[breaking][libra framework] Remove LibraTransactionTimeout module

The only purpose of LibraTransactionTimeout was to an enforce upper and lower bounds on transaction expiration time. The lower bound check is very simple to do and the upper bound check is no longer a requirement, so we can kill this module.

The PR deletes LibraTransactionTimeout and moves the lower bound check into the transaction prologue. To keep the check simple, it adds a LibraTimestamp::now_seconds function that can be directly compared against the transaction expiration time (which is specified in seconds).

This is a breaking change in the sense that it removes the LibraTransactionTimeout module and orphans the TTL resource, but it is not observable to clients and should be deployable via a WriteSet.

language/ir-testsuite/tests/block/expired_transaction.mvir

@@ -4,6 +4,16 @@
 //! proposer: vivian
 //! block-time: 100000000
 
+//! new-transaction
+//! expiration-time: 99
+import 0x1.LibraSystem;
+import 0x1.LibraTimestamp;
+
+main() {
+    return;
+}
+// check: TRANSACTION_EXPIRED
+
 //! new-transaction
 //! expiration-time: 100
 import 0x1.LibraSystem;
@@ -24,7 +34,6 @@ main() {
 }
 // check: EXECUTED
 
-// TODO: 100 + 86400 = 86500, should be rejected after we fix the mempool flakiness. See details in issues #2346.
 //! new-transaction
 //! expiration-time: 86500
 import 0x1.LibraSystem;
@@ -67,4 +76,4 @@ import 0x1.LibraTimestamp;
 main() {
     return;
 }
-// check: TRANSACTION_EXPIRED
+// check: EXECUTED

language/stdlib/modules/Genesis.move

@@ -19,7 +19,6 @@ module Genesis {
     use 0x1::LibraSystem;
     use 0x1::LibraTimestamp;
     use 0x1::LibraTransactionPublishingOption;
-    use 0x1::LibraTransactionTimeout;
     use 0x1::LibraVersion;
     use 0x1::LibraWriteSetManager;
     use 0x1::Signer;
@@ -82,7 +81,6 @@ module Genesis {
             copy dummy_auth_key_prefix,
         );
 
-        LibraTransactionTimeout::initialize(lr_account);
         LibraSystem::initialize_validator_set(
             lr_account,
         );

language/stdlib/modules/LibraAccount.move

@@ -16,7 +16,6 @@ module LibraAccount {
     use 0x1::LCS;
     use 0x1::LibraTimestamp;
     use 0x1::LibraTransactionPublishingOption;
-    use 0x1::LibraTransactionTimeout;
     use 0x1::Signer;
     use 0x1::SlidingNonce;
     use 0x1::TransactionFee;
@@ -924,7 +923,7 @@ module LibraAccount {
         txn_public_key: vector<u8>,
         txn_gas_price: u64,
         txn_max_gas_units: u64,
-        txn_expiration_time: u64,
+        txn_expiration_time_seconds: u64,
         chain_id: u8,
     ) acquires LibraAccount, Balance {
         let transaction_sender = Signer::address_of(sender);
@@ -973,7 +972,7 @@ module LibraAccount {
             PROLOGUE_ESEQUENCE_NUMBER_TOO_NEW
         );
         assert(
-            LibraTransactionTimeout::is_valid_transaction_timestamp(txn_expiration_time),
+            LibraTimestamp::now_seconds() < txn_expiration_time_seconds,
             PROLOGUE_ETRANSACTION_EXPIRED
         );
     }

language/stdlib/modules/LibraTimestamp.move

@@ -8,7 +8,6 @@ address 0x1 {
 /// * LibraSystem, LibraAccount, LibraConfig: to check if the current state is in the genesis state
 /// * LibraBlock: to reach consensus on the global wall clock time
 /// * AccountLimits: to limit the time of account limits
-/// * LibraTransactionTimeout: to determine whether a transaction is still valid
 ///
 module LibraTimestamp {
     use 0x1::CoreAddresses;
@@ -23,6 +22,9 @@ module LibraTimestamp {
     /// is called at the end of genesis.
     resource struct TimeHasStarted {}
 
+    /// Conversion factor between seconds and microseconds
+    const MICRO_CONVERSION_FACTOR: u64 = 1000000;
+
     /// The blockchain is not in the genesis state anymore
     const ENOT_GENESIS: u64 = 0;
     /// The blockchain is not in an operating state yet
@@ -151,7 +153,7 @@ module LibraTimestamp {
     }
 
 
-    /// Gets the timestamp representing `now` in microseconds.
+    /// Gets the current time in microseconds.
     public fun now_microseconds(): u64 acquires CurrentTimeMicroseconds {
         assert(
             exists<CurrentTimeMicroseconds>(CoreAddresses::LIBRA_ROOT_ADDRESS()),
@@ -168,6 +170,19 @@ module LibraTimestamp {
         global<CurrentTimeMicroseconds>(CoreAddresses::LIBRA_ROOT_ADDRESS()).microseconds
     }
 
