Releases: input-output-hk/mithril
Mithril v2337.0
Highlights
- Support for
zstandard
compression algorithm for creating snapshot archives (1). - Support for Cardano node version used to create archive in the snapshot metadata.
- Support for recording download statistics in the aggregator.
(1): requires Mithril client 0.4.2+
for restoration
What's Changed
- Use zstandard compression for snapshot archives by @Alenar in #1195
- Fix Mithril network compatibility in
unstable
release by @jpraynaud in #1196 - Add anyhow context for api_version by @dlachaumepalo in #1201
- Implement anyhow context for beacon_provider by @dlachaumepalo in #1202
- Update current documentation for distribution
2335.0
by @jpraynaud in #1204 - Implement anyhow context for certificate chain by @dlachaumepalo in #1205
- Add Cardano Node version to the artifacts by @ghubertpalo in #1203
- Stress test aggregator phase 2 by @jpraynaud in #1194
- add database migration for snapshots by @ghubertpalo in #1209
- Add snapshot archive compression algorithm in explorer by @jpraynaud in #1210
- display cardano node version in client by @ghubertpalo in #1211
- Enhance aggregator stress tester performances by @jpraynaud in #1214
- Greg/947/cardano node version doc by @ghubertpalo in #1216
- compare for avk by @curiecrypt in #1217
- Implement anyhow context in mithril-common database by @dlachaumepalo in #1212
- Implement anyhow context for adapters by @dlachaumepalo in #1221
- Use anyhow in Era framework by @ghubertpalo in #1223
- refacto message parts by @ghubertpalo in #1225
- Use compression parameters in the terraform deployments by @jpraynaud in #1222
- Implement anyhow context in mithril-aggregator database by @dlachaumepalo in #1213
- Implement anyhow context for signable_builder by @dlachaumepalo in #1226
- Implement anyhow for common store by @dlachaumepalo in #1227
- Add aggregator CDN support in infrastructure by @jpraynaud in #1206
- Implement anyhow context for digesters by @dlachaumepalo in #1228
- Implement anyhow context for common/protocol by @dlachaumepalo in #1229
- Upgrade dependencies by @jpraynaud in #1231
- Implement anyhow context for artifact builder by @dlachaumepalo in #1232
- Use anyhow in
common/crypto_helper
by @jpraynaud in #1224 - Implement anyhow context for aggregator configuration by @dlachaumepalo in #1236
- Implement anyhow context: dependency_injection by @dlachaumepalo in #1237
- Upgrade client version to
0.4.0
by @jpraynaud in #1241 - Greg/1127/download statistics by @ghubertpalo in #1239
- Fix record download statistics by @jpraynaud in #1244
Full Changelog: 2335.0...2337.0
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.95 |
mithril-client | 0.4.2 |
mithril-common | 0.2.115 |
mithril-signer | 0.2.80 |
mithril-stm | 0.3.3 |
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet | ✔ |
release-preprod | ✔ |
pre-release-preview | ✔ |
testing-preview | ✔ |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2337.0-pre
Highlights
- Support for
zstandard
compression algorithm for creating snapshot archives (1). - Support for Cardano node version used to create archive in the snapshot metadata.
- Support for recording download statistics in the aggregator.
