config

package config

Ordering

Alphabetic

Visibility

Public
Protected

Package Members

package manual
package semiauto

Type Members

final case class AdminServerConfig(address: String = defaultAddress, internalPort: Option[Port] = None, tls: Option[TlsServerConfig] = None, jwtTimestampLeeway: Option[JwtTimestampLeeway] = None, keepAliveServer: Option[BasicKeepAliveServerConfig] = Some( BasicKeepAliveServerConfig() ), maxInboundMessageSize: NonNegativeInt = ServerConfig.defaultMaxInboundMessageSize, authServices: Seq[AuthServiceConfig] = Seq.empty, adminToken: Option[String] = None) extends ServerConfig with UniformCantonConfigValidation with Product with Serializable
A variant of ServerConfig that by default listens to connections only on the loopback interface.
final case class ApiLoggingConfig(messagePayloads: Boolean = false, maxMethodLength: Int = ApiLoggingConfig.defaultMaxMethodLength, maxMessageLines: Int = ApiLoggingConfig.defaultMaxMessageLines, maxStringLength: Int = ApiLoggingConfig.defaultMaxStringLength, maxMetadataSize: Int = ApiLoggingConfig.defaultMaxMetadataSize, warnBeyondLoad: Option[Int] = ApiLoggingConfig.defaultWarnBeyondLoad) extends UniformCantonConfigValidation with Product with Serializable
Control logging of the ApiRequestLogger
Control logging of the ApiRequestLogger
Every GRPC service invocation is logged through the ApiRequestLogger. This allows to monitor all incoming traffic to a node (ledger API, sequencer API, admin API).
messagePayloads
Indicates whether to log message payloads. (To be disabled in production!) Also applies to metadata.
maxMethodLength
indicates how much to abbreviate the name of the called method. E.g. "com.digitalasset.canton.MyMethod" may get abbreviated to "c.d.c.MyMethod". The last token will never get abbreviated.
maxMessageLines
maximum number of lines to log for a message
maxStringLength
maximum number of characters to log for a string within a message
maxMetadataSize
maximum size of metadata
warnBeyondLoad
If API logging is turned on, emit a warning on each request if the load exceeds this threshold.
sealed trait AuthServiceConfig extends UniformCantonConfigValidation
sealed trait BaseTlsArguments extends AnyRef
final case class BasicKeepAliveServerConfig(time: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(40), timeout: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(20), permitKeepAliveTime: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(20), permitKeepAliveWithoutCalls: Boolean = false) extends KeepAliveServerConfig with UniformCantonConfigValidation with Product with Serializable
sealed trait BatchAggregatorConfig extends Product with Serializable with UniformCantonConfigValidation
Parameters for that batcher that batches queries (e.g., to a DB).
final case class BatchingConfig(maxItemsInBatch: PositiveNumeric[Int] = BatchingConfig.defaultMaxItemsBatch, maxPruningBatchSize: PositiveNumeric[Int] = BatchingConfig.defaultMaxPruningBatchSize, ledgerApiPruningBatchSize: PositiveNumeric[Int] = BatchingConfig.defaultLedgerApiPruningBatchSize, maxAcsImportBatchSize: PositiveNumeric[Int] = BatchingConfig.defaultMaxAcsImportBatchSize, parallelism: PositiveNumeric[Int] = BatchingConfig.defaultBatchingParallelism, aggregator: BatchAggregatorConfig = BatchingConfig.defaultAggregator, maxPruningTimeInterval: PositiveFiniteDuration = BatchingConfig.defaultMaxPruningTimeInterval) extends UniformCantonConfigValidation with Product with Serializable
Various settings to control batching behaviour related to db queries
Various settings to control batching behaviour related to db queries
maxItemsInBatch
maximum number of items in a batch
maxPruningBatchSize
maximum number of events to prune from a participant at a time, used to break up canton participant-internal batches
ledgerApiPruningBatchSize
Number of events to prune from the ledger api server index-database at a time during automatic background pruning. Canton-internal store pruning happens at the smaller batch size of "maxPruningBatchSize" to minimize memory usage whereas ledger-api-server index-db pruning needs sufficiently large batches to amortize the database overhead of "skipping over" active contracts.
maxAcsImportBatchSize
maximum number of active contracts in a batch to be imported
parallelism
number of parallel queries to the db. defaults to 8
aggregator
batching configuration for DB queries
maxPruningTimeInterval
split pruning queries into intervals of this duration to avoid sequential scans
final case class CacheConfig(maximumSize: PositiveNumeric[Long], expireAfterAccess: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofMinutes(1)) extends UniformCantonConfigValidation with Product with Serializable
Configurations settings for a single cache
Configurations settings for a single cache
maximumSize
the maximum size of the cache
expireAfterAccess
how quickly after last access items should be expired from the cache
final case class CacheConfigWithMemoryBounds(maximumMemory: PositiveNumeric[BytesUnit], expireAfterAccess: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofMinutes(1)) extends UniformCantonConfigValidation with Product with Serializable
final case class CacheConfigWithTimeout(maximumSize: PositiveNumeric[Long], expireAfterTimeout: PositiveFiniteDuration = PositiveFiniteDuration.ofMinutes(10)) extends UniformCantonConfigValidation with Product with Serializable
Configurations settings for a single cache where elements are evicted after a certain time as elapsed (regardless of access).
Configurations settings for a single cache where elements are evicted after a certain time as elapsed (regardless of access).
maximumSize
the maximum size of the cache
expireAfterTimeout
how quickly after creation items should be expired from the cache
final case class CachingConfigs(indexedStrings: CacheConfig = CachingConfigs.defaultStaticStringCache, contractStore: CacheConfig = CachingConfigs.defaultContractStoreCache, topologySnapshot: CacheConfig = CachingConfigs.defaultTopologySnapshotCache, synchronizerClientMaxTimestamp: CacheConfig = CachingConfigs.defaultSynchronizerClientMaxTimestampCache, partyCache: CacheConfig = CachingConfigs.defaultPartyCache, participantCache: CacheConfig = CachingConfigs.defaultParticipantCache, keyCache: CacheConfig = CachingConfigs.defaultKeyCache, sessionEncryptionKeyCache: SessionEncryptionKeyCacheConfig = CachingConfigs.defaultSessionEncryptionKeyCacheConfig, packageVettingCache: CacheConfig = CachingConfigs.defaultPackageVettingCache, memberCache: CacheConfig = CachingConfigs.defaultMemberCache, kmsMetadataCache: CacheConfig = CachingConfigs.kmsMetadataCache, finalizedMediatorConfirmationRequests: CacheConfig = CachingConfigs.defaultFinalizedMediatorConfirmationRequestsCache, sequencerPayloadCache: CacheConfigWithMemoryBounds = CachingConfigs.defaultSequencerPayloadCache) extends UniformCantonConfigValidation with Product with Serializable
Configuration settings for various internal caches
Configuration settings for various internal caches
indexedStrings
cache size configuration for the static string index cache
contractStore
cache size configuration for the contract store
topologySnapshot
cache size configuration for topology snapshots
keyCache
cache configuration for keys in the topology snapshots to avoid loading redundant keys from the database.
finalizedMediatorConfirmationRequests
cache size for the finalized mediator confirmation requests such the mediator does not have to perform a db round-trip if we have slow responders.
final case class CantonConfig(sequencers: Map[InstanceName, SequencerNodeConfig] = Map.empty, mediators: Map[InstanceName, MediatorNodeConfig] = Map.empty, participants: Map[InstanceName, ParticipantNodeConfig] = Map.empty, remoteSequencers: Map[InstanceName, RemoteSequencerConfig] = Map.empty, remoteMediators: Map[InstanceName, RemoteMediatorConfig] = Map.empty, remoteParticipants: Map[InstanceName, RemoteParticipantConfig] = Map.empty, monitoring: MonitoringConfig = MonitoringConfig(), parameters: CantonParameters = CantonParameters(), features: CantonFeatures = CantonFeatures()) extends UniformCantonConfigValidation with ConfigDefaults[DefaultPorts, CantonConfig] with Product with Serializable
Root configuration parameters for a single Canton process.
Root configuration parameters for a single Canton process.
sequencers
All locally running sequencers that this Canton process can connect and operate on.
mediators
