Vats can be shut down to reap their objects using the adminNode. #9367
Assignees
Labels
contract-upgrade
enhancement
New feature or request
resource-exhaustion
Threats to availability from resource exhaustion attacks
Zoe Contract
Contracts within Zoe
Comments
Chris-Hibbert
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the Problem Being Solved?
In #8400 and #8401, we discuss some problems with uncollected objects that accumulates over time. We're looking for ways to stop the accumulation and then drop the objects. The current plan is to replace some vats with versions that will do a better job of cleaning up, stranding the old objects. Eventually we'll terminate the vats (#8928), and free the remaining objects gradually. One remaining question is whether we already have a mechanism to terminating vats from the outside.
A contract can kill the vat it's in by calling
zcf.shutdown()orzcf.shutdownWithFailure(), but there's no way to invoke that from outside.Description of the Design
The vat's adminNode (=
VatAdminFacet) hasterminateWithFailure()as well asupgrade()anddone(). We save these facets in the bootstrap space, so they're available to core proposals.Security Considerations
closely held.
Scaling Considerations
It's about chain sustainabilty.
Test Plan
A3P, if necessary.
Upgrade Considerations
yes.
The text was updated successfully, but these errors were encountered: