gt 4 ]]; then threadCount=4; fi; \
-      tmux kill-session -t solana; \
-      tmux new -s solana -d \" \
-          set -x; \
-          sudo rm /tmp/solana.log; \
-          while : ; do \
-              /snap/bin/solana.bench-tps $SOLANA_NET_ENTRYPOINT $fullnode_count --loop -s 600 --sustained -t \$threadCount 2>&1 | tee -a /tmp/solana.log; \
-              echo 'https://metrics.solana.com:8086/write?db=${INFLUX_DATABASE}&u=${INFLUX_USERNAME}&p=${INFLUX_PASSWORD}' \
-                | xargs curl --max-time 5 -XPOST --data-binary 'testnet-deploy,name=$netBasename clientexit=1'; \
-              echo Error: bench-tps should never exit | tee -a /tmp/solana.log; \
-          done; \
-          bash \
-        \"; \
-      sleep 2; \
-      tmux capture-pane -t solana -p -S -100; \
-      tail /tmp/solana.log; \
-  "
-}
-
-client_stop() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-  declare count=$4
-
-  touch "log-$vmName.txt"
-  (
-    SECONDS=0
-    vm_exec "$vmName" "$vmZone" "$vmPublicIp" \
-      "Stopping client $vmName ($count):" \
-      "\
-        set -x;
-        tmux list-sessions; \
-        tmux capture-pane -t solana -p; \
-        tmux kill-session -t solana; \
-        $SNAP_INSTALL_CMD; \
-        sudo snap set solana metrics-config=$SOLANA_METRICS_CONFIG \
-          rust-log=$RUST_LOG \
-          default-metrics-rate=$SOLANA_DEFAULT_METRICS_RATE \
-        ; \
-      "
-    echo "Client stopped in ${SECONDS} seconds"
-  ) >> "log-$vmName.txt" 2>&1 &
-  declare pid=$!
-
-  # Rename log file so it can be discovered later by $pid
-  mv "log-$vmName.txt" "log-$pid.txt"
-  pids+=("$pid")
-}
-
-fullnode_start() {
-  declare class=$1
-  declare vmName=$2
-  declare vmZone=$3
-  declare vmPublicIp=$4
-  declare count=$5
-
-  touch "log-$vmName.txt"
-  (
-    SECONDS=0
-    commonNodeConfig="\
-      rust-log=$RUST_LOG \
-      default-metrics-rate=$SOLANA_DEFAULT_METRICS_RATE \
-      metrics-config=$SOLANA_METRICS_CONFIG \
-      setup-args=$SOLANA_SETUP_ARGS \
-    "
-    if [[ $class = leader ]]; then
-      nodeConfig="mode=leader+drone $commonNodeConfig"
-      if [[ -n $SOLANA_CUDA ]]; then
-        nodeConfig="$nodeConfig enable-cuda=1"
-      fi
-    else
-      nodeConfig="mode=validator leader-address=$publicIp $commonNodeConfig"
-    fi
-
-    vm_exec "$vmName" "$vmZone" "$vmPublicIp" "Starting $class $count:" \
-      "\
-        set -ex; \
-        logmarker='solana deploy $(date)/$RANDOM'; \
-        logger \"\$logmarker\"; \
-        $SNAP_INSTALL_CMD; \
-        sudo snap set solana $nodeConfig; \
-        snap info solana; \
-        sudo snap get solana; \
-        echo Slight delay to get more syslog output; \
-        sleep 2; \
-        sudo grep -Pzo \"\$logmarker(.|\\n)*\" /var/log/syslog \
-      "
-    echo "Succeeded in ${SECONDS} seconds"
-  ) >> "log-$vmName.txt" 2>&1 &
-  declare pid=$!
-
-  # Rename log file so it can be discovered later by $pid
-  mv "log-$vmName.txt" "log-$pid.txt"
-
-  pids+=("$pid")
-}
-
-leader_start() {
-  fullnode_start leader "$@"
-}
-
-validator_start() {
-  fullnode_start validator "$@"
-}
-
-fullnode_stop() {
-  declare vmName=$1
-  declare vmZone=$2
-  declare vmPublicIp=$3
-  declare count=$4
-
-  touch "log-$vmName.txt"
-  (
-    SECONDS=0
-    # Try to ping the machine first.  When a machine (validator) is restarted,
-    # there can be a delay between when the instance is reported as RUNNING and when
-    # it's reachable over the network
-    timeout 30s bash -c "set -o pipefail; until ping -c 3 $vmPublicIp | tr - _; do echo .; done"
-    vm_exec "$vmName" "$vmZone" "$vmPublicIp" "Shutting down" "\
-      if snap list solana; then \
-        sudo snap set solana mode=; \
-      fi"
-    echo "Succeeded in ${SECONDS} seconds"
-  ) >> "log-$vmName.txt" 2>&1 &
-  declare pid=$!
-
-  # Rename log file so it can be discovered later by $pid
-  mv "log-$vmName.txt" "log-$pid.txt"
-
-  pids+=("$pid")
-}
-
-if [[ -n $LOCAL_SNAP ]]; then
-  echo "--- Transferring $LOCAL_SNAP to node(s)"
-
-  transfer_local_snap() {
-    declare vmName=$1
-    declare vmZone=$2
-    declare vmPublicIp=$3
-    declare vmClass=$4
-    declare count=$5
-
-    echo "--- $vmName in zone $vmZone ($count)"
-    SECONDS=0
-    scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
-      "$LOCAL_SNAP" testnet-deploy@"$vmPublicIp":solana_local.snap
-    echo "Succeeded in ${SECONDS} seconds"
-  }
-  vm_foreach transfer_local_snap
+echo --- gce.sh delete
+time net/gce.sh delete -z "$zone" -p "$netName"
+if $delete; then
+  exit 0
 fi
 
-echo "--- Stopping client node(s)"
-pids=()
-vm_foreach_in_class client client_stop
-client_stop_pids=("${pids[@]}")
+echo --- gce.sh create
+time net/gce.sh create "${gce_create_args[@]}"
+net/init-metrics.sh -e
 
-if ! $ROLLING_UPDATE; then
-  pids=()
-  echo "--- Shutting down all full nodes"
-  vm_foreach_in_class leader fullnode_stop
-  vm_foreach_in_class validator fullnode_stop
-  wait_for_pids fullnode shutdown
+echo --- net.sh start
+maybeRejectExtraNodes=
+if ! $publicNetwork; then
+  maybeRejectExtraNodes="-o rejectExtraNodes"
 fi
-
-pids=()
-echo --- Starting leader node
-vm_foreach_in_class leader leader_start
-wait_for_pids leader
-
-pids=()
-echo --- Starting validator nodes
-vm_foreach_in_class validator validator_start
-wait_for_pids validators
-
-echo "--- $publicUrl sanity test"
-if [[ -z $CI ]]; then
-  # TODO: ssh into a node and run testnet-sanity.sh there.  It's not safe to
-  #       assume the correct Snap is installed on the current non-CI machine
-  echo Skipped for non-CI deploy
-  snapVersion=unknown
-else
-  (
-    set -x
-    USE_SNAP=1 ci/testnet-sanity.sh $publicUrl $fullnode_count
-  )
-  IFS=\  read -r _ snapVersion _ < <(snap info solana | grep "^installed:")
-  snapVersion=${snapVersion/0+git./}
-fi
-
-pids=("${client_stop_pids[@]}")
-wait_for_pids client shutdown
-vm_foreach_in_class client client_start
-
-# Add "network started" datapoint
-$metrics_write_datapoint "testnet-deploy,name=$netBasename start=1,version=\"$snapVersion\""
+# shellcheck disable=SC2086 # Don't want to double quote maybeRejectExtraNodes
+time net/net.sh start -s "$snapChannel" $maybeRejectExtraNodes
 
 exit 0

ci/testnet-sanity.sh

@@ -1,66 +1,40 @@
 #!/bin/bash -e
-#
-# Perform a quick sanity test on the specific testnet
-#
 
 cd "$(dirname "$0")/.."
-source multinode-demo/common.sh
 
-NET_URL=$1
-if [[ -z $NET_URL ]]; then
-  NET_URL=testnet.solana.com
-fi
-
-EXPECTED_NODE_COUNT=$2
-if [[ -z $EXPECTED_NODE_COUNT ]]; then
-  EXPECTED_NODE_COUNT=50
-fi
-
-echo "--- $NET_URL: verify ledger"
-if [[ -d /var/snap/solana/current/config/ledger ]]; then
-  # Note: here we assume this script is actually running on the leader node...
-  sudo solana.ledger-tool --ledger /var/snap/solana/current/config/ledger verify
-else
-  echo "^^^ +++"
-  echo "Ledger verify skipped"
-fi
-
-echo "--- $NET_URL: wallet sanity"
-(
-  set -x
-  multinode-demo/test/wallet-sanity.sh $NET_URL
-)
-
-echo "--- $NET_URL: node count"
-if [[ -n "$USE_SNAP" ]]; then
-  # TODO: Merge client.sh functionality into solana-bench-tps proper and
-  #       remove this USE_SNAP case
-  cmd=$solana_bench_tps
-else
-  cmd=multinode-demo/client.sh
-fi
-
-(
-  set -x
-  $cmd $NET_URL $EXPECTED_NODE_COUNT -c
-)
-
-echo "--- $NET_URL: validator sanity"
-if [[ -z $NO_VALIDATOR_SANITY ]]; then
-  (
-    ./multinode-demo/setup.sh -t validator
-    set -e pipefail
-    timeout 10s ./multinode-demo/validator.sh "$NET_URL" 2>&1 | tee validator.log
-  )
-  wc -l validator.log
-  if grep -C100 panic validator.log; then
-    echo "^^^ +++ Panic observed"
-    exit 1
-  else
-    echo "Validator log looks ok"
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
   fi
-else
-  echo "^^^ +++ Validator sanity disabled (NO_VALIDATOR_SANITY defined)"
-fi
+  cat <<EOF
+usage: $0 [name] [zone]
+
+Sanity check a CD testnet
+
+  name  - name of the network
+  zone  - zone of the network
+
+  Note: the SOLANA_METRICS_CONFIG environment variable is used to configure
+        metrics
+EOF
+  exit $exitcode
+}
+
+netName=$1
+zone=$2
+[[ -n $netName ]] || usage ""
+[[ -n $zone ]] || usage "Zone not specified"
+
+set -x
+echo --- gce.sh config
+net/gce.sh config -p "$netName" -z "$zone"
+net/init-metrics.sh -e
+echo --- net.sh sanity
+net/net.sh sanity \
+  ${NO_LEDGER_VERIFY:+-o noLedgerVerify} \
+  ${NO_VALIDATOR_SANITY:+-o noValidatorSanity} \
+  ${REJECT_EXTRA_NODES:+-o rejectExtraNodes} \
 
 exit 0

ci/version-check.sh

@@ -23,8 +23,8 @@ nightly)
   require cargo 1.29.[0-9]+-nightly
   ;;
 stable)
-  require rustc 1.28.[0-9]+
-  require cargo 1.28.[0-9]+
+  require rustc 1.29.[0-9]+
+  require cargo 1.29.[0-9]+
   ;;
 *)
   echo Error: unknown argument: "$1"

common/Cargo.toml

@@ -0,0 +1,22 @@
+[package]
+name = "solana_program_interface"
+version = "0.1.0"
+authors = [
+    "Anatoly Yakovenko <anatoly@solana.com>",
+    "Greg Fitzgerald <greg@solana.com>",
+    "Stephen Akridge <stephen@solana.com>",
+    "Michael Vines <mvines@solana.com>",
+    "Rob Walker <rob@solana.com>",
+    "Pankaj Garg <pankaj@solana.com>",
+    "Tyera Eulberg <tyera@solana.com>",
+    "Jack May <jack@solana.com>",
+]
+
+[dependencies]
+bincode = "1.0.0"
+bs58 = "0.2.0"
+generic-array = { version = "0.12.0", default-features = false, features = ["serde"] }
+serde = "1.0.27"
+serde_derive = "1.0.27"
+
+

common/src/account.rs

@@ -0,0 +1,29 @@
+use pubkey::Pubkey;
+
+/// An Account with userdata that is stored on chain
+#[derive(Serialize, Deserialize, Debug, Clone, Default)]
+pub struct Account {
+    /// tokens in the account
+    pub tokens: i64,
+    /// user data
+    /// A transaction can write to its userdata
+    pub userdata: Vec<u8>,
+    /// contract id this contract belongs to
+    pub program_id: Pubkey,
+}
+
+impl Account {
+    pub fn new(tokens: i64, space: usize, program_id: Pubkey) -> Account {
+        Account {
+            tokens,
+            userdata: vec![0u8; space],
+            program_id,
+        }
+    }
+}
+
+#[derive(Debug)]
+pub struct KeyedAccount<'a> {
+    pub key: &'a Pubkey,
+    pub account: &'a mut Account,
+}

common/src/lib.rs

@@ -0,0 +1,7 @@
+pub mod account;
+pub mod pubkey;
+extern crate bincode;
+extern crate bs58;
+extern crate generic_array;
+#[macro_use]
+extern crate serde_derive;

common/src/pubkey.rs

@@ -0,0 +1,31 @@
+use bs58;
+use generic_array::typenum::U32;
+use generic_array::GenericArray;
+use std::fmt;
+
+#[derive(Serialize, Deserialize, Clone, Copy, Default, Eq, PartialEq, Ord, PartialOrd, Hash)]
+pub struct Pubkey(GenericArray<u8, U32>);
+
+impl Pubkey {
+    pub fn new(pubkey_vec: &[u8]) -> Self {
+        Pubkey(GenericArray::clone_from_slice(&pubkey_vec))
+    }
+}
+
+impl AsRef<[u8]> for Pubkey {
+    fn as_ref(&self) -> &[u8] {
+        &self.0[..]
+    }
+}
+
+impl fmt::Debug for Pubkey {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "{}", bs58::encode(self.0).into_string())
+    }
+}
+
+impl fmt::Display for Pubkey {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "{}", bs58::encode(self.0).into_string())
+    }
+}

doc/json-rpc.md

@@ -0,0 +1,229 @@
+Solana JSON RPC API
+===
+
+Solana nodes accept HTTP requests using the [JSON-RPC 2.0](https://www.jsonrpc.org/specification) specification.
+
+To interact with a Solana node inside a JavaScript application, use the [solana-web3.js](https://github.com/solana-labs/solana-web3.js) library, which gives a convenient interface for the RPC methods.
+
+RPC Endpoint
+---
+
+**Default port:** 8899
+eg. http://localhost:8899, http://192.168.1.88:8899
+
+Methods
+---
+
+* [confirmTransaction](#confirmtransaction)
+* [getAddress](#getaddress)
+* [getBalance](#getbalance)
+* [getAccountInfo](#getaccountinfo)
+* [getLastId](#getlastid)
+* [getSignatureStatus](#getsignaturestatus)
+* [getTransactionCount](#gettransactioncount)
+* [requestAirdrop](#requestairdrop)
+* [sendTransaction](#sendtransaction)
+
+Request Formatting
+---
+
+To make a JSON-RPC request, send an HTTP POST request with a `Content-Type: application/json` header. The JSON request data should contain 4 fields:
+
+* `jsonrpc`, set to `"2.0"`
+* `id`, a unique client-generated identifying integer
+* `method`, a string containing the method to be invoked
+* `params`, a JSON array of ordered parameter values
+
+Example using curl:
+```bash
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0", "id":1, "method":"getBalance", "params":["83astBRguLMdt2h5U1Tpdq5tjFoJ6noeGwaY3mDLVcri"]}' 192.168.1.88:8899
+```
+
+The response output will be a JSON object with the following fields:
+
+* `jsonrpc`, matching the request specification
+* `id`, matching the request identifier
+* `result`, requested data or success confirmation
+
+Requests can be sent in batches by sending an array of JSON-RPC request objects as the data for a single POST.
+
+Definitions
+---
+
+* Hash: A SHA-256 hash of a chunk of data.
+* Pubkey: The public key of a Ed25519 key-pair.
+* Signature: An Ed25519 signature of a chunk of data.
+* Transaction: A Solana instruction signed by a client key-pair.
+
+JSON RPC API Reference
+---
+
+### confirmTransaction
+Returns a transaction receipt
+
+##### Parameters:
+* `string` - Signature of Transaction to confirm, as base-58 encoded string
+
+##### Results:
+* `boolean` - Transaction status, true if Transaction is confirmed
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0", "id":1, "method":"confirmTransaction", "params":["5VERv8NMvzbJMEkV8xnrLkEaWRtSz9CosKDYjCJjBRnbJLgp8uirBgmQpjKhoR4tjF3ZpRzrFmBV6UjKdiSZkQUW"]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":true,"id":1}
+```
+
+---
+
+### getBalance
+Returns the balance of the account of provided Pubkey
+
+##### Parameters:
+* `string` - Pubkey of account to query, as base-58 encoded string
+
+##### Results:
+* `integer` - quantity, as a signed 64-bit integer
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0", "id":1, "method":"getBalance", "params":["83astBRguLMdt2h5U1Tpdq5tjFoJ6noeGwaY3mDLVcri"]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":0,"id":1}
+```
+
+---
+
+### getAccountInfo
+Returns all information associated with the account of provided Pubkey
+
+##### Parameters:
+* `string` - Pubkey of account to query, as base-58 encoded string
+
+##### Results:
+The result field will be a JSON object with the following sub fields:
+
+* `tokens`, number of tokens assigned to this account, as a signed 64-bit integer
+* `program_id`, array of 32 bytes representing the program this account has been assigned to
+* `userdata`, array of bytes representing any userdata associated with the account
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0", "id":1, "method":"getAccountInfo", "params":["FVxxngPx368XvMCoeskdd6U8cZJFsfa1BEtGWqyAxRj4"]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":{"program_id":[1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"tokens":1,"userdata":[3,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,50,48,53,48,45,48,49,45,48,49,84,48,48,58,48,48,58,48,48,90,252,10,7,28,246,140,88,177,98,82,10,227,89,81,18,30,194,101,199,16,11,73,133,20,246,62,114,39,20,113,189,32,50,0,0,0,0,0,0,0,247,15,36,102,167,83,225,42,133,127,82,34,36,224,207,130,109,230,224,188,163,33,213,13,5,117,211,251,65,159,197,51,0,0,0,0,0,0]},"id":1}
+```
+
+---
+
+### getLastId
+Returns the last entry ID from the ledger
+
+##### Parameters:
+None
+
+##### Results:
+* `string` - the ID of last entry, a Hash as base-58 encoded string
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getLastId"}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":"GH7ome3EiwEr7tu9JuTh2dpYWBJK3z69Xm1ZE3MEE6JC","id":1}
+```
+
+---
+
+### getSignatureStatus
+Returns the status of a given signature.  This method is similar to
+[confirmTransaction](#confirmtransaction) but provides more resolution for error
+events.
+
+##### Parameters:
+* `string` - Signature of Transaction to confirm, as base-58 encoded string
+
+##### Results:
+* `string` - Transaction status:
+    * `Confirmed` - Transaction was successful
+    * `SignatureNotFound` - Unknown transaction
+    * `ProgramRuntimeError` - An error occurred in the program that processed this Transaction
+    * `GenericFailure` - Some other error occurred.  **Note**: In the future new Transaction statuses may be added to this list.  It's safe to assume that all new statuses will be more specific error conditions that previously presented as `GenericFailure`
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0", "id":1, "method":"getSignatureStatus", "params":["5VERv8NMvzbJMEkV8xnrLkEaWRtSz9CosKDYjCJjBRnbJLgp8uirBgmQpjKhoR4tjF3ZpRzrFmBV6UjKdiSZkQUW"]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":"SignatureNotFound","id":1}
+```
+
+---
+### getTransactionCount
+Returns the current Transaction count from the ledger
+
+##### Parameters:
+None
+
+##### Results:
+* `integer` - count, as unsigned 64-bit integer
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"getTransactionCount"}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":268,"id":1}
+```
+
+---
+
+### requestAirdrop
+Requests an airdrop of tokens to a Pubkey
+
+##### Parameters:
+* `string` - Pubkey of account to receive tokens, as base-58 encoded string
+* `integer` - token quantity, as a signed 64-bit integer
+
+##### Results:
+* `string` - Transaction Signature of airdrop, as base-58 encoded string
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"requestAirdrop", "params":["83astBRguLMdt2h5U1Tpdq5tjFoJ6noeGwaY3mDLVcri", 50]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":"5VERv8NMvzbJMEkV8xnrLkEaWRtSz9CosKDYjCJjBRnbJLgp8uirBgmQpjKhoR4tjF3ZpRzrFmBV6UjKdiSZkQUW","id":1}
+```
+
+---
+
+### sendTransaction
+Creates new transaction
+
+##### Parameters:
+* `array` - array of octets containing a fully-signed Transaction
+
+##### Results:
+* `string` - Transaction Signature, as base-58 encoded string
+
+##### Example:
+```bash
+// Request
+curl -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1, "method":"sendTransaction", "params":[[61, 98, 55, 49, 15, 187, 41, 215, 176, 49, 234, 229, 228, 77, 129, 221, 239, 88, 145, 227, 81, 158, 223, 123, 14, 229, 235, 247, 191, 115, 199, 71, 121, 17, 32, 67, 63, 209, 239, 160, 161, 2, 94, 105, 48, 159, 235, 235, 93, 98, 172, 97, 63, 197, 160, 164, 192, 20, 92, 111, 57, 145, 251, 6, 40, 240, 124, 194, 149, 155, 16, 138, 31, 113, 119, 101, 212, 128, 103, 78, 191, 80, 182, 234, 216, 21, 121, 243, 35, 100, 122, 68, 47, 57, 13, 39, 0, 0, 0, 0, 50, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 50, 0, 0, 0, 0, 0, 0, 0, 40, 240, 124, 194, 149, 155, 16, 138, 31, 113, 119, 101, 212, 128, 103, 78, 191, 80, 182, 234, 216, 21, 121, 243, 35, 100, 122, 68, 47, 57, 11, 12, 106, 49, 74, 226, 201, 16, 161, 192, 28, 84, 124, 97, 190, 201, 171, 186, 6, 18, 70, 142, 89, 185, 176, 154, 115, 61, 26, 163, 77, 1, 88, 98, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]]}' http://localhost:8899
+
+// Result
+{"jsonrpc":"2.0","result":"2EBVM6cB8vAAD93Ktr6Vd8p67XPbQzCJX47MpReuiCXJAtcjaxpvWpcg9Ege1Nr5Tk3a2GFrByT7WPBjdsTycY9b","id":1}
+```
+
+---

