feat(cmd/testnetify): backport testnetify from live blockchain state

[troian]

No description provided.

[coderabbitai]

Walkthrough

This update refactors and replaces the previous "testnetify" CLI tool and its supporting code with a new, integrated mechanism for initializing and running a testnet instance for the Akash blockchain. It introduces new configuration structures, application initialization logic, and command-line utilities, while removing the old testnetify state manipulation code and related utilities. Dependencies are updated, and a sample testnet configuration file is added.

Changes

File(s)	Change Summary
app/testnet.go	Adds logic for initializing Akash app for testnet, including validator, governance, and upgrade configuration structs and functions.
cmd/akash/cmd/app_creator.go	Adds a function to create a testnet-specific Akash app instance.
cmd/akash/cmd/root.go	Moves the testnetify command directly under the root command, removing it from the debug group.
cmd/akash/cmd/testnetify/cmd.go, cmd/akash/cmd/testnetify/state.go, cmd/akash/cmd/testnetify/accounts.go, cmd/akash/cmd/testnetify/escrow.go, cmd/akash/cmd/testnetify/validators.go, cmd/akash/cmd/testnetify/util.go	Removes the old testnetify CLI command and all supporting state manipulation and utility code.
cmd/akash/cmd/testnetify/config.go	Refactors and consolidates testnet configuration types, adds Tendermint validator key handling, and integrates Akash-specific config.
cmd/akash/cmd/testnetify/testnetify.go	Introduces a new command for creating and running a testnet from local state, including full state and validator set transformation logic.
cmd/akash/cmd/testnetify/utils.go	Adds utilities for opening LevelDB and setting up trace writers for testnet command execution.
go.mod	Updates dependencies, removes yacspin, upgrades Cosmos SDK and Tendermint forks, cleans up require/replace directives.
tests/upgrade/testnet.json	Adds a sample JSON testnet configuration file for local testing.
util/server/server.go	Adds a function to register the testnet creator command to a Cobra root command.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant Config
    participant App
    participant DB
    participant Node

    User->>CLI: Run testnetify command with config
    CLI->>Config: Load testnet config (validators, accounts, gov, upgrade)
    CLI->>DB: Open local database and state
    CLI->>App: Initialize AkashApp with testnet config
    App->>App: Reset validators, set up accounts, apply gov/upgrade
    CLI->>Node: Start blockchain node with modified state
    Node-->>User: Node runs testnet with new parameters

Loading

Estimated code review effort

5 (~150 minutes)

Poem

🐇
A testnet dawns, the old code fades,
New configs bloom in JSON shades.
Validators set, the chain anew,
Governance swift, upgrades too.
With fresh commands, we hop ahead—
Akash testnets, boldly led!
🌱✨

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 47c7a7e and c8eb5d4.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (15)

• app/testnet.go (1 hunks)
• cmd/akash/cmd/app_creator.go (1 hunks)
• cmd/akash/cmd/root.go (1 hunks)
• cmd/akash/cmd/testnetify/accounts.go (0 hunks)
• cmd/akash/cmd/testnetify/cmd.go (0 hunks)
• cmd/akash/cmd/testnetify/config.go (2 hunks)
• cmd/akash/cmd/testnetify/escrow.go (0 hunks)
• cmd/akash/cmd/testnetify/state.go (0 hunks)
• cmd/akash/cmd/testnetify/testnetify.go (1 hunks)
• cmd/akash/cmd/testnetify/util.go (0 hunks)
• cmd/akash/cmd/testnetify/utils.go (1 hunks)
• cmd/akash/cmd/testnetify/validators.go (0 hunks)
• go.mod (3 hunks)
• tests/upgrade/testnet.json (1 hunks)
• util/server/server.go (1 hunks)

💤 Files with no reviewable changes (6)

• cmd/akash/cmd/testnetify/accounts.go
• cmd/akash/cmd/testnetify/validators.go
• cmd/akash/cmd/testnetify/util.go
• cmd/akash/cmd/testnetify/escrow.go
• cmd/akash/cmd/testnetify/cmd.go
• cmd/akash/cmd/testnetify/state.go

✅ Files skipped from review due to trivial changes (2)