All locally running mediators that this Canton process can connect and operate on.
participants
All locally running participants that this Canton process can connect and operate on.
remoteSequencers
All remotely running sequencers that this Canton process can connect and operate on.
remoteMediators
All remotely running mediators that this Canton process can connect and operate on.
remoteParticipants
All remotely running participants to which the console can connect and operate on.
monitoring
determines how this Canton process can be monitored
parameters
per-environment parameters to control enabled features and set testing parameters
features
control which features are enabled
trait CantonConfigPrevalidator[-A] extends AnyRef
Type class for the validation checks that are specific for a particular configuration class.
Type class for the validation checks that are specific for a particular configuration class. Unlike CantonConfigValidator, the checks performed by instances of this type class do not recurse into subconfigurations.
The Magnolia type class derivation in manual.CantonConfigValidatorDerivation derives a CantonConfigValidator instance from a CantonConfigPrevalidator instance, which will recurse into the subconfigurations. To that end, the CantonConfigPrevalidator instance must be found by implicit resolution where the derivation occurs.
Typically, instances of this type class are obtained via CantonConfigPrevalidator.customCantonConfigValidationPrevalidator for configuration classes that implement CustomCantonConfigValidation.
A
The configuration class to validate
trait CantonConfigValidation extends AnyRef
Trait for Canton config classes that can be validated for a CantonEdition.
final case class CantonConfigValidationError(error: String, context: Seq[String] = Seq.empty) extends Product with Serializable
A validation error for a canton configuration.
A validation error for a canton configuration.
error
The error message
context
The path in the configuration where the error occurred
trait CantonConfigValidator[A] extends AnyRef
Type class for validations of Canton config classes depending on CantonEditions.
Type class for validations of Canton config classes depending on CantonEditions. Instances are typically derived using manual.CantonConfigValidatorDerivation via Magnolia so that validation automatically calls validate on the subconfigurations, where the subconfigurations of A are all the types of fields of a case class that implements A. The derivation must find a corresponding CantonConfigPrevalidator instance via implicit resolution.
A
the type of the config class to validate. This should normally be contravariant, but Magnolia's derivation algorithm cannot deal with contravariant type classes for sealed traits.
sealed trait CantonEdition extends Product with Serializable
final case class CantonFeatures(enablePreviewCommands: Boolean = false, enableTestingCommands: Boolean = false, enableRepairCommands: Boolean = false) extends UniformCantonConfigValidation with Product with Serializable
Control which features are turned on / off in Canton
Control which features are turned on / off in Canton
enablePreviewCommands
Feature flag to enable the set of commands that use functionality which we don't deem stable.
enableTestingCommands
Feature flag to enable the set of commands used by Canton developers for testing purposes.
enableRepairCommands
Feature flag to enable the set of commands used by Canton operators for manual repair purposes.
final case class CantonParameters(clock: ClockConfig = ClockConfig.WallClock(), enableAdditionalConsistencyChecks: Boolean = false, manualStart: Boolean = false, startupParallelism: Option[PositiveInt] = None, nonStandardConfig: Boolean = false, sessionSigningKeys: SessionSigningKeysConfig = SessionSigningKeysConfig.disabled, alphaVersionSupport: Boolean = false, betaVersionSupport: Boolean = false, portsFile: Option[String] = None, timeouts: TimeoutSettings = TimeoutSettings(), retentionPeriodDefaults: RetentionPeriodDefaults = RetentionPeriodDefaults(), console: AmmoniteConsoleConfig = AmmoniteConsoleConfig(), exitOnFatalFailures: Boolean = true, startupMemoryCheckConfig: StartupMemoryCheckConfig = StartupMemoryCheckConfig( ReportingLevel.Warn ), enableAlphaStateViaConfig: Boolean = false, stateRefreshInterval: Option[NonNegativeFiniteDuration] = None) extends UniformCantonConfigValidation with Product with Serializable
Parameters for testing Canton.
Parameters for testing Canton. Use default values in a production environment.
enableAdditionalConsistencyChecks
if true, run additional consistency checks. This will degrade performance.
manualStart
If set to true, the nodes have to be manually started via console (default false)
startupParallelism
Start up to N nodes in parallel (default is num-threads)
nonStandardConfig
don't fail config validation on non-standard configuration settings
sessionSigningKeys
Configure the use of session signing keys in the protocol
alphaVersionSupport
If true, allow synchronizer nodes to use alpha protocol versions and participant nodes to connect to such synchronizers
betaVersionSupport
If true, allow synchronizer nodes to use beta protocol versions and participant nodes to connect to such synchronizers
portsFile
A ports file name, where the ports of all participants will be written to after startup
timeouts
Sets the timeouts used for processing and console
exitOnFatalFailures
If true the node will exit/stop the process in case of fatal failures
enableAlphaStateViaConfig
If true, we will start the declarative api functionality
stateRefreshInterval
If configured, the config file will be reread in the given interval to allow dynamic properties to be picked up immediately
trait ClientConfig extends AnyRef
Base trait for Grpc transport client configuration classes, abstracts access to the configs
sealed trait ClockConfig extends Product with Serializable
trait CommunityOnlyCantonConfigValidation extends PredicatedCantonConfigValidation
Trait for Canton config classes that may only be used with the CommunityCantonEdition.
Trait for Canton config classes that may only be used with the CommunityCantonEdition. Does not perform additional validation except for the subconfigurations' own validations.
class ConfidentialConfigWriter extends AnyRef
trait ConfigDefaults[Defaults, Self] extends AnyRef
final case class ConnectionAllocation(numReads: Option[PositiveInt] = None, numWrites: Option[PositiveInt] = None, numLedgerApi: Option[PositiveInt] = None) extends PrettyPrinting with UniformCantonConfigValidation with Product with Serializable
final case class ConsoleCommandTimeout(bounded: NonNegativeDuration = ConsoleCommandTimeout.defaultBoundedTimeout, unbounded: NonNegativeDuration = ConsoleCommandTimeout.defaultUnboundedTimeout, ledgerCommand: NonNegativeDuration = ConsoleCommandTimeout.defaultLedgerCommandsTimeout, ping: NonNegativeDuration = ConsoleCommandTimeout.defaultPingTimeout, testingBong: NonNegativeDuration = ConsoleCommandTimeout.defaultTestingBongTimeout) extends UniformCantonConfigValidation with Product with Serializable
Configuration for console command timeouts
Configuration for console command timeouts
bounded
timeout on how long "bounded" operations, i.e. operations which normally are supposed to conclude in a fixed timeframe can run before the console considers them as failed.
unbounded
timeout on how long "unbounded" operations can run, potentially infinite.
ledgerCommand
default timeout used for ledger commands
ping
default ping timeout
testingBong
default bong timeout
final case class CryptoConfig(provider: CryptoProvider = CryptoProvider.Jce, signing: SigningSchemeConfig = SigningSchemeConfig(), encryption: EncryptionSchemeConfig = EncryptionSchemeConfig(), symmetric: CryptoSchemeConfig[SymmetricKeyScheme] = CryptoSchemeConfig(), hash: CryptoSchemeConfig[HashAlgorithm] = CryptoSchemeConfig(), pbkdf: CryptoSchemeConfig[PbkdfScheme] = CryptoSchemeConfig(), kms: Option[KmsConfig] = None, privateKeyStore: PrivateKeyStoreConfig = PrivateKeyStoreConfig()) extends UniformCantonConfigValidation with Product with Serializable
Cryptography configuration.
Cryptography configuration.
provider
the crypto provider implementation to use
signing
the signing key scheme configuration
encryption
the encryption scheme configuration
symmetric
the symmetric key scheme configuration
hash
the hash algorithm configuration
pbkdf
the password-based key derivation function configuration
kms
optional support for a KMS
privateKeyStore