doc/testnet.md

@@ -1,8 +1,11 @@
 # TestNet debugging info
 
-Currently we have two testnets, 'perf' and 'master', both on the master branch of the solana repo. Deploys happen
-at the top of every hour with the latest code. 'perf' has more cores for the client machine to flood the network
-with transactions until failure.
+Currently we have three testnets:
+* `testnet` - public beta channel testnet accessible via testnet.solana.com. Runs 24/7
+* `testnet-perf` - private beta channel testnet with clients trying to flood the network
+with transactions until failure.  Runs 24/7
+* `testnet-master` - private edge channel testnet with clients trying to flood the network
+with transactions until failure.  Runs on weekday mornings for a couple hours
 
 ## Deploy process
 
@@ -12,17 +15,21 @@ Validators are selected based on their machine name and everyone gets the binari
 
 ## Where are the testnet logs?
 
-For the client they are put in `/tmp/solana`; for validators and leaders they are in `/var/snap/solana/current/`.
-You can also see the backtrace of the client by ssh'ing into the client node and doing:
-
+Attach to the testnet first by running one of:
 ```bash
-$ sudo -u testnet-deploy
-$ tmux attach -t solana
+$ net/gce.sh config testnet-solana-com
+$ net/gce.sh config master-testnet-solana-com
+$ net/gce.sh config perf-testnet-solana-com
 ```
 
-## How do I reset the testnet?
+Then run:
+```bash
+$ net/ssh.sh
+```
+for log location details
 
-Through buildkite.
+## How do I reset the testnet?
+Manually trigger the [testnet-deploy](https://buildkite.com/solana-labs/testnet-deploy/) pipeline
 
 ## How can I scale the tx generation rate?
 
@@ -32,4 +39,9 @@ variable `RAYON_NUM_THREADS=<xx>`
 
 ## How can I test a change on the testnet?
 
-Currently, a merged PR is the only way to test a change on the testnet.
+Currently, a merged PR is the only way to test a change on the testnet.  But you
+can run your own testnet using the scripts in the `net/` directory.
+
+## Adjusting the number of clients or validators on the testnet
+Through the [testnet-deploy](https://buildkite.com/solana-labs/testnet-deploy/) settings.
+

fetch-perf-libs.sh

@@ -10,28 +10,30 @@ if [[ $(uname -m) != x86_64 ]]; then
   exit 1
 fi
 
+mkdir -p target/perf-libs
 (
-  set -x
-  curl -o solana-perf.tgz \
-    https://solana-perf.s3.amazonaws.com/master/x86_64-unknown-linux-gnu/solana-perf.tgz
-  tar zxvf solana-perf.tgz
-)
+  cd target/perf-libs
+  (
+    set -x
+    curl https://solana-perf.s3.amazonaws.com/v0.9.0/x86_64-unknown-linux-gnu/solana-perf.tgz | tar zxvf -
+  )
 
-if [[ -r /usr/local/cuda/version.txt && -r cuda-version.txt ]]; then
-  if ! diff /usr/local/cuda/version.txt cuda-version.txt > /dev/null; then
+  if [[ -r /usr/local/cuda/version.txt && -r cuda-version.txt ]]; then
+    if ! diff /usr/local/cuda/version.txt cuda-version.txt > /dev/null; then
+        echo ==============================================
+        echo Warning: possible CUDA version mismatch
+        echo
+        echo "Expected version: $(cat cuda-version.txt)"
+        echo "Detected version: $(cat /usr/local/cuda/version.txt)"
+        echo ==============================================
+    fi
+  else
     echo ==============================================
-    echo Warning: possible CUDA version mismatch
-    echo
-    echo "Expected version: $(cat cuda-version.txt)"
-    echo "Detected version: $(cat /usr/local/cuda/version.txt)"
+    echo Warning: unable to validate CUDA version
     echo ==============================================
   fi
-else
-  echo ==============================================
-  echo Warning: unable to validate CUDA version
-  echo ==============================================
-fi
 
-echo "Downloaded solana-perf version: $(cat solana-perf-HEAD.txt)"
+  echo "Downloaded solana-perf version: $(cat solana-perf-HEAD.txt)"
+)
 
 exit 0

multinode-demo/client.sh

@@ -1,66 +1,25 @@
 #!/bin/bash -e
-#
-USAGE=" usage: $0 [leader_url] [num_nodes] [--loop] [extra args]
-
- leader_url       URL to the leader (defaults to ..)
- num_nodes        Minimum number of nodes to look for while converging
- --loop           Add this flag to cause the program to loop infinitely
- \"extra args\"     Any additional arguments are pass along to solana-bench-tps
-"
 
 here=$(dirname "$0")
 # shellcheck source=multinode-demo/common.sh
 source "$here"/common.sh
 
-leader=$1
-if [[ -n $leader ]]; then
-  if [[ $leader == "-h" || $leader == "--help" ]]; then
-    echo "$USAGE"
-    exit 0
+usage() {
+  if [[ -n $1 ]]; then
+    echo "$*"
+    echo
   fi
-  shift
+  echo "usage: $0 [extra args]"
+  echo
+  echo " Run bench-tps "
+  echo
+  echo "   extra args: additional arguments are pass along to solana-bench-tps"
+  echo
+  exit 1
+}
+
+if [[ -z $1 ]]; then # default behavior
+  $solana_bench_tps --identity config-private/client-id.json --network 127.0.0.1:8001 --duration 90
 else
-  if [[ -d "$SNAP" ]]; then
-    leader=testnet.solana.com # Default to testnet when running as a Snap
-  else
-    leader=$here/.. # Default to local solana repo
-  fi
+  $solana_bench_tps "$@"
 fi
-
-count=$1
-if [[ -n $count ]]; then
-  shift
-else
-  count=1
-fi
-
-loop=
-if [[ $1 = --loop ]]; then
-  loop=1
-  shift
-fi
-
-rsync_leader_url=$(rsync_url "$leader")
-(
-  set -x
-  mkdir -p "$SOLANA_CONFIG_CLIENT_DIR"
-  $rsync -vPz "$rsync_leader_url"/config/leader.json "$SOLANA_CONFIG_CLIENT_DIR"/
-
-  client_json="$SOLANA_CONFIG_CLIENT_DIR"/client.json
-  [[ -r $client_json ]] || $solana_keygen -o "$client_json"
-)
-
-iteration=0
-set -x
-while true; do
-    $solana_bench_tps \
-      -n "$count" \
-      -l "$SOLANA_CONFIG_CLIENT_DIR"/leader.json \
-      -k "$SOLANA_CONFIG_CLIENT_DIR"/client.json \
-      "$@"
-  [[ -n $loop ]] || exit 0
-  iteration=$((iteration + 1))
-  echo ------------------------------------------------------------------------
-  echo "Iteration: $iteration"
-  echo ------------------------------------------------------------------------
-done

multinode-demo/common.sh

@@ -1,12 +1,16 @@
 # |source| this file
 #
-# Disable complaints about unused variables in this file:
+# Common utilities shared by other scripts in this directory
+#
+# The following directive disable complaints about unused variables in this
+# file:
 # shellcheck disable=2034
+#
 
 rsync=rsync
-leader_logger="cat"
-validator_logger="cat"
-drone_logger="cat"
+leader_logger="tee leader.log"
+validator_logger="tee validator.log"
+drone_logger="tee drone.log"
 
 if [[ $(uname) != Linux ]]; then
   # Protect against unsupported configurations to prevent non-obvious errors
@@ -24,13 +28,7 @@ fi
 if [[ -d $SNAP ]]; then # Running inside a Linux Snap?
   solana_program() {
     declare program="$1"
-    if [[ "$program" = wallet || "$program" = bench-tps ]]; then
-      # TODO: Merge wallet.sh/client.sh functionality into
-      #       solana-wallet/solana-demo-client proper and remove this special case
-      printf "%s/bin/solana-%s" "$SNAP" "$program"
-    else
-      printf "%s/command-%s.wrapper" "$SNAP" "$program"
-    fi
+    printf "%s/command-%s.wrapper" "$SNAP" "$program"
   }
   rsync="$SNAP"/bin/rsync
   multilog="$SNAP/bin/multilog t s16777215 n200"
@@ -41,12 +39,6 @@ if [[ -d $SNAP ]]; then # Running inside a Linux Snap?
   # 0700
   mkdir -p "$SNAP_DATA"/{drone,leader,validator}
 
-  SOLANA_METRICS_CONFIG="$(snapctl get metrics-config)"
-  SOLANA_DEFAULT_METRICS_RATE="$(snapctl get default-metrics-rate)"
-  export SOLANA_DEFAULT_METRICS_RATE
-  SOLANA_CUDA="$(snapctl get enable-cuda)"
-  RUST_LOG="$(snapctl get rust-log)"
-
 elif [[ -n $USE_SNAP ]]; then # Use the Linux Snap binaries
   solana_program() {
     declare program="$1"
@@ -80,7 +72,7 @@ else
     fi
 
     # Locate perf libs downloaded by |./fetch-perf-libs.sh|
-    LD_LIBRARY_PATH=$(cd "$here" && dirname "$PWD"):$LD_LIBRARY_PATH
+    LD_LIBRARY_PATH=$(cd "$here" && dirname "$PWD"/target/perf-libs):$LD_LIBRARY_PATH
     export LD_LIBRARY_PATH
   fi
 fi
@@ -98,50 +90,8 @@ solana_ledger_tool=$(solana_program ledger-tool)
 export RUST_LOG=${RUST_LOG:-solana=info} # if RUST_LOG is unset, default to info
 export RUST_BACKTRACE=1
 
-
-# The SOLANA_METRICS_CONFIG environment variable is formatted as a
-# comma-delimited list of parameters. All parameters are optional.
-#
-# Example:
-#   export SOLANA_METRICS_CONFIG="host=<metrics host>,db=<database name>,u=<username>,p=<password>"
-#
-configure_metrics() {
-  [[ -n $SOLANA_METRICS_CONFIG ]] || return 0
-
-  declare metrics_params
-  IFS=',' read -r -a metrics_params <<< "$SOLANA_METRICS_CONFIG"
-  for param in "${metrics_params[@]}"; do
-    IFS='=' read -r -a pair <<< "$param"
-    if [[ ${#pair[@]} != 2 ]]; then
-      echo Error: invalid metrics parameter: "$param" >&2
-    else
-      declare name="${pair[0]}"
-      declare value="${pair[1]}"
-      case "$name" in
-      host)
-        export INFLUX_HOST="$value"
-        echo INFLUX_HOST="$INFLUX_HOST" >&2
-        ;;
-      db)
-        export INFLUX_DATABASE="$value"
-        echo INFLUX_DATABASE="$INFLUX_DATABASE" >&2
-        ;;
-      u)
-        export INFLUX_USERNAME="$value"
-        echo INFLUX_USERNAME="$INFLUX_USERNAME" >&2
-        ;;
-      p)
-        export INFLUX_PASSWORD="$value"
-        echo INFLUX_PASSWORD="********" >&2
-        ;;
-      *)
-        echo Error: Unknown metrics parameter name: "$name" >&2
-        ;;
-      esac
-    fi
-  done
-}
-configure_metrics
+# shellcheck source=scripts/configure-metrics.sh
+source "$(dirname "${BASH_SOURCE[0]}")"/../scripts/configure-metrics.sh
 
 tune_networking() {
   # Skip in CI
@@ -154,10 +104,16 @@ tune_networking() {
       # test the existence of the sysctls before trying to set them
       # go ahead and return true and don't exit if these calls fail
       sysctl net.core.rmem_max 2>/dev/null 1>/dev/null &&
-          sudo sysctl -w net.core.rmem_max=26214400 1>/dev/null 2>/dev/null
+          sudo sysctl -w net.core.rmem_max=67108864 1>/dev/null 2>/dev/null
 
       sysctl net.core.rmem_default 2>/dev/null 1>/dev/null &&
           sudo sysctl -w net.core.rmem_default=26214400 1>/dev/null 2>/dev/null
+
+      sysctl net.core.wmem_max 2>/dev/null 1>/dev/null &&
+          sudo sysctl -w net.core.wmem_max=67108864 1>/dev/null 2>/dev/null
+
+      sysctl net.core.wmem_default 2>/dev/null 1>/dev/null &&
+          sudo sysctl -w net.core.wmem_default=26214400 1>/dev/null 2>/dev/null
     ) || true
   fi
 
@@ -173,20 +129,6 @@ tune_networking() {
   fi
 }
 
-oom_score_adj() {
-  declare pid=$1
-  declare score=$2
-  if [[ $(uname) != Linux ]]; then
-    return
-  fi
-
-  echo "$score" > "/proc/$pid/oom_score_adj" || true
-  declare currentScore
-  currentScore=$(cat "/proc/$pid/oom_score_adj" || true)
-  if [[ $score != "$currentScore" ]]; then
-    echo "Failed to set oom_score_adj to $score for pid $pid (current score: $currentScore)"
-  fi
-}
 
 SOLANA_CONFIG_DIR=${SNAP_DATA:-$PWD}/config
 SOLANA_CONFIG_PRIVATE_DIR=${SNAP_DATA:-$PWD}/config-private
@@ -211,3 +153,50 @@ rsync_url() { # adds the 'rsync://` prefix to URLs that need it
   # Default to rsync:// URL
   echo "rsync://$url"
 }
+
+# called from drone, validator, client
+find_leader() {
+  declare leader leader_address
+  declare shift=0
+
+  if [[ -d $SNAP ]]; then
+    if [[ -n $1 ]]; then
+      usage "Error: unexpected parameter: $1"
+    fi
+
+    # Select leader from the Snap configuration
+    leader_ip=$(snapctl get leader-ip)
+    if [[ -z $leader_ip ]]; then
+      leader=testnet.solana.com
+      leader_ip=$(dig +short "${leader%:*}" | head -n1)
+      if [[ -z $leader_ip ]]; then
+          usage "Error: unable to resolve IP address for $leader"
+      fi
+    fi
+    leader=$leader_ip
+    leader_address=$leader_ip:8001
+  else
+    if [[ -z $1 ]]; then
+      leader=${here}/..        # Default to local tree for rsync
+      leader_address=127.0.0.1:8001 # Default to local leader
+    elif [[ -z $2 ]]; then
+      leader=$1
+
+      declare leader_ip
+      leader_ip=$(dig +short "${leader%:*}" | head -n1)
+
+      if [[ -z $leader_ip ]]; then
+          usage "Error: unable to resolve IP address for $leader"
+      fi
+
+      leader_address=$leader_ip:8001
+      shift=1
+    else
+      leader=$1
+      leader_address=$2
+      shift=2
+    fi
+  fi
+
+  echo "$leader" "$leader_address" "$shift"
+}

multinode-demo/drone.sh

@@ -1,28 +1,26 @@
 #!/bin/bash
 #
-# usage: $0 <rsync network path to solana repo on leader machine>
+# Starts an instance of solana-drone
 #
-
 here=$(dirname "$0")
+
 # shellcheck source=multinode-demo/common.sh
 source "$here"/common.sh
-SOLANA_CONFIG_DIR="$SOLANA_CONFIG_DIR"-drone
 
-if [[ -d "$SNAP" ]]; then
-  # Exit if mode is not yet configured
-  # (typically the case after the Snap is first installed)
-  [[ -n "$(snapctl get mode)" ]] || exit 0
-
-  # Select leader from the Snap configuration
-  leader_address="$(snapctl get leader-address)"
-  if [[ -z "$leader_address" ]]; then
-    # Assume drone is running on the same node as the leader by default
-    leader_address="localhost"
+usage() {
+  if [[ -n $1 ]]; then
+    echo "$*"
+    echo
   fi
-  leader="$leader_address"
-else
-  leader=${1:-${here}/..}  # Default to local tree for data
-fi
+  echo "usage: $0 [network entry point]"
+  echo
+  echo " Run an airdrop drone for the specified network"
+  echo
+  exit 1
+}
+
+read -r _ leader_address shift < <(find_leader "${@:1:1}")
+shift "$shift"
 