(1): requires Mithril client 0.4.2+
for restoration
What's Changed
- Use zstandard compression for snapshot archives by @Alenar in #1195
- Fix Mithril network compatibility in
unstable
release by @jpraynaud in #1196 - Add anyhow context for api_version by @dlachaumepalo in #1201
- Implement anyhow context for beacon_provider by @dlachaumepalo in #1202
- Update current documentation for distribution
2335.0
by @jpraynaud in #1204 - Implement anyhow context for certificate chain by @dlachaumepalo in #1205
- Add Cardano Node version to the artifacts by @ghubertpalo in #1203
- Stress test aggregator phase 2 by @jpraynaud in #1194
- add database migration for snapshots by @ghubertpalo in #1209
- Add snapshot archive compression algorithm in explorer by @jpraynaud in #1210
- display cardano node version in client by @ghubertpalo in #1211
- Enhance aggregator stress tester performances by @jpraynaud in #1214
- Greg/947/cardano node version doc by @ghubertpalo in #1216
- compare for avk by @curiecrypt in #1217
- Implement anyhow context in mithril-common database by @dlachaumepalo in #1212
- Implement anyhow context for adapters by @dlachaumepalo in #1221
- Use anyhow in Era framework by @ghubertpalo in #1223
- refacto message parts by @ghubertpalo in #1225
- Use compression parameters in the terraform deployments by @jpraynaud in #1222
- Implement anyhow context in mithril-aggregator database by @dlachaumepalo in #1213
- Implement anyhow context for signable_builder by @dlachaumepalo in #1226
- Implement anyhow for common store by @dlachaumepalo in #1227
- Add aggregator CDN support in infrastructure by @jpraynaud in #1206
- Implement anyhow context for digesters by @dlachaumepalo in #1228
- Implement anyhow context for common/protocol by @dlachaumepalo in #1229
- Upgrade dependencies by @jpraynaud in #1231
- Implement anyhow context for artifact builder by @dlachaumepalo in #1232
- Use anyhow in
common/crypto_helper
by @jpraynaud in #1224 - Implement anyhow context for aggregator configuration by @dlachaumepalo in #1236
- Implement anyhow context: dependency_injection by @dlachaumepalo in #1237
- Upgrade client version to
0.4.0
by @jpraynaud in #1241 - Greg/1127/download statistics by @ghubertpalo in #1239
- Fix record download statistics by @jpraynaud in #1244
Full Changelog: 2335.0...2337.0-pre
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.95 |
mithril-client | 0.4.2 |
mithril-common | 0.2.115 |
mithril-signer | 0.2.80 |
mithril-stm | 0.3.3 |
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet | ⛔ |
release-preprod | ⛔ |
pre-release-preview | ✔ |
testing-preview | ✔ |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2335.0
Highlights
- Support of simultaneous snapshot archive download and decompression in the client.
- Support of the
snapshot download latest
command in client to download the latest snapshot easily. - Support of machine readable progress information in the client when used with
--json
option. - Mithril networks compatibility table automatically appended to the releases notes.
What's Changed
- TW review of references.md by @olgahryniuk in #1134
- ECS-3077 Apply style guide, tighten some sentences. by @NeilBurgess42 in #1130
- ECS-3078 review certificates.md, the description of the certificate c… by @NeilBurgess42 in #1135
- ECS-3079 Review simulation document, apply style guide, some suggesti… by @NeilBurgess42 in #1136
- ECS-3111 Apply style guide, minor changes. by @NeilBurgess42 in #1143
- TW review of: aggregator.md & signer.md by @olgahryniuk in #1145
- ECS-3112 Review architecture.md, apply style guide. by @NeilBurgess42 in #1144
- ECS-3115 Review client.md, apply IOG style guide. by @NeilBurgess42 in #1146