private key store configuration to allow for encrypted key storage
sealed trait CryptoProvider extends PrettyPrinting
final case class CryptoProviderScheme[S](default: S, supported: NonEmpty[Set[S]]) extends Product with Serializable
final case class CryptoSchemeConfig[S](default: Option[S] = None, allowed: Option[NonEmpty[Set[S]]] = None) extends UniformCantonConfigValidation with Product with Serializable
Configures the optional default and allowed schemes of kind S.
Configures the optional default and allowed schemes of kind S.
default
The optional scheme to use. If none is specified, use the provider's default scheme of kind S.
allowed
The optional allowed schemes to use. If none is specified, all the provider's supported schemes of kind S are allowed.
trait CustomCantonConfigValidation extends CantonConfigValidation
Trait for Canton configuration classes that validate subconfigurations recursively via Magnolia's derivation of the CantonConfigValidator type class.
Trait for Canton configuration classes that validate subconfigurations recursively via Magnolia's derivation of the CantonConfigValidator type class.
Validations specific to the given class should be done in doValidate.
sealed trait DbConfig extends StorageConfig with PrettyPrinting
Dictates that persistent data is stored in a database.
final case class DbLockConfig(healthCheckPeriod: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(5), healthCheckTimeout: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(15)) extends EnterpriseOnlyCantonConfigValidation with Product with Serializable
Configuration of a DB lock
Configuration of a DB lock
healthCheckPeriod
Health check period, i.e., how long to wait between one health check completed and the next to start.
healthCheckTimeout
Timeout for running a health check in seconds granularity.
final case class DbLockedConnectionConfig(passiveCheckPeriod: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(15), healthCheckPeriod: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(5), healthCheckTimeout: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(15), connectionTimeout: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(10), keepAliveIdle: Option[PositiveFiniteDuration] = None, keepAliveInterval: Option[PositiveFiniteDuration] = None, keepAliveCount: Option[Int] = None, initialAcquisitionMaxRetries: Int = 5, initialAcquisitionInterval: PositiveFiniteDuration = PositiveFiniteDuration.ofMillis(200), lock: DbLockConfig = DbLockConfig()) extends EnterpriseOnlyCantonConfigValidation with Product with Serializable
Configuration of a DB-locked connection, i.e., a database connection with an associated DB lock.
Configuration of a DB-locked connection, i.e., a database connection with an associated DB lock.
passiveCheckPeriod
How long to wait between trying to become active.
healthCheckPeriod
Health check period, i.e., how long to wait between one health check completed and the next to start.
healthCheckTimeout
Timeout for running a health check in seconds granularity.
connectionTimeout
Timeout for requesting a new connection from the underlying database driver in seconds granularity.
keepAliveIdle
TCP keep-alive idle time, i.e., how long to wait until sending a keep-alive message when idle.
keepAliveInterval
TCP keep-alive interval, i.e., how long to wait until resending an unanswered keep-alive message.
keepAliveCount
TCP keep-alive count, i.e., how many unanswered keep-alive messages required to consider the connection lost.
initialAcquisitionMaxRetries
Maximum number of retries when trying to acquire the lock for the first time before trying to acquire the lock in a background task.
initialAcquisitionInterval
Retry intervals during the initial attempts to acquire the lock.
lock
Configuration of the DB locks used by the pool.
final case class DbLockedConnectionPoolConfig(healthCheckPeriod: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(5), connection: DbLockedConnectionConfig = DbLockedConnectionConfig(), activeTimeout: PositiveFiniteDuration = PositiveFiniteDuration.ofSeconds(15)) extends EnterpriseOnlyCantonConfigValidation with Product with Serializable
Configuration for the connection pool using DB locks.
Configuration for the connection pool using DB locks.
healthCheckPeriod
Health check period, i.e., how long to wait between health checks of the connection pool.
connection
Configuration of the DB locked connection used by the pool.
activeTimeout
Time to wait until the first connection in the pool becomes active during failover.
final case class DbParametersConfig(maxConnections: Option[PositiveInt] = None, connectionAllocation: ConnectionAllocation = ConnectionAllocation(), failFastOnStartup: Boolean = true, migrationsPaths: Seq[String] = Seq.empty, connectionTimeout: NonNegativeFiniteDuration = DbConfig.defaultConnectionTimeout, failedToFatalDelay: NonNegativeFiniteDuration = DbConfig.defaultFailedToFatalDelay, warnOnSlowQuery: Option[PositiveFiniteDuration] = None, warnOnSlowQueryInterval: PositiveFiniteDuration = DbParametersConfig.defaultWarnOnSlowQueryInterval, unsafeCleanOnValidationError: Boolean = false, unsafeBaselineOnMigrate: Boolean = false, migrateAndStart: Boolean = false) extends PrettyPrinting with UniformCantonConfigValidation with Product with Serializable
Various database related settings
Various database related settings
maxConnections
Allows for setting the maximum number of db connections used by Canton and the ledger API server. If None, the value will be auto-detected from the number of processors. Has no effect, if the number of connections is already set via slick options (i.e., config.numThreads).
connectionAllocation
Overrides for the sizes of the connection pools managed by a canton node.
failFastOnStartup
If true, the node will fail-fast when the database cannot be connected to If false, the node will wait indefinitely for the database to come up
migrationsPaths
Where should database migrations be read from. Enables specialized DDL for different database servers (e.g. Postgres).
connectionTimeout
How long to wait for acquiring a database connection
failedToFatalDelay
Delay after which, if the storage is continuously in a Failed state, it will escalate to Fatal. The default value is 5 minutes. Components that use the storage as a health dependency can then determine how to react. Currently, the sequencer declares it as a fatal dependency for its liveness health, which means it will transition to NOT_SERVING if this delay is exceeded, allowing a monitoring infrastructure to restart it. **NOTE**: Currently this only applies to com.digitalasset.canton.resource.DbStorageSingle, which is only used by the sequencer. TODO(i24240): Apply the same behavior to DbStorageMulti
warnOnSlowQuery
Optional time when we start logging a query as slow.
warnOnSlowQueryInterval
How often to repeat the logging statement for slow queries.
unsafeCleanOnValidationError
TO BE USED ONLY FOR TESTING! Clean the database if validation during DB migration fails.
unsafeBaselineOnMigrate
TO BE USED ONLY FOR TESTING! Whether to automatically call baseline when migrate is executed against a non-empty schema with no schema history table. This schema will then be baselined with the baselineVersion before executing the migrations. Only migrations above baselineVersion will then be applied. This is useful for databases projects where the initial vendor schema is not empty If baseline should be called on migrate for non-empty schemas, { @code false} if not. (default: { @code false})
migrateAndStart
if true, db migrations will be applied to the database (default is to abort start if db migrates are pending to force an explicit upgrade)
final case class DeadlockDetectionConfig(enabled: Boolean = true, interval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(3), warnInterval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(10)) extends UniformCantonConfigValidation with Product with Serializable
Deadlock detection configuration
Deadlock detection configuration
A simple deadlock detection method. Using a background scheduler, we schedule a trivial future on the EC. If the Future is not executed until we check again, we alert.
enabled
if true, we'll monitor the EC for deadlocks (or slow processings)
interval
how often we check the EC
warnInterval
how often we report a deadlock as still being active
class DefaultPorts extends AnyRef
sealed trait EncryptedPrivateStoreConfig extends UniformCantonConfigValidation