+    /// Gets the current time in seconds.
+    public fun now_seconds(): u64 acquires CurrentTimeMicroseconds {
+        now_microseconds() / MICRO_CONVERSION_FACTOR
+    }
+    spec fun now_seconds {
+        pragma opaque;
+        include AbortsIfNoTime;
+        ensures result == spec_now_microseconds() /  MICRO_CONVERSION_FACTOR;
+    }
+    spec define spec_now_seconds(): u64 {
+        global<CurrentTimeMicroseconds>(CoreAddresses::LIBRA_ROOT_ADDRESS()).microseconds / MICRO_CONVERSION_FACTOR
+    }
+
     /// Schema specifying that a function aborts if the timer is not published.
     spec schema AbortsIfNoTime {
         aborts_if !spec_timer_initialized() with Errors::NOT_PUBLISHED;

language/stdlib/modules/doc/Genesis.md

@@ -79,7 +79,6 @@
         <b>copy</b> dummy_auth_key_prefix,
     );
 
-    <a href="LibraTransactionTimeout.md#0x1_LibraTransactionTimeout_initialize">LibraTransactionTimeout::initialize</a>(lr_account);
     <a href="LibraSystem.md#0x1_LibraSystem_initialize_validator_set">LibraSystem::initialize_validator_set</a>(
         lr_account,
     );

language/stdlib/modules/doc/LibraAccount.md

@@ -2247,7 +2247,7 @@ It verifies:
 - That the sequence number matches the transaction's sequence key
 
 
-<pre><code><b>fun</b> <a href="#0x1_LibraAccount_prologue_common">prologue_common</a>&lt;Token&gt;(sender: &signer, txn_sequence_number: u64, txn_public_key: vector&lt;u8&gt;, txn_gas_price: u64, txn_max_gas_units: u64, txn_expiration_time: u64, chain_id: u8)
+<pre><code><b>fun</b> <a href="#0x1_LibraAccount_prologue_common">prologue_common</a>&lt;Token&gt;(sender: &signer, txn_sequence_number: u64, txn_public_key: vector&lt;u8&gt;, txn_gas_price: u64, txn_max_gas_units: u64, txn_expiration_time_seconds: u64, chain_id: u8)
 </code></pre>
 
 
@@ -2262,7 +2262,7 @@ It verifies:
     txn_public_key: vector&lt;u8&gt;,
     txn_gas_price: u64,
     txn_max_gas_units: u64,
-    txn_expiration_time: u64,
+    txn_expiration_time_seconds: u64,
     chain_id: u8,
 ) <b>acquires</b> <a href="#0x1_LibraAccount">LibraAccount</a>, <a href="#0x1_LibraAccount_Balance">Balance</a> {
     <b>let</b> transaction_sender = <a href="Signer.md#0x1_Signer_address_of">Signer::address_of</a>(sender);
@@ -2311,7 +2311,7 @@ It verifies:
         PROLOGUE_ESEQUENCE_NUMBER_TOO_NEW
     );
     <b>assert</b>(
-        <a href="LibraTransactionTimeout.md#0x1_LibraTransactionTimeout_is_valid_transaction_timestamp">LibraTransactionTimeout::is_valid_transaction_timestamp</a>(txn_expiration_time),
+        <a href="LibraTimestamp.md#0x1_LibraTimestamp_now_seconds">LibraTimestamp::now_seconds</a>() &lt; txn_expiration_time_seconds,
         PROLOGUE_ETRANSACTION_EXPIRED
     );
 }

language/stdlib/modules/doc/LibraTimestamp.md

@@ -7,6 +7,7 @@
 
 -  [Resource `CurrentTimeMicroseconds`](#0x1_LibraTimestamp_CurrentTimeMicroseconds)
 -  [Resource `TimeHasStarted`](#0x1_LibraTimestamp_TimeHasStarted)
+-  [Const `MICRO_CONVERSION_FACTOR`](#0x1_LibraTimestamp_MICRO_CONVERSION_FACTOR)
 -  [Const `ENOT_GENESIS`](#0x1_LibraTimestamp_ENOT_GENESIS)
 -  [Const `ENOT_OPERATING`](#0x1_LibraTimestamp_ENOT_OPERATING)
 -  [Const `ETIMER_RESOURCE`](#0x1_LibraTimestamp_ETIMER_RESOURCE)
@@ -16,6 +17,7 @@
 -  [Function `reset_time_has_started_for_test`](#0x1_LibraTimestamp_reset_time_has_started_for_test)
 -  [Function `update_global_time`](#0x1_LibraTimestamp_update_global_time)
 -  [Function `now_microseconds`](#0x1_LibraTimestamp_now_microseconds)
+-  [Function `now_seconds`](#0x1_LibraTimestamp_now_seconds)
 -  [Function `is_genesis`](#0x1_LibraTimestamp_is_genesis)
 -  [Function `assert_genesis`](#0x1_LibraTimestamp_assert_genesis)
 -  [Function `is_operating`](#0x1_LibraTimestamp_is_operating)
@@ -26,6 +28,7 @@
     -  [Function `set_time_has_started`](#0x1_LibraTimestamp_Specification_set_time_has_started)
     -  [Function `update_global_time`](#0x1_LibraTimestamp_Specification_update_global_time)
     -  [Function `now_microseconds`](#0x1_LibraTimestamp_Specification_now_microseconds)
+    -  [Function `now_seconds`](#0x1_LibraTimestamp_Specification_now_seconds)
     -  [Function `assert_genesis`](#0x1_LibraTimestamp_Specification_assert_genesis)
     -  [Function `assert_operating`](#0x1_LibraTimestamp_Specification_assert_operating)
 