- Better unpack error in client by @jpraynaud in #1148
- Reorganize docs folder by @jpraynaud in #1150
- Implement prometheus monitor for end to end tests by @jpraynaud in #1139
- Upgrade explorer to next 13 by @Alenar in #1149
- Add network production runbooks for Aggregator by @jpraynaud in #1086
- Registered signers page to explorer by @Alenar in #1157
- Download latest snapshot & stake distribution if
latest
is mentioned in Mithril Client commands by @dlachaumepalo in #1110 - fnv/core verifier by @curiecrypt in #939
- ECS-3156 Review glossary. Adjust capitalization and bolding. by @NeilBurgess42 in #1158
- StdResult and StdError as anyhow alias by @Alenar in #1162
- Protocol key for Operational Certificate by @dlachaumepalo in #1161
- Upgrade dependencies by @Alenar in #1163
- Protocol key for verification key signature by @dlachaumepalo in #1164
- Regression on signer registration by @Alenar in #1166
- Simplify logs by @Alenar in #1165
- Protocol key for genesis keys by @dlachaumepalo in #1167
- Fix broken
.#hydraJobs.x86_64-linux.mithril-end-to-end
by @yvan-sraka in #1168 - Call Aggregator API to verify Signer registration by @dlachaumepalo in #1169
- Protocol key for AVK by @Alenar in #1170
- Protocol key for era keys by @Alenar in #1171
- Client snapshot download progress with json output by @Alenar in #1172
- Fix run-signer-node doc by @dlachaumepalo in #1175
- Rust version 1.72.0 : fix cargo clippy warning & update dependencies by @dlachaumepalo in #1176
- Add network compatiblity table to autogenerated releases by @Alenar in #1177
- Fix network compatibility table generation by @Alenar in #1180
- Replace
git switch
withgit checkout
in docs by @dlachaumepalo in #1178 - Fix verify archive in aggregator Snapshotter by @jpraynaud in #1179
- Fix latest digest usage in documentation by @jpraynaud in #1182
- Fix flaky end to end test by @jpraynaud in #1181
- Download unpack snapshots simultaneously by @Alenar in #1183
- Aggregator stress test refactoring by @jpraynaud in #1186
- Fix disk space warning not displayed in client by @jpraynaud in #1192
- Add common error: CodecError by @dlachaumepalo in #1193
- Upgrade ed25519-dalek to v2 by @Alenar in #1189
New Contributors
- @NeilBurgess42 made their first contribution in #1130
- @yvan-sraka made their first contribution in #1168
Full Changelog: 2331.1...2335.0
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.76 |
mithril-client | 0.3.38 |
mithril-common | 0.2.100 |
mithril-signer | 0.2.72 |
mithril-stm | 0.3.1 |
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet | ✔ |
release-preprod | ✔ |
pre-release-preview | ✔ |
testing-preview | ✔ |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2335.0-pre
What's Changed
- TW review of references.md by @olgahryniuk in #1134
- ECS-3077 Apply style guide, tighten some sentences. by @NeilBurgess42 in #1130
- ECS-3078 review certificates.md, the description of the certificate c… by @NeilBurgess42 in #1135
- ECS-3079 Review simulation document, apply style guide, some suggesti… by @NeilBurgess42 in #1136
- ECS-3111 Apply style guide, minor changes. by @NeilBurgess42 in #1143
- TW review of: aggregator.md & signer.md by @olgahryniuk in #1145
- ECS-3112 Review architecture.md, apply style guide. by @NeilBurgess42 in #1144
- ECS-3115 Review client.md, apply IOG style guide. by @NeilBurgess42 in #1146
- Better unpack error in client by @jpraynaud in #1148
- Reorganize docs folder by @jpraynaud in #1150
- Implement prometheus monitor for end to end tests by @jpraynaud in #1139
- Upgrade explorer to next 13 by @Alenar in #1149
- Add network production runbooks for Aggregator by @jpraynaud in #1086
- Registered signers page to explorer by @Alenar in #1157