Encapsulates possible configurations for different encrypted private stores
final case class EncryptionSchemeConfig(algorithms: CryptoSchemeConfig[EncryptionAlgorithmSpec] = CryptoSchemeConfig(), keys: CryptoSchemeConfig[EncryptionKeySpec] = CryptoSchemeConfig()) extends UniformCantonConfigValidation with Product with Serializable
Stores the configuration of the encryption scheme.
Stores the configuration of the encryption scheme.
algorithms
the algorithm specifications
keys
the key specifications
trait EnterpriseOnlyCantonConfigValidation extends PredicatedCantonConfigValidation
Trait for Canton config classes that may only be used with the EnterpriseCantonEdition.
Trait for Canton config classes that may only be used with the EnterpriseCantonEdition. Does not perform additional validation except for the subconfigurations' own validations.
final case class FullClientConfig(address: String = "127.0.0.1", port: Port, tls: Option[TlsClientConfig] = None, keepAliveClient: Option[KeepAliveClientConfig] = Some(KeepAliveClientConfig())) extends ClientConfig with TlsField[TlsClientConfig] with UniformCantonConfigValidation with Product with Serializable
A full feature complete client configuration to a corresponding server configuration, the class is aimed to be used in configs
final case class GCLoggingConfig(enabled: Boolean = false, debugLevel: Boolean = false, filter: String = "", details: Boolean = true) extends UniformCantonConfigValidation with Product with Serializable
Configure GC logging
Configure GC logging
enabled
If set to true, the JVM GC logging will be enabled
debugLevel
If true, the logging will happen on debug level, else info
filter
An optional filter string to filter for particular GC events
details
If set to true (default), the memory details will be included
final case class GrpcHealthServerConfig(address: String = "0.0.0.0", internalPort: Option[Port] = None, keepAliveServer: Option[BasicKeepAliveServerConfig] = Some( BasicKeepAliveServerConfig() ), jwtTimestampLeeway: Option[JwtTimestampLeeway] = None, parallelism: Int = 4) extends ServerConfig with UniformCantonConfigValidation with Product with Serializable
Configuration of the gRPC health server for a canton node.
Configuration of the gRPC health server for a canton node.
parallelism
number of threads to be used in the gRPC server
final case class HttpHealthServerConfig(address: String = "0.0.0.0", port: Port) extends UniformCantonConfigValidation with Product with Serializable
Configuration of health server backend.
sealed trait IdentityConfig extends AnyRef
Control how the identity of the node is determined.
Control how the identity of the node is determined.
At startup, we need to determine the node's identity. We support various modes of operations for different deployments.
We distinguish between setting the node-id and subsequently generating the topology transactions and the remaining keys. As such it is possible to manually set the node-id but let the system automatically generate the remaining topology transactions.
final case class InitConfig(identity: IdentityConfig = IdentityConfig.Auto(), generateIntermediateKey: Boolean = false, generateTopologyTransactionsAndKeys: Boolean = true) extends InitConfigBase with UniformCantonConfigValidation with Product with Serializable
Configuration for the node's init process
Configuration for the node's init process
identity
Controls how the node identity (prefix of the unique identifier) is determined
generateIntermediateKey
If true (default false), then the node will generate an additional intermediate key. This allows to turn off access to the root key for the node.
generateTopologyTransactionsAndKeys
If true (default), then the node will generate automatically the topology transactions and keys once it has the necessary namespace delegations to do so.
trait InitConfigBase extends AnyRef
final case class KeepAliveClientConfig(time: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(40), timeout: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(20)) extends UniformCantonConfigValidation with Product with Serializable
GRPC keep alive client configuration
GRPC keep alive client configuration
Settings according to https://grpc.github.io/grpc-java/javadoc/io/grpc/ManagedChannelBuilder.html#keepAliveTime-long-java.util.concurrent.TimeUnit-
time
Sets the time without read activity before sending a keepalive ping. Do not set to small numbers (default is 40s)
timeout
Sets the time waiting for read activity after sending a keepalive ping (default is 20s)
trait KeepAliveServerConfig extends AnyRef
GRPC keep alive server configuration.
final case class KeyStoreConfig(path: File, password: Password) extends Product with Serializable
Configuration for Java keystore with optional password protection.
class KeyStoreConfigWriters extends AnyRef
sealed trait KmsConfig extends AnyRef
final case class LedgerApiKeepAliveServerConfig(time: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofMinutes(10), timeout: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(20), permitKeepAliveTime: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofSeconds(10), permitKeepAliveWithoutCalls: Boolean = false) extends KeepAliveServerConfig with Product with Serializable
trait LocalNodeConfig extends NodeConfig
trait LocalNodeParametersConfig extends AnyRef
final case class LoggingConfig(api: ApiLoggingConfig = ApiLoggingConfig(), eventDetails: Boolean = false, logConfigOnStartup: Boolean = true, logConfigWithDefaults: Boolean = false, logSlowFutures: Boolean = false, delayLoggingThreshold: NonNegativeFiniteDuration = LoggingConfig.defaultDelayLoggingThreshold, jvmGc: GCLoggingConfig = GCLoggingConfig(), queryCost: Option[QueryCostMonitoringConfig] = None) extends UniformCantonConfigValidation with Product with Serializable
Detailed logging configurations
Detailed logging configurations
This section allows to configure additional data such as transaction details to be logged to the standard logback system
api
Configuration settings for the ApiRequestLogger
eventDetails
If set to true, we will log substantial details of internal messages being processed. To be disabled in production!
logConfigOnStartup
If set to true (default), it will log the config on startup (omitting sensitive details)
logConfigWithDefaults
If set to true (default false), the default values of the config will be included
logSlowFutures
Whether we should active log slow futures (where instructed)
delayLoggingThreshold
Logs a warning message once the sequencer client falls behind in processing messages from the sequencer (based on the sequencing timestamp).
jvmGc
Controls the JVM Gc logging
queryCost
Determines whether to log the 15 most expensive db queries
sealed trait ModifiableDbConfig[A <: ModifiableDbConfig[A]] extends DbConfig
final case class MonitoringConfig(deadlockDetection: DeadlockDetectionConfig = DeadlockDetectionConfig(), metrics: MetricsConfig = MetricsConfig(), tracing: TracingConfig = TracingConfig(), logging: LoggingConfig = LoggingConfig(), dumpNumRollingLogFiles: NonNegativeInt = MonitoringConfig.defaultDumpNumRollingLogFiles) extends LazyLogging with UniformCantonConfigValidation with Product with Serializable
Configuration for metrics and tracing
Configuration for metrics and tracing
deadlockDetection
Should we regularly check our environment EC for deadlocks?
metrics
Optional Metrics Reporter used to expose internally captured metrics
tracing
Tracing configuration
dumpNumRollingLogFiles
How many of the rolling log files shold be included in the remote dump. Default is 0.
trait NodeConfig extends AnyRef
final case class NodeMonitoringConfig(grpcHealthServer: Option[GrpcHealthServerConfig] = None, httpHealthServer: Option[HttpHealthServerConfig] = None) extends UniformCantonConfigValidation with Product with Serializable
Monitoring configuration for a canton node.
Monitoring configuration for a canton node.
grpcHealthServer
Optional gRPC Health server configuration
httpHealthServer
Optional HTTP Health server configuration
final case class NonNegativeDuration(duration: Duration) extends RefinedNonNegativeDuration[NonNegativeDuration] with Product with Serializable
Duration class used for non-negative durations.
Duration class used for non-negative durations.
There are two options: either it's a non-negative duration or an infinite duration
final case class NonNegativeFiniteDuration(underlying: FiniteDuration) extends RefinedNonNegativeDuration[NonNegativeFiniteDuration] with Product with Serializable