• util/server/server.go
• cmd/akash/cmd/testnetify/utils.go

🚧 Files skipped from review as they are similar to previous changes (4)

• cmd/akash/cmd/root.go
• cmd/akash/cmd/app_creator.go
• go.mod
• tests/upgrade/testnet.json

🧰 Additional context used

🧬 Code Graph Analysis (2)

cmd/akash/cmd/testnetify/config.go (1)

app/testnet.go (4)

• TestnetValidator (22-29)
• TestnetGovConfig (39-43)
• TestnetUpgrade (31-33)
• TrimQuotes (52-55)

app/testnet.go (4)

cmd/akash/cmd/testnetify/config.go (5)

• ConsAddress (39-41)
• AccAddress (31-33)
• TestnetValidator (43-55)
• TrimQuotes (67-70)
• TestnetConfig (59-65)

app/app.go (1)

• AkashApp (122-137)

upgrades/types/types.go (1)

• GetUpgradesList (96-98)

app/types/app.go (1)

• App (76-80)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: sims
• GitHub Check: network-upgrade-names
• GitHub Check: release-dry-run
• GitHub Check: lint
• GitHub Check: coverage
• GitHub Check: tests
• GitHub Check: build-bins

🔇 Additional comments (13)

cmd/akash/cmd/testnetify/config.go (4)

17-30: LGTM! Well-structured key types with proper JSON unmarshaling.

The PrivValidatorKey, NodeKey, and Keys types properly encapsulate Tendermint cryptographic structures and provide clean JSON marshaling integration using Tendermint's JSON library.

---

43-55: Good separation of concerns in validator structure.

The TestnetValidator struct properly separates configuration fields (exported) from runtime state (unexported), which is a good design pattern for this use case.

---

72-79: LGTM! Proper JSON unmarshaling implementation.

The UnmarshalJSON method correctly uses Tendermint's JSON library for unmarshaling cryptographic types, with appropriate error handling.

---

81-106: Consistent and correct address unmarshaling methods.

The UnmarshalJSON methods for ValAddress, AccAddress, and ConsAddress follow a consistent pattern with proper Bech32 decoding and error handling using the TrimQuotes utility function.

app/testnet.go (4)

22-50: Well-designed configuration types for testnet setup.

The type definitions provide a clean structure for testnet configuration, properly separating concerns between validators, governance, and upgrade configurations.

---

102-104: Good improvement! Iterator close errors are now properly handled.

The iterator close operations now check for errors and handle them appropriately with panic calls, which is an improvement from the previous version that ignored these errors.

Also applies to: 112-114, 121-123, 130-132

---

134-195: Comprehensive validator initialization logic.

The validator setup properly handles all necessary aspects including staking parameters, distribution records, and slashing configuration. The hardcoded values are appropriate for testnet environments.

---

229-254: Well-implemented upgrade scheduling logic.

The upgrade configuration properly schedules upgrade plans and sets up store loaders when needed, with appropriate error handling for initialization failures.

cmd/akash/cmd/testnetify/testnetify.go (5)

52-238: Well-structured command definition with comprehensive documentation.

The command setup is thorough with appropriate flags, validation, and clear documentation explaining the testnetify process and its implications.

---

164-168: Good improvement to cross-platform signal handling.

The signal handling now uses the signal package with os.Interrupt instead of Unix-specific syscalls, which provides better cross-platform compatibility.

---

276-278: Good placement of defer statements.

The defer statements for resource cleanup are now properly placed immediately after resource creation, ensuring cleanup happens even if errors occur later.

Also applies to: 284-286

---

312-456: Complex but comprehensive validator setup logic.

The validator setup logic properly handles key management, cryptographic operations, and validator set construction. While complex, it addresses the necessary requirements for testnet validator initialization.

---

458-522: Thorough blockchain state modification logic.

The state modification logic comprehensively updates validator sets, block signatures, and database entries to properly transform the blockchain state for testnet operation.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch testnetify

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 12

♻️ Duplicate comments (1)

app/testnet.go (1)

52-55: Duplicate function should be refactored.

This is a duplicate of the TrimQuotes function in cmd/akash/cmd/testnetify/config.go.

🧹 Nitpick comments (7)

tests/upgrade/testnet.json (1)

1-25: Appropriate testnet configuration for local testing.

