v0.3.0

0.3.0 - 2024-10-22

This is 0.3.0 release of Core.

This release has a large portion of the non-TDX specific changes outlined in the
Tofino spec. More TDX specific features will come in 0.4.0.

Notably, this includes changes like:

• Fully on-chain registration
• t-of-N signing instead of N-of-N signing
• The addition of the relayer role
• The removal of signing subgroups
• The removal of permissioned access mode

For more details take a look through the CHANGELOG.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.3.0
• entropyxyz/entropy-tss:release-v0.3.0

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.3.0 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Breaking Changes

• In #799 the concept of subgroups was removed in favour of a single pool of signers.
• In #801 permissioned access mode was removed.
• In #879 the network migrated from N-of-N cryptography to t-of-N cryptography.
• In #938, the chainspec got a couple of new fields, pallet_staking_extension::initial_signers,
• pallet_parameters::total_signers, and pallet_parameters::threshold, which are used to set up
  the initial threshold signing configuration for the network.
• In #1030, the registration flow got cleaned up. A lot of storage entries, events, and extrinsics
  were removed from the Registry pallet. The genesis build config was also removed. Additionally,
  the new/user/ HTTP endpoint in the TSS was removed since it was no longer necessary.
• In #1031, more Staking calls were blocked to go through the staking_extention pallet. This makes
  sure no funds can be unbonded from a validator if they are currently in the signing comittee. This
  was applied to unbond, chill, and withdraw_unbonded
• In #1045, ProgramsInfo now takes version_number to maintain backwards compatibility if programs
  runtime is updated.
• In #1050, the flow for signing has changed. A user now sends their request to any validator
  that is not a signer. This will act as a relayer. As such, UserSignatureRequest no longer
  requires the validators_info field since the the relayer adds that in after. The response
  received from the validator is now a Vec<Responses> from the signers.
• In #1051 an extra field representing a provisioning certification key (PCK)
  was added to the Staking Extension's threshold_server genesis configuration in the network
  chainspecs.
• In #1063 the pallet_staking_extension::validate() extrinsic was changed so that in order to
  populate certain data structures related to a candidates state (namely ThresholdToStash and
  ThresholdServer) an attestation from the Attestation pallet must have been received. Success of
  the validate() extrinsic does not mean the caller is a candidate or validator.
• In #1086 Eve was removed as a validator from the devnet-local chainspec and replaced with Charlie.

Added

• Jumpstart network (#918)
• Add Signer groups and rotation (#938)
• Split jumpstart and register flows (#952)
• New on-chain registration flow (#955)
• Reshare confirmation (#965)
• Set inital signers (#971)
• Add parent key threshold dynamically (#974)
• Signing flow with derived accounts (#990)
• TSS attestation endpoint (#1001)
• Attestation pallet (#1003)
• Add network-jumpstart command to entropy-test-cli (#1004)
• Update test CLI for new registration and signing flows (#1008)
• Add remove program function to entropy-client (#1023)
• Select validators for jumpstart DKG #1053)
• Add a programs version (#1045)
• Handle Provisioning Certification Keys (PCKs) (#1051)
• Block tss chain when signer (#1078)

Changed

• Migrate to threshold signing (#800)
• Use t of n signing in entropy-tss (#879)
• Fix TSS AccountId keys in chainspec (#993)
• No unbonding when signer or next signer (#1031)
• Add relay tx endpoint (#1050)
• Trigger attestation check during validate (#1063)
• Add fourth node to devnet-local configuration (#1086)

Removed

• Remove subgroups (#799)
• Remove permission from chain (#801)
• Remove prune_registration extrinsic (#1022)
• Remove confirm_registered extrinsic (#1025)
• Remove old registration flow (#1030)

v0.3.0-rc.1

0.3.0-rc.1 - 2024-10-04

This is the release candidate for the 0.3.0 release of Core.

This release has a large portion of the non-TDX specific changes outlined in the
Tofino spec. More TDX specific features will come in 0.4.0.