 [[ -f "$SOLANA_CONFIG_PRIVATE_DIR"/mint.json ]] || {
   echo "$SOLANA_CONFIG_PRIVATE_DIR/mint.json not found, create it by running:"
@@ -31,16 +29,12 @@ fi
   exit 1
 }
 
-rsync_leader_url=$(rsync_url "$leader")
 set -ex
-mkdir -p "$SOLANA_CONFIG_DIR"
-$rsync -vPz "$rsync_leader_url"/config/leader.json "$SOLANA_CONFIG_DIR"/
-
 
 trap 'kill "$pid" && wait "$pid"' INT TERM
 $solana_drone \
-  -l "$SOLANA_CONFIG_DIR"/leader.json -k "$SOLANA_CONFIG_PRIVATE_DIR"/mint.json \
+  --keypair "$SOLANA_CONFIG_PRIVATE_DIR"/mint.json \
+  --network "$leader_address" \
   > >($drone_logger) 2>&1 &
 pid=$!
-oom_score_adj "$pid" 1000
 wait "$pid"

multinode-demo/gce_multinode.sh

@@ -1,80 +0,0 @@
-#!/bin/bash
-
-command=$1
-prefix=
-num_nodes=
-out_file=
-image_name="ubuntu-16-04-cuda-9-2-new"
-
-shift
-
-usage() {
-  exitcode=0
-  if [[ -n "$1" ]]; then
-    exitcode=1
-    echo "Error: $*"
-  fi
-  cat <<EOF
-usage: $0 <create|delete> <-p prefix> <-n num_nodes> <-o file> [-i image-name]
-
-Manage a GCE multinode network
-
- create|delete    - Create or delete the network
- -p prefix        - A common prefix for node names, to avoid collision
- -n num_nodes     - Number of nodes
- -o out_file      - Used for create option. Outputs an array of IP addresses
-                    of new nodes to the file
- -i image_name    - Existing image on GCE (default $image_name)
-
-EOF
-  exit $exitcode
-}
-
-while getopts "h?p:i:n:o:" opt; do
-  case $opt in
-  h | \?)
-    usage
-    ;;
-  p)
-    prefix=$OPTARG
-    ;;
-  i)
-    image_name=$OPTARG
-    ;;
-  o)
-    out_file=$OPTARG
-    ;;
-  n)
-    num_nodes=$OPTARG
-    ;;
-  *)
-    usage "Error: unhandled option: $opt"
-    ;;
-  esac
-done
-
-set -e
-
-[[ -n $command ]] || usage "Need a command (create|delete)"
-
-[[ -n $prefix ]] || usage "Need a prefix for GCE instance names"
-
-[[ -n $num_nodes ]] || usage "Need number of nodes"
-
-nodes=()
-for i in $(seq 1 "$num_nodes"); do
-  nodes+=("$prefix$i")
-done
-
-if [[ $command == "create" ]]; then
-  [[ -n $out_file ]] || usage "Need an outfile to store IP Addresses"
-
-  ip_addr_list=$(gcloud beta compute instances create "${nodes[@]}" --zone=us-west1-b --tags=testnet \
-    --image="$image_name" | awk '/RUNNING/ {print $5}')
-
-  echo "ip_addr_array=($ip_addr_list)" >"$out_file"
-elif [[ $command == "delete" ]]; then
-  gcloud beta compute instances delete "${nodes[@]}"
-else
-  usage "Unknown command: $command"
-fi

multinode-demo/leader.sh

@@ -1,9 +1,15 @@
 #!/bin/bash
+#
+# Starts a leader node
+#
 
 here=$(dirname "$0")
 # shellcheck source=multinode-demo/common.sh
 source "$here"/common.sh
 
+# shellcheck source=scripts/oom-score-adj.sh
+source "$here"/../scripts/oom-score-adj.sh
+
 if [[ -d "$SNAP" ]]; then
   # Exit if mode is not yet configured
   # (typically the case after the Snap is first installed)

multinode-demo/remote_leader.sh

@@ -1,14 +0,0 @@
-#!/bin/bash -e
-
-[[ -n $FORCE ]] || exit
-
-chmod 600 ~/.ssh/authorized_keys ~/.ssh/id_rsa
-
-PATH="$HOME"/.cargo/bin:"$PATH"
-
-./fetch-perf-libs.sh
-
-# Run setup
-USE_INSTALL=1 ./multinode-demo/setup.sh -p
-USE_INSTALL=1 ./multinode-demo/drone.sh >drone.log 2>&1 &
-USE_INSTALL=1 SOLANA_CUDA=1 ./multinode-demo/leader.sh >leader.log 2>&1 &

multinode-demo/remote_nodes.sh

@@ -1,185 +0,0 @@
-#!/bin/bash
-
-command=$1
-ip_addr_file=
-remote_user=
-ssh_keys=
-
-shift
-
-usage() {
-  exitcode=0
-  if [[ -n "$1" ]]; then
-    exitcode=1
-    echo "Error: $*"
-  fi
-  cat <<EOF
-usage: $0 <start|stop> <-f IP Addr Array file> <-u username> [-k ssh-keys]
-
-Manage a GCE multinode network
-
- start|stop    - Create or delete the network
- -f file       - A bash script that exports an array of IP addresses, ip_addr_array.
-                 Elements of the array are public IP address of remote nodes.
- -u username   - The username for logging into remote nodes.
- -k ssh-keys   - Path to public/private key pair that remote nodes can use to perform
-                 rsync and ssh among themselves. Must contain pub, and priv keys.
-
-EOF
-  exit $exitcode
-}
-
-while getopts "h?f:u:k:" opt; do
-  case $opt in
-  h | \?)
-    usage
-    ;;
-  f)
-    ip_addr_file=$OPTARG
-    ;;
-  u)
-    remote_user=$OPTARG
-    ;;
-  k)
-    ssh_keys=$OPTARG
-    ;;
-  *)
-    usage "Error: unhandled option: $opt"
-    ;;
-  esac
-done
-
-set -e
-
-# Sample IP Address array file contents
-# ip_addr_array=(192.168.1.1 192.168.1.5 192.168.2.2)
-
-[[ -n $command ]] || usage "Need a command (start|stop)"
-[[ -n $ip_addr_file ]] || usage "Need a file with IP address array"
-[[ -n $remote_user ]] || usage "Need the username for remote nodes"
-
-ip_addr_array=()
-# Get IP address array
-# shellcheck source=/dev/null
-source "$ip_addr_file"
-
-build_project() {
-  echo "Build started at $(date)"
-  SECONDS=0
-
-  # Build and install locally
-  PATH="$HOME"/.cargo/bin:"$PATH"
-  cargo install --force
-
-  echo "Build took $SECONDS seconds"
-}
-
-common_start_setup() {
-  ip_addr=$1
-
-  # Killing sshguard for now. TODO: Find a better solution
-  # sshguard is blacklisting IP address after ssh-keyscan and ssh login attempts
-  ssh "$remote_user@$ip_addr" " \
-    set -ex; \
-    sudo service sshguard stop; \
-    sudo apt-get --assume-yes install rsync libssl-dev; \
-    mkdir -p ~/.ssh ~/solana ~/.cargo/bin; \
-  " >log/"$ip_addr".log
-
-  # If provided, deploy SSH keys
-  if [[ -n $ssh_keys ]]; then
-    {
-      rsync -vPrz "$ssh_keys"/id_rsa "$remote_user@$ip_addr":~/.ssh/
-      rsync -vPrz "$ssh_keys"/id_rsa.pub "$remote_user@$ip_addr":~/.ssh/
-      rsync -vPrz "$ssh_keys"/id_rsa.pub "$remote_user@$ip_addr":~/.ssh/authorized_keys
-      rsync -vPrz ./multinode-demo "$remote_user@$ip_addr":~/solana/
-    } >>log/"$ip_addr".log
-  fi
-}
-
-start_leader() {
-  common_start_setup "$1"
-
-  {
-    rsync -vPrz ~/.cargo/bin/solana* "$remote_user@$ip_addr":~/.cargo/bin/
-    rsync -vPrz ./fetch-perf-libs.sh "$remote_user@$ip_addr":~/solana/
-    ssh -n -f "$remote_user@$ip_addr" 'cd solana; FORCE=1 ./multinode-demo/remote_leader.sh'
-  } >>log/"$1".log
-
-  leader_ip=$1
-  leader_time=$SECONDS
-  SECONDS=0
-}
-
-start_validator() {
-  common_start_setup "$1"
-
-  ssh -n -f "$remote_user@$ip_addr" "cd solana; FORCE=1 ./multinode-demo/remote_validator.sh $leader_ip" >>log/"$1".log
-}
-
-start_all_nodes() {
-  echo "Deployment started at $(date)"
-  SECONDS=0
-  count=0
-  leader_ip=
-  leader_time=
-
-  mkdir -p log
-
-  for ip_addr in "${ip_addr_array[@]}"; do
-    if ((!count)); then
-      # Start the leader on the first node
-      echo "Leader node $ip_addr, killing previous instance and restarting"
-      start_leader "$ip_addr"
-    else
-      # Start validator on all other nodes
-      echo "Validator[$count] node $ip_addr, killing previous instance and restarting"
-      start_validator "$ip_addr" &
-      # TBD: Remove the sleep or reduce time once GCP login quota is increased
-      sleep 2
-    fi
-
-    ((count = count + 1))
-  done
-
-  wait
-
-  ((validator_count = count - 1))
-
-  echo "Deployment finished at $(date)"
-  echo "Leader deployment too $leader_time seconds"
-  echo "$validator_count Validator deployment took $SECONDS seconds"
-}
-
-stop_all_nodes() {
-  SECONDS=0
-  local count=0
-  for ip_addr in "${ip_addr_array[@]}"; do
-    ssh-keygen -R "$ip_addr" >log/local.log
-    ssh-keyscan "$ip_addr" >>~/.ssh/known_hosts 2>/dev/null
-
-    echo "Stopping node[$count] $ip_addr. Remote user $remote_user"
-
-    ssh -n -f "$remote_user@$ip_addr" " \
-    set -ex; \
-    sudo service sshguard stop; \
-    pkill -9 solana-; \
-    pkill -9 validator; \
-    pkill -9 leader; \
-    "
-    sleep 2
-    ((count = count + 1))
-    echo "Stopped node[$count] $ip_addr"
-  done
-  echo "Stopping $count nodes took $SECONDS seconds"
-}
-
-if [[ $command == "start" ]]; then
-  build_project
-  stop_all_nodes
-  start_all_nodes
-elif [[ $command == "stop" ]]; then
-  stop_all_nodes
-else
-  usage "Unknown command: $command"
-fi

multinode-demo/remote_validator.sh

@@ -1,17 +0,0 @@
-#!/bin/bash -e
-
-[[ -n $FORCE ]] || exit
-
-chmod 600 ~/.ssh/authorized_keys ~/.ssh/id_rsa
-
-PATH="$HOME"/.cargo/bin:"$PATH"
-
-touch ~/.ssh/known_hosts
-ssh-keygen -R "$1" 2>/dev/null
-ssh-keyscan "$1" >>~/.ssh/known_hosts 2>/dev/null
-
-rsync -vPrz "$1":~/.cargo/bin/solana* ~/.cargo/bin/
-
-# Run setup
-USE_INSTALL=1 ./multinode-demo/setup.sh -p
-USE_INSTALL=1 ./multinode-demo/validator.sh "$1":~/solana "$1" >validator.log 2>&1

multinode-demo/setup.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Creates a fullnode configuration
+#
 
 here=$(dirname "$0")
 # shellcheck source=multinode-demo/common.sh
@@ -31,6 +34,7 @@ ip_address_arg=-l
 num_tokens=1000000000
 node_type_leader=true
 node_type_validator=true
+node_type_client=true
 while getopts "h?n:lpt:" opt; do
   case $opt in
   h|\?)
@@ -52,10 +56,17 @@ while getopts "h?n:lpt:" opt; do
     leader)
       node_type_leader=true
       node_type_validator=false
+      node_type_client=false
       ;;
     validator)
       node_type_leader=false
       node_type_validator=true
+      node_type_client=false
+      ;;
+    client)
+      node_type_leader=false
+      node_type_validator=false
+      node_type_client=true
       ;;
     *)
       usage "Error: unknown node type: $node_type"
@@ -69,25 +80,27 @@ while getopts "h?n:lpt:" opt; do
 done
 
 
-leader_address_args=("$ip_address_arg")
-validator_address_args=("$ip_address_arg" -b 9000)
-leader_id_path="$SOLANA_CONFIG_PRIVATE_DIR"/leader-id.json
-validator_id_path="$SOLANA_CONFIG_PRIVATE_DIR"/validator-id.json
-mint_path="$SOLANA_CONFIG_PRIVATE_DIR"/mint.json
-
 set -e
 
-for i in "$SOLANA_CONFIG_DIR" "$SOLANA_CONFIG_PRIVATE_DIR" "$SOLANA_CONFIG_VALIDATOR_DIR"; do
+for i in "$SOLANA_CONFIG_DIR" "$SOLANA_CONFIG_VALIDATOR_DIR" "$SOLANA_CONFIG_PRIVATE_DIR"; do
   echo "Cleaning $i"
   rm -rvf "$i"
   mkdir -p "$i"
 done
 
-
-$solana_keygen -o "$leader_id_path"
-$solana_keygen -o "$validator_id_path"
+if $node_type_client; then
+  client_id_path="$SOLANA_CONFIG_PRIVATE_DIR"/client-id.json
+  $solana_keygen -o "$client_id_path"
+  ls -lhR "$SOLANA_CONFIG_PRIVATE_DIR"/
+fi
 
 if $node_type_leader; then
+  leader_address_args=("$ip_address_arg")
+  leader_id_path="$SOLANA_CONFIG_PRIVATE_DIR"/leader-id.json
+  mint_path="$SOLANA_CONFIG_PRIVATE_DIR"/mint.json
+
+  $solana_keygen -o "$leader_id_path"
+
   echo "Creating $mint_path with $num_tokens tokens"
   $solana_keygen -o "$mint_path"
 
@@ -96,15 +109,20 @@ if $node_type_leader; then
 
   echo "Creating $SOLANA_CONFIG_DIR/leader.json"
   $solana_fullnode_config --keypair="$leader_id_path" "${leader_address_args[@]}" > "$SOLANA_CONFIG_DIR"/leader.json
+
+  ls -lhR "$SOLANA_CONFIG_DIR"/
+  ls -lhR "$SOLANA_CONFIG_PRIVATE_DIR"/
 fi
 
 
 if $node_type_validator; then
+  validator_address_args=("$ip_address_arg" -b 9000)
+  validator_id_path="$SOLANA_CONFIG_PRIVATE_DIR"/validator-id.json
+
+  $solana_keygen -o "$validator_id_path"
+
   echo "Creating $SOLANA_CONFIG_VALIDATOR_DIR/validator.json"
   $solana_fullnode_config --keypair="$validator_id_path" "${validator_address_args[@]}" > "$SOLANA_CONFIG_VALIDATOR_DIR"/validator.json
-fi
 
-ls -lhR "$SOLANA_CONFIG_DIR"/
-if $node_type_leader; then
-  ls -lhR "$SOLANA_CONFIG_PRIVATE_DIR"
+  ls -lhR "$SOLANA_CONFIG_VALIDATOR_DIR"/
 fi

multinode-demo/test/wallet-sanity.sh

@@ -1,47 +0,0 @@
-#!/bin/bash -e
-#
-# Wallet sanity test
-#
-
-here=$(dirname "$0")
-cd "$here"
-
-if [[ -n "$USE_SNAP" ]]; then
-  # TODO: Merge wallet.sh functionality into solana-wallet proper and
-  #       remove this USE_SNAP case
-  wallet="solana.wallet $1"
-else
-  wallet="../wallet.sh $1"
-fi
-
-# Tokens transferred to this address are lost forever...
-garbage_address=vS3ngn1TfQmpsW1Z4NkLuqNAQFF3dYQw8UZ6TCx9bmq
-
-check_balance_output() {
-  declare expected_output="$1"
-  exec 42>&1
-  output=$($wallet balance | tee >(cat - >&42))
-  if [[ ! "$output" =~ $expected_output ]]; then
-    echo "Balance is incorrect.  Expected: $expected_output"
-    exit 1
-  fi
-}
-
-pay_and_confirm() {
-  exec 42>&1
-  signature=$($wallet pay "$@" | tee >(cat - >&42))
-  $wallet confirm "$signature"
-}
-
-$wallet reset
-$wallet address
-check_balance_output "Your balance is: 0"
-$wallet airdrop --tokens 60
-check_balance_output "Your balance is: 60"
-$wallet airdrop --tokens 40
-check_balance_output "Your balance is: 100"
-pay_and_confirm --to $garbage_address --tokens 99
-check_balance_output "Your balance is: 1"
-
-echo PASS
-exit 0

multinode-demo/validator-x.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
+#
+# Start a dynamically-configured validator node
+#
+
 here=$(dirname "$0")
 
 exec "$here"/validator.sh -x "$@"

multinode-demo/validator.sh

@@ -1,16 +1,31 @@
 #!/bin/bash
+#
+# Start a validator node
+#
 here=$(dirname "$0")
 # shellcheck source=multinode-demo/common.sh
 source "$here"/common.sh
 
+# shellcheck source=scripts/oom-score-adj.sh
+source "$here"/../scripts/oom-score-adj.sh
+
+if [[ -d "$SNAP" ]]; then
+  # Exit if mode is not yet configured
+  # (typically the case after the Snap is first installed)
+  [[ -n "$(snapctl get mode)" ]] || exit 0
+fi
+
 usage() {
   if [[ -n $1 ]]; then
     echo "$*"
     echo
   fi
-  echo "usage: $0 [-x] [rsync network path to solana repo on leader machine] [network ip address of leader]"
-  echo ""
-  echo "       -x: runs a new, dynamically-configured validator"
+  echo "usage: $0 [-x] [rsync network path to leader] [network entry point]"
+  echo
+  echo " Start a validator on the specified network"
+  echo
+  echo "   -x: runs a new, dynamically-configured validator"
+  echo
   exit 1
 }
 
@@ -29,34 +44,8 @@ if [[ -n $3 ]]; then
   usage
 fi
 
-if [[ -d $SNAP ]]; then
-  # Exit if mode is not yet configured
-  # (typically the case after the Snap is first installed)
-  [[ -n $(snapctl get mode) ]] || exit 0
-
-  # Select leader from the Snap configuration
-  leader_address=$(snapctl get leader-address)
-  if [[ -z $leader_address ]]; then
-    # Assume public testnet by default
-    leader_address=35.227.93.37  # testnet.solana.com
-  fi
-  leader=$leader_address
-else
-  if [[ -z $1 ]]; then
-    leader=${1:-${here}/..}    # Default to local tree for data
-    leader_address=${2:-127.0.0.1}  # Default to local leader
-  elif [[ -z $2 ]]; then
-    leader=$1
-    leader_address=$(dig +short "${leader%:*}" | head -n1)
-    if [[ -z $leader_address ]]; then
-      usage "Error: unable to resolve IP address for $leader"
-    fi
-  else
-    leader=$1
-    leader_address=$2
-  fi
-fi
-leader_port=8001
+read -r leader leader_address shift < <(find_leader "${@:1:2}")
+shift "$shift"
 
 if [[ -n $SOLANA_CUDA ]]; then
   program=$solana_fullnode_cuda
@@ -103,7 +92,7 @@ $rsync -vPr "$rsync_leader_url"/config/ "$SOLANA_LEADER_CONFIG_DIR"
 trap 'kill "$pid" && wait "$pid"' INT TERM
 $program \
   --identity "$validator_json_path" \
-  --testnet "$leader_address:$leader_port" \
+  --network "$leader_address" \
   --ledger "$SOLANA_LEADER_CONFIG_DIR"/ledger \
   > >($validator_logger) 2>&1 &
 pid=$!

