jwk #2: ensure jwk txns are expected in consensus

[zjma]

Description

Test Plan

[trunk-io]

⏱️ 19h 23m total CI duration on this PR

Job	Cumulative Duration	Recent Runs
rust-unit-coverage	4h 28m	🟩
windows-build	3h 21m	🟩 🟩 🟩 🟩 🟩 (+8 more)
rust-smoke-coverage	3h 19m	🟩
rust-unit-tests	3h 13m	⬜ ⬜ ⬜ ⬜ 🟩 (+7 more)
rust-lints	57m	🟩 ⬜ ⬜ ⬜ 🟩 (+7 more)
run-tests-main-branch	49m	🟩 🟩 🟩 🟩 🟩 (+7 more)
check	39m	🟩 ⬜ ⬜ ⬜ 🟩 (+7 more)
rust-smoke-tests	28m	🟩
general-lints	24m	🟩 ⬜ ⬜ 🟩 🟩 (+7 more)
check-dynamic-deps	23m	⬜ 🟩 🟩 🟩 🟩 (+8 more)
execution-performance / single-node-performance	18m	🟩
rust-images / rust-all	16m	🟩
forge-e2e-test / forge	14m	🟩
forge-compat-test / forge	12m	🟩
cli-e2e-tests / run-cli-tests	7m	🟩
semgrep/ci	5m	🟩 🟩 🟩 🟩 🟩 (+8 more)
file_change_determinator	2m	🟩 🟩 🟩 🟩 🟩 (+8 more)
file_change_determinator	2m	🟩 🟩 🟩 ⬜ 🟩 (+8 more)
node-api-compatibility-tests / node-api-compatibility-tests	53s	🟩
permission-check	40s	🟩 🟩 🟩 🟩 🟩 (+8 more)
permission-check	38s	🟩 🟩 🟩 🟩 🟩 (+8 more)
permission-check	38s	🟩 🟩 🟩 🟩 🟩 (+8 more)
permission-check	37s	🟩 🟩 🟩 🟩 🟩 (+8 more)
upload-to-codecov	13s	🟩
execution-performance / file_change_determinator	10s	🟩
file_change_determinator	8s	🟩
permission-check	2s	🟩
determine-docker-build-metadata	2s	🟩

_{settings ⋅ feedback ⋅ docs ⋅ learn more about trunk.io}

[codecov]

Codecov Report

Attention: 227 lines in your changes are missing coverage. Please review.

Comparison is base (793563f) 71.2% compared to head (6452075) 69.9%.

❗ Current head 6452075 differs from pull request most recent head 2388d1c. Consider uploading reports for the commit 2388d1c to get more accurate results

Files	Patch %	Lines
aptos-move/aptos-vm/src/validator_txns/jwk.rs	0.0%	93 Missing ⚠️
types/src/jwks/mod.rs	19.6%	41 Missing ⚠️
types/src/jwks/jwk/mod.rs	28.5%	20 Missing ⚠️
types/src/jwks/rsa/mod.rs	9.5%	19 Missing ⚠️
types/src/jwks/unsupported/mod.rs	55.5%	16 Missing ⚠️
consensus/safety-rules/src/safety_rules_manager.rs	0.0%	10 Missing ⚠️
aptos-move/aptos-vm/src/system_module_names.rs	0.0%	6 Missing ⚠️
types/src/move_any.rs	0.0%	6 Missing ⚠️
consensus/src/epoch_manager.rs	69.2%	4 Missing ⚠️
types/src/validator_txn.rs	66.6%	3 Missing ⚠️
... and 5 more

Additional details and impacted files

@@             Coverage Diff             @@
##             main   #11855       +/-   ##
===========================================
- Coverage    71.2%    69.9%     -1.3%     
===========================================
  Files         795     2181     +1386     
  Lines      182968   413637   +230669     
===========================================
+ Hits       130275   289389   +159114     
- Misses      52693   124248    +71555     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[zekun000]

we already have something for DKG?

[zekun000]

this shouldn't be true, it opens ddos attacks by validators? honestly I don't think it should even exist on non-testing path

[zjma]

once the corresponding feature is enabled, DKG/JWK txn are similar?

[zekun000]

DKG/JWK has verification logic that only valid ones can go through? the dummy txn execution just succeeds?

[zjma]

fixed

[danielxiangzl]

Can approve once dummy vtxn is marked test-only.

[zjma]

Can approve once dummy vtxn is marked test-only.

fixed

[github-actions]

✅ Forge suite compat success on aptos-node-v1.8.3 ==> 2388d1c88025848fe784b058080bd8f7bd70f0f3

Compatibility test results for aptos-node-v1.8.3 ==> 2388d1c88025848fe784b058080bd8f7bd70f0f3 (PR)
1. Check liveness of validators at old version: aptos-node-v1.8.3
compatibility::simple-validator-upgrade::liveness-check : committed: 5066 txn/s, latency: 6461 ms, (p50: 6900 ms, p90: 9300 ms, p99: 10100 ms), latency samples: 187460
2. Upgrading first Validator to new version: 2388d1c88025848fe784b058080bd8f7bd70f0f3
compatibility::simple-validator-upgrade::single-validator-upgrade : committed: 1778 txn/s, latency: 16308 ms, (p50: 19100 ms, p90: 22300 ms, p99: 22600 ms), latency samples: 92500
3. Upgrading rest of first batch to new version: 2388d1c88025848fe784b058080bd8f7bd70f0f3
compatibility::simple-validator-upgrade::half-validator-upgrade : committed: 1531 txn/s, latency: 18585 ms, (p50: 19600 ms, p90: 22500 ms, p99: 23700 ms), latency samples: 79640
4. upgrading second batch to new version: 2388d1c88025848fe784b058080bd8f7bd70f0f3
compatibility::simple-validator-upgrade::rest-validator-upgrade : committed: 2939 txn/s, latency: 8775 ms, (p50: 9900 ms, p90: 12300 ms, p99: 13000 ms), latency samples: 144020
5. check swarm health
Compatibility test for aptos-node-v1.8.3 ==> 2388d1c88025848fe784b058080bd8f7bd70f0f3 passed
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Test runner output
• Test run is land-blocking

[github-actions]

✅ Forge suite realistic_env_max_load success on 2388d1c88025848fe784b058080bd8f7bd70f0f3

two traffics test: inner traffic : committed: 7112 txn/s, latency: 5379 ms, (p50: 4800 ms, p90: 7200 ms, p99: 13800 ms), latency samples: 3079540
two traffics test : committed: 100 txn/s, latency: 2153 ms, (p50: 2100 ms, p90: 2400 ms, p99: 3300 ms), latency samples: 1820
Latency breakdown for phase 0: ["QsBatchToPos: max: 0.218, avg: 0.200", "QsPosToProposal: max: 0.174, avg: 0.150", "ConsensusProposalToOrdered: max: 0.569, avg: 0.549", "ConsensusOrderedToCommit: max: 0.492, avg: 0.448", "ConsensusProposalToCommit: max: 1.049, avg: 0.997"]
Max round gap was 1 [limit 4] at version 1477442. Max no progress secs was 7.536142 [limit 15] at version 1477442.
Test Ok

• Grafana dashboard
• Humio Logs
• Axiom Logs
• Test runner output
• Test run is land-blocking