Notably, this includes changes like:

• Fully on-chain registration
• t-of-N signing instead of N-of-N signing
• The addition of the relayer role
• The removal of signing subgroups
• The removal of permissioned access mode

For more details take a look through the CHANGELOG.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.3.0-rc.1
• entropyxyz/entropy-tss:release-v0.3.0-rc.1

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.3.0-rc.1 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Breaking Changes

• In #799 the concept of subgroups was removed in favour of a single pool of signers.
• In #801 permissioned access mode was removed.
• In #879 the network migrated from t-of-N cryptography to t-of-N cryptography.
• In #938, the chainspec got a couple of new fields, pallet_staking_extension::initial_signers,
• pallet_parameters::total_signers, and pallet_parameters::threshold, which are used to set up
  the initial threshold signing configuration for the network.
• In #1030, the registration flow got cleaned up. A lot of storage entries, events, and extrinsics
  were removed from the Registry pallet. The genesis build config was also removed. Additionally,
  the new/user/ HTTP endpoint in the TSS was removed since it was no longer necessary.
• In #1031, more Staking calls were blocked to go through the staking_extention pallet. This makes
  sure no funds can be unbonded from a validator if they are currently in the signing comittee. This
  was applied to unbond, chill, and withdraw_unbonded
• In #1045, ProgramsInfo now takes version_number to maintain backwards compatibility if programs
  runtime is updated.
• In #1050, the flow for signing has changed. A user now sends their request to any validator
  that is not a signer. This will act as a relayer. As such, UserSignatureRequest no longer
  requires the validators_info field since the the relayer adds that in after. The response
  received from the validator is now a Vec<Responses> from the signers.
• In #1063 the pallet_staking_extension::validate() extrinsic was changed so that in order to
  populate certain data structures related to a candidates state (namely ThresholdToStash and
  ThresholdServer) an attestation from the Attestation pallet must have been received. Success of
  the validate() extrinsic does not mean the caller is a candidate or validator.
• In #1086 Eve was removed as a validator from the devnet-local chainspec and replaced with Charlie.

Added

• Jumpstart network (#918)
• Add Signer groups and rotation (#938)
• Split jumpstart and register flows (#952)
• New on-chain registration flow (#955)
• Reshare confirmation (#965)
• Set inital signers (#971)
• Add parent key threshold dynamically (#974)
• Signing flow with derived accounts (#990)
• TSS attestation endpoint (#1001)
• Attestation pallet (#1003)
• Add network-jumpstart command to entropy-test-cli (#1004)
• Update test CLI for new registration and signing flows (#1008)
• Add remove program function to entropy-client (#1023)
• Select validators for jumpstart DKG #1053)
• Add a programs version (#1045)
• Handle Provisioning Certification Keys (PCKs) (#1051)
• Block tss chain when signer (#1078)

Changed

• Migrate to threshold signing (#800)
• Use t of n signing in entropy-tss (#879)
• Fix TSS AccountId keys in chainspec (#993)
• No unbonding when signer or next signer (#1031)
• Add relay tx endpoint (#1050)
• Trigger attestation check during validate (#1063)
• Add fourth node to devnet-local configuration (#1086)

Removed

• Remove subgroups (#799)
• Remove permission from chain (#801)
• Remove prune_registration extrinsic (#1022)
• Remove confirm_registered extrinsic (#1025)
• Remove old registration flow (#1030)

v0.2.0

0.2.0 - 2024-07-11

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.2.0
• entropyxyz/entropy-tss:release-v0.2.0

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.2.0 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Breaking Changes