multinode-demo/wallet.sh

@@ -1,45 +0,0 @@
-#!/bin/bash
-#
-# usage: $0 <rsync network path to solana repo on leader machine>"
-#
-
-here=$(dirname "$0")
-# shellcheck source=multinode-demo/common.sh
-source "$here"/common.sh
-
-# if $1 isn't host:path, something.com, or a valid local path
-if [[ ${1%:} != "$1" || "$1" =~ [^.]\.[^.] || -d $1 ]]; then
-  leader=$1 # interpret
-  shift
-else
-  if [[ -d "$SNAP" ]]; then
-    leader=testnet.solana.com # Default to testnet when running as a Snap
-  else
-    leader=$here/.. # Default to local solana repo
-  fi
-fi
-
-if [[ "$1" = "reset" ]]; then
-  echo Wallet resetting
-  rm -rf "$SOLANA_CONFIG_CLIENT_DIR"
-  exit 0
-fi
-
-rsync_leader_url=$(rsync_url "$leader")
-
-set -e
-mkdir -p "$SOLANA_CONFIG_CLIENT_DIR"
-if [[ ! -r "$SOLANA_CONFIG_CLIENT_DIR"/leader.json ]]; then
-  echo "Fetching leader configuration from $rsync_leader_url"
-  $rsync -Pz "$rsync_leader_url"/config/leader.json "$SOLANA_CONFIG_CLIENT_DIR"/
-fi
-
-client_id_path="$SOLANA_CONFIG_CLIENT_DIR"/id.json
-if [[ ! -r $client_id_path ]]; then
-  echo "Generating client identity: $client_id_path"
-  $solana_keygen -o "$client_id_path"
-fi
-
-# shellcheck disable=SC2086 # $solana_wallet should not be quoted
-exec $solana_wallet \
-  -l "$SOLANA_CONFIG_CLIENT_DIR"/leader.json -k "$client_id_path" "$@"

net/.gitignore

@@ -0,0 +1,2 @@
+/config/
+/log/

net/README.md

@@ -0,0 +1,100 @@
+
+# Network Management
+This directory contains scripts useful for working with a test network.  It's
+intended to be both dev and CD friendly.
+
+### User Account Prerequisites
+
+GCP and AWS are supported.
+
+#### GCP
+First authenticate with
+```bash
+$ gcloud auth login
+```
+
+#### AWS
+Obtain your credentials from the AWS IAM Console and configure the AWS CLI with
+```bash
+$ aws configure
+```
+More information on AWS CLI configuration can be found [here](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-quick-configuration)
+
+### Metrics configuration
+Ensure that `$(whoami)` is the name of an InfluxDB user account with enough
+access to create a new InfluxDB database.  Ask mvines@ for help if needed.
+
+## Quick Start
+
+NOTE: This example uses GCP.  If you are using AWS, replace `./gce.sh` with
+`./ec2.sh` in the commands.
+
+```bash
+$ cd net/
+$ ./gce.sh create -n 5 -c 1  #<-- Create a GCE testnet with 5 validators, 1 client (billing starts here)
+$ ./init-metrics.sh $(whoami)   #<-- Configure a metrics database for the testnet
+$ ./net.sh start             #<-- Deploy the network from the local workspace
+$ ./ssh.sh                   #<-- Details on how to ssh into any testnet node
+$ ./gce.sh delete            #<-- Dispose of the network (billing stops here)
+```
+
+## Tips
+
+### Running the network over public IP addresses
+By default private IP addresses are used with all instances in the same
+availability zone to avoid GCE network engress charges.  However to run the
+network over public IP addresses:
+```bash
+$ ./gce.sh create -P ...
+```
+or
+```bash
+$ ./ec2.sh create -P ...
+```
+
+### Deploying a Snap-based network
+To deploy the latest pre-built `edge` channel Snap (ie, latest from the `master`
+branch), once the testnet has been created run:
+
+```bash
+$ ./net.sh start -s edge
+```
+
+### Enabling CUDA
+First ensure the network instances are created with GPU enabled:
+```bash
+$ ./gce.sh create -g ...
+```
+or
+```bash
+$ ./ec2.sh create -g ...
+```
+
+If deploying a Snap-based network nothing further is required, as GPU presence
+is detected at runtime and the CUDA build is auto selected.
+
+If deploying a locally-built network, first run `./fetch-perf-libs.sh` then
+ensure the `cuda` feature is specified at network start:
+```bash
+$ ./net.sh start -f "cuda,erasure"
+```
+
+### How to interact with a CD testnet deployed by ci/testnet-deploy.sh
+
+**AWS-Specific Extra Setup**: Follow the steps in `scripts/add-solana-user-authorized_keys.sh`,
+then redeploy the testnet before continuing in this section.
+
+Taking **master-testnet-solana-com** as an example, configure your workspace for
+the testnet using:
+```bash
+$ ./gce.sh config -p master-testnet-solana-com
+```
+or
+```bash
+$ ./ec2.sh config -p master-testnet-solana-com
+```
+
+Then run the following for details on how to ssh into any testnet node
+```bash
+$ ./ssh.sh
+```

net/common.sh

@@ -0,0 +1,58 @@
+# |source| this file
+#
+# Common utilities shared by other scripts in this directory
+#
+# The following directive disable complaints about unused variables in this
+# file:
+# shellcheck disable=2034
+#
+
+netDir=$(
+  cd "$(dirname "${BASH_SOURCE[0]}")" || exit
+  echo "$PWD"
+)
+netConfigDir="$netDir"/config
+netLogDir="$netDir"/log
+mkdir -p "$netConfigDir" "$netLogDir"
+
+# shellcheck source=scripts/configure-metrics.sh
+source "$(dirname "${BASH_SOURCE[0]}")"/../scripts/configure-metrics.sh
+
+configFile="$netConfigDir/config"
+
+entrypointIp=
+publicNetwork=
+leaderIp=
+netBasename=
+sshPrivateKey=
+clientIpList=()
+sshOptions=()
+validatorIpList=()
+
+buildSshOptions() {
+  sshOptions=(
+    -o "BatchMode=yes"
+    -o "StrictHostKeyChecking=no"
+    -o "UserKnownHostsFile=/dev/null"
+    -o "User=solana"
+    -o "IdentityFile=$sshPrivateKey"
+    -o "LogLevel=ERROR"
+    -F /dev/null
+  )
+}
+
+loadConfigFile() {
+  [[ -r $configFile ]] || usage "Config file unreadable: $configFile"
+
+  # shellcheck source=/dev/null
+  source "$configFile"
+  [[ -n "$entrypointIp" ]] || usage "Config file invalid, entrypointIp unspecified: $configFile"
+  [[ -n "$publicNetwork" ]] || usage "Config file invalid, publicNetwork unspecified: $configFile"
+  [[ -n "$leaderIp" ]] || usage "Config file invalid, leaderIp unspecified: $configFile"
+  [[ -n "$netBasename" ]] || usage "Config file invalid, netBasename unspecified: $configFile"
+  [[ -n $sshPrivateKey ]] || usage "Config file invalid, sshPrivateKey unspecified: $configFile"
+  [[ ${#validatorIpList[@]} -gt 0 ]] || usage "Config file invalid, validatorIpList unspecified: $configFile"
+
+  buildSshOptions
+  configureMetrics
+}

net/ec2.sh

@@ -0,0 +1 @@
+gce.sh

net/gce.sh

@@ -0,0 +1,413 @@
+#!/bin/bash -e
+
+here=$(dirname "$0")
+# shellcheck source=net/common.sh
+source "$here"/common.sh
+
+cloudProvider=$(basename "$0" .sh)
+bootDiskType=""
+case $cloudProvider in
+gce)
+  # shellcheck source=net/scripts/gce-provider.sh
+  source "$here"/scripts/gce-provider.sh
+
+  imageName="ubuntu-16-04-cuda-9-2-new"
+  cpuLeaderMachineType=n1-standard-16
+  gpuLeaderMachineType="$cpuLeaderMachineType --accelerator count=4,type=nvidia-tesla-k80"
+  leaderMachineType=$cpuLeaderMachineType
+  validatorMachineType=n1-standard-4
+  clientMachineType=n1-standard-16
+  ;;
+ec2)
+  # shellcheck source=net/scripts/ec2-provider.sh
+  source "$here"/scripts/ec2-provider.sh
+
+  imageName="ami-0466e26ccc0e752c1"
+  cpuLeaderMachineType=m4.4xlarge
+  gpuLeaderMachineType=p2.xlarge
+  leaderMachineType=$cpuLeaderMachineType
+  validatorMachineType=m4.xlarge
+  clientMachineType=m4.4xlarge
+  ;;
+*)
+  echo "Error: Unknown cloud provider: $cloudProvider"
+  ;;
+esac
+
+
+prefix=testnet-dev-${USER//[^A-Za-z0-9]/}
+validatorNodeCount=5
+clientNodeCount=1
+leaderBootDiskSizeInGb=1000
+validatorBootDiskSizeInGb=$leaderBootDiskSizeInGb
+clientBootDiskSizeInGb=75
+
+publicNetwork=false
+enableGpu=false
+leaderAddress=
+
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
+  fi
+  cat <<EOF
+usage: $0 [create|config|delete] [common options] [command-specific options]
+
+Manage testnet instances
+
+ create - create a new testnet (implies 'config')
+ config - configure the testnet and write a config file describing it
+ delete - delete the testnet
+
+ common options:
+   -p [prefix]      - Optional common prefix for instance names to avoid
+                      collisions (default: $prefix)
+
+ create-specific options:
+   -n [number]      - Number of validator nodes (default: $validatorNodeCount)
+   -c [number]      - Number of client nodes (default: $clientNodeCount)
+   -P               - Use public network IP addresses (default: $publicNetwork)
+   -z [zone]        - Zone for the nodes (default: $zone)
+   -g               - Enable GPU (default: $enableGpu)
+   -G               - Enable GPU, and set count/type of GPUs to use (e.g $cpuLeaderMachineType --accelerator count=4,type=nvidia-tesla-k80)
+   -a [address]     - Set the leader node's external IP address to this value.
+                      For GCE, [address] is the "name" of the desired External
+                      IP Address.
+                      For EC2, [address] is the "allocation ID" of the desired
+                      Elastic IP.
+   -d [disk-type]   - Specify a boot disk type (default None) Use pd-ssd to get ssd on GCE.
+
+ config-specific options:
+   none
+
+ delete-specific options:
+   none
+
+EOF
+  exit $exitcode
+}
+
+
+command=$1
+[[ -n $command ]] || usage
+shift
+[[ $command = create || $command = config || $command = delete ]] || usage "Invalid command: $command"
+
+while getopts "h?p:Pn:c:z:gG:a:d:" opt; do
+  case $opt in
+  h | \?)
+    usage
+    ;;
+  p)
+    [[ ${OPTARG//[^A-Za-z0-9-]/} == "$OPTARG" ]] || usage "Invalid prefix: \"$OPTARG\", alphanumeric only"
+    prefix=$OPTARG
+    ;;
+  P)
+    publicNetwork=true
+    ;;
+  n)
+    validatorNodeCount=$OPTARG
+    ;;
+  c)
+    clientNodeCount=$OPTARG
+    ;;
+  z)
+    cloud_SetZone "$OPTARG"
+    ;;
+  g)
+    enableGpu=true
+    leaderMachineType="$gpuLeaderMachineType"
+    ;;
+  G)
+    enableGpu=true
+    leaderMachineType="$OPTARG"
+    ;;
+  a)
+    leaderAddress=$OPTARG
+    ;;
+  d)
+    bootDiskType=$OPTARG
+    ;;
+  *)
+    usage "Error: unhandled option: $opt"
+    ;;
+  esac
+done
+shift $((OPTIND - 1))
+
+[[ -z $1 ]] || usage "Unexpected argument: $1"
+sshPrivateKey="$netConfigDir/id_$prefix"
+
+
+# cloud_ForEachInstance [cmd] [extra args to cmd]
+#
+# Execute a command for each element in the `instances` array
+#
+#   cmd   - The command to execute on each instance
+#           The command will receive arguments followed by any
+#           additionl arguments supplied to cloud_ForEachInstance:
+#               name     - name of the instance
+#               publicIp - The public IP address of this instance
+#               privateIp - The priate IP address of this instance
+#               count    - Monotonically increasing count for each
+#                          invocation of cmd, starting at 1
+#               ...      - Extra args to cmd..
+#
+#
+cloud_ForEachInstance() {
+  declare cmd="$1"
+  shift
+  [[ -n $cmd ]] || { echo cloud_ForEachInstance: cmd not specified; exit 1; }
+
+  declare count=1
+  for info in "${instances[@]}"; do
+    declare name publicIp privateIp
+    IFS=: read -r name publicIp privateIp < <(echo "$info")
+
+    eval "$cmd" "$name" "$publicIp" "$privateIp" "$count" "$@"
+    count=$((count + 1))
+  done
+}
+
+prepareInstancesAndWriteConfigFile() {
+  $metricsWriteDatapoint "testnet-deploy net-config-begin=1"
+
+  cat >> "$configFile" <<EOF
+# autogenerated at $(date)
+netBasename=$prefix
+publicNetwork=$publicNetwork
+sshPrivateKey=$sshPrivateKey
+EOF
+
+  buildSshOptions
+
+  recordInstanceIp() {
+    declare name="$1"
+    declare publicIp="$2"
+    declare privateIp="$3"
+
+    declare arrayName="$5"
+
+    echo "$arrayName+=($publicIp)  # $name" >> "$configFile"
+    if [[ $arrayName = "leaderIp" ]]; then
+      if $publicNetwork; then
+        echo "entrypointIp=$publicIp" >> "$configFile"
+      else
+        echo "entrypointIp=$privateIp" >> "$configFile"
+      fi
+    fi
+  }
+
+  waitForStartupComplete() {
+    declare name="$1"
+    declare publicIp="$2"
+
+    echo "Waiting for $name to finish booting..."
+    (
+      for i in $(seq 1 30); do
+        if (set -x; ssh "${sshOptions[@]}" "$publicIp" "test -f /.instance-startup-complete"); then
+          break
+        fi
+        sleep 2
+        echo "Retry $i..."
+      done
+    )
+    echo "$name has booted."
+  }
+
+  echo "Looking for leader instance..."
+  cloud_FindInstance "$prefix-leader"
+  [[ ${#instances[@]} -eq 1 ]] || {
+    echo "Unable to find leader"
+    exit 1
+  }
+
+  (
+    declare leaderName
+    declare leaderIp
+    IFS=: read -r leaderName leaderIp _ < <(echo "${instances[0]}")
+
+    # Try to ping the machine first.
+    timeout 60s bash -c "set -o pipefail; until ping -c 3 $leaderIp | tr - _; do echo .; done"
+
+    if [[ ! -r $sshPrivateKey ]]; then
+      echo "Fetching $sshPrivateKey from $leaderName"
+
+      # Try to scp in a couple times, sshd may not yet be up even though the
+      # machine can be pinged...
+      set -x -o pipefail
+      for i in $(seq 1 30); do
+        if cloud_FetchFile "$leaderName" "$leaderIp" /solana-id_ecdsa "$sshPrivateKey"; then
+          break
+        fi
+
+        sleep 1
+        echo "Retry $i..."
+      done
+
+      chmod 400 "$sshPrivateKey"
+      ls -l "$sshPrivateKey"
+    fi
+  )
+
+  echo "leaderIp=()" >> "$configFile"
+  cloud_ForEachInstance recordInstanceIp leaderIp
+  cloud_ForEachInstance waitForStartupComplete
+
+  echo "Looking for validator instances..."
+  cloud_FindInstances "$prefix-validator"
+  [[ ${#instances[@]} -gt 0 ]] || {
+    echo "Unable to find validators"
+    exit 1
+  }
+  echo "validatorIpList=()" >> "$configFile"
+  cloud_ForEachInstance recordInstanceIp validatorIpList
+  cloud_ForEachInstance waitForStartupComplete
+
+  echo "clientIpList=()" >> "$configFile"
+  echo "Looking for client instances..."
+  cloud_FindInstances "$prefix-client"
+  [[ ${#instances[@]} -eq 0 ]] || {
+    cloud_ForEachInstance recordInstanceIp clientIpList
+    cloud_ForEachInstance waitForStartupComplete
+  }
+
+  echo "Wrote $configFile"
+  $metricsWriteDatapoint "testnet-deploy net-config-complete=1"
+}
+
+delete() {
+  $metricsWriteDatapoint "testnet-deploy net-delete-begin=1"
+
+  # Delete the leader node first to prevent unusual metrics on the dashboard
+  # during shutdown.
+  # TODO: It would be better to fully cut-off metrics reporting before any
+  # instances are deleted.
+  for filter in "$prefix-leader" "$prefix-"; do
+    echo "Searching for instances: $filter"
+    cloud_FindInstances "$filter"
+
+    if [[ ${#instances[@]} -eq 0 ]]; then
+      echo "No instances found matching '$filter'"
+    else
+      cloud_DeleteInstances true
+    fi
+  done
+  rm -f "$configFile"
+
+  $metricsWriteDatapoint "testnet-deploy net-delete-complete=1"
+
+}
+
+case $command in
+delete)
+  delete
+  ;;
+
+create)
+  [[ -n $validatorNodeCount ]] || usage "Need number of nodes"
+  if [[ $validatorNodeCount -le 0 ]]; then
+    usage "One or more validator nodes is required"
+  fi
+
+  delete
+
+  $metricsWriteDatapoint "testnet-deploy net-create-begin=1"
+
+  rm -rf "$sshPrivateKey"{,.pub}
+
+  # Note: using rsa because |aws ec2 import-key-pair| seems to fail for ecdsa
+  ssh-keygen -t rsa -N '' -f "$sshPrivateKey"
+
+  printNetworkInfo() {
+    cat <<EOF
+========================================================================================
+
+Network composition:
+  Leader = $leaderMachineType (GPU=$enableGpu)
+  Validators = $validatorNodeCount x $validatorMachineType
+  Client(s) = $clientNodeCount x $clientMachineType
+
+========================================================================================
+
+EOF
+  }
+  printNetworkInfo
+
+  declare startupScript="$netConfigDir"/instance-startup-script.sh
+  cat > "$startupScript" <<EOF
+#!/bin/bash -ex
+# autogenerated at $(date)
+
+cat > /etc/motd <<EOM
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+  This instance has not been fully configured.
+
+  See startup script log messages in /var/log/syslog for status:
+    $ sudo cat /var/log/syslog | egrep \\(startup-script\\|cloud-init\)
+
+  To block until setup is complete, run:
+    $ until [[ -f /.instance-startup-complete ]]; do sleep 1; done
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+EOM
+
+# Place the generated private key at /solana-id_ecdsa so it's retrievable by anybody
+# who is able to log into this machine
+cat > /solana-id_ecdsa <<EOK
+$(cat "$sshPrivateKey")
+EOK
+cat > /solana-id_ecdsa.pub <<EOK
+$(cat "$sshPrivateKey.pub")
+EOK
+chmod 444 /solana-id_ecdsa
+
+USER=\$(id -un)
+
+$(
+  cd "$here"/scripts/
+  cat \
+    disable-background-upgrades.sh \
+    create-solana-user.sh \
+    add-solana-user-authorized_keys.sh \
+    install-earlyoom.sh \
+    install-libssl-compatability.sh \
+    install-rsync.sh \
+)
+
+cat > /etc/motd <<EOM
+$(printNetworkInfo)
+EOM
+
+touch /.instance-startup-complete
+
+EOF
+
+  cloud_CreateInstances "$prefix" "$prefix-leader" 1 \
+    "$imageName" "$leaderMachineType" "$leaderBootDiskSizeInGb" \
+    "$startupScript" "$leaderAddress" "$bootDiskType"
+
+  cloud_CreateInstances "$prefix" "$prefix-validator" "$validatorNodeCount" \
+    "$imageName" "$validatorMachineType" "$validatorBootDiskSizeInGb" \
+    "$startupScript" "" "$bootDiskType"
+
+  if [[ $clientNodeCount -gt 0 ]]; then
+    cloud_CreateInstances "$prefix" "$prefix-client" "$clientNodeCount" \
+      "$imageName" "$clientMachineType" "$clientBootDiskSizeInGb" \
+      "$startupScript" "" "$bootDiskType"
+  fi
+
+  $metricsWriteDatapoint "testnet-deploy net-create-complete=1"
+
+  prepareInstancesAndWriteConfigFile
+  ;;
+
+config)
+  prepareInstancesAndWriteConfigFile
+  ;;
+*)
+  usage "Unknown command: $command"
+esac