- Download latest snapshot & stake distribution if
latest
is mentioned in Mithril Client commands by @dlachaumepalo in #1110 - fnv/core verifier by @curiecrypt in #939
- ECS-3156 Review glossary. Adjust capitalization and bolding. by @NeilBurgess42 in #1158
- StdResult and StdError as anyhow alias by @Alenar in #1162
- Protocol key for Operational Certificate by @dlachaumepalo in #1161
- Upgrade dependencies by @Alenar in #1163
- Protocol key for verification key signature by @dlachaumepalo in #1164
- Regression on signer registration by @Alenar in #1166
- Simplify logs by @Alenar in #1165
- Protocol key for genesis keys by @dlachaumepalo in #1167
- Fix broken
.#hydraJobs.x86_64-linux.mithril-end-to-end
by @yvan-sraka in #1168 - Call Aggregator API to verify Signer registration by @dlachaumepalo in #1169
- Protocol key for AVK by @Alenar in #1170
- Protocol key for era keys by @Alenar in #1171
- Client snapshot download progress with json output by @Alenar in #1172
- Fix run-signer-node doc by @dlachaumepalo in #1175
- Rust version 1.72.0 : fix cargo clippy warning & update dependencies by @dlachaumepalo in #1176
- Add network compatiblity table to autogenerated releases by @Alenar in #1177
- Fix network compatibility table generation by @Alenar in #1180
- Replace
git switch
withgit checkout
in docs by @dlachaumepalo in #1178 - Fix verify archive in aggregator Snapshotter by @jpraynaud in #1179
- Fix latest digest usage in documentation by @jpraynaud in #1182
- Fix flaky end to end test by @jpraynaud in #1181
- Download unpack snapshots simultaneously by @Alenar in #1183
- Aggregator stress test refactoring by @jpraynaud in #1186
- Fix disk space warning not displayed in client by @jpraynaud in #1192
- Add common error: CodecError by @dlachaumepalo in #1193
- Upgrade ed25519-dalek to v2 by @Alenar in #1189
New Contributors
- @NeilBurgess42 made their first contribution in #1130
- @yvan-sraka made their first contribution in #1168
Full Changelog: 2331.1...2335.0-pre
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.76 |
mithril-client | 0.3.38 |
mithril-common | 0.2.100 |
mithril-signer | 0.2.72 |
mithril-stm | 0.3.1 |
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet | ⛔ |
release-preprod | ⛔ |
pre-release-preview | ✔ |
testing-preview | ✔ |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2331.1
What's Changed
- Fix crates versions not shown in release notes by @jpraynaud in #1070
- Minor editing tweaks to 'Welcome' by @olgahryniuk in #1068
- nix: improve caching strategy to share deps among artifacts. by @jbgi in #1069
- Tech writing review by @olgahryniuk in #1067
- Add
release-mainnet
configuration in documentation and explorer by @jpraynaud in #1065 - Update current documentation by @jpraynaud in #1072
- Add dev blog post for
mainnet
Beta launch by @jpraynaud in #1074 - nix: fix build of common/stm, improve caching by @jbgi in #1077
- Ensemble/668/refacto crypto entities by @ghubertpalo in #1075
- Bundle openssl with released binaries by @Alenar in #1079
- fix verification key (de)serialization by @ghubertpalo in #1088
- TW review by @olgahryniuk in #1087
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1084
- Enhance Mithril relay configuration by @jpraynaud in #1089
- Remove legacy store adapters & fix prune of stake pool & epoch settings by @Alenar in #1076
- Add
sign
sub-command in aggregatorgenesis
command by @jpraynaud in #1082 - Update dependencies by @jpraynaud in #1093
- Enhance Run a Mithril Signer as an SPO guide by @dlachaumepalo in #1071
- Greg/668/single signature by @ghubertpalo in #1107
- Upgrade Cardano node to
8.1.2
by @jpraynaud in #1092 - Common protocol key type for serialization of Stm types by @Alenar in #1108