This configuration file provides a sensible setup for local testnet testing:

• Short 60-second voting period enables rapid governance testing
• Validator commission rates are within reasonable bounds
• Single validator setup is sufficient for local development

Consider adding a comment at the top of the file explaining its purpose and usage context.

+// Local testnet configuration for upgrade testing
+// Used by the testnetify command to create a local testnet environment
{
    "chain_id": "localakash",

cmd/akash/cmd/app_creator.go (1)

16-31: Well-structured testnet app creator with clear separation of concerns.

The function properly implements the testnet app creation pattern by:

1. Leveraging the existing newApp function
2. Type-safe casting with appropriate validation
3. Extracting configuration and initializing testnet-specific state

Consider improving the panic messages for better debugging:

-		panic("app created from newApp is not of type AkashApp")
+		panic("failed to cast app to *akash.AkashApp - ensure newApp returns correct type")

-		panic("cflags.KeyTestnetConfig is not of type akash.TestnetConfig")
+		panic("testnet config not found or invalid type - ensure KeyTestnetConfig contains *akash.TestnetConfig")

cmd/akash/cmd/testnetify/config.go (1)

67-70: Extract TrimQuotes to a common utility package.

This function is duplicated in app/testnet.go. Consider moving it to a shared utility package to follow DRY principles.

Would you like me to create a common utility package and refactor both occurrences to use the shared function?

app/testnet.go (2)

133-134: Consider making validator parameters configurable.

Hardcoded values for tokens, delegator shares, and commission rates should be configurable through the TestnetValidator struct.

-			Tokens:          sdk.NewInt(900000000000000),
-			DelegatorShares: sdk.MustNewDecFromStr("10000000"),
+			Tokens:          val.Tokens, // Add to TestnetValidator
+			DelegatorShares: val.DelegatorShares, // Add to TestnetValidator

-					Rate:          sdk.MustNewDecFromStr("0.05"),
-					MaxRate:       sdk.MustNewDecFromStr("0.1"),
-					MaxChangeRate: sdk.MustNewDecFromStr("0.05"),
+					Rate:          val.Commission.CommissionRates.Rate,
+					MaxRate:       val.Commission.CommissionRates.MaxRate,
+					MaxChangeRate: val.Commission.CommissionRates.MaxChangeRate,

Also applies to: 140-142

---

76-249: Consider refactoring this function into smaller, focused functions.

The function is quite long (170+ lines) and handles multiple responsibilities. Consider breaking it down into smaller functions like clearValidators, setupValidators, applyGovernanceConfig, mintAccountCoins, and scheduleUpgrade.

cmd/akash/cmd/testnetify/testnetify.go (2)

176-176: Make timeouts configurable.

Hardcoded 1-minute timeouts might not be sufficient for all scenarios.

Consider adding command flags for these timeout values:

cmd.Flags().Duration("block-wait-timeout", 1*time.Minute, "Timeout for waiting for first block")
cmd.Flags().Duration("block-commit-timeout", 1*time.Minute, "Timeout for waiting for block commit")

Also applies to: 196-196

---

452-452: Make validator voting power configurable.

The hardcoded voting power value should be configurable.

-			VotingPower: 900000000000000,
+			VotingPower: val.VotingPower, // Add to TestnetValidator struct

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 759fe47 and 47c7a7e.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (15)

• app/testnet.go (1 hunks)
• cmd/akash/cmd/app_creator.go (1 hunks)
• cmd/akash/cmd/root.go (1 hunks)
• cmd/akash/cmd/testnetify/accounts.go (0 hunks)
• cmd/akash/cmd/testnetify/cmd.go (0 hunks)
• cmd/akash/cmd/testnetify/config.go (2 hunks)
• cmd/akash/cmd/testnetify/escrow.go (0 hunks)
• cmd/akash/cmd/testnetify/state.go (0 hunks)
• cmd/akash/cmd/testnetify/testnetify.go (1 hunks)
• cmd/akash/cmd/testnetify/util.go (0 hunks)
• cmd/akash/cmd/testnetify/utils.go (1 hunks)
• cmd/akash/cmd/testnetify/validators.go (0 hunks)
• go.mod (3 hunks)
• tests/upgrade/testnet.json (1 hunks)
• util/server/server.go (1 hunks)