net/init-metrics.sh

@@ -0,0 +1,80 @@
+#!/bin/bash -e
+
+here=$(dirname "$0")
+# shellcheck source=net/common.sh
+source "$here"/common.sh
+
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
+  fi
+  cat <<EOF
+usage: $0 [-e] [-d] [username]
+
+Creates a testnet dev metrics database
+
+  username        InfluxDB user with access to create a new database
+  -d              Delete the database instead of creating it
+  -e              Assume database already exists and SOLANA_METRICS_CONFIG is
+                  defined in the environment already
+
+EOF
+  exit $exitcode
+}
+
+loadConfigFile
+
+useEnv=false
+delete=false
+while getopts "hde" opt; do
+  case $opt in
+  h|\?)
+    usage
+    exit 0
+    ;;
+  d)
+    delete=true
+    ;;
+  e)
+    useEnv=true
+    ;;
+  *)
+    usage "Error: unhandled option: $opt"
+    ;;
+  esac
+done
+shift $((OPTIND - 1))
+
+if $useEnv; then
+  [[ -n $SOLANA_METRICS_CONFIG ]] ||
+    usage "Error: SOLANA_METRICS_CONFIG is not defined in the environment"
+else
+  username=$1
+  [[ -n "$username" ]] || usage "username not specified"
+
+  read -rs -p "InfluxDB password for $username: " password
+  [[ -n $password ]] || { echo "Password not specified"; exit 1; }
+  echo
+
+  query() {
+    echo "$*"
+    curl -XPOST \
+      "https://metrics.solana.com:8086/query?u=${username}&p=${password}" \
+      --data-urlencode "q=$*"
+  }
+
+  query "DROP DATABASE \"$netBasename\""
+  ! $delete || exit 0
+  query "CREATE DATABASE \"$netBasename\""
+  query "ALTER RETENTION POLICY autogen ON \"$netBasename\" DURATION 7d"
+  query "GRANT READ ON \"$netBasename\" TO \"ro\""
+  query "GRANT WRITE ON \"$netBasename\" TO \"scratch_writer\""
+
+  SOLANA_METRICS_CONFIG="db=$netBasename,u=scratch_writer,p=topsecret"
+fi
+
+echo "export SOLANA_METRICS_CONFIG=\"$SOLANA_METRICS_CONFIG\"" >> "$configFile"
+
+exit 0

net/net.sh

@@ -0,0 +1,359 @@
+#!/bin/bash -e
+
+here=$(dirname "$0")
+SOLANA_ROOT="$(cd "$here"/..; pwd)"
+
+# shellcheck source=net/common.sh
+source "$here"/common.sh
+
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
+  fi
+  cat <<EOF
+usage: $0 [start|stop|restart|sanity] [command-specific options]
+
+Operate a configured testnet
+
+ start    - Start the network
+ sanity   - Sanity check the network
+ stop     - Stop the network
+ restart  - Shortcut for stop then start
+
+ start-specific options:
+   -S [snapFilename]    - Deploy the specified Snap file
+   -s edge|beta|stable  - Deploy the latest Snap on the specified Snap release channel
+   -f [cargoFeatures]   - List of |cargo --feaures=| to activate
+                          (ignored if -s or -S is specified)
+
+   Note: if RUST_LOG is set in the environment it will be propogated into the
+         network nodes.
+
+ sanity/start-specific options:
+   -o noLedgerVerify    - Skip ledger verification
+   -o noValidatorSanity - Skip validator sanity
+   -o rejectExtraNodes  - Require the exact number of nodes
+
+ stop-specific options:
+   none
+
+EOF
+  exit $exitcode
+}
+
+snapChannel=
+snapFilename=
+deployMethod=local
+sanityExtraArgs=
+cargoFeatures=
+
+command=$1
+[[ -n $command ]] || usage
+shift
+
+while getopts "h?S:s:o:f:" opt; do
+  case $opt in
+  h | \?)
+    usage
+    ;;
+  S)
+    snapFilename=$OPTARG
+    [[ -f $snapFilename ]] || usage "Snap not readable: $snapFilename"
+    deployMethod=snap
+    ;;
+  s)
+    case $OPTARG in
+    edge|beta|stable)
+      snapChannel=$OPTARG
+      deployMethod=snap
+      ;;
+    *)
+      usage "Invalid snap channel: $OPTARG"
+      ;;
+    esac
+    ;;
+  f)
+    cargoFeatures=$OPTARG
+    ;;
+  o)
+    case $OPTARG in
+    noLedgerVerify|noValidatorSanity|rejectExtraNodes)
+      sanityExtraArgs="$sanityExtraArgs -o $OPTARG"
+      ;;
+    *)
+      echo "Error: unknown option: $OPTARG"
+      exit 1
+      ;;
+    esac
+    ;;
+  *)
+    usage "Error: unhandled option: $opt"
+    ;;
+  esac
+done
+
+loadConfigFile
+expectedNodeCount=$((${#validatorIpList[@]} + 1))
+
+build() {
+  declare MAYBE_DOCKER=
+  if [[ $(uname) != Linux ]]; then
+    MAYBE_DOCKER="ci/docker-run.sh solanalabs/rust"
+  fi
+  SECONDS=0
+  (
+    cd "$SOLANA_ROOT"
+    echo "--- Build started at $(date)"
+
+    set -x
+    rm -rf farf
+    $MAYBE_DOCKER cargo install --features="$cargoFeatures" --root farf
+  )
+  echo "Build took $SECONDS seconds"
+}
+
+startCommon() {
+  declare ipAddress=$1
+  test -d "$SOLANA_ROOT"
+  ssh "${sshOptions[@]}" "$ipAddress" "mkdir -p ~/solana ~/.cargo/bin"
+  rsync -vPrc -e "ssh ${sshOptions[*]}" \
+    "$SOLANA_ROOT"/{fetch-perf-libs.sh,scripts,net,multinode-demo} \
+    "$ipAddress":~/solana/
+}
+
+startLeader() {
+  declare ipAddress=$1
+  declare logFile="$2"
+  echo "--- Starting leader: $leaderIp"
+  echo "start log: $logFile"
+
+  # Deploy local binaries to leader.  Validators and clients later fetch the
+  # binaries from the leader.
+  (
+    set -x
+    startCommon "$ipAddress" || exit 1
+    case $deployMethod in
+    snap)
+      rsync -vPrc -e "ssh ${sshOptions[*]}" "$snapFilename" "$ipAddress:~/solana/solana.snap"
+      ;;
+    local)
+      rsync -vPrc -e "ssh ${sshOptions[*]}" "$SOLANA_ROOT"/farf/bin/* "$ipAddress:~/.cargo/bin/"
+      ;;
+    *)
+      usage "Internal error: invalid deployMethod: $deployMethod"
+      ;;
+    esac
+
+    ssh "${sshOptions[@]}" -n "$ipAddress" \
+      "./solana/net/remote/remote-node.sh $deployMethod leader $publicNetwork $entrypointIp $expectedNodeCount \"$RUST_LOG\""
+  ) >> "$logFile" 2>&1 || {
+    cat "$logFile"
+    echo "^^^ +++"
+    exit 1
+  }
+}
+
+startValidator() {
+  declare ipAddress=$1
+  declare logFile="$netLogDir/validator-$ipAddress.log"
+
+  echo "--- Starting validator: $leaderIp"
+  echo "start log: $logFile"
+  (
+    set -x
+    startCommon "$ipAddress"
+    ssh "${sshOptions[@]}" -n "$ipAddress" \
+      "./solana/net/remote/remote-node.sh $deployMethod validator $publicNetwork $entrypointIp $expectedNodeCount \"$RUST_LOG\""
+  ) >> "$logFile" 2>&1 &
+  declare pid=$!
+  ln -sfT "validator-$ipAddress.log" "$netLogDir/validator-$pid.log"
+  pids+=("$pid")
+}
+
+startClient() {
+  declare ipAddress=$1
+  declare logFile="$2"
+  echo "--- Starting client: $ipAddress"
+  echo "start log: $logFile"
+  (
+    set -x
+    startCommon "$ipAddress"
+    ssh "${sshOptions[@]}" -f "$ipAddress" \
+      "./solana/net/remote/remote-client.sh $deployMethod $entrypointIp $expectedNodeCount \"$RUST_LOG\""
+  ) >> "$logFile" 2>&1 || {
+    cat "$logFile"
+    echo "^^^ +++"
+    exit 1
+  }
+}
+
+sanity() {
+  declare expectedNodeCount=$((${#validatorIpList[@]} + 1))
+  declare ok=true
+
+  echo "--- Sanity"
+  $metricsWriteDatapoint "testnet-deploy net-sanity-begin=1"
+
+  (
+    set -x
+    # shellcheck disable=SC2029 # remote-client.sh args are expanded on client side intentionally
+    ssh "${sshOptions[@]}" "$leaderIp" \
+      "./solana/net/remote/remote-sanity.sh $sanityExtraArgs"
+  ) || ok=false
+
+  $metricsWriteDatapoint "testnet-deploy net-sanity-complete=1"
+  $ok || exit 1
+}
+
+start() {
+  case $deployMethod in
+  snap)
+    if [[ -n $snapChannel ]]; then
+      rm -f "$SOLANA_ROOT"/solana_*.snap
+      if [[ $(uname) != Linux ]]; then
+        (
+          set -x
+          SOLANA_DOCKER_RUN_NOSETUID=1 "$SOLANA_ROOT"/ci/docker-run.sh ubuntu:18.04 bash -c "
+            set -ex;
+            apt-get -qq update;
+            apt-get -qq -y install snapd;
+            snap download --channel=$snapChannel solana;
+          "
+        )
+      else
+        (
+          cd "$SOLANA_ROOT"
+          snap download --channel="$snapChannel" solana
+        )
+      fi
+      snapFilename="$(echo "$SOLANA_ROOT"/solana_*.snap)"
+      [[ -r $snapFilename ]] || {
+        echo "Error: Snap not readable: $snapFilename"
+        exit 1
+      }
+    fi
+    ;;
+  local)
+    build
+    ;;
+  *)
+    usage "Internal error: invalid deployMethod: $deployMethod"
+    ;;
+  esac
+
+  echo "Deployment started at $(date)"
+  $metricsWriteDatapoint "testnet-deploy net-start-begin=1"
+
+  SECONDS=0
+  declare leaderDeployTime=
+  startLeader "$leaderIp" "$netLogDir/leader-$leaderIp.log"
+  leaderDeployTime=$SECONDS
+  $metricsWriteDatapoint "testnet-deploy net-leader-started=1"
+
+  SECONDS=0
+  pids=()
+  loopCount=0
+  for ipAddress in "${validatorIpList[@]}"; do
+    startValidator "$ipAddress"
+
+    # Staggering validator startup time. If too many validators
+    # bootup simultaneously, leader node gets more rsync requests
+    # from the validators than it can handle.
+    ((loopCount++ % 2 == 0)) && sleep 2
+  done
+
+  for pid in "${pids[@]}"; do
+    declare ok=true
+    wait "$pid" || ok=false
+    if ! $ok; then
+      cat "$netLogDir/validator-$pid.log"
+      echo ^^^ +++
+      exit 1
+    fi
+  done
+
+  $metricsWriteDatapoint "testnet-deploy net-validators-started=1"
+  validatorDeployTime=$SECONDS
+
+  sanity
+
+  SECONDS=0
+  for ipAddress in "${clientIpList[@]}"; do
+    startClient "$ipAddress" "$netLogDir/client-$ipAddress.log"
+  done
+  clientDeployTime=$SECONDS
+  $metricsWriteDatapoint "testnet-deploy net-start-complete=1"
+
+  if [[ $deployMethod = "snap" ]]; then
+    declare networkVersion=unknown
+    IFS=\  read -r _ networkVersion _ < <(
+      ssh "${sshOptions[@]}" "$leaderIp" \
+        "snap info solana | grep \"^installed:\""
+    )
+    networkVersion=${networkVersion/0+git./}
+    $metricsWriteDatapoint "testnet-deploy version=\"$networkVersion\""
+  fi
+
+  echo
+  echo "+++ Deployment Successful"
+  echo "Leader deployment took $leaderDeployTime seconds"
+  echo "Validator deployment (${#validatorIpList[@]} instances) took $validatorDeployTime seconds"
+  echo "Client deployment (${#clientIpList[@]} instances) took $clientDeployTime seconds"
+  echo "Network start logs in $netLogDir:"
+  ls -l "$netLogDir"
+}
+
+
+stopNode() {
+  local ipAddress=$1
+  echo "--- Stopping node: $ipAddress"
+  (
+    set -x
+    ssh "${sshOptions[@]}" "$ipAddress" "
+      set -x
+      if snap list solana; then
+        sudo snap set solana mode=
+        sudo snap remove solana
+      fi
+      ! tmux list-sessions || tmux kill-session
+      for pattern in solana- remote- oom-monitor net-stats; do
+        pkill -9 \$pattern
+      done
+    "
+  ) || true
+}
+
+stop() {
+  SECONDS=0
+  $metricsWriteDatapoint "testnet-deploy net-stop-begin=1"
+
+  stopNode "$leaderIp"
+
+  for ipAddress in "${validatorIpList[@]}" "${clientIpList[@]}"; do
+    stopNode "$ipAddress"
+  done
+
+  $metricsWriteDatapoint "testnet-deploy net-stop-complete=1"
+  echo "Stopping nodes took $SECONDS seconds"
+}
+
+case $command in
+restart)
+  stop
+  start
+  ;;
+start)
+  start
+  ;;
+sanity)
+  sanity
+  ;;
+stop)
+  stop
+  ;;
+*)
+  echo "Internal error: Unknown command: $command"
+  exit 1
+esac

net/remote/README.md

@@ -0,0 +1 @@
+Scripts that run on the remote testnet nodes

net/remote/remote-client.sh

@@ -0,0 +1,83 @@
+#!/bin/bash -e
+
+cd "$(dirname "$0")"/../..
+
+echo "$(date) | $0 $*" > client.log
+
+deployMethod="$1"
+entrypointIp="$2"
+numNodes="$3"
+RUST_LOG="$4"
+export RUST_LOG=${RUST_LOG:-solana=info} # if RUST_LOG is unset, default to info
+
+missing() {
+  echo "Error: $1 not specified"
+  exit 1
+}
+
+[[ -n $deployMethod ]] || missing deployMethod
+[[ -n $entrypointIp ]] || missing entrypointIp
+[[ -n $numNodes ]]     || missing numNodes
+
+source net/common.sh
+loadConfigFile
+
+threadCount=$(nproc)
+if [[ $threadCount -gt 4 ]]; then
+  threadCount=4
+fi
+
+case $deployMethod in
+snap)
+  net/scripts/rsync-retry.sh -vPrc "$entrypointIp:~/solana/solana.snap" .
+  sudo snap install solana.snap --devmode --dangerous
+
+  solana_bench_tps=/snap/bin/solana.bench-tps
+  solana_keygen=/snap/bin/solana.keygen
+  ;;
+local)
+  PATH="$HOME"/.cargo/bin:"$PATH"
+  export USE_INSTALL=1
+  export SOLANA_DEFAULT_METRICS_RATE=1
+
+  net/scripts/rsync-retry.sh -vPrc "$entrypointIp:~/.cargo/bin/solana*" ~/.cargo/bin/
+  solana_bench_tps=solana-bench-tps
+  solana_keygen=solana-keygen
+  ;;
+*)
+  echo "Unknown deployment method: $deployMethod"
+  exit 1
+esac
+
+scripts/oom-monitor.sh > oom-monitor.log 2>&1 &
+scripts/net-stats.sh  > net-stats.log 2>&1 &
+
+! tmux list-sessions || tmux kill-session
+
+clientCommand="\
+  $solana_bench_tps \
+    --network $entrypointIp:8001 \
+    --identity client.json \
+    --num-nodes $numNodes \
+    --duration 600 \
+    --sustained \
+    --threads $threadCount \
+"
+
+keygenCommand="$solana_keygen -o client.json"
+tmux new -s solana-bench-tps -d "
+  [[ -r client.json ]] || {
+    echo '$ $keygenCommand'  | tee -a client.log
+    $keygenCommand >> client.log 2>&1
+  }
+
+  while true; do
+    echo === Client start: \$(date) | tee -a client.log
+    $metricsWriteDatapoint 'testnet-deploy client-begin=1'
+    echo '$ $clientCommand' | tee -a client.log
+    $clientCommand >> client.log 2>&1
+    $metricsWriteDatapoint 'testnet-deploy client-complete=1'
+  done
+"
+sleep 1
+tmux capture-pane -t solana-bench-tps -p -S -100

