ccf-0.13.1

Bugfixes

• Handle setting multiple subject alternative names correctly in node certificate (#1552)
• Fix host memory check on startup ecall (#1553)
  • Thank you to Zhaofeng Chen, Qinkun Bao, Mingshen Sun, and Kang Li from Baidu Security for spotting and reporting this issue.

ccf-0.13.0

Added

• Experimental

  • New CCF nodes can now join from a snapshot (#1500, #1532)
  • New KV maps can now be created dynamically in a transaction (#1507, #1528)

• CLI

  • Subject Name and Subject Alternative Names for the node certificates can now be passed to cchost using the --sn and --san CLI switches (#1537)
  • Signature and ledger splitting flags have been renamed more accurately (#1534)

• Governance

  • user_data can be set at user creation, as well as later (#1488)

• Javascript

  • js_generic endpoints are now modules with a single default call. Their dependencies can be stored in a separate table and loaded with import. (#1469, #1472, #1481, #1484)

Changed

• Bugfixes
  • Retiring the primary from a network is now correctly handled (#1522)

Deprecated

• CLI
  • --domain=... is superseded by --san=dNSName:... and will be removed in a future release

Removed

• API
  • Removed redirection from legacy frontend names (members -> gov, nodes -> node, users -> app) (#1543)
  • Removed old install() API, replaced by make_endpoint() in 0.11.1 (#1541)

ccf-0.12.2

Changed:

• Fix published containers

ccf-0.12.1

Changed:

• Fix LVI build for applications using CCF (#1466)
• Release tarball replaced by a .deb

ccf-0.12.0

New:

• Tooling
  • New Python proposal and vote generator (#1370). See docs.
  • New CCF tools Python package for client, ledger parsing and member proposal/vote generation (#1429, #1435). See docs.
• HTTP endpoints
  • Templated URI for HTTP endpoints (#1384, #1393).
  • New remove_user proposal (#1379).
  • New node endpoints: /node/state and /node/is_primary (#1387, #1439)
  • New metrics endpoint (#1422).

---

Changed:

• Tooling
  • Updated version of Open Enclave (0.10) (#1424). Users should use the Intel PSW tested with Open Enclave 0.10, see Open Enclave releases notes: https://github.com/openenclave/openenclave/releases/tag/v0.10.0 for more details.
  • CCF releases no longer include a build of Open Enclave, instead the upstream binary release should be used. Playbooks and containers have been updated accordingly (#1437).
  • CCF is now built with LVI mitigations (#1427). CCF should now be built with a new LVI-enabled toolchain, available via CCF playbooks and containers.
  • Updated version of snmalloc (#1391).
• HTTP endpoints
  • Pass PEM certificates rather than byte-arrays (#1374).
  • Member /ack schema (#1395).
  • Authorisation HTTP request header now accepts unquoted values (#1411).
  • Fix double opening of /app on backups after recovery (#1445).
• Other
  • Merkle tree deserialisation fix (#1363).
  • Improve resilience of node-to-node channels (#1371).
  • First Raft election no longer fails (#1392).
  • Fix message leak (#1442).

---

Removed:

• mkSign endpoint (#1398).

ccf-0.11.7

Changed

1. Fix a bug that could cause signatures not to be recorded on transactions hitting conflicts (#1346)
2. Fix a bug that could allow transactions to be executed by members before a recovered network was fully opened (#1347)
3. Improve error reporting on transactions with invalid signatures (#1356)

Added

1. All format and linting checks are now covered by scripts/ci-checks.sh (#1359)
2. node/code RPC returns all code versions and their status (#1351)

ccf-0.11.4

Changed

• Fix application runtime container, which had been missing a dependency in the previous release (#1340)
• Add clang-format to the application CI container, to facilitate application development (#1340)
• Websocket handlers are now distinct, and can be defined by passing ws::Verb::WEBSOCKET as a verb to make_endpoint() (#1333)
• Custom KV serialisation is documented

ccf-0.11.1

Added

• CLI tool for managing recovery shares (#1295). usage
• New standard endpoint node/ids for retrieving node ID from IP address (#1319).
• Support for read-only transactions. Use tx.get_read_only_view to retrieve read-only views, and install with make_read_only_endpoint if all operations are read-only.
• Support for distinct handlers on the same URI. Each installed handler/endpoint is now associated with a single HTTP method, so you can install different operations on POST /foo and GET /foo.