Duration class used for non-negative finite durations.
final case class PackageMetadataViewConfig(initLoadParallelism: Int = DefaultInitLoadParallelism, initProcessParallelism: Int = DefaultInitProcessParallelism, initTakesTooLongInitialDelay: FiniteDuration = DefaultInitTakesTooLongInitialDelay, initTakesTooLongInterval: FiniteDuration = DefaultInitTakesTooLongInterval) extends UniformCantonConfigValidation with Product with Serializable
final case class Password(pw: String) extends AnyVal with Product with Serializable
Password wrapper for keystores to prevent the values being printed in logs.
Password wrapper for keystores to prevent the values being printed in logs.
pw
password value - public for supporting PureConfig parsing but callers should prefer accessing through unwrap
final case class PemFile(pemFile: ExistingFile) extends PemFileOrString with Product with Serializable
A class representing an existing PEM file path for configuration file fields
sealed trait PemFileOrString extends AnyRef
A class representing either an existing PEM file path or an inlined PEM string for configuration file fields
final case class PemString(pemBytes: ByteString) extends PemFileOrString with Product with Serializable
A class representing an inlined PEM string for configuration file fields
final case class PositiveDurationSeconds(underlying: FiniteDuration) extends RefinedNonNegativeDuration[PositiveDurationSeconds] with Product with Serializable
Duration class used for positive durations that are rounded to the second.
final case class PositiveFiniteDuration(underlying: FiniteDuration) extends RefinedNonNegativeDuration[PositiveFiniteDuration] with Product with Serializable
Duration class used for positive finite durations.
trait PredicatedCantonConfigValidation extends CustomCantonConfigValidation
final case class PrivateKeyStoreConfig(encryption: Option[EncryptedPrivateStoreConfig] = None) extends UniformCantonConfigValidation with Product with Serializable
Stores the configuration for a private store
Stores the configuration for a private store
encryption
flags that the store is encrypted with a specific encryption approach. The default value is None which means unencrypted.
final case class ProcessingTimeout(unbounded: NonNegativeDuration = DefaultProcessingTimeouts.unbounded, io: NonNegativeDuration = DefaultProcessingTimeouts.io, default: NonNegativeDuration = DefaultProcessingTimeouts.default, network: NonNegativeDuration = DefaultProcessingTimeouts.network, shutdownProcessing: NonNegativeDuration = DefaultProcessingTimeouts.shutdownProcessing, shutdownNetwork: NonNegativeDuration = DefaultProcessingTimeouts.shutdownNetwork, shutdownShort: NonNegativeDuration = DefaultProcessingTimeouts.shutdownShort, closing: NonNegativeDuration = DefaultProcessingTimeouts.closing, inspection: NonNegativeDuration = DefaultProcessingTimeouts.inspection, storageMaxRetryInterval: NonNegativeDuration = DefaultProcessingTimeouts.maxRetryInterval, verifyActive: NonNegativeDuration = DefaultProcessingTimeouts.verifyActive, activeInit: NonNegativeDuration = DefaultProcessingTimeouts.activeInit, slowFutureWarn: NonNegativeDuration = DefaultProcessingTimeouts.slowFutureWarn, activeInitRetryDelay: NonNegativeDuration = DefaultProcessingTimeouts.activeInitRetryDelay, sequencerInfo: NonNegativeDuration = DefaultProcessingTimeouts.sequencerInfo, topologyChangeWarnDelay: NonNegativeDuration = DefaultProcessingTimeouts.topologyChangeWarnDelay, sequencedEventProcessingBound: NonNegativeDuration = DefaultProcessingTimeouts.sequencedEventProcessingBound, dynamicStateConsistencyTimeout: NonNegativeDuration = NonNegativeDuration.ofSeconds(60)) extends UniformCantonConfigValidation with Product with Serializable
Configuration for internal await timeouts
Configuration for internal await timeouts
unbounded
timeout on how long "unbounded" operations can run. should be infinite in theory.
io
timeout for disk based operations
default
default finite processing timeout
network
timeout for things related to networking
shutdownProcessing
timeout used for shutdown of some processing where we'd like to keep the result (long)
shutdownNetwork
timeout used for shutdown where we interact with some remote system
shutdownShort
everything else shutdown releated (default)
closing
our closing time (which should be strictly larger than any of the shutdown values)
inspection
timeout for the storage inspection commands (can run a long long time)
storageMaxRetryInterval
max retry interval for storage
verifyActive
how long should we wait for the synchronizer to tell us whether we are active or not
activeInit
how long a passive replica should wait for the initialization by the active replica
slowFutureWarn
when using future supervision, when should we start to warn about a slow future
activeInitRetryDelay
delay between attempts while waiting for initialization of the active replica
sequencerInfo
how long are we going to try to get the sequencer connection information. setting this high means that connect calls will take quite a while if one of the sequencers is offline.
topologyChangeWarnDelay
maximum delay between the timestamp of the topology snapshot used during submission and the sequencing timestamp, after which we log inconsistency errors as warnings
sequencedEventProcessingBound
Maximum time we allow for locally processing a sequenced event. If local processing takes longer, the node will emit an error or crash.
dynamicStateConsistencyTimeout
Timeout for dynamic state consistency checks. When we apply some state changes, we sometimes need to wait until they are applied to the entire node.
trait ProtocolConfig extends AnyRef
final case class QueryCostMonitoringConfig(every: NonNegativeFiniteDuration, resetOnOutput: Boolean = true, logOperations: Boolean = false, sortBy: QueryCostSortBy = QueryCostSortBy.Total, logLines: PositiveInt = PositiveInt.tryCreate(15)) extends UniformCantonConfigValidation with Product with Serializable
Configuration for monitoring the cost of db queries.
Configuration for monitoring the cost of db queries.
every
determines the duration between reports
resetOnOutput
determines whether the statistics will be reset after creating a report
logOperations
if true (default false), log every query operation
sortBy
determines the sorting of the output (default total)
logLines
determines how many lines will be logged, default 15
sealed trait QueryCostSortBy extends Product with Serializable
trait RefinedNonNegativeDuration[D <: RefinedNonNegativeDuration[D]] extends PrettyPrinting
trait RefinedNonNegativeDurationCompanion[D <: RefinedNonNegativeDuration[D]] extends AnyRef
final case class ReplicationConfig(enabled: Option[Boolean] = None, connectionPool: DbLockedConnectionPoolConfig = DbLockedConnectionPoolConfig()) extends EnterpriseOnlyCantonConfigValidation with Product with Serializable
Configuration of node replication for high availability
Configuration of node replication for high availability
enabled
Needs to be set to true for a replicated node, which shares the database with other replicas.
connectionPool
Configuration for the write connection pool.
final case class RetentionPeriodDefaults(sequencer: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofDays(7), mediator: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofDays(7)) extends UniformCantonConfigValidation with Product with Serializable
Default retention periods used by pruning commands where no values are explicitly specified.
Default retention periods used by pruning commands where no values are explicitly specified. Although by default the commands will retain enough data to remain operational, however operators may like to retain more than this to facilitate possible disaster recovery scenarios or retain evidence of completed transactions.
final case class SequencerApiClientConfig(address: String, port: Port, tls: Option[TlsClientConfigOnlyTrustFile] = None) extends ClientConfig with TlsField[TlsClientConfigOnlyTrustFile] with UniformCantonConfigValidation with Product with Serializable
A client configuration for a public server configuration, the class is aimed to be used in configs
sealed trait ServerAuthRequirementConfig extends UniformCantonConfigValidation
Configuration on whether server requires auth, requests auth, or no auth
trait ServerConfig extends Product with Serializable
Configuration for hosting a server api
