Skip to content

26.1.0

Latest
Latest

Choose a tag to compare

View all tags
@fnando fnando released this 28 May 01:38
· 9 commits to main since this release
v26.1.0
1228cff
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Ledger hardware wallets, end-to-end

  • Derive and display addresses with stellar keys address --ledger (#2557).
  • Fund accounts directly from Ledger-derived public keys with stellar keys fund --ledger (#2558).
  • Register Ledger identities with stellar keys add --ledger (#2563).
  • Pick the derivation path consistently with --hd-path across all of the above (#2539, #2540).
  • Sign contract authorization entries from Ledger identities, enabling multi-auth contract invocations entirely from a hardware wallet — no secret material ever leaves the device (#2569).

Smaller wasm by default

  • stellar contract build now optimizes wasm output by default (#2581).
  • The --optimize flag is no longer required — what comes out of build is production-ready bytecode you can deploy as-is.

New: stellar contract info hash

  • Returns the wasm hash for a deployed contract (#2576).
  • Useful for scripting verification flows, comparing deployments across networks, or confirming that two contracts run the exact same bytecode.

Organized, discoverable help output

  • --help output now groups flags into logical sections instead of dumping them in a single flat list (#2567).
  • Finding the right network, signing, output, or identity flag is much faster — especially for high-surface commands like contract invoke.

Security hardening across the board

This release closes a number of paths where secrets, credentials, or untrusted input could surface in places they shouldn't:

  • Secret values are no longer echoed in error messages, help output, signing previews, or RPC headers.
  • Passwords embedded in RPC URLs are redacted in cached config, network display output, and the remaining places URLs were printed.
  • Config, cache, and identity files are now created with 0600 permissions, and permissions are correctly reset when overwriting via --config-dir.
  • STELLAR_SECRET_KEY is validated before being persisted and is rejected entirely when --secure-store is in use, preventing accidental disk writes of secret material.
  • Keyring entries are cleaned up properly when overwriting a key, eliminating stale credential leftovers.
  • stellar tx edit is hardened against temp-file swap attacks, and stellar contract build --print-commands-only now shell-escapes its output so it can be safely piped into a shell.
  • Authorization entries are validated before signing, and the transaction source is no longer silently mixed into auth signing logic.
  • Several dependency advisories were addressed (rustls-webpki, astral-tokio-tar, and others).

Quality-of-life and bug fixes

  • Identity aliases now resolve inside nested invoke arguments (#2552).
  • The CLI hints when a contract ID looks like a wasm hash (#2550).
  • Secure-store public keys are cached in identity files, so you don't re-hit the keyring on every read (#2533).
  • --hd-path is now persisted on plain seed-phrase keys (#2540).
  • --docker-host is honored for TCP/HTTP Docker connections (#2503).
  • Control characters in signed messages are escaped in previews.
  • Fixed a panic when the global config directory didn't exist.
  • Fixed an early-EOF bug in SkipWhitespace on whitespace-only chunks.

New Contributors

Full Changelog: v26.0.0...v26.1.0

Contributors

gabrielrondon
Assets 10
Loading