Cardano Updates

Main parks tx-generator (43bf739/8c45f76/d78c7b1 in
cardano-node-antithesis) so the cron run on main targets
a tx-generator-free reference cluster. But Antithesis
launches the cluster from compose AS-IS; passing
'-f tx-generator.disabled.yaml' isn't an option through
moog's launcher. So a 1h workflow_dispatch on this
branch needs the service un-parked HERE — otherwise the
Antithesis cluster has no daemon and the run is a no-op
for our verification.

Image points at the tag we pre-pushed earlier
(tx-generator:8c53529, digest sha256:3c13a0f3...).

When this PR merges, tx-generator becomes active on
master again. If we want to keep main tx-generator-free,
the merge should be staged with a follow-up commit that
re-parks it after Antithesis verification.

PR #114 merged to upstream main (commit
67935ff9c8dadbbdd8ec1b92a14e1f5e9e5d1f80). Repoint per
the *Pins main only* rule — PR #98 can now merge to
downstream main without a feature-branch pin.

narHash unchanged from the pre-merge feature-branch SHA;
image content (tx-generator:8c53529) is byte-identical
to what was already pre-pushed to GHCR.

Signed-off-by: Doc Holiday <[email protected]>

Signed-off-by: Doc Holiday <[email protected]>

Signed-off-by: Doc Holiday <[email protected]>

Signed-off-by: Doc Holiday <[email protected]>

Passive observer — tails cardano-tracer's per-node JSON logs to its
own stdout so Antithesis Logs Explorer indexes them under
source=log-tailer. Read-only on the tracer volume; does not
generate any workload of its own.

Removed earlier when stripping workload services for adversary
isolation, but log-tailer isn't a perturbator — it's a diagnostic
sidecar. Adding it back lets us query node-level events via Logs
Explorer when triaging adversary effects.

The tx-generator daemon produces background transaction traffic.
On testnets/asteria_game/ we explicitly want the asteria game's
own spawnShip / move / mine / quit traffic to be the only chain
activity — anything else is noise that distorts the report's
view of the workload we're scoring.

Service list now: configurator (one-shot), p1/p2/p3 producers,
relay1/relay2 relays, tracer, tracer-sidecar, sidecar,
log-tailer, asteria-game. Observability + chain telemetry
preserved; only the synthetic-traffic generator removed.

Expand upon transaction examples by adding missing fields.

Picks up the upstream PR #114 pin + composer always-exit-0
fixes. Tag points at the locally-built image we just
pushed to GHCR (digest sha256:...).

Activated via:
  docker compose -f testnets/cardano_node_master/docker-compose.yaml \
                 -f testnets/cardano_node_master/tx-generator.disabled.yaml up

Three composer-side fixes folded into one commit, against
findings from prior Antithesis runs (most recent:
https://cardano.antithesis.com/report/tilehuSggX4cnuy5qyXfwpqI/2ZUJSYUipLqm3Dlbo9R3rjrS7i7dYJ_mc8FwikFqYLg.html).

1. (https://github.com/cardano-foundation/cardano-node-antithesis/issues/105)
   Switch tx_generator_*_not_applicable from
   'sdk_sometimes false' to 'sdk_reachable'. Antithesis
   grades a Sometimes assertion as PASSING when ≥1 sample
   has condition=true; we always emit condition=false for
   not-applicable, so that type can never satisfy.
   Reachability is the right shape — accumulates samples
   without a pass/fail grade.

2. (https://github.com/cardano-foundation/cardano-node-antithesis/issues/106)
   Replace 'set -euo pipefail' with 'set -u'. Always exit
   0; encode tick state purely via SDK assertions
   (asteria-stub convention: parallel_driver_heartbeat.sh
   in components/asteria-stub/composer/stub/).
   Antithesis's built-in 'Always: Commands finish with
   zero exit code' property has no opt-out; any non-zero
   exit fails it. The previous 'exit 1 on not-applicable'
   pattern would have worked if the property could be
   suppressed but it can't.

