6.0.21

Fixed

• Snapshot fetching requests now handle either inclusive-end or exclusive-end content-range headers, for compatibility with 7.x nodes.
• Primaries now indicate all of their chunk-ending transactions in the transaction header, for better interop with 7.x nodes. Upgrades must create a snapshot from the network after it has upgraded to this version, and provide that to joining 7.x nodes.

6.0.20

Fixed

• Join client now sets SNI correctly (#7622)

7.0.0-dev9

Fixed

• Join client now sets SNI correctly (#7622)
• CBOR and COSE dependencies are now internal, and their headers are no longer exposed (#7616, #7617).

6.0.19

Changed

• Partial revert to fetch_recent_snapshot behaviour. Nodes will now use a local snapshot if available and sufficiently fresh, and only prefer the peer's snapshot if it is newer (#7589).

7.0.0-dev8

Fixed

• Linking issue that could affect applications that do not include main.cpp in their executable (#7595)
• Fixed two issues that could affect build reproducibility (#7606, #7607)
• Python test dependency update (#7609)

7.0.0-dev7

Added

• Experimental self-healing-open protocol for automatically transitioning-to-open during a disaster recovery without operator intervention. (#7189)

Changed

• Improved ccf::historical::verify_self_issued_receipt - now can verify receipts signed by the past service identities if they were back-endorsed (#7546).

Removed

• ccf::historical::adapter_v3 has been removed, ccf::historical::read_only_adapter_v4 and ccf::historical::read_write_adapter_v4 can be used instead (#7553).

6.0.18

Changed

• NodeInfoNetwork serialisation handling has become stricter (#7576), yielding better error messages in failure cases.
• JavaScript toolchain updates for security reasons (#7579).

Fixed

• Correct handling of double-sealed secrets in historical cache (#7558).

Added

• LedgerChunkRead feature flag (#7578), to enable compatible live migration. Note that the feature itself is not included.

7.0.0-dev6

Added

• Support for Turin attestations (#7499)
• verify_attestation script to fetch endorsements from AMD and check the provided attestation against them (#7499)
• PreVote optimistaion enabled. This requires that a follower checks that it could be elected before becoming a candidate. This optimisation improves the availablilty of Raft when there are omission faults like partial network partitions. (#7462)
• ProposeRequestVote on SIGTERM. When a primary, with ignore_first_sigterm receives the first SIGTERM, it nominates a successor, allowing the successor to skip waiting for the election timeout and call an election right away. (#7514)

Changed

• Start nodes now confirm that read-only ledger directories are empty on startup (#7355).
• In the C++ API, the method get_txid() on ccf::kv::ReadOnlyStore has been renamed to current_txid(). This may affect historical query code which works directly with the returned StorePtr (#7477).
• The C++ API for installing endpoints with local commit handlers has changed. These handlers should now be added to an Endpoint with .set_locally_committed_function(handler), and the make_[read_only_]endpoint_with_local_commit_handler methods on EndpointRegistry have been removed (#7487).
• The format of CCF's stdout logging has changed. Each line previously tried to align host logs with enclave logs containing a timestamp offset. Since enclave logs no longer exist, this timestamp is never present, so the padding whitespace has been removed (#7491).
• Introduced ccf::historical::verify_self_issued_receipt to verify COSE CCF receipts against current service identity (#7494).

6.0.17

Added

• Support for PreVote optimisation. Nodes understand and are able to respond to PreVote messages, but will not become pre-vote candidates themselves. (#7419, #7445)

Fixed

• CheckQuorum now requires a quorum in every configuration (#7375).
• read_ledger.py validates the offsets table in committed ledger files, reporting an error if this is truncated (#7501).
• Allow carriage returns in PEM certificatees (#7507).
• Fixed a bug in calculation of historical query cache size, which could have resulted in evicted unnecessarily (#7511).

Changed

• When the fetch_recent_snapshot behaviour is enabled by the node config, the Joiner will now prefer the peer's snapshot over any local snapshot, regardless of version (#7314).
• The snapshot-serving endpoints required for fetch_recent_snapshot behaviour are now disabled-by-default to avoid public DoS requests. They should be enabled on a per-interface basis by adding "enabled_operator_features": ["SnapshotRead"] to the interface's configuration, on an interface with local visibility used for node-to-node join requests (#7440).

7.0.0-dev5

Added

• Support for PreVote optimisation. Nodes understand and are able to respond to PreVote messages, but will not become pre-vote candidates themselves. (#7419, #7445)

Changed

• When the fetch_recent_snapshot behaviour is enabled by the node config, the Joiner will now prefer the peer's snapshot over any local snapshot, regardless of version (#7314).
• Crypto interface for RSA and EC keys (#7425)
• ccf::crypto::PublicKey becomes ccf::crypto::ECPublicKey
• ccf::crypto::KeyPair becomes ccf::crypto::ECKeyPair
• Error-prone inheritance between RSA and EC key classes has been removed.
• RSA keys now don't re-use CSR functionality from EC key interface.

Removed

• Removed the unused experimental ccf.host.triggerSubprocess() JS API
• Removed ACME client and support for ACME-endorsed interfaces (#7414).
• Removed fallback JWT authentication (#7442)
• It is recommended to clean up the old tables for services started before 6.x - check out cleanup_legacy_jwt_records proposal in the default sample constitution.

Fixed

• CheckQuorum now requires a quorum in every configuration (#7375)

Changed

• The snapshot-serving endpoints required for fetch_recent_snapshot behaviour are now disabled-by-default to avoid public DoS requests. They should be enabled on a per-interface basis by adding "enabled_operator_features": ["SnapshotRead"] to the interface's configuration, on an interface with local visibility used for node-to-node join requests.