Skip to content

Mithril v2442.0

Compare
Choose a tag to compare
@github-actions github-actions released this 21 Oct 13:26
· 478 commits to main since this release
2442.0
0d4d6bc

Highlights

  • Stable support for decentralized signature orchestration (the signer node computes autonomously the messages to sign).
  • Stable support for Cardano transaction client library, CLI and WASM.
  • Stable support for new Pythagoras Mithril era.
  • Bug fixes and performance improvements.

What's Changed

  • Refactor signer state machine by @dlachaume in #1931
  • Aggregator single signatures buffer by @Alenar in #1934
  • Retrieve custom signing configuration with epoch settings in Signer by @dlachaume in #1939
  • Enhance mithril-common logging by @Alenar in #1940
  • Docs: rotate documentation for 2437 distribution by @jpraynaud in #1930
  • Docs: final CHANGELOG for '2437.1' distribution by @jpraynaud in #1947
  • Feat: create new 'Pythagoras' Mithril era by @jpraynaud in #1948
  • Update websites dependencies by @jpraynaud in #1937
  • Refactor: standardize epoch settings naming by @dlachaume in #1949
  • Feat: sign protocol parameters in Genesis certificate by @jpraynaud in #1950
  • Refactor: signable builder services compute full protocol message by @jpraynaud in #1942
  • Docs: dev blog posts for 2437 distribution by @jpraynaud in #1953
  • Fix: hydra CI error when allow lint attribute specifies a reason by @dlachaume in #1960
  • docs: improve clarity in "Verify your signer is registered" section by @dlachaume in #1962
  • crane fix by @locallycompact in #1959
  • Fix: swagger build step failing in CI by @jpraynaud in #1965
  • Feat: sign protocol parameters and epoch in certificate by @jpraynaud in #1954
  • Fix: discrepancy protocol parameters by @jpraynaud in #1967
  • Make aggregator advertises constant signing configurations for an epoch by @dlachaume in #1964
  • Fix: add migration to resolve deserialization issue with cardano_transactions_signing_config by @dlachaume in #1971
  • Docs: dev blog post for activation of the Cardano transaction certification by @jpraynaud in #1973
  • Signer self compute signed entity by @Alenar in #1970
  • Deprecate certificate pending by @Alenar in #1972
  • Feat: Support Cardano node 9.2.1 by @jpraynaud in #1969
  • Fix signer stuck if signature already aggregated by @Alenar in #1977
  • docs: update since signers now compute what to sign independently by @Alenar in #1975
  • Chore: decommission testing-mainnet network by @jpraynaud in #1978
  • Fix: topology computation of the Cardano nodes of the signers in infra by @jpraynaud in #1985
  • Signer certifier service sign & send signatures by @Alenar in #1979
  • Make epoch mandatory in RegisterSignerMessage by @Alenar in #1986
  • Feat: sign epoch in genesis certificate by @jpraynaud in #1987
  • Make Cardano transaction client stable by @dlachaume in #1989
  • Optimize /register-signer route by replacing ticker service with epoch service by @dlachaume in #1991
  • Feat: use stored signing configuration in aggregator when creating signed entity type by @dlachaume in #1988
  • Feat: implement era switch in e2e tests by @jpraynaud in #1974
  • Enhance logs in mithril-signer and mithril-persistence by @Alenar in #1992
  • Better folder structure for End to End test by @Alenar in #1994
  • Docs: add timeout troubleshooting macOS section in E2E README by @dlachaume in #1993
  • Fix: aggregator panics in CI by @dlachaume in #1995
  • Refactor(aggregator): simplify http server dependencies by @Alenar in #1996
  • Use new GitHub action for creating releases by @dlachaume in #2000
  • Enhance logs construction and usage in aggregator by @Alenar in #2002
  • Chore: update signer preloader refresh interval by @jpraynaud in #2003
  • Chore: update dependencies for distribution 2442 by @jpraynaud in #2004
  • Docs: update CHANGELOG for 2442.0 distribution release by @jpraynaud in #2006
  • setting benchmark path by @Fuma419 in #1951
  • Fix: update dependencies runbook and script by @dlachaume in #2008
  • Use new GitHub action for creating unstable release by @dlachaume in #2007
  • Rework & harmonize aggregator log messages by @Alenar in #2009

New Contributors

Full Changelog: 2437.1...2442.0

Crates Versions

Crate Version
mithril-aggregator 0.5.83
mithril-client 0.9.2
mithril-client-cli 0.9.15
mithril-client-wasm 0.5.2
mithril-common 0.4.69
mithril-signer 0.2.200
mithril-stm 0.3.30

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <[email protected]>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [[email protected]] and let us know of the outcome of your run of this process ⚠️