• In #853 the responsibility of generating a
  TSS mnemonic was shifted to operators, which can be done using the --mnemonic flag during
  process startup. This also allows operators to back up the mnemonic for their TSS.
• In #856 a new flag, --mnemonic-option,
  and environment variable DEPLOYER_MNEMONIC, were added to the entropy-test-cli as ways to
  indicate which account to use during registration. This replaces having an account name or
  mnemonic directly in the command invocation.
• In #866 timestamp was removed from
  UserSignatureRequest and replaced with block_number. Thus check_stale now uses block_number for
  stale checks
• In #881 the HashingAlgorithm enum is
  given an additional variant Blake2_256 and marked as non_exhaustive meaning we must handle the
  case that an unknown variant is added in the future.
• In #900 the subgroup signer selection was
  sorted to ensure a predicatble order across libraries, languages and clients.
• In #901 the network's currency units were
  changed. This resulted in a change to the existential deposit as well as balances of endowed
  accounts (e.g development accounts like //Alice).

Added

• Add a way to change program modification account (#843)
• Add support for --mnemonic-file and THRESHOLD_SERVER_MNEMONIC (#864)
• Add validator helpers to cli (#870)
• Add blake2 as built in hash function and make HashingAlgorithm non-exhaustive (#881)
• Add sort to subgroup signer selection (#900)
• Create four node Docker Compose chainspec (#902)

Changed

• Move TSS mnemonic out of keystore (#853)
• Prepare test CLI for use in Programs repo (#856)
• Replace timestamp with block number (#866)
• Change currency units (#901)

v0.2.0-rc.1

0.2.0-rc.1 - 2024-06-26

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.2.0-rc.1
• entropyxyz/entropy-tss:release-v0.2.0-rc.1

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.2.0-rc.1 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Breaking Changes

• In #853 the responsibility of generating a
  TSS mnemonic was shifted to operators, which can be done using the --mnemonic flag during
  process startup. This also allows operators to back up the mnemonic for their TSS.
• In #856 a new flag, --mnemonic-option,
  and environment variable DEPLOYER_MNEMONIC, were added to the entropy-test-cli as ways to
  indicate which account to use during registration. This replaces having an account name or
  mnemonic directly in the command invocation.
• In #866 timestamp was removed from
  UserSignatureRequest and replaced with block_number. Thus check_stale now uses block_number for
  stale checks
• In #881 the HashingAlgorithm enum is
  given an additional variant Blake2_256 and marked as non_exhaustive meaning we must handle the
  case that an unknown variant is added in the future.
• In #900 the subgroup signer selection was
  sorted to ensure a predicatble order across libraries, languages and clients.

Added

• Add a way to change program modification account (#843)
• Add support for --mnemonic-file and THRESHOLD_SERVER_MNEMONIC (#864)
• Add validator helpers to cli (#870)
• Add blake2 as built in hash function and make HashingAlgorithm non-exhaustive (#881)
• Add sort to subgroup signer selection (#900)
• Create four node Docker Compose chainspec (#902)

Changed

• Move TSS mnemonic out of keystore (#853)
• Prepare test CLI for use in Programs repo (#856)
• Replace timestamp with block number (#866)
• Change currency units (#901)

v0.1.0

0.1.0 - 2024-05-20

This is the first publicly available version of Entropy 🥳

There aren't a lot of new features compared to the v0.12.0 release. However, one exciting addition
is that crates related to the threshold server (entropy-tss) are now published on crates.io.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.1.0
• entropyxyz/entropy-tss:release-v0.1.0

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.1.0 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Changed

• Make full version of entropy-client possible to compile on wasm (#816)
• Remove certain endowed accounts from chain (#819)
• Updates for test-cli before publishing and to work nicely with v0.0.12 (#830)

Fixed

• Fix Account Deserialization error from verifying key mismatch (#831)

v0.1.0-rc.1

0.1.0-rc.1 - 2024-05-15

This is the release candidate for the first publicly available version of Entropy 🥳

There aren't a lot of new features compared to the v0.12.0 release. However, one exciting addition
is that crates related to the threshold server (entropy-tss) are now published on crates.io.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.1.0-rc.1
• entropyxyz/entropy-tss:release-v0.1.0-rc.1

Published Crates

The crates from the crates/ subdirectory have been published on crates.io under the v0.1.0.rc.1 version.

