Merge branch next-polkadot-sdk into next

Author: kayabaNerve

.github/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022-2025 Luke Parker
+Copyright (c) 2022-2026 Serai Contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

.github/actions/bitcoin/action.yml

@@ -5,36 +5,62 @@ inputs:
   version:
     description: "Version to download and run"
     required: false
-    default: "30.0"
+    default: "30.2"
 
 runs:
   using: "composite"
   steps:
     - name: Bitcoin Daemon Cache
       id: cache-bitcoind
-      uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809
+      uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # 5.0.4
       with:
-        path: bitcoin.tar.gz
+        path: bitcoin-${{ inputs.version }}
         key: bitcoind-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }}
 
-    - name: Download the Bitcoin Daemon
+    - name: Download and Extract the Bitcoin Daemon
       if: steps.cache-bitcoind.outputs.cache-hit != 'true'
       shell: bash
       run: |
-        RUNNER_OS=linux
-        RUNNER_ARCH=x86_64
-        FILE=bitcoin-${{ inputs.version }}-$RUNNER_ARCH-$RUNNER_OS-gnu.tar.gz
+        OS=${{ runner.os }}
+        ARCH=${{ runner.arch }}
 
-        wget https://bitcoincore.org/bin/bitcoin-core-${{ inputs.version }}/$FILE
-        mv $FILE bitcoin.tar.gz
+        OS=$(echo "$OS" | tr "[:upper:]" "[:lower:]")
+        ARCH=$(echo "$ARCH" | tr "[:upper:]" "[:lower:]")
+        EXT="tar.gz"
 
-    - name: Extract the Bitcoin Daemon
-      shell: bash
-      run: |
-        tar xzvf bitcoin.tar.gz
-        cd bitcoin-${{ inputs.version }}
-        sudo mv bin/* /bin && sudo mv lib/* /lib
+        if [ "$ARCH" = "x64" ]; then
+          ARCH="x86_64"
+        fi
+
+        if [ "$OS" = "linux" ]; then
+          OS="-linux-gnu"
+        fi
+        if [ "$OS" = "macos" ]; then
+          OS="-apple-darwin"
+        fi
+        if [ "$OS" = "windows" ]; then
+          ARCH=""
+          OS="win64"
+          EXT="zip"
+        fi
+
+        FILE=bitcoin-${{ inputs.version }}-$ARCH$OS.$EXT
+
+        curl -L https://bitcoincore.org/bin/bitcoin-core-${{ inputs.version }}/$FILE -o $FILE
+
+        if [ "${{ runner.os }}" = "Windows" ]; then
+          unzip $FILE
+          mv $(find . -name "bitcoind*") .
+        else
+          tar -xf $FILE
+          cd bitcoin-${{ inputs.version }}
+          if [ "${{ runner.os }}" = "macOS" ]; then
+            sudo mv bin/* /usr/local/bin/
+          else
+            sudo mv bin/* /usr/bin/
+          fi
+        fi
 
     - name: Bitcoin Regtest Daemon
       shell: bash
-      run: PATH=$PATH:/usr/bin ./orchestration/dev/networks/bitcoin/run.sh -txindex -daemon
+      run: PATH="$PATH:$(pwd)" ./orchestration/dev/networks/bitcoin/run.sh -txindex -daemon

.github/actions/build-dependencies/action.yml

@@ -40,46 +40,65 @@ runs:
         if [ "$RUNNER_OS" == "Linux" ]; then
           sudo apt install -y ca-certificates protobuf-compiler libclang-dev
         elif [ "$RUNNER_OS" == "Windows" ]; then
-          choco install protoc
+          # Use `-gnu` to avoid the installation and licensing headaches of `-msvc`
+          rustup set default-host x86_64-pc-windows-gnu
+          choco install llvm protoc
         elif [ "$RUNNER_OS" == "macOS" ]; then
           brew install protobuf llvm
-          HOMEBREW_ROOT_PATH=/opt/homebrew # Apple Silicon
-          if [ $(uname -m) = "x86_64" ]; then HOMEBREW_ROOT_PATH=/usr/local; fi # Intel
-          ls $HOMEBREW_ROOT_PATH/opt/llvm/lib | grep "libclang.dylib" # Make sure this installed `libclang`
-          echo "DYLD_LIBRARY_PATH=$HOMEBREW_ROOT_PATH/opt/llvm/lib:$DYLD_LIBRARY_PATH" >> "$GITHUB_ENV"
+          HOMEBREW_PREFIX=$(brew --prefix)
+          ls $HOMEBREW_PREFIX/opt/llvm/lib | grep "libclang.dylib" # Make sure this installed `libclang`
+          echo "DYLD_LIBRARY_PATH=$HOMEBREW_PREFIX/opt/llvm/lib:$DYLD_LIBRARY_PATH" >> "$GITHUB_ENV"
         fi
 