net/remote/remote-node.sh

@@ -0,0 +1,113 @@
+#!/bin/bash -e
+
+cd "$(dirname "$0")"/../..
+
+deployMethod="$1"
+nodeType="$2"
+publicNetwork="$3"
+entrypointIp="$4"
+numNodes="$5"
+RUST_LOG="$6"
+
+missing() {
+  echo "Error: $1 not specified"
+  exit 1
+}
+
+[[ -n $deployMethod ]]  || missing deployMethod
+[[ -n $nodeType ]]      || missing nodeType
+[[ -n $publicNetwork ]] || missing publicNetwork
+[[ -n $entrypointIp ]]  || missing entrypointIp
+[[ -n $numNodes ]]      || missing numNodes
+
+cat > deployConfig <<EOF
+deployMethod="$deployMethod"
+entrypointIp="$entrypointIp"
+numNodes="$numNodes"
+EOF
+
+source net/common.sh
+loadConfigFile
+
+if [[ $publicNetwork = true ]]; then
+  setupArgs="-p"
+else
+  setupArgs="-l"
+fi
+
+
+case $deployMethod in
+snap)
+  SECONDS=0
+  [[ $nodeType = leader ]] ||
+    net/scripts/rsync-retry.sh -vPrc "$entrypointIp:~/solana/solana.snap" .
+  sudo snap install solana.snap --devmode --dangerous
+
+  commonNodeConfig="\
+    leader-ip=$entrypointIp \
+    default-metrics-rate=1 \
+    metrics-config=$SOLANA_METRICS_CONFIG \
+    rust-log=$RUST_LOG \
+    setup-args=$setupArgs \
+  "
+
+  if [[ -e /dev/nvidia0 ]]; then
+    commonNodeConfig="$commonNodeConfig enable-cuda=1"
+  fi
+
+  if [[ $nodeType = leader ]]; then
+    nodeConfig="mode=leader+drone $commonNodeConfig"
+    ln -sf -T /var/snap/solana/current/leader/current leader.log
+    ln -sf -T /var/snap/solana/current/drone/current drone.log
+  else
+    nodeConfig="mode=validator $commonNodeConfig"
+    ln -sf -T /var/snap/solana/current/validator/current validator.log
+  fi
+
+  logmarker="solana deploy $(date)/$RANDOM"
+  logger "$logmarker"
+
+  # shellcheck disable=SC2086 # Don't want to double quote "$nodeConfig"
+  sudo snap set solana $nodeConfig
+  snap info solana
+  sudo snap get solana
+  echo Slight delay to get more syslog output
+  sleep 2
+  sudo grep -Pzo "$logmarker(.|\\n)*" /var/log/syslog
+
+  echo "Succeeded in ${SECONDS} seconds"
+  ;;
+local)
+  PATH="$HOME"/.cargo/bin:"$PATH"
+  export USE_INSTALL=1
+  export RUST_LOG
+  export SOLANA_DEFAULT_METRICS_RATE=1
+
+  ./fetch-perf-libs.sh
+  export LD_LIBRARY_PATH="$PWD/target/perf-libs:$LD_LIBRARY_PATH"
+
+  scripts/oom-monitor.sh  > oom-monitor.log 2>&1 &
+  scripts/net-stats.sh  > net-stats.log 2>&1 &
+
+  case $nodeType in
+  leader)
+    ./multinode-demo/setup.sh -t leader $setupArgs
+    ./multinode-demo/drone.sh > drone.log 2>&1 &
+    ./multinode-demo/leader.sh > leader.log 2>&1 &
+    ;;
+  validator)
+    net/scripts/rsync-retry.sh -vPrc "$entrypointIp:~/.cargo/bin/solana*" ~/.cargo/bin/
+
+    ./multinode-demo/setup.sh -t validator $setupArgs
+    ./multinode-demo/validator.sh "$entrypointIp":~/solana "$entrypointIp:8001" >validator.log 2>&1 &
+    ;;
+  *)
+    echo "Error: unknown node type: $nodeType"
+    exit 1
+    ;;
+  esac
+  ;;
+*)
+  echo "Unknown deployment method: $deployMethod"
+  exit 1
+esac

net/remote/remote-sanity.sh

@@ -0,0 +1,153 @@
+#!/bin/bash -e
+#
+# This script is to be run on the leader node
+#
+
+cd "$(dirname "$0")"/../..
+
+deployMethod=
+entrypointIp=
+numNodes=
+
+[[ -r deployConfig ]] || {
+  echo deployConfig missing
+  exit 1
+}
+# shellcheck source=/dev/null # deployConfig is written by remote-node.sh
+source deployConfig
+
+missing() {
+  echo "Error: $1 not specified"
+  exit 1
+}
+
+[[ -n $deployMethod ]] || missing deployMethod
+[[ -n $entrypointIp ]] || missing entrypointIp
+[[ -n $numNodes ]]     || missing numNodes
+
+ledgerVerify=true
+validatorSanity=true
+rejectExtraNodes=false
+while [[ $1 = -o ]]; do
+  opt="$2"
+  shift 2
+  case $opt in
+  noLedgerVerify)
+    ledgerVerify=false
+    ;;
+  noValidatorSanity)
+    validatorSanity=false
+    ;;
+  rejectExtraNodes)
+    rejectExtraNodes=true
+    ;;
+  *)
+    echo "Error: unknown option: $opt"
+    exit 1
+    ;;
+  esac
+done
+
+source net/common.sh
+loadConfigFile
+
+case $deployMethod in
+snap)
+  PATH="/snap/bin:$PATH"
+  export USE_SNAP=1
+  entrypointRsyncUrl="$entrypointIp"
+
+  solana_bench_tps=solana.bench-tps
+  solana_ledger_tool=solana.ledger-tool
+  solana_keygen=solana.keygen
+
+  ledger=/var/snap/solana/current/config/ledger
+  client_id=~/snap/solana/current/config/client-id.json
+
+  ;;
+local)
+  PATH="$HOME"/.cargo/bin:"$PATH"
+  export USE_INSTALL=1
+  entrypointRsyncUrl="$entrypointIp:~/solana"
+
+  solana_bench_tps=solana-bench-tps
+  solana_ledger_tool=solana-ledger-tool
+  solana_keygen=solana-keygen
+
+  ledger=config/ledger
+  client_id=config/client-id.json
+  ;;
+*)
+  echo "Unknown deployment method: $deployMethod"
+  exit 1
+esac
+
+
+echo "--- $entrypointIp: wallet sanity"
+(
+  set -x
+  scripts/wallet-sanity.sh "$entrypointIp:8001"
+)
+
+echo "+++ $entrypointIp: node count ($numNodes expected)"
+(
+  set -x
+  $solana_keygen -o "$client_id"
+
+  maybeRejectExtraNodes=
+  if $rejectExtraNodes; then
+    maybeRejectExtraNodes="--reject-extra-nodes"
+  fi
+
+  $solana_bench_tps \
+    --network "$entrypointIp:8001" \
+    --identity "$client_id" \
+    --num-nodes "$numNodes" \
+    $maybeRejectExtraNodes \
+    --converge-only
+)
+
+echo "--- $entrypointIp: verify ledger"
+if $ledgerVerify; then
+  if [[ -d $ledger ]]; then
+    (
+      set -x
+      rm -rf /var/tmp/ledger-verify
+      du -hs "$ledger"
+      time cp -r "$ledger" /var/tmp/ledger-verify
+      time $solana_ledger_tool --ledger /var/tmp/ledger-verify verify
+    )
+  else
+    echo "^^^ +++"
+    echo "Ledger verify skipped: directory does not exist: $ledger"
+  fi
+else
+  echo "^^^ +++"
+  echo "Note: ledger verify disabled"
+fi
+
+
+echo "--- $entrypointIp: validator sanity"
+if $validatorSanity; then
+  (
+    set -ex -o pipefail
+    ./multinode-demo/setup.sh -t validator
+    timeout 10s ./multinode-demo/validator.sh "$entrypointRsyncUrl" "$entrypointIp:8001" 2>&1 | tee validator.log
+  ) || {
+    exitcode=$?
+    [[ $exitcode -eq 124 ]] || exit $exitcode
+  }
+  wc -l validator.log
+  if grep -C100 panic validator.log; then
+    echo "^^^ +++"
+    echo "Panic observed"
+    exit 1
+  else
+    echo "Validator log looks ok"
+  fi
+else
+  echo "^^^ +++"
+  echo "Note: validator sanity disabled"
+fi
+
+echo --- Pass

net/scripts/add-solana-user-authorized_keys.sh

@@ -0,0 +1,20 @@
+#!/bin/bash -ex
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+[[ -d /home/solana/.ssh ]] || exit 1
+
+# /solana-authorized_keys contains the public keys for users that should
+# automatically be granted access to ALL testnets.
+#
+# To add an entry into this list:
+# 1. Run: ssh-keygen -t ecdsa -N '' -f ~/.ssh/id-solana-testnet
+# 2. Inline ~/.ssh/id-solana-testnet.pub below
+cat > /solana-authorized_keys <<EOF
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFBNwLw0i+rI312gWshojFlNw9NV7WfaKeeUsYADqOvM2o4yrO2pPw+sgW8W+/rPpVyH7zU9WVRgTME8NgFV1Vc=
+EOF
+
+sudo -u solana bash -c "
+  cat /solana-authorized_keys >> /home/solana/.ssh/authorized_keys
+"

net/scripts/create-solana-user.sh

@@ -0,0 +1,27 @@
+#!/bin/bash -ex
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+adduser solana --gecos "" --disabled-password --quiet
+adduser solana sudo
+echo "solana ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+id solana
+
+[[ -r /solana-id_ecdsa ]] || exit 1
+[[ -r /solana-id_ecdsa.pub ]] || exit 1
+
+sudo -u solana bash -c "
+  mkdir -p /home/solana/.ssh/
+  cd /home/solana/.ssh/
+  cp /solana-id_ecdsa.pub authorized_keys
+  umask 377
+  cp /solana-id_ecdsa id_ecdsa
+  echo \"
+    Host *
+    BatchMode yes
+    IdentityFile ~/.ssh/id_ecdsa
+    StrictHostKeyChecking no
+  \" > config
+"
+

net/scripts/disable-background-upgrades.sh

@@ -0,0 +1,20 @@
+#!/bin/bash -ex
+#
+# Prevent background upgrades that block |apt-get|
+#
+# TODO: This approach is pretty uncompromising.  An alternative solution that
+#       doesn't involve deleting system files would be welcome.
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+rm -rf /usr/lib/apt/apt.systemd.daily
+rm -rf /usr/bin/unattended-upgrade
+killall apt.systemd.daily || true
+killall unattended-upgrade || true
+
+while fuser /var/lib/dpkg/lock; do
+  echo Waiting for lock release...
+  sleep 1
+done
+

net/scripts/ec2-provider.sh

@@ -0,0 +1,240 @@
+# |source| this file
+#
+# Utilities for working with EC2 instances
+#
+
+zone=
+region=
+
+cloud_SetZone() {
+  zone="$1"
+  # AWS region is zone with the last character removed
+  region="${zone:0:$((${#zone} - 1))}"
+}
+
+# Set the default zone
+cloud_SetZone "us-east-1b"
+
+# sshPrivateKey should be globally defined whenever this function is called.
+#
+# TODO: Remove usage of the sshPrivateKey global
+__cloud_SshPrivateKeyCheck() {
+  # shellcheck disable=SC2154
+  if [[ -z $sshPrivateKey ]]; then
+    echo Error: sshPrivateKey not defined
+    exit 1
+  fi
+  if [[ ! -r $sshPrivateKey ]]; then
+    echo "Error: file is not readable: $sshPrivateKey"
+    exit 1
+  fi
+}
+
+#
+# __cloud_FindInstances
+#
+# Find instances with name matching the specified pattern.
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:public IP:private IP"
+#
+# filter   - The instances to filter on
+#
+# examples:
+#   $ __cloud_FindInstances "exact-machine-name"
+#   $ __cloud_FindInstances "all-machines-with-a-common-machine-prefix*"
+#
+__cloud_FindInstances() {
+  declare filter="$1"
+
+  instances=()
+  declare name publicIp privateIp
+  while read -r name publicIp privateIp; do
+    printf "%-30s | publicIp=%-16s privateIp=%s\n" "$name" "$publicIp" "$privateIp"
+    instances+=("$name:$publicIp:$privateIp")
+  done < <(aws ec2 describe-instances \
+             --region "$region" \
+             --filters \
+               "Name=tag:name,Values=$filter" \
+               "Name=instance-state-name,Values=pending,running" \
+             --query "Reservations[].Instances[].[InstanceId,PublicIpAddress,PrivateIpAddress]" \
+             --output text
+    )
+}
+
+#
+# cloud_FindInstances [namePrefix]
+#
+# Find instances with names matching the specified prefix
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:public IP:private IP"
+#
+# namePrefix - The instance name prefix to look for
+#
+# examples:
+#   $ cloud_FindInstances all-machines-with-a-common-machine-prefix
+#
+cloud_FindInstances() {
+  declare namePrefix="$1"
+  __cloud_FindInstances "$namePrefix*"
+}
+
+#
+# cloud_FindInstance [name]
+#
+# Find an instance with a name matching the exact pattern.
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:public IP:private IP"
+#
+# name - The instance name to look for
+#
+# examples:
+#   $ cloud_FindInstance exact-machine-name
+#
+cloud_FindInstance() {
+  declare name="$1"
+  __cloud_FindInstances "$name"
+}
+
+
+#
+# cloud_CreateInstances [networkName] [namePrefix] [numNodes] [imageName]
+#                       [machineType] [bootDiskSize] [startupScript] [address]
+#
+# Creates one more identical instances.
+#
+# networkName   - unique name of this testnet
+# namePrefix    - unique string to prefix all the instance names with
+# numNodes      - number of instances to create
+# imageName     - Disk image for the instances
+# machineType   - GCE machine type
+# bootDiskSize  - Optional size of the boot disk in GB
+# startupScript - Optional startup script to execute when the instance boots
+# address       - Optional name of the GCE static IP address to attach to the
+#                 instance.  Requires that |numNodes| = 1 and that addressName
+#                 has been provisioned in the GCE region that is hosting |zone|
+#
+# Tip: use cloud_FindInstances to locate the instances once this function
+#      returns
+cloud_CreateInstances() {
+  declare networkName="$1"
+  declare namePrefix="$2"
+  declare numNodes="$3"
+  declare imageName="$4"
+  declare machineType="$5"
+  declare optionalBootDiskSize="$6"
+  declare optionalStartupScript="$7"
+  declare optionalAddress="$8"
+
+  __cloud_SshPrivateKeyCheck
+  (
+    set -x
+    aws ec2 delete-key-pair --region "$region" --key-name "$networkName"
+    aws ec2 import-key-pair --region "$region" --key-name "$networkName" \
+      --public-key-material file://"${sshPrivateKey}".pub
+  )
+
+  declare -a args
+  args=(
+    --key-name "$networkName"
+    --count "$numNodes"
+    --region "$region"
+    --placement "AvailabilityZone=$zone"
+    --security-groups testnet
+    --image-id "$imageName"
+    --instance-type "$machineType"
+    --tag-specifications "ResourceType=instance,Tags=[{Key=name,Value=$namePrefix}]"
+  )
+  if [[ -n $optionalBootDiskSize ]]; then
+    args+=(
+      --block-device-mapping "[{\"DeviceName\": \"/dev/sda1\", \"Ebs\": { \"VolumeSize\": $optionalBootDiskSize }}]"
+    )
+  fi
+  if [[ -n $optionalStartupScript ]]; then
+    args+=(
+      --user-data "file://$optionalStartupScript"
+    )
+  fi
+
+  if [[ -n $optionalAddress ]]; then
+    [[ $numNodes = 1 ]] || {
+      echo "Error: address may not be supplied when provisioning multiple nodes: $optionalAddress"
+      exit 1
+    }
+  fi
+
+  (
+    set -x
+    aws ec2 run-instances "${args[@]}"
+  )
+
+  if [[ -n $optionalAddress ]]; then
+    cloud_FindInstance "$namePrefix"
+    if [[ ${#instances[@]} -ne 1 ]]; then
+      echo "Failed to find newly created instance: $namePrefix"
+    fi
+
+    declare instanceId
+    IFS=: read -r instanceId _ < <(echo "${instances[0]}")
+    (
+      set -x
+      # TODO: Poll that the instance has moved to the 'running' state instead of
+      #       blindly sleeping for 30 seconds...
+      sleep 30
+      aws ec2 associate-address \
+        --instance-id "$instanceId" \
+        --region "$region" \
+        --allocation-id "$optionalAddress"
+    )
+  fi
+}
+
+#
+# cloud_DeleteInstances
+#
+# Deletes all the instances listed in the `instances` array
+#
+cloud_DeleteInstances() {
+  if [[ ${#instances[0]} -eq 0 ]]; then
+    echo No instances to delete
+    return
+  fi
+  declare names=("${instances[@]/:*/}")
+  (
+    set -x
+    aws ec2 terminate-instances --region "$region" --instance-ids "${names[@]}"
+  )
+}
+
+
+#
+# cloud_FetchFile [instanceName] [publicIp] [remoteFile] [localFile]
+#
+# Fetch a file from the given instance.  This function uses a cloud-specific
+# mechanism to fetch the file
+#
+cloud_FetchFile() {
+  # shellcheck disable=SC2034 # instanceName is unused
+  declare instanceName="$1"
+  declare publicIp="$2"
+  declare remoteFile="$3"
+  declare localFile="$4"
+
+  __cloud_SshPrivateKeyCheck
+  (
+    set -x
+    scp \
+      -o "StrictHostKeyChecking=no" \
+      -o "UserKnownHostsFile=/dev/null" \
+      -o "User=solana" \
+      -o "IdentityFile=$sshPrivateKey" \
+      -o "LogLevel=ERROR" \
+      -F /dev/null \
+      "solana@$publicIp:$remoteFile" "$localFile"
+  )
+}