3. Wrap nc in '|| true', check for empty RSP, and on
   empty emit a tx_generator_*_daemon_unreachable
   reachability event then exit 0. Fixes the case where
   the composer fires a driver before the daemon's control
   socket is bound during early boot — without this, the
   'set -e' (now removed) would kill the script before any
   exit-0 path runs, and even with 'set -u' alone, the
   subsequent jq parse on empty input emits stderr noise.

4. eventually_population_grew.sh: distinguish "daemon
   unreachable" from "daemon says populationSize=0". Fire
   did_not_grow only when the snapshot RSP is non-empty
   AND parses as JSON. Otherwise emit
   tx_generator_eventually_daemon_unreachable
   reachability + exit 0.

5. parallel_driver_refill.sh: include 'index-not-ready' in
   the not-applicable case set. After
   cardano-node-clients#110 (freshness gate) and #114
   (pre-submit chain-tip probe), the refill arm returns
   IndexNotReady during the post-reconnect stale window;
   the composer should treat this as a documented
   not-applicable, not unknown-failure.

The submit-rejected paths keep their sdk_unreachable
(strict) framing — the daemon-side fixes (#105/#110/#114)
are expected to drive these to zero. The next 1h
Antithesis dispatch on this branch verifies the full stack.

Picks up the pre-submit chain-tip UTxO probe — the
second-line defense for duplicate-submit-after-reconnect
that PR #110's freshness gate alone couldn't cover
(https://github.com/lambdasistemi/cardano-node-clients/pull/114
closes lambdasistemi/cardano-node-clients#111).

Stacks the full reconnect-resilience suite from upstream:
  * #105 — N2C reconnect supervisor + BlockedIndefinitelyOnSTM catch
  * #110 — post-reconnect indexer freshness gate (rsIndexFresh)
  * #114 — pre-submit chain-tip UTxO probe (this bump)

Will be re-pinned to the upstream main merge SHA before
this PR merges, per *Pins main only*.

This reverts commit 80aaa6e37ba42b49172e1acbbb4ce2a2f7387573.

Signed-off-by: Chris Gianelloni <[email protected]>

testnets/asteria_game/ is here to exercise the asteria game under
fault injection — the supporting cast (tracer, tracer-sidecar,
sidecar, log-tailer, tx-generator) was carried over from
cardano_node_master but adds no signal we score in this testnet.

Removed services:
  - tracer + tracer-sidecar — unused; the asteria-game container
    has its own SDK fallback path at /tmp/sdk.jsonl.
  - sidecar + log-tailer — would have surfaced node logs in the
    Antithesis report but we aren't scoring node-internal events
    here.
  - tx-generator — produces background traffic. The asteria
    workload is the only chain activity worth tracking.
  - tracer-config.yaml — dead config file, deleted.

Also drops the @--tracer-socket-path-connect@ flag from the node
commands (no tracer to connect to) and the @tracer:@ volume +
mounts.

Resulting service list: configurator (one-shot), p1/p2/p3
producers, relay1/relay2 relays, asteria-game.

Locally validated end-to-end on the stripped cluster:
  - bootstrap: asteria_bootstrap_asteria_created
  - spawn pass id=1: asteria_player_ship_spawned_1
  - admin_singleton invariant: count=1, hit=true
  - consistency invariant: counter=0/ships=0, hit=true

Remove tx-generator, asteria-stub, log-tailer from the
cardano_node_adversary testnet. Only the cardano-node containers
(producers + relays), configurator, tracer, tracer-sidecar, sidecar,
and the adversary daemon itself remain.

Reason: the adversary testnet exists to isolate the adversary's
effect on the cluster. Running tx-generator and asteria-stub
mingled their findings with the adversary's, producing 11 of 12
findings that were tx-generator / asteria-stub related, not
adversary-related. Stripping them to:

- configurator (bootstrap)
- tracer + tracer-sidecar (chainPoints.log feed for adversary)
- sidecar (Antithesis setup-complete signal)
- p1, p2, p3 (block producers)
- relay1, relay2 (relays)
- adversary (the daemon under test)

No tx-generator, no asteria-stub, no log-tailer. The only workload
in this testnet is the adversary's chain-sync attacks against the
producers.

cardano_node_master is unchanged.