- Factorize hardcoded keys by @Alenar in #1109
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1113
- Getting started: capitalization edits by @olgahryniuk in #1119
- TW review of mithril-aggregator.md by @olgahryniuk in #1117
- Curiecrypt/resolve flaky test by @curiecrypt in #1105
- TW review of mithril-signer.md by @olgahryniuk in #1120
- TW review of mithril-client.md by @olgahryniuk in #1121
- Update
README
by @jpraynaud in #1118 - Update current documentation by @jpraynaud in #1123
- Protocol key for Multi and Genesis signature by @Alenar in #1124
- Simplify epoch type by implementing Deref & TryInto by @Alenar in #1126
- Aggregator Stress Test - Phase 1 by @jpraynaud in #1062
- Ingest metrics/logs in Grafana by @jpraynaud in #1128
- Add signers registered route to aggregator by @Alenar in #1129
- Speedup node bootstrap after client download by @Alenar in #1132
- Add snapshot archive verification by @jpraynaud in #1138
- Clean ssh keys of infrastructure by @jpraynaud in #1142
Full Changelog: 2329.0...2331.1
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet |
✔️ |
release-preprod |
✔️ |
pre-release-preview |
✔️ |
testing-preview |
✔️ |
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.67 |
mithril-client | 0.3.27 |
mithril-common | 0.2.89 |
mithril-signer | 0.2.65 |
mithril-stm | 0.2.20 |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2331.1-pre
What's Changed since 2331.0-pre
- Speedup node bootstrap after client download by @Alenar in #1132
- Add snapshot archive verification by @jpraynaud in #1138
- Clean ssh keys of infrastructure by @jpraynaud in #1142
Full Changelog: 2331.0-pre...2331.1-pre
What's Changed since 2329.0
- Fix crates versions not shown in release notes by @jpraynaud in #1070
- Minor editing tweaks to 'Welcome' by @olgahryniuk in #1068
- nix: improve caching strategy to share deps among artifacts. by @jbgi in #1069
- Tech writing review by @olgahryniuk in #1067
- Add
release-mainnet
configuration in documentation and explorer by @jpraynaud in #1065 - Update current documentation by @jpraynaud in #1072
- Add dev blog post for
mainnet
Beta launch by @jpraynaud in #1074 - nix: fix build of common/stm, improve caching by @jbgi in #1077
- Ensemble/668/refacto crypto entities by @ghubertpalo in #1075
- Bundle openssl with released binaries by @Alenar in #1079
- fix verification key (de)serialization by @ghubertpalo in #1088
- TW review by @olgahryniuk in #1087
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1084
- Enhance Mithril relay configuration by @jpraynaud in #1089
- Remove legacy store adapters & fix prune of stake pool & epoch settings by @Alenar in #1076
- Add
sign
sub-command in aggregatorgenesis
command by @jpraynaud in #1082 - Update dependencies by @jpraynaud in #1093
- Enhance Run a Mithril Signer as an SPO guide by @dlachaumepalo in #1071
- Greg/668/single signature by @ghubertpalo in #1107
- Upgrade Cardano node to
8.1.2
by @jpraynaud in #1092 - Common protocol key type for serialization of Stm types by @Alenar in #1108
- Factorize hardcoded keys by @Alenar in #1109
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1113
- Getting started: capitalization edits by @olgahryniuk in #1119
- TW review of mithril-aggregator.md by @olgahryniuk in #1117
- Curiecrypt/resolve flaky test by @curiecrypt in #1105
- TW review of mithril-signer.md by @olgahryniuk in #1120
- TW review of mithril-client.md by @olgahryniuk in #1121
- Update
README
by @jpraynaud in #1118 - Update current documentation by @jpraynaud in #1123
- Protocol key for Multi and Genesis signature by @Alenar in #1124
- Simplify epoch type by implementing Deref & TryInto by @Alenar in #1126
- Aggregator Stress Test - Phase 1 by @jpraynaud in #1062