If you want to install the entropy-test-cli for example, you can do so using the following command:

cargo install [email protected]

Changed

• Make full version of entropy-client possible to compile on wasm (#816)
• Remove certain endowed accounts from chain (#819)
• Updates for test-cli before publishing and to work nicely with v0.0.12 (#830)

Fixed

• Fix Account Deserialization error from verifying key mismatch (#831)

v0.0.12

0.0.12 - 2024-05-05

Breaking Changes

• #788 'Integrate oracle to programs' the
  programs::set_program extrinsic now takes an additional argument oracle_data_pointer of type
  Vec<u8> (Uint8Array on JS). Since oracles are not completely implemented this should be
  passed an empty vector/array.
• In #762 'Update Substrate to Polkadot 1.7.0'
  the genesis chainspec builder has been updated for sc_service 0.36.0, which affects both the
  runtime and chainspec.
• In #709 'Derive the threshold account
  keypair and x25519 keypair from mnemonic using HKDF' the JS entropy-protocol bindings have
  changed. Hpke.DecryptAndVerify now takes a secret x25519 encryption key rather than a secret
  sr25519 signing key. The runDkgProtocol and runSigningProtocol functions now both take a
  secret x25519 key as an additional argument, since these are no longer derived from the given
  signing secret key. Similarly in the rust API, EncryptedSignedMessage no longer derives x25519
  keypairs internally and so the decrypt method now takes a x25519 secret key. Also, the method by
  which keypairs are derived from a mnemonic has changed, which means existing validators x25119
  and sr25519 keypairs will be different what they were before. This includes the test accounts in
  the chainspec.

Added

• Add testnet account JSON (#769)
• Make common crate for TSS and test client (#775)

Changed

• Derive the threshold account keypair and x25519 keypair from mnemonic using HKDF (#709)
• TSS servers sync by default (#784)
• Improve test-cli following removal of permissioned mode (#770)

v0.0.11

0.0.11 - 2024-04-08

It's been a minute since our last release! A few of the major changes since then include:

• The addition of Public access mode for signature requests, allowing anybody to request a from an account.
• The removal of Permissioned access mode for signature requests. Its functionality was made redundant by the Public access mode
• Request rate limiting for signing requests. This is done by the threshold servers, but the are agreed upon on-chain.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.0.11
• entropyxyz/entropy-tss:release-v0.0.11

Breaking Changes

• In #623, 'Public Access Mode', the UserSignatureRequest given when requesting a signature with the 'sign_tx' http endpoint must now contain an additional field, signature_request_account: AccountId32. In private and permissioned modes, this must be identical to the account used to sign the SignedMessage containing the signature request. In public access mode this may be an Entropy account owned by someone else.
• In #629, 'Add proactive refresh keys on-chain', the StakingExtensionConfig::proactive_refresh_validators field used by the chain spec is now StakingExtensionConfig::proactive_refresh_data and takes a tuple of Vec. Both should be empty at genesis for production.
• In #631, the config_interface field of ProgramInfo was renamed to interface_description to be more semantically accurate. This field will now be used to describe program interfaces, including the auxilary and configuration interfaces of the program.
• In #658, RegisteredInfo and RegisteringDetails now contain version_number. As well KeyVersionNumber was added as a config parameter to the Relayer pallet.
• In #659, the Staking Extension pallet's validate extrinsic changed to take a ServerInfo struct instead of individual fields.
• In #660, if too many request are sent for signing by a user in a block the TSS will reject them. The chainspec now has an added field for the new Parameters pallet, which itself has a request_limit field.
• In #661, the Relayer pallet was renamed to the Registry pallet as this better describes the purpose of the pallet.
• In #662, the Free Transaction pallet was removed.
• In #666, Permissioned access type was removed to be handled by a program. Also in registered sig_request_key as the key for the struct was replaced by verifying_key. This means verifying_key was removed from the registered struct.
• In #678, the Registry pallet's get_validator_info() public method stopped returning the validator index
• In #680, a new genesis config entry was added for the Programs pallet. This entry, initial_programs, is a list of tuples which contains information (hash, bytecode, config, auxiliary data) about what programs to have on chain during genesis.
• In #681, program_interface in program_data of the Programs pallet has been split into configuration_schema and auxiliary_data_schema
• In #674, 'Add HPKE implementation', entropy-protocol's SignedMessage has been replaced by EncryptedSignedMessage which has some small API differences: derive_static_secret was renamed to derive_x25519_static_secret, and in the entropy-protocol JS module the subclass dealing with encryption has been renamed from X25519Chacha20Poly1305 to Hpke. The JS API is otherwise the same as before.
• In #703, a new genesis config parameter for the Parameters pallet was added, max_instructions_per_program.