final case class SessionEncryptionKeyCacheConfig(enabled: Boolean, senderCache: CacheConfigWithTimeout, receiverCache: CacheConfigWithTimeout) extends UniformCantonConfigValidation with Product with Serializable
Configuration settings for a cache that stores: (a) the public asymmetric encryptions of the session keys for the sender and (b) the decrypting results in the receiver.
Configuration settings for a cache that stores: (a) the public asymmetric encryptions of the session keys for the sender and (b) the decrypting results in the receiver. This reduces the amount of asymmetric operations that need to be performed for each of the views that share the same participant recipient group (i.e. use the same session key).
enabled
enable/disable caching of the session key. Caching is enabled by default, offering a trade-off between secrecy and performance
senderCache
configuration for the sender's cache that stores the encryptions of the session keys
receiverCache
configuration for the receiver's cache that stores the decryptions of the session keys
final case class SessionSigningKeysConfig(enabled: Boolean, keyValidityDuration: PositiveDurationSeconds = PositiveDurationSeconds.ofMinutes(5), cutOffDuration: PositiveDurationSeconds = PositiveDurationSeconds.ofSeconds(30), keyEvictionPeriod: PositiveDurationSeconds = PositiveDurationSeconds.ofMinutes(10), signingAlgorithmSpec: SigningAlgorithmSpec = SigningAlgorithmSpec.Ed25519, signingKeySpec: SigningKeySpec = SigningKeySpec.EcCurve25519) extends PrettyPrinting with UniformCantonConfigValidation with Product with Serializable
Configuration for enabling session signing keys with a specified validity period.
Configuration for enabling session signing keys with a specified validity period. This setting is applicable only when using a KMS provider with externally stored keys.
enabled
Enables the usage of session signing keys in the protocol.
keyValidityDuration
Specifies the validity duration for each session signing key. Its lifespan should be configured to be at least as long as the participant's response timeout. This ensures that, in the event of a crash, the participant can generate a new session signing key while still being able to serve confirmation responses for requests received before the crash. Since the response's signature will rely on the topology snapshot from the request's original timestamp (i.e., pre-crash), the key should remain valid at least until that request has timed out.
cutOffDuration
A cut-off duration that defines how long before the session key expires we stop using it. This is important because a participant uses this key to sign submission requests, but the timestamp assigned by the sequencer is unknown in advance. Since the sequencer and other protocol participants use this timestamp to verify the delegation’s validity, if a new session signing key is only created after the previous key's validity period expires, multiple submissions may fail signature verification because their sequencing timestamps exceed the validity period. The configured baseline is based on the maximum expected time to generate and sign a new delegation.
keyEvictionPeriod
This defines how long the private session signing key remains in memory. This is distinct from the validity period in the sense that we can be asked to sign arbitrarily old timestamps, and so we want to persist the key for longer times so we can re-use it. The eviction period should be longer than keyValidityDuration and at least as long as the majority of confirmation request decision latencies (for the mediator) or confirmation request response latencies (for participants).
signingAlgorithmSpec
Defines the signing algorithm when using session signing keys. It defaults to Ed25519.
signingKeySpec
Defines the key scheme to use for the session signing keys. It defaults to EcCurve25519. Both algorithm and key scheme must be supported and allowed by the node.
final case class SigningSchemeConfig(algorithms: CryptoSchemeConfig[SigningAlgorithmSpec] = CryptoSchemeConfig(), keys: CryptoSchemeConfig[SigningKeySpec] = CryptoSchemeConfig()) extends UniformCantonConfigValidation with Product with Serializable
Stores the configuration of the signing scheme.
Stores the configuration of the signing scheme.
algorithms
the algorithm specifications
keys
the key specifications
final case class StartupMemoryCheckConfig(reportingLevel: ReportingLevel) extends UniformCantonConfigValidation with Product with Serializable
sealed trait StorageConfig extends UniformCantonConfigValidation
Determines how a node stores persistent data.
final case class SynchronizerTimeTrackerConfig(observationLatency: NonNegativeFiniteDuration = SynchronizerTimeTrackerConfig.defaultObservationLatency, patienceDuration: NonNegativeFiniteDuration = SynchronizerTimeTrackerConfig.defaultPatienceDuration, minObservationDuration: NonNegativeFiniteDuration = SynchronizerTimeTrackerConfig.defaultMinObservationDuration, timeRequest: TimeProofRequestConfig = TimeProofRequestConfig()) extends PrettyPrinting with UniformCantonConfigValidation with Product with Serializable
Configuration for the synchronizer time tracker.
Configuration for the synchronizer time tracker.
observationLatency
Even if the host and synchronizer clocks are perfectly synchronized there will always be some latency for an event to be delivered (storage, transmission, processing). If the current host time exceeds the next expected timestamp by this observation latency then we will request a time proof (unless we have received a recent event within the patience duration described below).
patienceDuration
We will only request a time proof if this given duration has elapsed since we last received an event (measured using the host clock). This prevents requesting timestamps when we are observing events from the synchronizer (particularly if the local node is catching up on old activity).
minObservationDuration
We will try to ensure that we receive a time at least once during this duration (measured using the host clock). This is practically useful if there is no other activity on the synchronizer as the sequencer client will then have an event to acknowledge allowing sequenced events to be pruned before this point. We may in the future use this to monitor clock skews between the host and synchronizer.
timeRequest
configuration for how we ask for a time proof.
final case class TestSequencerClientFor(environmentId: String, memberName: String, synchronizerName: String) extends Product with Serializable
environmentId
ID used to disambiguate tests running in parallel
memberName
The name of the member that should use a delayed sequencer client
synchronizerName
The name of the synchronizer for which the member should use a delayed sequencer client
final case class TestingConfigInternal(testSequencerClientFor: Set[TestSequencerClientFor] = Set.empty, metricsFactoryType: MetricsFactoryType = External, supportAdhocMetrics: Boolean = false, initializeGlobalOpenTelemetry: Boolean = true, doNotUseCommitmentCachingFor: Set[String] = Set.empty, reinterpretationTestHookFor: (String) => () => Unit = _ => () => (), maxCommitmentSendDelayMillis: Option[NonNegativeInt] = None, sequencerTransportSeed: Option[Long] = None, participantsWithoutLapiVerification: Set[String] = Set.empty, enableInMemoryTransactionStoreForParticipants: Boolean = false, warnOnAcsCommitmentDegradation: Boolean = true) extends Product with Serializable
Used to set parameters for testing when these don't need to be exposed in a config file.
Used to set parameters for testing when these don't need to be exposed in a config file.
supportAdhocMetrics
if true, then creating adhoc metrics is supported (conflicts with histogram redefinitions)
initializeGlobalOpenTelemetry
Determines whether the OpenTelemetry instance we build is set as the global OpenTelemetry instance. This is set to false during tests to prevent failures as the global OpenTelemetry instance can be initialized just once.
doNotUseCommitmentCachingFor
A participant whose participant.uid.identifier that matches one of these strings will be excluded from the commitment caching.
reinterpretationTestHookFor
Hooks allowing participants to perform actions during reinterpretation interruptions. The argument to pass is a function that takes a string as an argument and returns the hook for the corresponding member whose identifier matches the string. The hook itself is a function that takes no argument and returns Unit. The default value provides hooks that do nothing for all members. Example:
```
