Skip to content

Commit

Permalink
Privacy deprecation warnings on CLI (hyperledger#7897)
Browse files Browse the repository at this point in the history
* add deprecation notice to help descriptions for all privacy options

* log deprecation warning for privacy enabled options

* added @Deprecation annotations to privacy plugin classes

Signed-off-by: Sally MacFarlane <[email protected]>

---------

Signed-off-by: Sally MacFarlane <[email protected]>
  • Loading branch information
macfarla authored Nov 22, 2024
1 parent 7bb2cf3 commit 302999a
Show file tree
Hide file tree
Showing 8 changed files with 42 additions and 15 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated(since = "24.11.0")
public class TestPrivacyPluginPayloadProvider implements PrivacyPluginPayloadProvider {
private static final Logger LOG = LoggerFactory.getLogger(TestPrivacyPluginPayloadProvider.class);
private String prefix;
Expand Down
47 changes: 34 additions & 13 deletions besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java
Original file line number Diff line number Diff line change
Expand Up @@ -505,77 +505,95 @@ void setUserName(final String userName) {
@CommandLine.ArgGroup(validate = false, heading = "@|bold In-Process RPC Options|@%n")
InProcessRpcOptions inProcessRpcOptions = InProcessRpcOptions.create();

private static final String PRIVACY_DEPRECATION_PREFIX =
"Deprecated. Tessera-based privacy is deprecated. See CHANGELOG for alternative options. ";

// Privacy Options Group
@CommandLine.ArgGroup(validate = false, heading = "@|bold Privacy Options|@%n")
@CommandLine.ArgGroup(validate = false, heading = "@|bold (Deprecated) Privacy Options |@%n")
PrivacyOptionGroup privacyOptionGroup = new PrivacyOptionGroup();

static class PrivacyOptionGroup {
@Option(
names = {"--privacy-tls-enabled"},
paramLabel = MANDATORY_FILE_FORMAT_HELP,
description = "Enable TLS for connecting to privacy enclave (default: ${DEFAULT-VALUE})")
description =
PRIVACY_DEPRECATION_PREFIX
+ "Enable TLS for connecting to privacy enclave (default: ${DEFAULT-VALUE})")
private final Boolean isPrivacyTlsEnabled = false;

@Option(
names = "--privacy-tls-keystore-file",
paramLabel = MANDATORY_FILE_FORMAT_HELP,
description =
"Path to a PKCS#12 formatted keystore; used to enable TLS on inbound connections.")
PRIVACY_DEPRECATION_PREFIX
+ "Path to a PKCS#12 formatted keystore; used to enable TLS on inbound connections.")
private final Path privacyKeyStoreFile = null;

@Option(
names = "--privacy-tls-keystore-password-file",
paramLabel = MANDATORY_FILE_FORMAT_HELP,
description = "Path to a file containing the password used to decrypt the keystore.")
description =
PRIVACY_DEPRECATION_PREFIX
+ "Path to a file containing the password used to decrypt the keystore.")
private final Path privacyKeyStorePasswordFile = null;

@Option(
names = "--privacy-tls-known-enclave-file",
paramLabel = MANDATORY_FILE_FORMAT_HELP,
description =
"Path to a file containing the fingerprints of the authorized privacy enclave.")
PRIVACY_DEPRECATION_PREFIX
+ "Path to a file containing the fingerprints of the authorized privacy enclave.")
private final Path privacyTlsKnownEnclaveFile = null;

@Option(
names = {"--privacy-enabled"},
description = "Enable private transactions (default: ${DEFAULT-VALUE})")
description =
PRIVACY_DEPRECATION_PREFIX + "Enable private transactions (default: ${DEFAULT-VALUE})")
private final Boolean isPrivacyEnabled = false;

@Option(
names = {"--privacy-multi-tenancy-enabled"},
description = "Enable multi-tenant private transactions (default: ${DEFAULT-VALUE})")
description =
PRIVACY_DEPRECATION_PREFIX
+ "Enable multi-tenant private transactions (default: ${DEFAULT-VALUE})")
private final Boolean isPrivacyMultiTenancyEnabled = false;

@Option(
names = {"--privacy-url"},
description = "The URL on which the enclave is running")
description = PRIVACY_DEPRECATION_PREFIX + "The URL on which the enclave is running")
private final URI privacyUrl = PrivacyParameters.DEFAULT_ENCLAVE_URL;

@Option(
names = {"--privacy-public-key-file"},
description = "The enclave's public key file")
description = PRIVACY_DEPRECATION_PREFIX + "The enclave's public key file")
private final File privacyPublicKeyFile = null;