Added

• Add ValidatorSubgroupRotated event (#618)
• Public access mode (#623)
• Emit events on TSS server errors (#625)
• Add direct query for a validator's subgroup (#642)
• Add version number to registered (#658)
• Request limit check (#660)
• Add helper for checking if a validator is in the signing committee (#678)
• Note unresponsiveness reports in Slashing pallet (#679)
• Add device key program to initial chainstate (#680)
• Add aux data to program info (#681)
• Add HPKE implementation (#674)
• Add max instructions parameters onchain (#703)

Changed

• Test CLI - dont send hardcoded auxiliary data by default when signing (#614)
• Add proactive refresh keys on-chain (#629)
• Rename ProgramInfo.config_interface to interface_description (#631)
• Change test-cli default access mode and update readme for recent changes (#643)
• Add additional checks to TSS server's /user/receive_key endpoint (#655)
• Disallow using existing TSS account IDs in Staking pallet (#657)
• Clean ups around Staking Extension's validate() extrinsic (#659)
• Rename pallet_relayer to pallet_registry (#661)
• Remove permissioned access type (#666)
• Use SessionID in shared randomness (#676)

Removed

• Remove pallet-free-tx (#662)

v0.0.10

0.0.10 - 2024-01-24

A lot of the changes introduced in this release are program related.

The workflow around having to upload a program during registration is gone. Instead users can
register with programs which have previously been uploaded on-chain by providing the hash of the
program they want to use.

When registering a user can also customize the behaviour of their chosen program through the new
program configuration feature.

If a single program doesn't provide enough functionality, now users can register with multiple
programs. During signature generation all of these programs will be executed. Only if all of them
run successfully then a signature is produced.

Finally, users are now able to indicate which hashing algorithm they would like to use during the
signing step. We provide some common ones out of the box, but custom user-provided hashing
algorithms are also supported.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.0.10
• entropyxyz/entropy-tss:release-v0.0.10

Breaking Changes

• In #561 several crates were renamed in order to ensure consistent naming across the repo.
  The most impactful of these is that the server binary is now the entropy-tss binary. From
  this it follows that the Docker images previously published under entropyxyz/server are
  now being published under entropyxyz/entropy-tss.
• In #536 the registration interface was changed to accept a pointer to a program.
  Programs are now expected to be uploaded using the Programs::set_program extrinsic.
  • The Programs::update_program extrinsic has been removed and replaced with set_program and
    remove_program
  • The Relayer::register extrinsic now takes a list of program_pointer instead of an
    initial_program
  • The Relayer::AllowedToModifyProgram storage struct and accompanying getter,
    sig_req_accounts, was removed
  • The Programs::Bytecode storage struct and accompanying getter, bytecode, was removed and
    replaced with the Programs storage struct
  • The Programs::ProgramUpdated event was removed and replaced with the ProgramCreated and
    ProgramRemoved events
  • A new Programs configuration parameter, MaxOwnedPrograms, was added
• In #549, when executing the signing protocol on the client-side, a sig-uid no longer
  needs to be given as an argument
• In #566 the Wasm API to entropy-protocol was changed to use camelCase function names.
• In #563 the Wasm API to functions formerly in the x25515chacha20poly1305 repository
  was changed to use camelCase function names.
• In #568 the registration and program update interfaces were changes to accept a
  vector of program hashes.
  • A new Relayer configuration parameter, MaxProgramHashes, was added
  • The Relayer::Registered storage struct was changed to contain a list of program_pointers
• In #577 the auxilary program data is now expected to be in a vector. This order of the auxilary data
  should match the order of the programs that are being registered.
• In #592 the local-devnet chain-type was renamed to devnet-local. Additionally, the default chain
  type when none is specified is now dev instead of local.
• In #593 the programs interface was changed to accept a program configuration interface. This allows
  an uploaded program to be configured differently by different users.
• In #604, the program_modification_account term used in the Programs pallet was changed to
  deployer. This better reflects the purpose of this account.