def myHooks(identifier: String): () => Unit =
  identifier match {
    case "participant1" => () => println(s"do something special for `participant1`")
    case _ => () => println(s"no action")
  }
```
See also the example in EngineComputationAbortIntegrationTest.
maxCommitmentSendDelayMillis
The maximum delay for sending commitments in milliseconds. If not set, commitment sending is delayed by a random amount at most the default value.
sequencerTransportSeed
The seed to be used for choosing threshold number of sequencer transports.
warnOnAcsCommitmentDegradation
When true, we log a warning when the participant falls behind in producing ACS commitments. This is the default. A false value lowers the logging level to debug, while keeping the degradation of the health status. In tests, we should set it to false, because any test with high load can cause a participant to lag behind in producing commitments, which would produce an ACS commitment degradation warning and cause a CI test to be reported as failed. Because in our testing framework any test can run colocated with any other test, any test, load-intensive or not, can issue the warning. Therefore, this parameter should be set to false in tests, unless the test expressly checks the behavior of the degradation.
final case class TimeProofRequestConfig(initialRetryDelay: NonNegativeFiniteDuration = TimeProofRequestConfig.defaultInitialRetryDelay, maxRetryDelay: NonNegativeFiniteDuration = TimeProofRequestConfig.defaultMaxRetryDelay, maxSequencingDelay: NonNegativeFiniteDuration = TimeProofRequestConfig.defaultMaxSequencingDelay) extends PrettyPrinting with UniformCantonConfigValidation with Product with Serializable
initialRetryDelay
The initial retry delay if the request to send a sequenced event fails
maxRetryDelay
The max retry delay if the request to send a sequenced event fails
maxSequencingDelay
If our request for a sequenced event was successful, how long should we wait to observe it from the sequencer before starting a new request.
final case class TimeoutSettings(console: ConsoleCommandTimeout = ConsoleCommandTimeout(), processing: ProcessingTimeout = ProcessingTimeout()) extends UniformCantonConfigValidation with Product with Serializable
Timeout settings configuration
final case class TlsBaseServerConfig(certChainFile: PemFileOrString, privateKeyFile: PemFile, minimumServerProtocolVersion: Option[String] = Some( TlsServerConfig.defaultMinimumServerProtocol ), ciphers: Option[Seq[String]] = TlsServerConfig.defaultCiphers) extends BaseTlsArguments with UniformCantonConfigValidation with Product with Serializable
A wrapper for TLS server parameters supporting only server side authentication
A wrapper for TLS server parameters supporting only server side authentication
Same parameters as the more complete TlsServerConfig
final case class TlsClientCertificate(certChainFile: PemFileOrString, privateKeyFile: PemFile) extends UniformCantonConfigValidation with Product with Serializable
final case class TlsClientConfig(trustCollectionFile: Option[PemFileOrString], clientCert: Option[TlsClientCertificate], enabled: Boolean = true) extends UniformCantonConfigValidation with Product with Serializable
A wrapper for TLS related client configurations
A wrapper for TLS related client configurations
trustCollectionFile
a file containing certificates of all nodes the client trusts. If none is specified, defaults to the JVM trust store
clientCert
the client certificate
enabled
allows enabling TLS without trustCollectionFile or clientCert
final case class TlsClientConfigOnlyTrustFile(trustCollectionFile: Option[PemFileOrString], enabled: Boolean = true) extends Product with Serializable
A wrapper for TLS related client configurations without client auth support (currently public sequencer api)
A wrapper for TLS related client configurations without client auth support (currently public sequencer api)
trustCollectionFile
a file containing certificates of all nodes the client trusts. If none is specified, defaults to the JVM trust store
enabled
allows enabling TLS without trustCollectionFile
trait TlsField[A] extends AnyRef
This trait is only there to force presence of tls field in the config classes
final case class TlsServerConfig(certChainFile: PemFileOrString, privateKeyFile: PemFile, trustCollectionFile: Option[PemFileOrString] = None, clientAuth: ServerAuthRequirementConfig = ServerAuthRequirementConfig.Optional, minimumServerProtocolVersion: Option[String] = Some( TlsServerConfig.defaultMinimumServerProtocol ), ciphers: Option[Seq[String]] = TlsServerConfig.defaultCiphers, enableCertRevocationChecking: Boolean = false) extends BaseTlsArguments with UniformCantonConfigValidation with Product with Serializable
A wrapper for TLS related server parameters supporting mutual authentication.
A wrapper for TLS related server parameters supporting mutual authentication.
Certificates and keys must be provided in the PEM format. It is recommended to create them with OpenSSL. Other formats (such as GPG) may also work, but have not been tested.
certChainFile
a file containing a certificate chain, containing the certificate chain from the server to the root CA. The certificate chain is used to authenticate the server. The order of certificates in the chain matters, i.e., it must start with the server certificate and end with the root certificate.
privateKeyFile
a file containing the server's private key. The key must not use a password.
trustCollectionFile
a file containing certificates of all nodes the server trusts. Used for client authentication. It depends on the enclosing configuration whether client authentication is mandatory, optional or unsupported. If client authentication is enabled and this parameter is absent, the certificates in the JVM trust store will be used instead.
clientAuth
indicates whether server requires, requests, or does not request auth from clients. Normally the ledger api server requires client auth under TLS, but using this setting this requirement can be loosened. See https://github.com/digital-asset/daml/commit/edd73384c427d9afe63bae9d03baa2a26f7b7f54
minimumServerProtocolVersion
minimum supported TLS protocol. Set None (or null in config file) to default to JVM settings.
ciphers
supported ciphers. Set to None (or null in config file) to default to JVM settings.
enableCertRevocationChecking
whether to enable certificate revocation checking per https://tersesystems.com/blog/2014/03/22/fixing-certificate-revocation/ TODO(#4881): implement cert-revocation at the participant and synchronizer admin endpoints Ledger api server reference PR: https://github.com/digital-asset/daml/pull/7965
final case class TopologyConfig(topologyTransactionRegistrationTimeout: NonNegativeFiniteDuration = defaultTopologyTransactionRegistrationTimeout, topologyTransactionObservationTimeout: NonNegativeFiniteDuration = defaultTopologyTransactionObservationTimeout, broadcastBatchSize: PositiveInt = defaultBroadcastBatchSize, broadcastRetryDelay: NonNegativeFiniteDuration = defaultBroadcastRetryDelay) extends UniformCantonConfigValidation with Product with Serializable
topologyTransactionRegistrationTimeout
Used to determine the max sequencing time for topology transaction broadcasts.
topologyTransactionObservationTimeout
Determines up to how long the node waits for observing the dispatched topology transactions in its own local synchronizer store. The observation timeout is checked against the node's wall clock. After this timeout, the node fails the dispatch cycle. This timeout is only triggered, if the sequencer accepts the topology transaction broadcast submission request, but drops the message during ordering (for whatever reason).
broadcastBatchSize
The maximum number of topology transactions sent in a topology transaction broadcast
broadcastRetryDelay
The delay after which a failed dispatch cycle will be triggered again.
trait UniformCantonConfigValidation extends CustomCantonConfigValidation
Trait for Canton config classes that do not impose any constraints on editions by themselves.
Trait for Canton config classes that do not impose any constraints on editions by themselves. Subconfigurations may still distinguish between editions though.
final case class WatchdogConfig(enabled: Boolean, checkInterval: PositiveFiniteDuration = PositiveFiniteDuration(15.seconds), killDelay: NonNegativeFiniteDuration = NonNegativeFiniteDuration(30.seconds)) extends UniformCantonConfigValidation with Product with Serializable