net/scripts/gce-provider.sh

@@ -0,0 +1,201 @@
+# |source| this file
+#
+# Utilities for working with GCE instances
+#
+
+# Default zone
+zone="us-west1-b"
+cloud_SetZone() {
+  zone="$1"
+}
+
+
+#
+# __cloud_FindInstances
+#
+# Find instances matching the specified pattern.
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:zone:public IP:private IP"
+#
+# filter   - The instances to filter on
+#
+# examples:
+#   $ __cloud_FindInstances "name=exact-machine-name"
+#   $ __cloud_FindInstances "name~^all-machines-with-a-common-machine-prefix"
+#
+__cloud_FindInstances() {
+  declare filter="$1"
+  instances=()
+
+  declare name zone publicIp privateIp status
+  while read -r name publicIp privateIp status; do
+    printf "%-30s | publicIp=%-16s privateIp=%s staus=%s\n" "$name" "$publicIp" "$privateIp" "$status"
+
+    instances+=("$name:$publicIp:$privateIp")
+  done < <(gcloud compute instances list \
+             --filter "$filter" \
+             --format 'value(name,networkInterfaces[0].accessConfigs[0].natIP,networkInterfaces[0].networkIP,status)')
+}
+#
+# cloud_FindInstances [namePrefix]
+#
+# Find instances with names matching the specified prefix
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:public IP:private IP"
+#
+# namePrefix - The instance name prefix to look for
+#
+# examples:
+#   $ cloud_FindInstances all-machines-with-a-common-machine-prefix
+#
+cloud_FindInstances() {
+  declare namePrefix="$1"
+  __cloud_FindInstances "name~^$namePrefix"
+}
+
+#
+# cloud_FindInstance [name]
+#
+# Find an instance with a name matching the exact pattern.
+#
+# For each matching instance, an entry in the `instances` array will be added with the
+# following information about the instance:
+#   "name:public IP:private IP"
+#
+# name - The instance name to look for
+#
+# examples:
+#   $ cloud_FindInstance exact-machine-name
+#
+cloud_FindInstance() {
+  declare name="$1"
+  __cloud_FindInstances "name=$name"
+}
+
+#
+# cloud_CreateInstances [networkName] [namePrefix] [numNodes] [imageName]
+#                       [machineType] [bootDiskSize] [enableGpu]
+#                       [startupScript] [address]
+#
+# Creates one more identical instances.
+#
+# networkName   - unique name of this testnet
+# namePrefix    - unique string to prefix all the instance names with
+# numNodes      - number of instances to create
+# imageName     - Disk image for the instances
+# machineType   - GCE machine type.  Note that this may also include an
+#                 `--accelerator=` or other |gcloud compute instances create|
+#                 options
+# bootDiskSize  - Optional size of the boot disk in GB
+# enableGpu     - Optionally enable GPU, use the value "true" to enable
+#                 eg, request 4 K80 GPUs with "count=4,type=nvidia-tesla-k80"
+# startupScript - Optional startup script to execute when the instance boots
+# address       - Optional name of the GCE static IP address to attach to the
+#                 instance.  Requires that |numNodes| = 1 and that addressName
+#                 has been provisioned in the GCE region that is hosting `$zone`
+#
+# Tip: use cloud_FindInstances to locate the instances once this function
+#      returns
+cloud_CreateInstances() {
+  declare networkName="$1"
+  declare namePrefix="$2"
+  declare numNodes="$3"
+  declare imageName="$4"
+  declare machineType="$5"
+  declare optionalBootDiskSize="$6"
+  declare optionalStartupScript="$7"
+  declare optionalAddress="$8"
+  declare optionalBootDiskType="$9"
+
+  declare nodes
+  if [[ $numNodes = 1 ]]; then
+    nodes=("$namePrefix")
+  else
+    read -ra nodes <<<$(seq -f "${namePrefix}%0${#numNodes}g" 1 "$numNodes")
+  fi
+
+  declare -a args
+  args=(
+    --zone "$zone"
+    --tags testnet
+    --metadata "testnet=$networkName"
+    --image "$imageName"
+    --maintenance-policy TERMINATE
+    --no-restart-on-failure
+  )
+
+  # shellcheck disable=SC2206 # Do not want to quote $machineType as it may contain extra args
+  args+=(--machine-type $machineType)
+  if [[ -n $optionalBootDiskSize ]]; then
+    args+=(
+      --boot-disk-size "${optionalBootDiskSize}GB"
+    )
+  fi
+  if [[ -n $optionalStartupScript ]]; then
+    args+=(
+      --metadata-from-file "startup-script=$optionalStartupScript"
+    )
+  fi
+  if [[ -n $optionalBootDiskType ]]; then
+    args+=(
+        --boot-disk-type "${optionalBootDiskType}"
+    )
+  fi
+
+  if [[ -n $optionalAddress ]]; then
+    [[ $numNodes = 1 ]] || {
+      echo "Error: address may not be supplied when provisioning multiple nodes: $optionalAddress"
+      exit 1
+    }
+    args+=(
+      --address "$optionalAddress"
+    )
+  fi
+
+  (
+    set -x
+    gcloud beta compute instances create "${nodes[@]}" "${args[@]}"
+  )
+}
+
+#
+# cloud_DeleteInstances
+#
+# Deletes all the instances listed in the `instances` array
+#
+cloud_DeleteInstances() {
+  if [[ ${#instances[0]} -eq 0 ]]; then
+    echo No instances to delete
+    return
+  fi
+  declare names=("${instances[@]/:*/}")
+
+  (
+    set -x
+    gcloud beta compute instances delete --zone "$zone" --quiet "${names[@]}"
+  )
+}
+
+
+#
+# cloud_FetchFile [instanceName] [publicIp] [remoteFile] [localFile]
+#
+# Fetch a file from the given instance.  This function uses a cloud-specific
+# mechanism to fetch the file
+#
+cloud_FetchFile() {
+  declare instanceName="$1"
+  # shellcheck disable=SC2034 # publicIp is unused
+  declare publicIp="$2"
+  declare remoteFile="$3"
+  declare localFile="$4"
+
+  (
+    set -x
+    gcloud compute scp --zone "$zone" "$instanceName:$remoteFile" "$localFile"
+  )
+}

net/scripts/install-docker.sh

@@ -0,0 +1,25 @@
+#!/bin/bash -ex
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+apt-get update
+apt-get install -y \
+  apt-transport-https \
+  ca-certificates \
+  curl \
+  software-properties-common \
+
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+
+add-apt-repository \
+  "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+
+apt-get update
+apt-get install -y docker-ce
+docker run hello-world
+
+# Grant the solana user access to docker
+if id solana; then
+  addgroup solana docker
+fi

net/scripts/install-earlyoom.sh

@@ -0,0 +1,30 @@
+#!/bin/bash -ex
+#
+# Install EarlyOOM
+#
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+# 64 - enable signalling of processes (term, kill, oom-kill)
+# TODO: This setting will not persist across reboots
+sysctl -w kernel.sysrq=$(( $(cat /proc/sys/kernel/sysrq) | 64 ))
+
+if command -v earlyoom; then
+  systemctl status earlyoom
+else
+  wget  -r -l1 -np http://ftp.us.debian.org/debian/pool/main/e/earlyoom/ -A 'earlyoom_1.1-*_amd64.deb' -e robots=off -nd
+  apt install --quiet --yes ./earlyoom_1.1-*_amd64.deb
+
+  cat > earlyoom <<OOM
+  # use the kernel OOM killer, trigger at 20% available RAM,
+  EARLYOOM_ARGS="-k -m 20"
+OOM
+  cp earlyoom /etc/default/
+  rm earlyoom
+
+  systemctl stop earlyoom
+  systemctl enable earlyoom
+  systemctl start earlyoom
+fi
+

net/scripts/install-libssl-compatability.sh

@@ -0,0 +1,18 @@
+#!/bin/bash -ex
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+# Install libssl-dev to be compatible with binaries built on an Ubuntu machine...
+apt-get update
+apt-get --assume-yes install libssl-dev
+
+# Install libssl1.1 to be compatible with binaries built in the
+# solanalabs/rust docker image
+#
+# cc: https://github.com/solana-labs/solana/issues/1090
+# cc: https://packages.ubuntu.com/bionic/amd64/libssl1.1/download
+wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4.1_amd64.deb
+dpkg -i libssl1.1_1.1.0g-2ubuntu4.1_amd64.deb
+rm libssl1.1_1.1.0g-2ubuntu4.1_amd64.deb
+

net/scripts/install-rsync.sh

@@ -0,0 +1,19 @@
+#!/bin/bash -ex
+#
+# Rsync setup for Snap builds
+#
+
+[[ $(uname) = Linux ]] || exit 1
+[[ $USER = root ]] || exit 1
+
+apt-get --assume-yes install rsync
+cat > /etc/rsyncd.conf <<-EOF
+[config]
+path = /var/snap/solana/current/config
+hosts allow = *
+read only = true
+EOF
+
+systemctl enable rsync
+systemctl start rsync
+

net/scripts/rsync-retry.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+#
+# rsync wrapper that retries a few times on failure
+#
+
+for i in $(seq 1 5); do
+  (
+    set -x
+    rsync "$@"
+  ) && exit 0
+  echo Retry "$i"...
+done

net/ssh.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+
+here=$(dirname "$0")
+# shellcheck source=net/common.sh
+source "$here"/common.sh
+
+usage() {
+  exitcode=0
+  if [[ -n "$1" ]]; then
+    exitcode=1
+    echo "Error: $*"
+  fi
+  cat <<EOF
+usage: $0 [ipAddress] [extra ssh arguments]
+
+ssh into a node
+
+ ipAddress     - IP address of the desired node.
+
+If ipAddress is unspecified, a list of available nodes will be displayed.
+
+EOF
+  exit $exitcode
+}
+
+while getopts "h?" opt; do
+  case $opt in
+  h | \?)
+    usage
+    ;;
+  *)
+    usage "Error: unhandled option: $opt"
+    ;;
+  esac
+done
+
+loadConfigFile
+
+ipAddress=$1
+shift
+if [[ -n "$ipAddress" ]]; then
+  set -x
+  exec ssh "${sshOptions[@]}" "$ipAddress" "$@"
+fi
+
+printNode() {
+  declare nodeType=$1
+  declare ip=$2
+  printf "  %-25s | For logs run: $0 $ip tail -f solana/$nodeType.log\n" "$0 $ip"
+}
+
+echo Leader:
+printNode leader "$leaderIp"
+echo
+echo Validators:
+for ipAddress in "${validatorIpList[@]}"; do
+  printNode validator "$ipAddress"
+done
+echo
+echo Clients:
+if [[ ${#clientIpList[@]} -eq 0 ]]; then
+  echo "  None"
+else
+  for ipAddress in "${clientIpList[@]}"; do
+    printNode client "$ipAddress"
+  done
+fi
+
+exit 0

programs/move_funds/Cargo.toml

@@ -0,0 +1,23 @@
+[package]
+name = "move_funds"
+version = "0.1.0"
+authors = [
+    "Anatoly Yakovenko <anatoly@solana.com>",
+    "Greg Fitzgerald <greg@solana.com>",
+    "Stephen Akridge <stephen@solana.com>",
+    "Michael Vines <mvines@solana.com>",
+    "Rob Walker <rob@solana.com>",
+    "Pankaj Garg <pankaj@solana.com>",
+    "Tyera Eulberg <tyera@solana.com>",
+    "Jack May <jack@solana.com>",
+]
+
+[dependencies]
+bincode = "1.0.0"
+generic-array = { version = "0.12.0", default-features = false, features = ["serde"] }
+solana_program_interface = { path = "../../common" }
+
+[lib]
+name = "move_funds"
+crate-type = ["dylib"]
+

programs/move_funds/src/lib.rs

@@ -0,0 +1,48 @@
+extern crate bincode;
+extern crate solana_program_interface;
+
+use bincode::deserialize;
+use solana_program_interface::account::KeyedAccount;
+
+#[no_mangle]
+pub extern "C" fn process(infos: &mut Vec<KeyedAccount>, data: &[u8]) {
+    let tokens: i64 = deserialize(data).unwrap();
+    if infos[0].account.tokens >= tokens {
+        infos[0].account.tokens -= tokens;
+        infos[1].account.tokens += tokens;
+    } else {
+        println!(
+            "Insufficient funds, asked {}, only had {}",
+            tokens, infos[0].account.tokens
+        );
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use bincode::serialize;
+    use solana_program_interface::account::Account;
+    use solana_program_interface::pubkey::Pubkey;
+
+    #[test]
+    fn test_move_funds() {
+        let tokens: i64 = 100;
+        let data: Vec<u8> = serialize(&tokens).unwrap();
+        let keys = vec![Pubkey::default(); 2];
+        let mut accounts = vec![Account::default(), Account::default()];
+        accounts[0].tokens = 100;
+        accounts[1].tokens = 1;
+
+        {
+            let mut infos: Vec<KeyedAccount> = Vec::new();
+            for (key, account) in keys.iter().zip(&mut accounts).collect::<Vec<_>>() {
+                infos.push(KeyedAccount { key, account });
+            }
+
+            process(&mut infos, &data);
+        }
+        assert_eq!(0, accounts[0].tokens);
+        assert_eq!(101, accounts[1].tokens);
+    }
+}

programs/noop/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "noop"
+version = "0.1.0"
+authors = [
+    "Anatoly Yakovenko <anatoly@solana.com>",
+    "Greg Fitzgerald <greg@solana.com>",
+    "Stephen Akridge <stephen@solana.com>",
+    "Michael Vines <mvines@solana.com>",
+    "Rob Walker <rob@solana.com>",
+    "Pankaj Garg <pankaj@solana.com>",
+    "Tyera Eulberg <tyera@solana.com>",
+    "Jack May <jack@solana.com>",
+]
+
+[dependencies]
+solana_program_interface = { path = "../../common" }
+
+[lib]
+name = "noop"
+crate-type = ["dylib"]
+

programs/noop/src/lib.rs

@@ -0,0 +1,6 @@
+extern crate solana_program_interface;
+
+use solana_program_interface::account::KeyedAccount;
+
+#[no_mangle]
+pub extern "C" fn process(_infos: &mut Vec<KeyedAccount>, _data: &[u8]) {}

programs/print/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "print"
+version = "0.1.0"
+authors = [
+    "Anatoly Yakovenko <anatoly@solana.com>",
+    "Greg Fitzgerald <greg@solana.com>",
+    "Stephen Akridge <stephen@solana.com>",
+    "Michael Vines <mvines@solana.com>",
+    "Rob Walker <rob@solana.com>",
+    "Pankaj Garg <pankaj@solana.com>",
+    "Tyera Eulberg <tyera@solana.com>",
+    "Jack May <jack@solana.com>",
+]
+
+[dependencies]
+solana_program_interface = { path = "../../common" }
+
+[lib]
+name = "print"
+crate-type = ["dylib"]
+

programs/print/src/lib.rs

@@ -0,0 +1,9 @@
+extern crate solana_program_interface;
+
+use solana_program_interface::account::KeyedAccount;
+
+#[no_mangle]
+pub extern "C" fn process(infos: &mut Vec<KeyedAccount>, _data: &[u8]) {
+    println!("AccountInfos: {:#?}", infos);
+    //println!("data: {:#?}", data);
+}

rfcs/rfc-001-smart-contracts-engine.md

@@ -4,7 +4,7 @@ The goal of this RFC is to define a set of constraints for APIs and runtime such
 
 ## Version
 
-version 0.1 
+version 0.2 
 
 ## Toolchain Stack
 
@@ -37,154 +37,175 @@ version 0.1
 
 In Figure 1 an untrusted client, creates a program in the front-end language of her choice, (like C/C++/Rust/Lua), and compiles it with LLVM to a position independent shared object ELF, targeting BPF bytecode. Solana will safely load and execute the ELF.
 
-## Bytecode
-
-Our bytecode is based on Berkley Packet Filter. The requirements for BPF overlap almost exactly with the requirements we have:
-
-1. Deterministic amount of time to execute the code
-2. Bytecode that is portable between machine instruction sets
-3. Verified memory accesses
-4. Fast to load the object, verify the bytecode and JIT to local machine instruction set
-
-For 1, that means that loops are unrolled, and for any jumps back we can guard them with a check against the number of instruction that have been executed at this point.  If the limit is reached, the program yields its execution.  This involves saving the stack and current instruction index.
-
-For 2, the BPF bytecode already easily maps to x86–64, arm64 and other instruction sets. 
-
-For 3, every load and store that is relative can be checked to be within the expected memory that is passed into the ELF.  Dynamic load and stores can do a runtime check against available memory, these will be slow and should be avoided.
-
-For 4, Fully linked PIC ELF with just a single RX segment. Effectively we are linking a shared object with `-fpic -target bpf` and with a linker script to collect everything into a single RX segment. Writable globals are not supported.
-
-### Address Checks
-
-The interface to the module takes a `&mut Vec<Vec<u8>>` in rust, or a `int sz, void* data[sz], int szs[sz]` in `C`.  Given the module's bytecode, for each method, we need to analyze the bounds on load and stores into each buffer the module uses.  This check needs to be done `on chain`, and after those bounds are computed we can verify that the user supplied array of buffers will not cause a memory fault.  For load and stores that we cannot analyze, we can replace with a `safe_load` and `safe_store` instruction that will check the table for access.
-
-## Loader
-The loader is our first smart contract. The job of this contract is to load the actual program with its own instance data.  The loader will verify the bytecode and that the object implements the expected entry points.
-
-Since there is only one RX segment, the context for the contract instance is passed into each entry point as well as the event data for that entry point.
-
-A client will create a transaction to create a new loader instance:
-
-`Solana_NewLoader(Loader Instance PubKey, proof of key ownership, space I need for my elf)`
-
-A client will then do a bunch of transactions to load its elf into the loader instance they created:
-
-`Loader_UploadElf(Loader Instance PubKey, proof of key ownership, pos start, pos end, data)`
-
-At this point the client can create a new instance of the module with its own instance address:
-
-`Loader_NewInstance(Loader Instance PubKey, proof of key ownership, Instance PubKey, proof of key ownership)`
-
-Once the instance has been created, the client may need to upload more user data to solana to configure this instance:
-
-`Instance_UploadModuleData(Instance PubKey, proof of key ownership, pos start, pos end, data)`
-
-Now clients can `start` the instance:
-
-`Instance_Start(Instance PubKey, proof of key ownership)`
-
 ## Runtime
 
-Our goal with the runtime is to have a general purpose execution environment that is highly parallelizable and doesn't require dynamic resource management. We want to execute as many contracts as we can in parallel, and have them pass or fail without a destructive state change.
-
-### State and Entry Point
-
-State is addressed by an account which is at the moment simply the PubKey.  Our goal is to eliminate dynamic memory allocation in the smart contract itself, so the contract is a function that takes a mapping of [(PubKey,State)] and returns [(PubKey, State')].  The output of keys is a subset of the input.  Three basic kinds of state exist:
-
-* Instance State
-* Participant State
-* Caller State
-
-There isn't any difference in how each is implemented, but conceptually Participant State is memory that is allocated for each participant in the contract.  Instance State is memory that is allocated for the contract itself, and Caller State is memory that the transactions caller has allocated.
+The goal with the runtime is to have a general purpose execution environment that is highly parallelizeable and doesn't require dynamic resource management. The goal is to execute as many contracts as possible in parallel, and have them pass or fail without a destructive state change.
 
 
-### Call
+### State
 
+State is addressed by an account which is at the moment simply the Pubkey.  Our goal is to eliminate memory allocation from within the smart contract itself.  Thus the client of the contract provides all the state that is necessary for the contract to execute in the transaction itself.  The runtime interacts with the contract through a state transition function, which takes a mapping of [(Pubkey,State)] and returns [(Pubkey, State')].  The State is an opeque type to the runtime, a `Vec<u8>`, the contents of which the contract has full control over.
+
+### Call Structure
 ```
-void call(
-    const struct instance_data *data,
-    const uint8_t kind[],  //instance|participant|caller|read|write
-    const uint8_t *keys[],
-    uint8_t *data[],
-    int num,
-    uint8_t dirty[],        //dirty memory bits
-    uint8_t *userdata,      //current transaction data
-);
+/// Call definition
+/// Signed portion
+#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
+pub struct CallData {
+    /// Each Pubkey in this vector is mapped to a corresponding `Page` that is loaded for contract execution
+    /// In a simple pay transaction `key[0]` is the token owner's key and `key[1]` is the recipient's key.
+    pub keys: Vec<Pubkey>,
+
+    /// The Pubkeys that are required to have a proof.  The proofs are a `Vec<Signature> which encoded along side this data structure
+    /// Each Signature signs the `required_proofs` vector as well as the `keys` vectors.  The transaction is valid if and only if all
+    /// the required signatures are present and the public key vector is unchanged between signatures.
+    pub required_proofs: Vec<u8>,
+
+    /// PoH data
+    /// last PoH hash observed by the sender
+    pub last_id: Hash,
+
+    /// Program
+    /// The address of the program we want to call.  ContractId is just a Pubkey that is the address of the loaded code that will execute this Call.
+    pub contract_id: ContractId,
+    /// OS scheduling fee
+    pub fee: i64,
+    /// struct version to prevent duplicate spends
+    /// Calls with a version <= Page.version are rejected
+    pub version: u64,
+    /// method to call in the contract
+    pub method: u8,
+    /// usedata in bytes
+    pub userdata: Vec<u8>,
+}
+
+#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)]
+pub struct Call {
+    /// Signatures and Keys
+    /// (signature, key index)
+    /// This vector contains a tuple of signatures, and the key index the signature is for
+    /// proofs[0] is always key[0]
+    pub proofs: Vec<Signature>,
+    pub data: CallData,
+}
 ```
 
-To call this operation, the transaction that is destined to the contract instance specifies what keyed state it should present to the `call` function.  To allocate the state memory or a call context, the client has to first call a function on the contract with the designed address that will own the state.
+At it's core, this is just a set of Pubkeys and Signatures with a bit of metadata.  The contract Pubkey routes this transaction into that contracts entry point.  `version` is used for dropping retransmitted requests.
 