- Ingest metrics/logs in Grafana by @jpraynaud in #1128
- Add signers registered route to aggregator by @Alenar in #1129
- Speedup node bootstrap after client download by @Alenar in #1132
- Add snapshot archive verification by @jpraynaud in #1138
- Clean ssh keys of infrastructure by @jpraynaud in #1142
Full Changelog: 2329.0...2331.1-pre
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet |
⛔ |
release-preprod |
⛔ |
pre-release-preview |
✔️ |
testing-preview |
✔️ |
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.67 |
mithril-client | 0.3.27 |
mithril-common | 0.2.89 |
mithril-signer | 0.2.65 |
mithril-stm | 0.2.20 |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2331.0-pre
What's Changed
- Fix crates versions not shown in release notes by @jpraynaud in #1070
- Minor editing tweaks to 'Welcome' by @olgahryniuk in #1068
- nix: improve caching strategy to share deps among artifacts. by @jbgi in #1069
- Tech writing review by @olgahryniuk in #1067
- Add
release-mainnet
configuration in documentation and explorer by @jpraynaud in #1065 - Update current documentation by @jpraynaud in #1072
- Add dev blog post for
mainnet
Beta launch by @jpraynaud in #1074 - nix: fix build of common/stm, improve caching by @jbgi in #1077
- Ensemble/668/refacto crypto entities by @ghubertpalo in #1075
- Bundle openssl with released binaries by @Alenar in #1079
- fix verification key (de)serialization by @ghubertpalo in #1088
- TW review by @olgahryniuk in #1087
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1084
- Enhance Mithril relay configuration by @jpraynaud in #1089
- Remove legacy store adapters & fix prune of stake pool & epoch settings by @Alenar in #1076
- Add
sign
sub-command in aggregatorgenesis
command by @jpraynaud in #1082 - Update dependencies by @jpraynaud in #1093
- Enhance Run a Mithril Signer as an SPO guide by @dlachaumepalo in #1071
- Greg/668/single signature by @ghubertpalo in #1107
- Upgrade Cardano node to
8.1.2
by @jpraynaud in #1092 - Common protocol key type for serialization of Stm types by @Alenar in #1108
- Factorize hardcoded keys by @Alenar in #1109
- Update Mainnet Beta Launch dev blog post by @jpraynaud in #1113
- Getting started: capitalization edits by @olgahryniuk in #1119
- TW review of mithril-aggregator.md by @olgahryniuk in #1117
- Curiecrypt/resolve flaky test by @curiecrypt in #1105
- TW review of mithril-signer.md by @olgahryniuk in #1120
- TW review of mithril-client.md by @olgahryniuk in #1121
- Update
README
by @jpraynaud in #1118 - Update current documentation by @jpraynaud in #1123
- Protocol key for Multi and Genesis signature by @Alenar in #1124
- Simplify epoch type by implementing Deref & TryInto by @Alenar in #1126
- Aggregator Stress Test - Phase 1 by @jpraynaud in #1062
- Ingest metrics/logs in Grafana by @jpraynaud in #1128
- Add signers registered route to aggregator by @Alenar in #1129
Full Changelog: 2329.0...2331.0-pre
Networks Compatibility ⚠️
Network | Compatible |
---|---|
release-mainnet |
⛔ |
release-preprod |
⛔ |
pre-release-preview |
✔️ |
testing-preview |
✔️ |
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.66 |
mithril-client | 0.3.26 |
mithril-common | 0.2.89 |
mithril-signer | 0.2.65 |
mithril-stm | 0.2.20 |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2329.0
What's Changed
- Fix documentation by @jpraynaud in #1032
- Fix failing end to end test in Hydra CI by @jpraynaud in #1031
- Remove certificate hash from Artifact by @dlachaumepalo in #1027
- Fix QA issues by @jpraynaud in #1034
- Update dependencies by @jpraynaud in #1036
- Update current documentation by @jpraynaud in #1038
- check epoch when validating certificate chain by @ghubertpalo in #1033
