Releases: microsoft/CCF
Releases · microsoft/CCF
ccf-0.15.2
Added
- JWT key auto-refresh (#1908), can be enabled by providing
"auto_refresh": trueand"ca_cert_name": "..."inset_jwt_issuerproposal.- Auto-refresh is currently only supported for providers following the OpenID Connect standard where keys are published under the
/.well-known/openid-configurationpath of the issuer URL. ca_cert_namerefers to a certificate stored with aset_ca_certproposal and is used to validate the TLS connection to the provider endpoint.
- Auto-refresh is currently only supported for providers following the OpenID Connect standard where keys are published under the
- JWT signature validation (#1912), can be enabled with the
require_jwt_authenticationendpoint property.
Changed
- Members can no longer vote multiple times on governance proposals (#1743).
update_ca_certproposal has been replaced byset_ca_cert/remove_ca_cert(#1917).
Deprecated
set_js_appproposal and--js-app-scriptargument are deprecated, and should be replaced bydeploy_js_appand--js-app-bundle. See #1895 for an example of converting from the old style (JS embedded in a Lua script) to the new style (app bundle described byapp.json).
Removed
kv::Store::createis removed.luagenericis removed.
ccf-0.15.1
Added
Changed
0.15.0
Added
- Support for non-recovery members: only members with an associated public encryption key are handed recovery shares (#1866).
- AFT consensus verify entry validity (#1864).
- JWT validation in forum sample app (#1867).
- JavaScript endpoints OpenAPI definition is now included in
/api(#1874).
Changed
- The
keyIdfield in the Authorization header must now be set to the hex-encoded SHA-256 digest of the corresponding member certificate encoded in PEM format. Thescurl.shscript and Python client have been modified accordingly.scurl.shcan be run withDISABLE_CLIENT_AUTH=1(equivalentdisable_client_auth=Falseargument to Python client) to issue signed requests without session-level client authentication (#1870). - Governance endpoints no longer require session-level client authentication matching a member identity, the request signature now serves as authentication. The purpose of this change is to facilitate member key storage in systems such as HSMs (#1870).
- Support for hs2019 scheme for HTTP signatures (#1872).
ecdsa-sha256scheme will be deprecated in the next release.
ccf-0.14.3
Added
- Added support for storing JWT public signing keys (#1834).
- The new proposals
set_jwt_issuer,remove_jwt_issuer, andset_jwt_public_signing_keyscan be generated with the latest version of the ccf Python package. sandbox.shhas a new--jwt-issuer <json-path>argument to easily bootstrap with an initial set of signing keys using theset_jwt_issuerproposal.- See
tests/npm-app/src/endpoints/jwt.tsfor validating tokens received in theAuthorizationHTTP header in TypeScript. - Includes special support for SGX-attested signing keys as used in MAA.
- The new proposals
Changed
- CCF now depends on Open Enclave 0.12 (#1830).
/app/user_idnow takes{"cert": user_cert_as_pem_string}rather than{"cert": user_cert_as_der_list_of_bytes}(#278).- Members' recovery shares are now encrypted using RSA-OAEP-256 (#1841). This has the following implications:
- Network's encryption key is no longer output by the first node of a CCF service is no longer required to decrypt recovery shares.
- The latest version of the
submit_recovery_share.shscript should be used. - The latest version of the
proposal_generator.pyshould be used (please upgrade the ccf Python package).
submit_recovery_share.shscript's--rpc-addressargument has been removed. The node's address (e.g.https://127.0.0.1:8000) should be used directly as the first argument instead (#1841).- The constitution's
passfunction now takes an extra argument:proposer_id, which contains themember_idof the member who submitted the proposal. To adjust for this change, replacetables, calls, votes = ...withtables, calls, votes, proposer_id = ...at the beginning of thepassdefinition. - Bundled votes (ie. the
ballotentry inPOST /proposals) have been removed. Votes can either happen explicitly viaPOST /proposals/{proposal_id}/votes, or the constitution may choose to pass a proposal without separate votes by examining its contents and its proposer, as illustrated in the operating member constitution sample. The--vote-againstflag inproposal_generator.py, has also been removed as a consequence.
Fixed
- Added
tools.cmaketo the install, whichccf_app.cmakedepends on and was missing from the previous release.
Deprecated
kv::Store::createis deprecated, and will be removed in a future release. It is no longer necessary to create akv::Mapfrom aStore, it can be constructed locally (kv::Map<K, V> my_map("my_map_name");) or accessed purely by name (auto view = tx.get_view<K, V>("my_map_name");) (#1847).
ccf-0.14.2
Changed
- The
start_test_network.shscript has been replaced bysandbox.sh. Users wishing to override the default network config (a single node on '127.0.0.1:8000') must now explictly specify if they should be started locally (eg.-n 'local://127.4.4.5:7000') or on remote machine via password-less ssh (eg.-n 'ssh://10.0.0.1:6000'). node/quoteendpoint now returns a single JSON object containing the node's quote (#1761).- Calling
foreachon aTxViewnow iterates over the entries which previously existed, ignoring any modifications made by the functor while iterating.
ccf-0.14.1
Added
/node/memoryendpoint exposing the maximum configured heap size, peak and current used sizes.
Changed
- Public tables in the KV must now indicate this in their name (with a
public:prefix), and internal tables have been renamed. Any governance or auditing scripts which operate over internal tables must use the new names (eg -ccf.membersis nowpublic:ccf.gov.members). --member-infooncchostcan now take a third, optional file path to a JSON file containing additional member data (#1712).
Removed
/api/schemaendpoints are removed, as the same information is now available in the OpenAPI document at/api.
Deprecated
- Passing the
SecurityDomainwhen creating a KV map is deprecated, and will be removed in a future release. This should be encoded in the table's name, with apublic:prefix for public tables.
ccf-0.14.0
Added
- Nodes can recover rapidly from a snapshot, rather than needing to reprocess an entire ledger (#1656)
- Python client code wraps creation and replacement of an entire JS app bundle in a single operation (#1651)
- Snapshots are only usable when the corresponding evidence is committed (#1668).
- JSON data associated to each consortium member to facilitate flexible member roles (#1657).
Changed
/apiendpoints return an OpenAPI document rather than a custom response (#1612, #1664)- Python ledger types can process individual chunks as well as entire ledger (#1644)
POST recovery_share/submitendpoint is renamed toPOST recovery_share(#1660).
Fixed
- Elections will not allow transactions which were reported as globally committed to be rolled back (#1641)
Deprecated
lua_genericapp is deprecated and will be removed in a future release. Please migrate old Lua apps to JS
ccf-0.13.4
ccf-0.13.3
Added
Changed
- Handlers can implement custom authorisation headers (#1203, #1563)
- Reduced CPU usage when nodes are idle (#1625, #1626)
- Upgrade to Open Enclave 0.11 (#1620, #1624)
- Snapshots now include view history, so nodes resuming from snapshots can accurately serve transaction status requests (#1616)
- Request is now passed as an argument to JavaScript handlers (#1604), which can return arbitrary content types (#1575)
- Quote RPC now returns an error when the quote cannot be found (#1594)
- Upgraded third party dependencies (#1589, #1588, #1576, #1572, #1573, #1570, #1569)
- Consensus types renamed from
raftandpbfttocftandbft(#1591)
Removed
- Notification server (#1582)