Added

• Test CLI which calls the same code as in integration tests (#417)
• Pointer for Programs (#536)
• Add password file option (#555)
• Include contents of x25515chacha20poly1305 repo in entropy-protocol (#563)
• Custom Hashing Algorithms (#553)
• Add ref counter to programs (#585)
• Add --setup-only flag (#588)
• Add --version flag and about field to TSS (#590)
• Program config storage (#593)
• Add a hashes endpoint (#600)

Changed

• Crate name refactor (#561)
• Only run wasm integration tests when a feature is enabled (#565)
• Protocol sessions are now identified by a SessionID type rather than a String
  (#549)
• Change bip39 implementation (#562)
• Additive programs (#568)
• Additional hash field in /sign_tx JSON body indicates which hashing algorithm to use for signing (#553)
• Additive aux data (#577)
• Refactor Rust-based chain specs (#592)
• Fix test CLI for additive program pointers and update / refactor tests (#591)
• Change program_modification_account to program_deploy_key (#604)

Fixed

• Fix inconsistency between interactive and file based passwords (#589)

Removed

• Remove pallet-helpers (#581)

v0.0.9

0.0.9 - 2023-11-30

Some of the noteworthy changes related to this release are related to better integration in Web
Assembly contexts, and improvements to logging for the Threshold Signature Server.

Certain key components related to distributed key generation (DKG) are now able to be compiled to
Wasm. This opens up the possiblity for users to participate in DKG themselves from the browser!

There are changes around how logging in the server binary is done. When running the binary users
can now choose the type of output they would like to see (e.g --logger json), and can even send
their logs to a Loki server (--loki) for aggregation and visualization.

Docker Images

If you plan on using Docker images from this release, please use the following tags:

• entropyxyz/entropy:release-v0.0.9
• entropyxyz/server:release-v0.0.9

Breaking Changes

• In #475, in the JSON body of the /sign_tx endpoint the preimage field has been renamed to
  message. It remains a hex-encoded string.

Added

• Wasm bindings for user to participate in DKG and signing protocols (#414)
• Auxiliary data for program evaluation (#475)
• Add a keyshare type for wasm which wraps synedrion::KeyShare (#512)
• Add versioning to server (#516)
• Cross-compile for linux/arm64 and push multi-platform Docker images. (#518)
• Allow logger to be configured from CLI (#520)
• Add bunyan JSON formatter (#524)
• Add Loki logging layer (#528)

Changed

• Validate proactive refresh endpoint (#483)
• No proactive refresh on private key visibility (#485)
• Use bincode rather than JSON for protocol and subscribe messages (#492)
• Allow big protocol messages (#495)
• Change SocketAddr type for String (#496)
• Partition proactive refresh (#504)
• Add #[tracing::instrument] macro to routes (#515)
• Make server a library, and add integration test for testing protocol crate on wasm (#517)
• Remove subxt-signer from server and entropy-protocol (#526)
• ec-runtime now errors for zero-sized programs (#529)
• entropy-protocol - polkadot-js compatible sr25519 key generation for wasm API (#533)

Fixed

• Return package version instead of rustc version (#523)