ccf-0.15.1

Added

• JWT documentation (#1875).
• Member keys in HSM documentation (#1884).

Changed

• /gov/ack/update_state_digest and /gov/ack now only return/accept a hex string (#1873).
• /node/quote schema update (#1885).
• AFT consensus improvements (#1880, #1881).

0.15.0

Added

• Support for non-recovery members: only members with an associated public encryption key are handed recovery shares (#1866).
• AFT consensus verify entry validity (#1864).
• JWT validation in forum sample app (#1867).
• JavaScript endpoints OpenAPI definition is now included in /api (#1874).

Changed

• The keyId field in the Authorization header must now be set to the hex-encoded SHA-256 digest of the corresponding member certificate encoded in PEM format. The scurl.sh script and Python client have been modified accordingly. scurl.sh can be run with DISABLE_CLIENT_AUTH=1 (equivalent disable_client_auth=False argument to Python client) to issue signed requests without session-level client authentication (#1870).
• Governance endpoints no longer require session-level client authentication matching a member identity, the request signature now serves as authentication. The purpose of this change is to facilitate member key storage in systems such as HSMs (#1870).
• Support for hs2019 scheme for HTTP signatures (#1872).
  • ecdsa-sha256 scheme will be deprecated in the next release.

ccf-0.14.3

Added

• Added support for storing JWT public signing keys (#1834).
  • The new proposals set_jwt_issuer, remove_jwt_issuer, and set_jwt_public_signing_keys can be generated with the latest version of the ccf Python package.
  • sandbox.sh has a new --jwt-issuer <json-path> argument to easily bootstrap with an initial set of signing keys using the set_jwt_issuer proposal.
  • See tests/npm-app/src/endpoints/jwt.ts for validating tokens received in the Authorization HTTP header in TypeScript.
  • Includes special support for SGX-attested signing keys as used in MAA.

Changed

• CCF now depends on Open Enclave 0.12 (#1830).
• /app/user_id now takes {"cert": user_cert_as_pem_string} rather than {"cert": user_cert_as_der_list_of_bytes} (#278).
• Members' recovery shares are now encrypted using RSA-OAEP-256 (#1841). This has the following implications:
  • Network's encryption key is no longer output by the first node of a CCF service is no longer required to decrypt recovery shares.
  • The latest version of the submit_recovery_share.sh script should be used.
  • The latest version of the proposal_generator.py should be used (please upgrade the ccf Python package).
• submit_recovery_share.sh script's --rpc-address argument has been removed. The node's address (e.g. https://127.0.0.1:8000) should be used directly as the first argument instead (#1841).
• The constitution's pass function now takes an extra argument: proposer_id, which contains the member_id of the member who submitted the proposal. To adjust for this change, replace tables, calls, votes = ... with tables, calls, votes, proposer_id = ... at the beginning of the pass definition.
• Bundled votes (ie. the ballot entry in POST /proposals) have been removed. Votes can either happen explicitly via POST /proposals/{proposal_id}/votes, or the constitution may choose to pass a proposal without separate votes by examining its contents and its proposer, as illustrated in the operating member constitution sample. The --vote-against flag in proposal_generator.py, has also been removed as a consequence.

Fixed

• Added tools.cmake to the install, which ccf_app.cmake depends on and was missing from the previous release.

Deprecated

• kv::Store::create is deprecated, and will be removed in a future release. It is no longer necessary to create a kv::Map from a Store, it can be constructed locally (kv::Map<K, V> my_map("my_map_name");) or accessed purely by name (auto view = tx.get_view<K, V>("my_map_name");) (#1847).

ccf-0.14.2

Changed

• The start_test_network.sh script has been replaced by sandbox.sh. Users wishing to override the default network config (a single node on '127.0.0.1:8000') must now explictly specify if they should be started locally (eg. -n 'local://127.4.4.5:7000') or on remote machine via password-less ssh (eg. -n 'ssh://10.0.0.1:6000').
• node/quote endpoint now returns a single JSON object containing the node's quote (#1761).
• Calling foreach on a TxView now iterates over the entries which previously existed, ignoring any modifications made by the functor while iterating.

ccf-0.14.1

Added

• /node/memory endpoint exposing the maximum configured heap size, peak and current used sizes.

Changed

• Public tables in the KV must now indicate this in their name (with a public: prefix), and internal tables have been renamed. Any governance or auditing scripts which operate over internal tables must use the new names (eg - ccf.members is now public:ccf.gov.members).
• --member-info on cchost can now take a third, optional file path to a JSON file containing additional member data (#1712).

Removed

• /api/schema endpoints are removed, as the same information is now available in the OpenAPI document at /api.

Deprecated

• Passing the SecurityDomain when creating a KV map is deprecated, and will be removed in a future release. This should be encoded in the table's name, with a public: prefix for public tables.

ccf-0.14.0

Added

• Nodes can recover rapidly from a snapshot, rather than needing to reprocess an entire ledger (#1656)
• Python client code wraps creation and replacement of an entire JS app bundle in a single operation (#1651)
• Snapshots are only usable when the corresponding evidence is committed (#1668).
• JSON data associated to each consortium member to facilitate flexible member roles (#1657).

Changed

• /api endpoints return an OpenAPI document rather than a custom response (#1612, #1664)
• Python ledger types can process individual chunks as well as entire ledger (#1644)
• POST recovery_share/submit endpoint is renamed to POST recovery_share (#1660).

Fixed

• Elections will not allow transactions which were reported as globally committed to be rolled back (#1641)

Deprecated

• lua_generic app is deprecated and will be removed in a future release. Please migrate old Lua apps to JS

ccf-0.13.4

Changed

• Fixed infinite memory growth issue (#1639)
• Step CLI updated to 0.15.2 (#1636)

ccf-0.13.3

Added

• Sample TypeScript application (#1614, #1596)

Changed

• Handlers can implement custom authorisation headers (#1203, #1563)
• Reduced CPU usage when nodes are idle (#1625, #1626)
• Upgrade to Open Enclave 0.11 (#1620, #1624)
• Snapshots now include view history, so nodes resuming from snapshots can accurately serve transaction status requests (#1616)
• Request is now passed as an argument to JavaScript handlers (#1604), which can return arbitrary content types (#1575)
• Quote RPC now returns an error when the quote cannot be found (#1594)
• Upgraded third party dependencies (#1589, #1588, #1576, #1572, #1573, #1570, #1569)
• Consensus types renamed from raft and pbft to cft and bft (#1591)

Removed

• Notification server (#1582)

ccf-0.13.2

• Added retire_node_code proposal (#1558)
• Added ability to update a collection of JS modules in a single proposal (#1557)

ccf-0.13.1

Bugfixes

• Handle setting multiple subject alternative names correctly in node certificate (#1552)
• Fix host memory check on startup ecall (#1553)
  • Thank you to Zhaofeng Chen, Qinkun Bao, Mingshen Sun, and Kang Li from Baidu Security for spotting and reporting this issue.