- Update Signer Deployment Models Firewall documentation by @jpraynaud in #1042
- Add monitoring persistent storage by @jpraynaud in #1039
- Fix prometheus infrastructure by @jpraynaud in #1044
- Add
created_at
field in Mithril Stake Distribution messages by @dlachaumepalo in #1047 - #1023 - fix flaky end-to-end tests by @ghubertpalo in #1050
- Add monitoring
loki
endpoint by @jpraynaud in #1046 - CI: Build linux binaries using ubuntu 20-04 and add vulnerabilities check by @Alenar in #1043
- Fix dependency-review check when merging to main by @Alenar in #1054
- Factorize crypto operation by @Alenar in #1045
- Add SPO On-boarding Guide by @jpraynaud in #1051
- Aggregator refactoring: services and dependencies container by @ghubertpalo in #1057
- Add run-only option in mithril-end-to-end test by @dlachaumepalo in #1052
- Add min libc version to distribution release note by @Alenar in #1056
- Fix min libc message in distribution release notes by @Alenar in #1059
- Upgrade Rust
1.71.0
by @jpraynaud in #1060 - Tech writing review by @olgahryniuk in #1061
- Add
mainnet
verification keys & address in infrastructure by @jpraynaud in #1063 - Tech writing review by @olgahryniuk in #1064
- Add
release-mainnet
deployment to CD by @jpraynaud in #1066
New Contributors
- @olgahryniuk made their first contribution in #1061
Full Changelog: 2327.0...2329.0
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.53 |
mithril-client | 0.3.20 |
mithril-common | 0.2.79 |
mithril-signer | 0.2.61 |
mithril-stm | 0.2.19 |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2329.0-pre
What's Changed
- Fix documentation by @jpraynaud in #1032
- Fix failing end to end test in Hydra CI by @jpraynaud in #1031
- Remove certificate hash from Artifact by @dlachaumepalo in #1027
- Fix QA issues by @jpraynaud in #1034
- Update dependencies by @jpraynaud in #1036
- Update current documentation by @jpraynaud in #1038
- check epoch when validating certificate chain by @ghubertpalo in #1033
- Update Signer Deployment Models Firewall documentation by @jpraynaud in #1042
- Add monitoring persistent storage by @jpraynaud in #1039
- Fix prometheus infrastructure by @jpraynaud in #1044
- Add
created_at
field in Mithril Stake Distribution messages by @dlachaumepalo in #1047 - #1023 - fix flaky end-to-end tests by @ghubertpalo in #1050
- Add monitoring
loki
endpoint by @jpraynaud in #1046 - CI: Build linux binaries using ubuntu 20-04 and add vulnerabilities check by @Alenar in #1043
- Fix dependency-review check when merging to main by @Alenar in #1054
- Factorize crypto operation by @Alenar in #1045
- Add SPO On-boarding Guide by @jpraynaud in #1051
- Aggregator refactoring: services and dependencies container by @ghubertpalo in #1057
- Add run-only option in mithril-end-to-end test by @dlachaumepalo in #1052
- Add min libc version to distribution release note by @Alenar in #1056
- Fix min libc message in distribution release notes by @Alenar in #1059
- Upgrade Rust
1.71.0
by @jpraynaud in #1060 - Tech writing review by @olgahryniuk in #1061
- Add
mainnet
verification keys & address in infrastructure by @jpraynaud in #1063 - Tech writing review by @olgahryniuk in #1064
- Add
release-mainnet
deployment to CD by @jpraynaud in #1066
New Contributors
- @olgahryniuk made their first contribution in #1061
Full Changelog: 2327.0...2329.0-pre
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.53 |
mithril-client | 0.3.20 |
mithril-common | 0.2.79 |
mithril-signer | 0.2.61 |
mithril-stm | 0.2.19 |
Linux Requirements
The Linux binaries target glibc
: to run them or install the .deb
packages you must have glibc
version 2.31+
installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+
or Debian 11+
(Bullseye)).