@Option(
names = {"--privacy-marker-transaction-signing-key-file"},
description =
"The name of a file containing the private key used to sign privacy marker transactions. If unset, each will be signed with a random key.")
PRIVACY_DEPRECATION_PREFIX
+ "The name of a file containing the private key used to sign privacy marker transactions. If unset, each will be signed with a random key.")
private final Path privateMarkerTransactionSigningKeyPath = null;

@Option(
names = {"--privacy-enable-database-migration"},
description = "Enable private database metadata migration (default: ${DEFAULT-VALUE})")
description =
PRIVACY_DEPRECATION_PREFIX
+ "Enable private database metadata migration (default: ${DEFAULT-VALUE})")
private final Boolean migratePrivateDatabase = false;

@Option(
names = {"--privacy-flexible-groups-enabled"},
description = "Enable flexible privacy groups (default: ${DEFAULT-VALUE})")
description =
PRIVACY_DEPRECATION_PREFIX
+ "Enable flexible privacy groups (default: ${DEFAULT-VALUE})")
private final Boolean isFlexiblePrivacyGroupsEnabled = false;

@Option(
names = {"--privacy-nonce-always-increments"},
description =
"Enable private nonce "
PRIVACY_DEPRECATION_PREFIX
+ "Enable private nonce "
+ "incrementation even if the transaction didn't succeeded (default: ${DEFAULT-VALUE})")
private final Boolean isPrivateNonceAlwaysIncrementsEnabled = false;
}
Expand Down Expand Up @@ -1293,6 +1311,8 @@ private void validatePrivacyPluginOptions() {
// after start has been called on plugins

if (Boolean.TRUE.equals(privacyOptionGroup.isPrivacyEnabled)) {
logger.warn(
"--Xprivacy-plugin-enabled and related options are " + PRIVACY_DEPRECATION_PREFIX);

if (privacyOptionGroup.privateMarkerTransactionSigningKeyPath != null
&& privacyPluginService != null
Expand Down Expand Up @@ -1922,6 +1942,7 @@ private PrivacyParameters privacyParameters() {

final PrivacyParameters.Builder privacyParametersBuilder = new PrivacyParameters.Builder();
if (Boolean.TRUE.equals(privacyOptionGroup.isPrivacyEnabled)) {
logger.warn("--privacy-enabled and related options are " + PRIVACY_DEPRECATION_PREFIX);
final String errorSuffix = "cannot be enabled with privacy.";
if (syncMode == SyncMode.FAST) {
throw new ParameterException(commandLine, String.format("%s %s", "Fast sync", errorSuffix));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
import static picocli.CommandLine.Option;

/** The Privacy plugin Cli options. */
@Deprecated(since = "24.11.0")
public class PrivacyPluginOptions {
/** Default Constructor. */
PrivacyPluginOptions() {}
Expand All @@ -33,7 +34,7 @@ public static PrivacyPluginOptions create() {
@Option(
names = "--Xprivacy-plugin-enabled",
description =
"Enables the use of a plugin to implement your own privacy strategy (default: ${DEFAULT-VALUE})",
"Deprecated. Tessera-based privacy is deprecated. See CHANGELOG for alternative options. Enables the use of a plugin to implement your own privacy strategy (default: ${DEFAULT-VALUE})",
hidden = true)
private final Boolean isPrivacyPluginEnabled = false;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.slf4j.LoggerFactory;

/** The Privacy plugin service implementation. */
@Deprecated(since = "24.11.0")
public class PrivacyPluginServiceImpl implements PrivacyPluginService {
private static final Logger LOG = LoggerFactory.getLogger(PrivacyPluginServiceImpl.class);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated(since = "24.11.0")
public class PrivacyPluginPrecompiledContract extends PrivacyPrecompiledContract {
private static final Logger LOG = LoggerFactory.getLogger(PrivacyPluginPrecompiledContract.class);
private final PrivacyParameters privacyParameters;
Expand Down
2 changes: 1 addition & 1 deletion plugin-api/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ Calculated : ${currentHash}
tasks.register('checkAPIChanges', FileStateChecker) {
description = "Checks that the API for the Plugin-API project does not change without deliberate thought"
files = sourceSets.main.allJava.files
knownHash = 'IPpTJJxjDbjW08c3Cm8GbBhULYFy0jq9m3BzliGzrf8='
knownHash = 'vI9RTAGD6sRzAaMp1BMJY7x4cB3wh7FA4rYvDGYRceg='
}
check.dependsOn('checkAPIChanges')

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
* optionally register a {@link PrivateMarkerTransactionFactory} and a {@link
* PrivacyGroupGenesisProvider}*
*/
@Deprecated(since = "24.11.0")
public interface PrivacyPluginService extends BesuService {

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
* Allows you to register a provider that will dictate how the payload of a privacy marker
* transaction is handled.
*/
@Deprecated(since = "24.11.0")
public interface PrivacyPluginPayloadProvider {

/**
Expand Down

0 comments on commit 302999a

Please sign in to comment.