💤 Files with no reviewable changes (6)

• cmd/akash/cmd/testnetify/accounts.go
• cmd/akash/cmd/testnetify/escrow.go
• cmd/akash/cmd/testnetify/util.go
• cmd/akash/cmd/testnetify/validators.go
• cmd/akash/cmd/testnetify/cmd.go
• cmd/akash/cmd/testnetify/state.go

🧰 Additional context used

🧬 Code Graph Analysis (3)

cmd/akash/cmd/root.go (1)

cmd/akash/cmd/testnetify/testnetify.go (1)

• GetCmd (52-237)

cmd/akash/cmd/testnetify/utils.go (1)

cmd/akash/cmd/testnetify/testnetify.go (1)

• FlagTraceStore (40-40)

cmd/akash/cmd/testnetify/config.go (1)

app/testnet.go (4)

• TestnetValidator (22-29)
• TestnetGovConfig (39-43)
• TestnetUpgrade (31-33)
• TrimQuotes (52-55)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)

• GitHub Check: sims
• GitHub Check: release-dry-run
• GitHub Check: coverage
• GitHub Check: lint
• GitHub Check: network-upgrade-names
• GitHub Check: tests
• GitHub Check: build-macos
• GitHub Check: build-bins

🔇 Additional comments (12)

cmd/akash/cmd/root.go (1)

160-160: Good architectural improvement: Moving testnetify to root level.

This change appropriately elevates the testnetify command from a debug subcommand to a top-level command, reflecting its significance as a primary testnet management tool. The use of dependency injection with newTestnetApp follows good software design principles.

util/server/server.go (1)

194-199: Well-designed utility function for testnet creation.

This function provides a clean, reusable interface for adding testnet creation capabilities to CLI applications. The implementation follows established patterns in the codebase and properly integrates with the Cosmos SDK's InPlaceTestnetCreator.

go.mod (2)

55-55: Good dependency updates to newer akash fork versions.

The updates to akash.5 versions of both cosmos-sdk and tendermint forks indicate improved compatibility and likely include important patches. This aligns well with the testnet functionality improvements.

Also applies to: 71-71

---

15-15: JWT Dependency Version Security – Approved

The specified version github.com/golang-jwt/jwt/v5 v5.2.2 includes the patch for CVE-2025-30204 (excessive memory allocation in header parsing) and is not vulnerable to that issue.

• Ensure your code properly handles errors returned by ParseWithClaims to mitigate risks related to CVE-2024-51744.
• Continue to update this dependency to the latest stable release and monitor the project’s security advisories for new vulnerabilities.

No further action required.

cmd/akash/cmd/testnetify/utils.go (2)

13-16: LGTM!

The function correctly creates a LevelDB instance with proper path construction and error handling.

---

31-31: Avoid variable shadowing in cleanup function.

The error variable err in the cleanup function shadows the function parameter err. This could lead to confusion.

-			if err = traceWriter.Close(); err != nil {
+			if closeErr := traceWriter.Close(); closeErr != nil {
-				svrCtx.Logger.Error("failed to close trace writer", "err", err)
+				svrCtx.Logger.Error("failed to close trace writer", "err", closeErr)

Likely an incorrect or invalid review comment.

cmd/akash/cmd/testnetify/config.go (4)

17-30: LGTM!

The key types are well-structured for handling Tendermint validator and node keys.

---

43-55: LGTM!

The TestnetValidator struct appropriately combines configuration fields with private runtime state fields.

---

72-79: LGTM!

The custom JSON unmarshaling correctly uses Tendermint's JSON library for proper key deserialization.

---

81-106: LGTM!

The address unmarshaling methods correctly handle JSON string parsing with quote trimming and proper error propagation.

app/testnet.go (1)

22-50: LGTM!

The testnet configuration types are well-structured with appropriate field types and clear purposes.

cmd/akash/cmd/testnetify/testnetify.go (1)

393-396: Key prefix confirmed in Tendermint blockstore

We’ve verified that "SC:%v" is the exact format used by Tendermint’s own calcSeenCommitKey in store/store.go, so the key schema is stable:

• Definition (store/store.go):

func calcSeenCommitKey(height int64) []byte {
    return []byte(fmt.Sprintf("SC:%v", height))
}

You can safely delete keys constructed with fmt.Appendf(nil, "SC:%v", …).
Optional improvement: import and call calcSeenCommitKey(height) instead of inlining fmt.Appendf, to stay aligned with upstream.