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️
Mithril v2327.0
What's Changed
- Fix curl commands for latest snapshot digest in docs by @jpraynaud in #943
- Update Mithril logo by @jpraynaud in #940
- Add Certificate list route to aggregator REST API by @jpraynaud in #949
- Update dependencies & rotate current doc by @jpraynaud in #950
- Ensemble/895/mithril client snapshot commands by @ghubertpalo in #951
- Upgrade Rust
1.70.0
by @jpraynaud in #959 - Greg/960/refactoring client by @ghubertpalo in #963
- Stake distribution client subcommand by @ghubertpalo in #966
- 899/greg/ete msd command by @ghubertpalo in #968
- Fix retrieve open message from correct epoch by @jpraynaud in #964
- Fix clean epoch Certifier service by @jpraynaud in #970
- Enhance terraform infrastructure by @jpraynaud in #957
- Enhance ImmutableDigesterError::NotEnoughImmutable error by @dlachaumepalo in #971
- Greg/960/refacto digester by @ghubertpalo in #972
- Fix
Mithril Client multi-platform test
workflow by @jpraynaud in #965 - add blog article about new client API by @ghubertpalo in #975
- Update Mithril Client documentation by @dlachaumepalo in #974
- update client architecture documentation by @ghubertpalo in #976
- Fix aggregator
SIGNING
state dead-loop by @jpraynaud in #985 - Fix snapshot download command error with --download-dir option in client by @dlachaumepalo in #981
- Update dependencies by @jpraynaud in #990
- Upgrade Rust outdated dependencies by @jpraynaud in #992
- Greg/967/stake distribution artifact by @ghubertpalo in #980
- Upgrade Cardano node to
8.1.1
by @jpraynaud in #997 - fix hanging critical error by @ghubertpalo in #996
- Add log with node version at startup in aggregator/signer by @dlachaumepalo in #995
- Signer deployment model by @jpraynaud in #999
- nix: bump crane to fix build. Add basic hydraJobs. by @jbgi in #1002
- Uniformise datetime usage by @Alenar in #994
- Fix rfc3339 datetime migration by @Alenar in #1005
- Update dependencies by @jpraynaud in #1009
- Fix master certificate retrieval by @Alenar in #1007
- Simplify aggregator integration tests by @Alenar in #1003
- Greg/982/refactoring client by @ghubertpalo in #998
- Fix flaky end to end tests by @jpraynaud in #977
- Fix darwin nix build by @jbgi in #1008
- Clean pending_snapshot directory of aggregator by @dlachaumepalo in #1011
- Update dependencies by @jpraynaud in #1014
- refactor client snapshot download by @ghubertpalo in #1012
- Signer deployment model dev blog post by @jpraynaud in #1016
- Aggregator Recompute cert hash command by @Alenar in #1013
- Implement Mithril Relay in infra by @jpraynaud in #1021
- retry when artifact creation failed by @ghubertpalo in #1019
- Update openapi spec examples by @dlachaumepalo in #1020
- Use cargo-nextest to run test on CI and reenable tests report by @Alenar in #1022
- nix: bump nixpkgs to get newer rustc by @jbgi in #1025
- Sqlite upgrade and bundling by @Alenar in #1024
- Add infrastructure monitoring by @jpraynaud in #1026
- Signer verification key discrepancy by @Alenar in #1028
- nix: increase cargo verbosity to avoid hitting max-silent-time by @jbgi in #1029
New Contributors
Full Changelog: 2321.1...2327.0
Crates Versions
Crate | Version |
---|---|
mithril-aggregator | 0.3.46 |
mithril-client | 0.3.14 |
mithril-common | 0.2.73 |
mithril-signer | 0.2.57 |
mithril-stm | 0.2.17 |
Verify the authenticity of a downloaded asset
Detailed procedure to verify an asset
- Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
- Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
- Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
- Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***
You must see:
./***YOUR_ASSET_FILE***: OK
- Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
- Step 6: Then import the GPG public key:
gpg --import ./gpg-public.key
You must see something like:
gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
- Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./gpg-public.key ./CHECKSUM.asc
You must see something like:
gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg: using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388 E655 899A CD26 B8BC A0D2
The signature is valid if and only if:
- there is a line with
gpg: Good signature from "Input Output / Mithril <[email protected]>"
- there is a line with
Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
- Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [[email protected]] and let us know of the outcome of your run of this process⚠️