[vm] Supress paranoid checks for trusted code

[wrwg]

Description

This introduces the concept of 'trusted code' in the VM. For now this is defined as code at a 'special' address (0x1-0xf), but this can later be extended.

When trusted code is executed, paranoid mode is deactivated. Specifically, for trusted code it can be assumed that the deployed bytecode is not maliciously engineerd but generated by the Move compiler and has been gone through rigerous testing, auditing, and verification steps.

This also adds new transactional tests. It is essential to tests call chains from non-trusted into trusted code and back. In order to reflect changed semantics, some tests have been moved out of the trusted address space, leading to more .exp changes.

Type of Change

• New feature
• Bug fix
• Breaking change
• Performance improvement
• Refactoring
• Dependency update
• Documentation update
• Tests

Which Components or Systems Does This Change Impact?

• Validator Node
• Full Node (API, Indexer, etc.)
• Move/Aptos Virtual Machine
• Aptos Framework
• Aptos CLI/SDK
• Developer Infrastructure
• Move Compiler
• Other (specify)

[wrwg]

• Type erasure experiment #17585
• [vm] Supress paranoid checks for trusted code #17461 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

✅ Forge suite compat success on 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03

Compatibility test results for 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03 (PR)
1. Check liveness of validators at old version: 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd
compatibility::simple-validator-upgrade::liveness-check : committed: 12046.76 txn/s, latency: 2881.36 ms, (p50: 3000 ms, p70: 3100, p90: 3600 ms, p99: 4500 ms), latency samples: 397000
2. Upgrading first Validator to new version: c9ec01e0f8b811b305b71081bbd26d0f6f184f03
compatibility::simple-validator-upgrade::single-validator-upgrade : committed: 4957.76 txn/s, latency: 6915.22 ms, (p50: 7700 ms, p70: 7800, p90: 7800 ms, p99: 7900 ms), latency samples: 175740
3. Upgrading rest of first batch to new version: c9ec01e0f8b811b305b71081bbd26d0f6f184f03
compatibility::simple-validator-upgrade::half-validator-upgrade : committed: 4914.80 txn/s, latency: 6981.45 ms, (p50: 7800 ms, p70: 7900, p90: 7900 ms, p99: 8000 ms), latency samples: 174260
4. upgrading second batch to new version: c9ec01e0f8b811b305b71081bbd26d0f6f184f03
compatibility::simple-validator-upgrade::rest-validator-upgrade : committed: 8024.54 txn/s, latency: 4167.68 ms, (p50: 4500 ms, p70: 4600, p90: 4800 ms, p99: 5100 ms), latency samples: 270560
5. check swarm health
Compatibility test for 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03 passed
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking

[github-actions]

✅ Forge suite realistic_env_max_load success on c9ec01e0f8b811b305b71081bbd26d0f6f184f03

two traffics test: inner traffic : committed: 13703.88 txn/s, latency: 2743.95 ms, (p50: 2700 ms, p70: 2700, p90: 3000 ms, p99: 3900 ms), latency samples: 5210520
two traffics test : committed: 99.98 txn/s, latency: 915.02 ms, (p50: 800 ms, p70: 900, p90: 1200 ms, p99: 1800 ms), latency samples: 1680
Latency breakdown for phase 0: ["MempoolToBlockCreation: max: 2.123, avg: 1.965", "ConsensusProposalToOrdered: max: 0.165, avg: 0.163", "ConsensusOrderedToCommit: max: 0.193, avg: 0.144", "ConsensusProposalToCommit: max: 0.356, avg: 0.307"]
Max non-epoch-change gap was: 3 rounds at version 2128325 (avg 0.00) [limit 4], 3.29s no progress at version 2128325 (avg 0.07s) [limit 15].
Max epoch-change gap was: 0 rounds at version 0 (avg 0.00) [limit 4], 0.26s no progress at version 2423019 (avg 0.26s) [limit 16].
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking

[github-actions]

✅ Forge suite framework_upgrade success on 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03

Compatibility test results for 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03 (PR)
Upgrade the nodes to version: c9ec01e0f8b811b305b71081bbd26d0f6f184f03
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1888.42 txn/s, submitted: 1892.10 txn/s, failed submission: 3.67 txn/s, expired: 3.67 txn/s, latency: 1660.27 ms, (p50: 1500 ms, p70: 1800, p90: 2100 ms, p99: 3300 ms), latency samples: 164621
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1753.50 txn/s, submitted: 1758.66 txn/s, failed submission: 5.16 txn/s, expired: 5.16 txn/s, latency: 1747.47 ms, (p50: 1800 ms, p70: 1800, p90: 2100 ms, p99: 2500 ms), latency samples: 156300
5. check swarm health
Compatibility test for 4bf6f55d68c18bb074ed0c43ff5b1c0a965153dd ==> c9ec01e0f8b811b305b71081bbd26d0f6f184f03 passed
Upgrade the remaining nodes to version: c9ec01e0f8b811b305b71081bbd26d0f6f184f03
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1778.06 txn/s, submitted: 1784.41 txn/s, failed submission: 6.35 txn/s, expired: 6.35 txn/s, latency: 1668.41 ms, (p50: 1600 ms, p70: 1800, p90: 2100 ms, p99: 2400 ms), latency samples: 162301
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Validator CPU Profile
• Fullnode CPU Profile
• Test runner output
• Test run is land-blocking