@@ -37,7 +40,6 @@ It interacts with the other modules in the following ways:
 * LibraSystem, LibraAccount, LibraConfig: to check if the current state is in the genesis state
 * LibraBlock: to reach consensus on the global wall clock time
 * AccountLimits: to limit the time of account limits
-* LibraTransactionTimeout: to determine whether a transaction is still valid
 
 
 <a name="0x1_LibraTimestamp_CurrentTimeMicroseconds"></a>
@@ -99,6 +101,18 @@ is called at the end of genesis.
 
 </details>
 
+<a name="0x1_LibraTimestamp_MICRO_CONVERSION_FACTOR"></a>
+
+## Const `MICRO_CONVERSION_FACTOR`
+
+Conversion factor between seconds and microseconds
+
+
+<pre><code><b>const</b> MICRO_CONVERSION_FACTOR: u64 = 1000000;
+</code></pre>
+
+
+
 <a name="0x1_LibraTimestamp_ENOT_GENESIS"></a>
 
 ## Const `ENOT_GENESIS`
@@ -293,8 +307,7 @@ Updates the wall clock time by consensus. Requires VM privilege and will be invo
 
 ## Function `now_microseconds`
 
-Gets the timestamp representing
-<code>now</code> in microseconds.
+Gets the current time in microseconds.
 
 
 <pre><code><b>public</b> <b>fun</b> <a href="#0x1_LibraTimestamp_now_microseconds">now_microseconds</a>(): u64
@@ -317,6 +330,31 @@ Gets the timestamp representing
 
 
 
+</details>
+
+<a name="0x1_LibraTimestamp_now_seconds"></a>
+
+## Function `now_seconds`
+
+Gets the current time in seconds.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="#0x1_LibraTimestamp_now_seconds">now_seconds</a>(): u64
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="#0x1_LibraTimestamp_now_seconds">now_seconds</a>(): u64 <b>acquires</b> <a href="#0x1_LibraTimestamp_CurrentTimeMicroseconds">CurrentTimeMicroseconds</a> {
+    <a href="#0x1_LibraTimestamp_now_microseconds">now_microseconds</a>() / MICRO_CONVERSION_FACTOR
+}
+</code></pre>
+
+
+
 </details>
 
 <a name="0x1_LibraTimestamp_is_genesis"></a>
@@ -558,7 +596,7 @@ these assertions verify.
 
 <pre><code><b>include</b> <a href="#0x1_LibraTimestamp_AbortsIfNotOperating">AbortsIfNotOperating</a>;
 <b>include</b> <a href="CoreAddresses.md#0x1_CoreAddresses_AbortsIfNotVM">CoreAddresses::AbortsIfNotVM</a>;
-<a name="0x1_LibraTimestamp_now$12"></a>
+<a name="0x1_LibraTimestamp_now$14"></a>
 <b>let</b> now = <b>old</b>(<a href="#0x1_LibraTimestamp_spec_now_microseconds">spec_now_microseconds</a>());
 <b>aborts_if</b> [<b>assume</b>]
     (<b>if</b> (proposer == <a href="CoreAddresses.md#0x1_CoreAddresses_VM_RESERVED_ADDRESS">CoreAddresses::VM_RESERVED_ADDRESS</a>()) {
@@ -601,6 +639,35 @@ these assertions verify.
 </code></pre>
 
 
+
+<a name="0x1_LibraTimestamp_Specification_now_seconds"></a>
+
+### Function `now_seconds`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="#0x1_LibraTimestamp_now_seconds">now_seconds</a>(): u64
+</code></pre>
+
+
+
+
+<pre><code>pragma opaque;
+<b>include</b> <a href="#0x1_LibraTimestamp_AbortsIfNoTime">AbortsIfNoTime</a>;
+<b>ensures</b> result == <a href="#0x1_LibraTimestamp_spec_now_microseconds">spec_now_microseconds</a>() /  MICRO_CONVERSION_FACTOR;
+</code></pre>
+
+
+
+
+<a name="0x1_LibraTimestamp_spec_now_seconds"></a>
+
+
+<pre><code><b>define</b> <a href="#0x1_LibraTimestamp_spec_now_seconds">spec_now_seconds</a>(): u64 {
+<b>global</b>&lt;<a href="#0x1_LibraTimestamp_CurrentTimeMicroseconds">CurrentTimeMicroseconds</a>&gt;(<a href="CoreAddresses.md#0x1_CoreAddresses_LIBRA_ROOT_ADDRESS">CoreAddresses::LIBRA_ROOT_ADDRESS</a>()).microseconds / MICRO_CONVERSION_FACTOR
+}
+</code></pre>
+
+
 Schema specifying that a function aborts if the timer is not published.