     - name: Install solc
       shell: bash
       run: |
-        cargo +1.91 install svm-rs --version =0.5.19
-        svm install 0.8.29
-        svm use 0.8.29
+        cargo install svm-rs --version =0.5.23
 
-    - name: Remove preinstalled Docker
-      shell: bash
-      run: |
-        docker system prune -a --volumes
-        sudo apt remove -y *docker*
-        # Install uidmap which will be required for the explicitly installed Docker
-        sudo apt install uidmap
-      if: runner.os == 'Linux'
+        solc_version() {
+          # Install the version of `solc` specified in the contracts
+          # This also checks the specified version is consistent across contracts
+          cat $(find . -name "*.sol") | grep "pragma solidity" | while read -r line; do
+            THIS_SOLC_VERSION=$(printf "%s" "$line" | cut -d'^' -f2 | cut -d';' -f1)
+            if [ "$SOLC_VERSION" = "" ]; then
+              SOLC_VERSION="$THIS_SOLC_VERSION"
+              echo $SOLC_VERSION
+            fi
+            if [ ! "$line" = "pragma solidity ^$SOLC_VERSION;" ]; then
+              echo "Inconsistent Solidity requirement in \`.sol\` files"
+              exit 1
+            fi
+          done
+        }
+
+        svm install $(solc_version)
+        svm use $(solc_version)
+
+    # This is a build dependency, not a test dependency, due to being used to build the runtime
+    - name: Install `docker`
+      uses: ./.github/actions/docker
 
     - name: Update system dependencies
       shell: bash
       run: |
         sudo apt update -y
         sudo apt upgrade -y
         sudo apt autoremove -y
-        sudo apt clean
+        sudo apt clean -y
       if: runner.os == 'Linux'
 
-    - name: Install rootless Docker
-      uses: docker/setup-docker-action@b60f85385d03ac8acfca6d9996982511d8620a19
-      with:
-        rootless: true
-        set-host: true
-      if: runner.os == 'Linux'
+    - name: Update system dependencies
+      shell: bash
+      run: |
+        brew upgrade
+        rm -rf $(brew --cache)
+      if: runner.os == 'macOS'
 
-    # - name: Cache Rust
-    #   uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43
+    - name: Set GitHub CI Environment Variables
+      shell: bash
+      run: |
+        # These tweak the amount of iterations performed as approprtiate for GitHub's CI
+        echo 'GITHUB_CI=true' >> "$GITHUB_ENV"
+        echo RUSTFLAGS="$RUSTFLAGS --cfg github_ci" >> "$GITHUB_ENV"
+        # We always appreciate backtraces in the CI
+        echo 'RUST_BACKTRACE=1' >> "$GITHUB_ENV"