Changed

• The frontend names, used as a prefix on all URIs, have been changed. Calls to /members/... or /users/... should be replaced with /gov/... and /app/... respectively. The old paths will return HTTP redirects in this release, but may return 404 in a future release (#1325).
• App-handler installation API has changed. install(URI, FN, READWRITE) should be replaced with make_endpoint(URI, VERB, FN).install(). Existing apps should compile with deprecation warnings in this release, but the old API will be removed in a future release. See this diff of logging.cpp for an example of the required changes.
• Improved quickstart documentation (#1298, #1316).
• Member ACKs are required, even when the service is opening (#1318).
• The naming scheme for releases has changed to be more consistent. The tags will now be in the form ccf-X.Y.Z.

0.11

Changed:

• KV reorganisation to enable app-defined serialisation (#1179, #1216, #1234)

kv.h has been split into multiple headers so apps may need to add includes for kv/store.h and kv/tx.h. The typedefs ccf::Store and ccf::Tx have been removed; apps should now use kv::Store and kv::Tx.

CCF now deals internally only with serialised data in its tables, mapping byte-vectors to byte-vectors. By default all tables will convert their keys and values to msgpack, using the existing macros for user-defined types. Apps may define custom serialisers for their own types - see kv/serialise_entry_json.h for an example.

• Fixed issues that affected the accuracy of tx status reporting (#1157, #1150)
• All RPCs and external APIs now use view and seqno to describe the components of a transaction ID, regardless of the specific consensus implementation selected (#1187, #1227)
• Improved resiliency of recovery process (#1051)
• foreach early-exit semantics are now consistent (#1222)
• Third party dependency updates (#1144, #1148, #1149, #1151, #1155, #1255)
• All logging output now goes to stdout, and can be configured to be either JSON or plain text (#1258) doc
• Initial support for historical query handlers (#1207) sample
• Implement the equivalent of "log rolling" for the ledger (#1135) doc
• Internal RPCs renamed to follow more traditional REST conventions (#968) doc

Added:

• Support for floating point types in default KV serialiser (#1174)
• The start_test_network.sh script now supports recovering an old network with the --recover flag (#1095) doc
• Application CI and runtime containers are now available (#1178)
  1. ccfciteam/ccf-app-ci:0.11 is recommended to build CCF applications
  2. ccfciteam/ccf-app-run:0.11 is recommended to run CCF nodes, for example in k8s
• Initial websockets support (#629) sample

Removed:

ccf::Store and ccf::Tx typdefs, in favour of kv::Store and kv::Tx.

v0.10

New

• Brand new versioned documentation: https://microsoft.github.io/CCF.
• New /tx endpoint to check that a transaction is committed (#1111). See docs.
• Disaster recovery is now performed with members key shares (#1101). See docs.
• Open Enclave install is included in CCF install (#1125).
• New sgxinfo.sh script (#1081).
• New --transaction-rate flag to performance client (#1071).

Changed

• CCF now uses Open Enclave 0.9 (#1098).
• cchost's --enclave-type is release by default (#1083).
• keygenerator.sh's --gen-key-share option renamed to --gen-enc-key to generate member encryption key (#1101).
• Enhanced view change support for PBFT (#1085, #1087, #1092).
• JavaScript demo logging app is now more generic (#1110).
• Updated method to retrieve time in enclave from host (#1100).
• Correct use of Everycrypt hashing (#1098).
• Maximum number of active members is 255 (#1107).
• Python infra: handle proposals correctly with single member (#1079).
• Dependencies updates (#1080, #1082).

Removed

• cchost no longer outputs a sealed secrets file to be used for recovery (#1101).