[coderabbitai]

⚠️ Potential issue

Remove overly restrictive time unit validation.

The validation only allows durations ending with 's', but Go's time.ParseDuration supports multiple units (ns, us, µs, ms, s, m, h). The error message mentions these units but the code rejects them.

-	if !strings.HasSuffix(val, "s") {
-		return fmt.Errorf("invalid format of voting period. must contain time unit. Valid time units are ns|us(µs)|ms|s|m|h") // nolint: goerr113
-	}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if !strings.HasSuffix(val, "s") {
	return fmt.Errorf("invalid format of voting period. must contain time unit. Valid time units are ns|us(µs)|ms|s|m|h") // nolint: goerr113
	}

🤖 Prompt for AI Agents

In app/testnet.go around lines 60 to 62, the code restricts the voting period
duration to only those ending with 's', which conflicts with the error message
and Go's time.ParseDuration support for multiple units. Remove the check that
enforces the suffix 's' so that all valid time units supported by
time.ParseDuration (ns, us, µs, ms, s, m, h) are accepted, and keep the error
message as is to reflect the valid units.

[coderabbitai]

⚠️ Potential issue

Avoid using os.Exit in library functions.

Using tmos.Exit in a defer block makes this function unsuitable for use in tests or as a library function. It prevents proper error handling by the caller.

-	defer func() {
-		if err != nil {
-			tmos.Exit(err.Error())
-		}
-	}()

Instead, return the error and let the caller decide how to handle it.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In app/testnet.go around lines 86 to 90, the defer function calls tmos.Exit on
error, which abruptly terminates the program and prevents callers from handling
errors properly. Remove the defer block that calls tmos.Exit and instead modify
the function to return the error to the caller, allowing them to decide how to
handle it.

[coderabbitai]

⚠️ Potential issue

Add nil check for VotingParams.

Accessing tcfg.Gov.VotingParams.VotingPeriod without checking if VotingParams is nil could cause a panic.

+	if tcfg.Gov.VotingParams != nil {
 	voteParams.VotingPeriod = tcfg.Gov.VotingParams.VotingPeriod.Duration
 	app.Keepers.Cosmos.Gov.SetVotingParams(ctx, voteParams)
+	}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	voteParams.VotingPeriod = tcfg.Gov.VotingParams.VotingPeriod.Duration
	if tcfg.Gov.VotingParams != nil {
	voteParams.VotingPeriod = tcfg.Gov.VotingParams.VotingPeriod.Duration
	app.Keepers.Cosmos.Gov.SetVotingParams(ctx, voteParams)
	}

🤖 Prompt for AI Agents

In app/testnet.go at line 197, add a nil check for tcfg.Gov.VotingParams before
accessing VotingPeriod to prevent a potential panic. Ensure you verify that
VotingParams is not nil, and only then assign VotingPeriod from its Duration
field.

[coderabbitai]

🛠️ Refactor suggestion

Log errors in monitoring goroutine.

Errors in the goroutine are silently ignored, making debugging difficult.

 				cctx, err := client.GetClientQueryContext(cmd)
 				if err != nil {
+					sctx.Logger.Error("failed to get client context in monitor", "err", err)
 					return
 				}

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In cmd/akash/cmd/testnetify/testnetify.go around lines 170 to 173, the error
returned by client.GetClientQueryContext(cmd) is currently ignored without
logging. Modify the code to log the error before returning, using an appropriate
logger or fmt to output the error details, so that errors in this goroutine are
visible for debugging.

[coderabbitai]

⚠️ Potential issue

Use more restrictive file permissions for trace files.

The permission 0o666 allows all users to read and write the trace file, which could expose sensitive information.

-		0o666,
+		0o600,

🤖 Prompt for AI Agents

In cmd/akash/cmd/testnetify/utils.go at line 47, the file permission 0o666 is
too permissive, allowing all users to read and write the trace file. Change the
permission to a more restrictive setting such as 0o600 to ensure only the owner
can read and write the file, protecting sensitive information.