Value Members

object AdminServerConfig extends Serializable
object ApiLoggingConfig extends Serializable
object AuthServiceConfig
object BaseCantonConfig
Base config readers and writers used in different places
Base config readers and writers used in different places
The main bulk of config readers and writers is in CantonConfig. However, some are shared with the sequencer driver. In order to avoid duplication, we create them here so they can be imported from both places.
object BasicKeepAliveServerConfig extends Serializable
object BatchAggregatorConfig extends Serializable
object BatchingConfig extends Serializable
object CacheConfig extends Serializable
object CacheConfigWithMemoryBounds extends Serializable
object CacheConfigWithTimeout extends Serializable
object CachingConfigs extends Serializable
object CantonConfig extends Serializable
object CantonConfigPrevalidator
object CantonConfigUtil
object CantonConfigValidationMacros
object CantonConfigValidator
object CantonConfigValidatorInstances
Collects com.digitalasset.canton.config.CantonConfigValidator instances that cannot be declared in the companion object of the classes due to project dependencies.
object CantonFeatures extends Serializable
object CantonParameters extends Serializable
object CantonRequireTypes
Encapsulates those classes and their utility methods which enforce a given invariant via the use of require.
object ClockConfig extends Serializable
case object CommunityCantonEdition extends CantonEdition with Product with Serializable
object CommunityConfigValidations extends ConfigValidations with NamedLogging
object ConfigErrors extends ConfigErrorGroup
* Trait which acts as a wrapper around
* Trait which acts as a wrapper around
1. lightbend ConfigExceptions which are caught when attempting to read or parse a configuration file
2. pureconfig ConfigReaderFailures which are returned when attempting to convert a given com.typesafe.config.Config instance (basically a valid HOCON-file) to one of the Canton configs
object ConnectionAllocation extends Serializable
object ConsoleCommandTimeout extends Serializable
object CryptoConfig extends Serializable
object CryptoProvider
object CryptoSchemeConfig extends Serializable
object DbConfig
object DbLockConfig extends Serializable
object DbLockedConnectionConfig extends Serializable
object DbLockedConnectionPoolConfig extends Serializable
object DbParametersConfig extends Serializable
object DeadlockDetectionConfig extends Serializable
object DefaultProcessingTimeouts
Reasonable default timeouts
object DeprecatedConfigUtils
object EncryptedPrivateStoreConfig
object EncryptionSchemeConfig extends Serializable
case object EnterpriseCantonEdition extends CantonEdition with Product with Serializable
object EnterpriseConfigValidations extends ConfigValidations
object FullClientConfig extends Serializable
object GCLoggingConfig extends Serializable
object Generate
object GrpcHealthServerConfig extends Serializable
object HttpHealthServerConfig extends Serializable
object IdentityConfig
object InProcessGrpcName
object InitConfig extends Serializable
object InitConfigBase
object KeepAliveClientConfig extends Serializable
object KeyStoreConfig extends Serializable
object KmsConfig
object LoggingConfig extends Serializable
object MonitoringConfig extends Serializable
object NodeMonitoringConfig extends Serializable
object NonNegativeDuration extends RefinedNonNegativeDurationCompanion[NonNegativeDuration] with Serializable
object NonNegativeFiniteDuration extends RefinedNonNegativeDurationCompanion[NonNegativeFiniteDuration] with Serializable
object PackageMetadataViewConfig extends Serializable
object Password extends Serializable
object PemFile extends Serializable
object PemFileOrString
object PemString extends Serializable
object PositiveDurationSeconds extends RefinedNonNegativeDurationCompanion[PositiveDurationSeconds] with Serializable
object PositiveFiniteDuration extends RefinedNonNegativeDurationCompanion[PositiveFiniteDuration] with Serializable
object PrivateKeyStoreConfig extends Serializable
object ProcessingTimeout extends Serializable
object QueryCostMonitoringConfig extends Serializable
object QueryCostSortBy extends Serializable
object RefinedNonNegativeDuration
object ReplicationConfig extends Serializable
object RequireTypes
Encapsulates those classes and their utility methods which enforce a given invariant via the use of require.
object RetentionPeriodDefaults extends Serializable
object SequencerApiClientConfig extends Serializable
object ServerAuthRequirementConfig
object ServerConfig extends Serializable
object SessionEncryptionKeyCacheConfig extends Serializable
object SessionSigningKeysConfig extends Serializable
object SigningSchemeConfig extends Serializable
object StartupMemoryCheckConfig extends Serializable
object StorageConfig
object SynchronizerTimeTrackerConfig extends Serializable
object TimeProofRequestConfig extends Serializable
object TimeoutSettings extends Serializable
object TlsBaseServerConfig extends Serializable
object TlsClientCertificate extends Serializable
object TlsClientConfig extends Serializable
object TlsClientConfigOnlyTrustFile extends Serializable
object TlsServerConfig extends Serializable
object TopologyConfig extends Serializable
object WatchdogConfig extends Serializable

Packages

config

package config

Package Members

Type Members

Value Members

Ungrouped

Packages

config

package config

Package Members

Type Members

Value Members

Ungrouped

config