-At its core, this is a system call that requires cryptographic proof of ownership of memory regions instead of an OS that checks page tables for access rights.
-
-* `Instance_AllocateContext(Instance PubKey, My PubKey, Proof of key ownership)`
-
-Any transaction can then call `call` on the contract with a set of keys.  It's up to the contract itself to manage ownership:
-
-* `Instance_Call(Instance PubKey, [Context PubKeys], proofs of ownership, userdata...)`
-
-Contracts should be able to read any state that is part of solana, but only write to state that the contract allocated.
-
-#### Caller State
-
-Caller `state` is memory allocated for the `call` that belongs to the public key that is issuing the `call`.  This is the caller's context.
-
-#### Instance State
-
-Instance `state` is memory that belongs to this contract instance.  We may also need module-wide `state` as well.
-
-#### Participant State
-
-Participant `state` is any other memory.  In some cases it may make sense to have these allocated as part of the call by the caller.
-
-### Reduce
-
-Some operations on the contract will require iteration over all the keys.  To make this parallelizable the iteration is broken up into reduce calls which are combined.
-
-```
-void reduce_m(
-    const struct instance_data *data,
-    const uint8_t *keys[],
-    const uint8_t *data[],
-    int num,
-    uint8_t *reduce_data,
-);
-
-void reduce_r(
-    const struct instance_data *data,
-    const uint8_t *reduce_data[],
-    int num,
-    uint8_t *reduce_data,
-);
-```
+Contracts should be able to read any state that is part of runtime, but only write to state that the contract allocated.
 
 ### Execution
 
-Transactions are batched and processed in parallel at each stage.
-```
-+-----------+    +--------------+      +-----------+    +---------------+
-| sigverify |-+->| debit commit |---+->| execution |-+->| memory commit |
-+-----------+ |  +--------------+   |  +-----------+ |  +---------------+
-              |                     |                |
-              |  +---------------+  |                |  +--------------+
-              |->| memory verify |->+                +->| debit undo   |
-                 +---------------+                   |  +--------------+
-                                                     |
-                                                     |  +---------------+
-                                                     +->| credit commit |
-                                                        +---------------+
-
+Calls batched and processed in a pipeline
 
 ```
-The `debit verify` stage is very similar to `memory verify`.  Proof of key ownership is used to check if the callers key has some state allocated with the contract, then the memory is loaded and executed.  After execution stage, the dirty pages are written back by the contract.  Because know all the memory accesses during execution, we can batch transactions that do not interfere with each other.  We can also apply the `debit undo` and `credit commit` stages of the transaction.  `debit undo` is run in case of an exception during contract execution, only transfers may be reversed, fees are commited to solana.
++-----------+    +-------------+    +--------------+    +--------------------+    
+| sigverify |--->| lock memory |--->| validate fee |--->| allocate new pages |--->
++-----------+    +-------------+    +--------------+    +--------------------+    
+                                
+    +------------+    +---------+    +--------------+    +-=------------+   
+--->| load pages |--->| execute |--->|unlock memory |--->| commit pages |   
+    +------------+    +---------+    +--------------+    +--------------+   
 
-### GPU execution
+```
 
-A single contract can read and write to separate key pairs without interference.  These separate calls to the same contract can execute on the same GPU thread over different memory using different SIMD lanes.
+At the `execute` stage, the loaded pages have no data dependencies, so all the contracts can be executed in parallel. 
+## Memory Management
+```
+pub struct Page {
+    /// key that indexes this page
+    /// prove ownership of this key to spend from this Page
+    owner: Pubkey,
+    /// contract that owns this page
+    /// contract can write to the data that is in `memory` vector
+    contract: Pubkey,
+    /// balance that belongs to owner
+    balance: u64,
+    /// version of the structure, public for testing
+    version: u64,
+    /// hash of the page data
+    memhash: Hash,
+    /// The following could be in a separate structure
+    memory: Vec<u8>,
+}
+```
+
+The guarantee that runtime enforces:
+    1. The contract code is the only code that will modify the contents of `memory`
+    2. Total balances on all the pages is equal before and after exectuion of a call
+    3. Balances of each of the pages not owned by the contract must be equal to or greater after the call than before the call.
+
+## Entry Point
+Exectuion of the contract involves maping the contract's public key to an entry point which takes a pointer to the transaction, and an array of loaded pages.
+```
+// Find the method
+match (tx.contract, tx.method) {
+    // system interface
+    // everyone has the same reallocate
+    (_, 0) => system_0_realloc(&tx, &mut call_pages),
+    (_, 1) => system_1_assign(&tx, &mut call_pages),
+    // contract methods
+    (DEFAULT_CONTRACT, 128) => default_contract_128_move_funds(&tx, &mut call_pages),
+    (contract, method) => //... 
+```
+
+The first 127 methods are reserved for the system interface, which implements allocation and assignment of memory.  The rest, including the contract for moving funds are implemented by the contract itself.
+
+## System Interface
+```
+/// SYSTEM interface, same for very contract, methods 0 to 127
+/// method 0
+/// reallocate
+/// spend the funds from the call to the first recipient's
+pub fn system_0_realloc(call: &Call, pages: &mut Vec<Page>) {
+    if call.contract == DEFAULT_CONTRACT {
+        let size: u64 = deserialize(&call.userdata).unwrap();
+        pages[0].memory.resize(size as usize, 0u8);
+    }
+}
+/// method 1
+/// assign
+/// assign the page to a contract
+pub fn system_1_assign(call: &Call, pages: &mut Vec<Page>) {
+    let contract = deserialize(&call.userdata).unwrap();
+    if call.contract == DEFAULT_CONTRACT {
+        pages[0].contract = contract;
+        //zero out the memory in pages[0].memory
+        //Contracts need to own the state of that data otherwise a use could fabricate the state and
+        //manipulate the contract
+        pages[0].memory.clear();
+    }
+} 
+```
+The first method resizes the memory that is assosciated with the callers page.  The second system call assignes the page to the contract.  Both methods check if the current contract is 0, otherwise the method does nothing and the caller spent their fees.
+
+This ensures that when memory is assigned to the contract the initial state of all the bytes is 0, and the contract itself is the only thing that can modify that state.
+
+## Simplest contract
+```
+/// DEFAULT_CONTRACT interface
+/// All contracts start with 128
+/// method 128
+/// move_funds
+/// spend the funds from the call to the first recipient's
+pub fn default_contract_128_move_funds(call: &Call, pages: &mut Vec<Page>) {
+    let amount: u64 = deserialize(&call.userdata).unwrap();
+    if pages[0].balance >= amount  {
+        pages[0].balance -= amount;
+        pages[1].balance += amount;
+    }
+}
+``` 
+
+This simply moves the amount from page[0], which is the callers page, to page[1], which is the recipient's page.
 
 ## Notes
 
 1. There is no dynamic memory allocation.
-2. Persistant Memory is allocated to a Key with ownership
+2. Persistent Memory is allocated to a Key with ownership
 3. Contracts can `call` to update key owned state
-4. Contracts can `reduce` over the memory to aggregate state
-5. `call` is just a *syscall* that does a cryptographic check of memory owndershp
+4. `call` is just a *syscall* that does a cryptographic check of memory ownership
+5. Kernel guarantees that when memory is assigned to the contract its state is 0
+6. Kernel guarantees that contract is the only thing that can modify memory that its assigned to
+7. Kernel guarantees that the contract can only spend tokens that are in pages that are assigned to it
+8. Kernel guarantees the balances belonging to pages are balanced before and after the call

rfcs/rfc-004-tictactoe-program.md

@@ -1,77 +0,0 @@
-
-Two players want to play tic-tac-toe with each other on Solana.
-
-The tic-tac-toe program has already been provisioned on the network, and the
-program author has advertised the following information to potential gamers:
-* `tictactoe_publickey` - the program's public key
-* `tictactoe_gamestate_size` - the number of bytes needed to maintain the game state
-
-The game state is a well-documented data structure consisting of:
-- Player 1's public key
-- Player 2's public key
-- Game status. An 8-bit value where:
-  * 0 = game uninitialized
-  * 1 = Player 1's turn
-  * 2 = Player 2's turn
-  * 3 = Player 1 won
-  * 4 = Player 2 won
-- Current board configuration.  A 3x3 character array containing the values '\0', 'X' or 'O'
-
-### Game Setup
-
-1. Two players want to start a game.  Player 2 sends Player 1 their public key,
-`player2_publickey` off-chain (IM, email, etc)
-
-2. Player 1 creates a new keypair to represent the game state, `(gamestate_publickey,
-gamestate_privatekey)`.
-
-3. Player 1 issues an allocate_memory transaction, assigning that memory page to the
-tic-tac-toe program.  The `memory_fee` is used to *rent* the memory page for the
-duration of the game and is subtracted from current account balance of Player
-1:
-```
-allocate_memory(gamestate_publickey, tictactoe_publickey, tictactoe_gamestate_size, memory_fee)
-```
-
-
-4. Game state is then initialized by issuing a *new* call transaction to the
-tic-tac-toe program.  This transaction is signed by `gamestate_privatekey`, known only
-to Player 1.
-```
-call(tictactoe_publickey, gamestate_publickey, 'new', player1_publickey, player2_publickey)
-```
-
-5. Once the game is initialized, Player 1 shares `gamestate_publickey` with
-Player 2 off-chain (IM, email, etc)
-
-Note that it's likely each player prefer to generate a game-specific keypair
-rather than sharing their primary public key (`player1_publickey`,
-`player2_publickey`) with each other and the tic-tac-toe program.
-
-### Game Play
-
-Both players poll the network, via a **TBD off-chain RPC API**, to read the
-current game state from the `gamestate_publickey` memory page.
-
-When the *Game status* field indicates it's their turn, the player issues a
-*move* call transaction passing in the board position (1..9) that they want to
-mark as X or O:
-```
-call(tictactoe_publickey, gamestate_publickey, 'move', position)
-```
-The program will reject the transaction if it was not signed by the player whose
-turn it is.
-
-The outcome of the *move* call is also observed by polling the current game state via
-the **TBD off-chain RPC API**.
-
-### Game Cancellation
-
-At any time Player 1 may conclude the game by issuing:
-```
-call(tictactoe_publickey, gamestate_publickey, 'abort')
-```
-causing any remaining *rent* tokens assigned to the `gamestate_publickey` page
-to be transferred back to Player 1 by the tic-tac-toe program.  Lastly, the
-network recognizes the empty account and frees the `gamestate_publickey` memory
-page.

rfcs/rfc-005-branches-tags-and-channels.md

@@ -0,0 +1,59 @@
+```
+========================= master branch (edge channel) =======================>
+         \                      \                     \
+          \___v0.7.0 tag         \                     \
+           \                      \         v0.9.0 tag__\
+            \          v0.8.0 tag__\                     \
+ v0.7.1 tag__\                      \                 v0.9 branch (beta channel)
+              \___v0.7.2 tag         \___v0.8.1 tag
+               \                      \
+                \                      \
+           v0.7 branch         v0.8 branch (stable channel)
+
+```
+
+## Branches and Tags
+
+### master branch
+All new development occurs on the `master` branch.
+
+Bug fixes that affect a `vX.Y` branch are first made on `master`.  This is to
+allow a fix some soak time on `master` before it is applied to one or more
+stabilization branches.
+
+Merging to `master` first also helps ensure that fixes applied to one release
+are present for future releases.  (Sometimes the joy of landing a critical
+release blocker in a branch causes you to forget to propagate back to
+`master`!)"
+
+Once the bug fix lands on `master` it is cherry-picked into the `vX.Y` branch
+and potentially the `vX.Y-1` branch.  The exception to this rule is when a bug
+fix for `vX.Y` doesn't apply to `master` or `vX.Y-1`.
+
+Immediately after a new stabilization branch is forged, the `Cargo.toml` minor
+version (*Y*) in the `master` branch is incremented by the release engineer.
+Incrementing the major version of the `master` branch is outside the scope of
+this document.
+
+### v*X.Y* stabilization branches
+These are stabilization branches for a given milestone.  They are created off
+the `master` branch as late as possible prior to the milestone release.
+
+### v*X.Y.Z* release tag
+The release tags are created as desired by the owner of the given stabilization
+branch, and cause that *X.Y.Z* release to be shipped to https://crates.io,
+https://snapcraft.io/, and elsewhere.
+
+Immediately after a new v*X.Y.Z* branch tag has been created, the `Cargo.toml`
+patch version number (*Z*) of the stabilization branch is incremented by the
+release engineer.
+
+## Channels
+Channels are used by end-users (humans and bots) to consume the branches
+described in the previous section, so they may automatically update to the most
+recent version matching their desired stability.
+
+There are three release channels that map to branches as follows:
+* edge - tracks the `master` branch, least stable.
+* beta - tracks the largest (and latest) `vX.Y` stabilization branch, more stable.
+* stable - tracks the second largest `vX.Y` stabilization branch, most stable.

rfcs/rfc-006-budget-contract-language.md

@@ -0,0 +1,124 @@
+
+### Wallet CLI
+
+The general form is:
+```
+$ solana-wallet [common-options] [command] [command-specific options]
+```
+`common-options` include:
+* `--fee xyz` - Transaction fee (0 by default)
+* `--output file` - Write the raw Transaction to a file instead of sending it
+
+`command` variants:
+* `pay`
+* `cancel`
+* `send-signature`
+* `send-timestamp`
+
+#### Unconditional Immediate Transfer
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123
+
+// Return
+<TX_SIGNATURE>
+```
+
+#### Post-Dated Transfer
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123 \
+    --after 2018-12-24T23:59:00 --require-timestamp-from <PUBKEY>
+
+// Return
+{signature: <TX_SIGNATURE>, processId: <PROCESS_ID>}
+```
+*`require-timestamp-from` is optional. If not provided, the transaction will expect a timestamp signed by this wallet's secret key*
+
+#### Authorized Transfer
+A third party must send a signature to unlock the tokens.
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123 \
+    --require-signature-from <PUBKEY>
+
+// Return
+{signature: <TX_SIGNATURE>, processId: <PROCESS_ID>}
+```
+
+#### Post-Dated and Authorized Transfer
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123 \
+    --after 2018-12-24T23:59 --require-timestamp-from <PUBKEY> \
+    --require-signature-from <PUBKEY>
+
+// Return
+{signature: <TX_SIGNATURE>, processId: <PROCESS_ID>}
+```
+
+#### Multiple Witnesses
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123 \
+    --require-signature-from <PUBKEY> \
+    --require-signature-from <PUBKEY>
+
+// Return
+{signature: <TX_SIGNATURE>, processId: <PROCESS_ID>}
+```
+
+#### Cancelable Transfer
+```sh
+// Command
+$ solana-wallet pay <PUBKEY> 123 \
+    --require-signature-from <PUBKEY> \
+    --cancelable
+
+// Return
+{signature: <TX_SIGNATURE>, processId: <PROCESS_ID>}
+```
+
+#### Cancel Transfer
+```sh
+// Command
+$ solana-wallet cancel <PROCESS_ID>
+
+// Return
+<TX_SIGNATURE>
+```
+
+#### Send Signature
+```sh
+// Command
+$ solana-wallet send-signature <PUBKEY> <PROCESS_ID>
+
+// Return
+<TX_SIGNATURE>
+```
+
+#### Indicate Elapsed Time
+
+Use the current system time:
+```sh
+// Command
+$ solana-wallet send-timestamp <PUBKEY> <PROCESS_ID>
+
+// Return
+<TX_SIGNATURE>
+```
+
+Or specify some other arbitrary timestamp:
+```sh
+// Command
+$ solana-wallet send-timestamp <PUBKEY> <PROCESS_ID> --date 2018-12-24T23:59:00
+
+// Return
+<TX_SIGNATURE>
+```
+
+
+## Javascript solana-web3.js Interface
+
+*TBD, but will look similar to what the Wallet CLI offers wrapped up in a
+Javacsript object*

scripts/configure-metrics.sh

@@ -0,0 +1,51 @@
+# |source| this file
+#
+# The SOLANA_METRICS_CONFIG environment variable is formatted as a
+# comma-delimited list of parameters. All parameters are optional.
+#
+# Example:
+#   export SOLANA_METRICS_CONFIG="host=<metrics host>,db=<database name>,u=<username>,p=<password>"
+#
+# The following directive disable complaints about unused variables in this
+# file:
+# shellcheck disable=2034
+#
+metricsWriteDatapoint="$(dirname "${BASH_SOURCE[0]}")"/metrics-write-datapoint.sh
+
+configureMetrics() {
+  [[ -n $SOLANA_METRICS_CONFIG ]] || return 0
+
+  declare metricsParams
+  IFS=',' read -r -a metricsParams <<< "$SOLANA_METRICS_CONFIG"
+  for param in "${metricsParams[@]}"; do
+    IFS='=' read -r -a pair <<< "$param"
+    if [[ ${#pair[@]} != 2 ]]; then
+      echo Error: invalid metrics parameter: "$param" >&2
+    else
+      declare name="${pair[0]}"
+      declare value="${pair[1]}"
+      case "$name" in
+      host)
+        export INFLUX_HOST="$value"
+        echo INFLUX_HOST="$INFLUX_HOST" >&2
+        ;;
+      db)
+        export INFLUX_DATABASE="$value"
+        echo INFLUX_DATABASE="$INFLUX_DATABASE" >&2
+        ;;
+      u)
+        export INFLUX_USERNAME="$value"
+        echo INFLUX_USERNAME="$INFLUX_USERNAME" >&2
+        ;;
+      p)
+        export INFLUX_PASSWORD="$value"
+        echo INFLUX_PASSWORD="********" >&2
+        ;;
+      *)
+        echo Error: Unknown metrics parameter name: "$name" >&2
+        ;;
+      esac
+    fi
+  done
+}
+configureMetrics

scripts/metrics-write-datapoint.sh

@@ -1,4 +1,7 @@
 #!/bin/bash -e
+#
+# Send a metrics datapoint
+#
 
 point=$1
 if [[ -z $point ]]; then