.github/actions/docker/action.yml

@@ -0,0 +1,130 @@
+name: docker
+description: Installs `docker` for Serai
+
+runs:
+  using: "composite"
+  steps:
+    - name: Remove preinstalled Docker
+      if: runner.os == 'Linux'
+      shell: bash
+      run: |
+        docker system prune --all --force
+
+        sudo apt remove -y *docker*
+
+        # Install `uidmap`, required for the explicitly-installed rootless Docker
+        sudo apt install -y uidmap
+
+    - name: Install rootless Docker (Linux)
+      uses: docker/setup-docker-action@1a6edb0ba9ac496f6850236981f15d8f9a82254d # 5.0.0
+      if: runner.os == 'Linux'
+      with:
+        rootless: true
+        set-host: true
+        # https://github.com/moby/moby/issues/45014
+        daemon-config: |
+          {
+            "exec-opts": ["native.cgroupdriver=cgroupfs"]
+          }
+
+    - name: Remove preinstalled Docker
+      if: runner.os == 'macOS'
+      shell: bash
+      run: |
+        # Docker isn't pre-installed on macOS images, so we solely have to confirm it isn't
+        if [ $(command -v docker; printf $?) -eq 0 ]; then
+          echo "\`docker`` was pre-installed"
+          exit 1
+        fi
+
+    - name: Get the arguments to start Lima with
+      shell: bash
+      if: runner.os == 'macOS'
+      run: |
+        if [ $(uname -m) = "x86_64" ]; then
+          # On Intel CPUs, where we can use the Virtualization Framework, we do so
+          echo "LIMA_START_ARGS=--vm-type=vz --mount-type=virtiofs" >> "$GITHUB_ENV"
+        fi
+
+    - name: Install Docker (macOS)
+      uses: docker/setup-docker-action@1a6edb0ba9ac496f6850236981f15d8f9a82254d # 5.0.0
+      if: runner.os == 'macOS'
+      env:
+        # m1 chips, as seen in the GitHub CI, don't support nested hardware virtualization.
+        #
+        # We need `-machine virt` to stop Lima from providing `accel=hvf`due to this
+        # [QEMU issue](https://gitlab.com/qemu-project/qemu/-/issues/2981).
+        #
+        # We also need `-cpu *` to stop Lima from providing `-cpu host` as:
+        # 1) `-cpu host` requires `kvm` or `hvf` (which we don't have)
+        # 2) `-cpu host` implies `host-phys-bits=on` which is borked in this environment
+        # From which CPU to actually emulate, we choose what will be the most performant.
+        #
+        # We accomplish both of these goals with the methodology from
+        # [this comment](https://github.com/lima-vm/lima/pull/3173#issuecomment-2623130310).
+        QEMU_SYSTEM_AARCH64: "qemu-system-aarch64 -machine virt -cpu max,pmu=off,sve=on,sve128=on,sme=off,pauth=off"
+      with:
+        set-host: true
+
+    - name: Install `buildx`
+      if: runner.os == 'macOS'
+      uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # 4.0.0
+      with:
+        # This is Docker's default, but `setup-buildx-action` defaults to `docker-container`
+        # (for _some_ reason) which means built images won't be loaded into Docker (`--load`) by
+        # default. We want that behavior.
+        driver: docker
+
+    - name: Remove preinstalled Docker
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: |
+        docker system prune --all --force
+
+        # GitHub uses an install script from Microsoft, so we run the complimentary uninstall script
+        Invoke-WebRequest https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/uninstall-docker-ce.ps1 -OutFile .\uninstall-docker-ce.ps1
+        & .\uninstall-docker-ce.ps1 -Force
+
+        # These are defined/installed by the GitHub runner image definition
+        # GitHub also adds Docker Compose, but to Docker's directory, causing it to be removed when Docker is
+        Remove-Item -LiteralPath C:\Windows\SysWOW64\docker.exe -Force
+        Remove-Item -LiteralPath C:\Windows\System32\docker-credential-wincred.exe -Force
+
+    # The preinstalled Docker, and Docker from `setup-docker-action`, do not allow running Linux
+    # containers. We manually install `podman` to workaround this. Alternatively, we could install
+    # 'Docker Desktop' and run `docker desktop engine use linux`, but 'Docker Desktop' is a
+    # pseudo-enterprise product and it isn't worth installing/configuring it compared to installing
+    # a more direct solution which behaves as a drop-in replacement _to the degree we need it_.
+    - name: Install Podman (Windows)
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: |
+        Invoke-WebRequest https://github.com/containers/podman/releases/download/v5.8.1/podman-installer-windows-amd64.msi -OutFile podman.msi
+        Start-Process -Wait -PassThru 'msiexec' -ArgumentList "/package podman.msi /quiet /log podman-msi.log MACHINE_PROVIDER=wsl ALLUSERS=1"
+        Get-Content podman-msi.log
+
+        $env:PATH += ';C:\Program Files\Podman'
+
+        # Start Podman
+        podman machine init
+        podman machine start
+
+        # Claim `podman` is `docker`, as we expect `docker`
+        # Installing to `System32` is gross, but functional and where `docker.exe` was pre-installed
+        New-Item -ItemType SymbolicLink -Path 'C:\Windows\System32\docker.exe' -Target (Get-Command podman).Path
+
+    # When cross-compiling to a target architecture, the host still impacts the result. For our
+    # runtime, a WASM blob which should be exactly reproducible, we fix the builder to x86-64
+    # accordingly. This requires we be able to run a x86-64 userspace.
+    - name: Install x64 Qemu for non-x64 Docker
+      if: (runner.os != 'Windows') && (runner.arch != 'X64')
+      uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # 4.0.0
+      with:
+        platforms: amd64
+
+    # This ensures we have a consistent clean build, there aren't any issues from any version of
+    # `docker` we removed before installing our current version, and checks that `docker` was in
+    # fact installed and can be successfully called.
+    - name: Ensure there's no Docker cache
+      shell: bash
+      run: docker system prune --all --force