- Bump
tendermintcrate to v0.13 (#36) - Bump
signatoryto v0.19 (#36) - Bump
yubihsmcrate to v0.33 (#36)
- Remove explicit dependency on the
logcrate - Remove
byteorderdependency - Replace
tiny-bip39with the equivalenthkd32functionality - Replace
lazy_staticwithonce_cell - Update
rpasswordrequirement from 3.0 to 4.0 - Upgrade
x25519-dalekto v0.6; removerand_os - Remove
failure - Update to
tendermint-rs0.12.0-rc0;prost-aminov0.5;signatory v0.18
- Upgrade to
abscissav0.5 - Validate chains are registered on startup
- Use an initial height of 0 in default chain state
- Upgrade
tendermint-rsto v0.11 - Upgrade to
signatoryv0.16;yubihsmv0.29.0 - Use the
chacha20poly1305crate for Secret Connection - Vendor Secret Connection impl back from
tendermint-rs - Add timeout to TCP socket
- Double signing detection and logging improvements
- Log signing message type during attempted double sign events
- Detect and don't attempt to recover from PoisonError
- chain/state: Avoid panicking in update_consensus_state
abscissacrate v0.3- Refactor
Sessionto remove code duplication - Remove signal handlers
- Double signing - allow some block ID switches
- Consider signed
<nil>votes to be double signs
This release is tested against tendermint v0.31 and known to be compatible with tendermint v0.32.
The validator state files use an incompatible syntax from Tendermint KMS v0.5. It has been changed to match the conventions used by the rest of Tendermint, where integer values are stored in strings rather than JSON integers.
When upgrading, you will need to either delete existing state files
(they will be recreated automatically), or ensure the integer height and
round fields contained within these files are quoted in strings, e.g.
{"height":"123456","round":"0",...}.
The previous parser for tmkms.toml ignored unknown attributes in the
config file. This means it would often ignore syntax errors, spelling mistakes,
or attributes in the wrong location when parsing files.
This has been changed to explicitly reject such fields, however please be aware if your config file contained invalid syntax, it will now be rejected by the parser and the KMS will no longer boot.
We suggest validating the configuration in a staging or other noncritical deployment of the KMS in order to ensure your configuration does not contain accidental misconfigurations which were previously uncaught.
This release contains many improvements for users of the yubihsm backend:
- New
yubihsm-serverfeature: this release includes support for the KMS exposing an HTTP service which is compatible with Yubico'syubihsm-connectorservice. This allows for concurrently administering a YubiHSM2 while the KMS is running, either throughtmkms yubihsm(see additional notes below) or via Yubico'syubihsm-shell. - Loopback support for
tmkms yubihsm: the CLI functionality in the KMS for administering YubiHSMs can now be configured to connect to the KMS's ownyubihsm-server. Additionally it can also be configured to use a different authentication key, and to prompt for a password as opposed to using one in the configuration file.
For more information on these changes, please see the "yubihsm-server feature" section in the Tendermint KMS YubiHSM docs:
https://github.com/iqlusioninc/tmkms/blob/develop/README.yubihsm.md
tendermintcrate v0.10.0- Double signing logging improvements
- Log
tendermint::consensus::Stateheight/round/step yubihsm keys import: base64 supportyubihsm: Support for reading password from a filesoftsign: Fix private key decoding +importcommandsoftsign: Add subcommand; movekeygenunder ityubihsm setup: usehkd32crate to derive key hierarchyyubihsm setup: Collect 256-bits entropy from both RNGsabscissacrate v0.2- Log durations for each signing operation
- Add
serde(deny_unknown_fields)to all config structs tmkms yubihsm keys list: Use chain-specific formattersyubihsm-server: Allow CLI commands to use loopback connectionyubihsm-server: Optionalyubihsm-connectorcompatibility- Send
RemoteSignerErrorresponse to validator on double sign - Logging improvements
- yubihsm: Mark imported
priv_validator.jsonkeys as re-exportable - ledger: Add init commands
- Add
max_heightsupport for stopping chains at specific heights - Chain-specific keyrings / multitenancy
- ledger: Use
ledger-tendermintbackend
tendermintcrate v0.5.0- Optional peer ID verification
- Bump subtle-encoding dependency to v0.3.3
- Allow setting config path via
TMKMS_CONFIG_FILEenv var - yubihsm: Add back HTTP connector support
- Initial Tendermint
[chain]registry in tmkms.toml - Disable 'softsign' backend by default
- State tracking for double sign protection (thanks [@zmanian]!)
tendermintcrate v0.3.0- yubihsm: Support for exporting/importing wrapped (encrypted) keys
- yubihsm setup
- Ledger integration
- Add ability to terminate on SIGTERM or SIGINT
- Remove
PoisonPillMsg
- Refactor client/tests to always dial out to tendermint/gaiad
- Migrate to rust 2018 edition
- Lower reconnect delay to 1s
- Allow empty BlockIds in validation method
- Encode node (and softwign) private keys as Base64
- Add integration tests for yubihsm subcommands
- Fix
tmkms yubihsm keys importcommand
- Add
tmkms yubihsm keys importcommand - Simplify
tmkms.tomlsyntax - Minor clarifications/fixes
- Initial validator signing support
- Extract
tendermintcrate as a reusable Rust library - Support for Bech32-formatted Cosmos keys/addresses
- Validator signing via Unix domain socket IPC
- Initial "preview" release