Skip to content

Releases: microsoft/CCF

4.0.15

26 Feb 19:04
dcef0ce
Compare
Choose a tag to compare

Fixed

  • Improvements to the Raft implementation, to retain commit safety and liveness despite message loss (#6016).

Added

  • Added 2 new log lines which may be helpful diagnostics in production deployments, both including a new [rollback] tag.
  • [rollback] ... Dropping conflicting branch may be emitted after network partitions, and indicates that some Pending (non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.
  • [rollback] ... Ignoring conflicting AppendEntries could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).

Dependencies

  • The CCF Python package now requires cryptography 42.*

5.0.0-dev13

19 Feb 12:26
a9c0eb8
Compare
Choose a tag to compare
5.0.0-dev13 Pre-release
Pre-release

Fixed

  • Improvements to the Raft implementation, to retain commit safety and liveness despite message loss (#6016).

Added

  • Added 2 new log lines which may be helpful diagnostics in production deployments, both including a new [rollback] tag.
  • [rollback] ... Dropping conflicting branch may be emitted after network partitions, and indicates that some Pending (non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.
  • [rollback] ... Ignoring conflicting AppendEntries could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev12

24 Jan 21:09
c2b8a9e
Compare
Choose a tag to compare
5.0.0-dev12 Pre-release
Pre-release

Added

  • There is now a contains_globally_committed(k) method on kv::Set<K>, with the same semantics as get_globally_committed(k) on kv::Map<K, V> (#5928).

Changed

  • JS endpoints marked as "mode": "readonly" are prevented from writing to the KV. Attempting to call map.set(k, v), map.delete(k), or map.clear() on any KV table in such an endpoint will now result in an error being thrown (#5921).

Fixed

  • Nodes are now more robust to unexpected traffic on node-to-node ports (#5889).
  • Added a GET /node/backup endpoint, returning 200 when backup and 404 when not, for load balancers to use (#5789).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

4.0.14

09 Jan 14:09
6ddfb46
Compare
Choose a tag to compare

Fixed

  • Nodes are now more robust to unexpected traffic on node-to-node ports (#5889).
  • ccf.crypto.digest and ccf.crypto.isValidX509CertBundle are accessible again through ccf.digest and ccf.isValidX509CertBundle, to faciliate migration of CCF 3.x-era constitutions. The constitution sample under samples/constitutions/default/actions.js has been updated to show how migration is possible without relying on aliasing in 4.x.

5.0.0-dev11

20 Dec 10:39
5daf0c7
Compare
Choose a tag to compare
5.0.0-dev11 Pre-release
Pre-release

Removed

  • ccf::historical::adapter_v2 is removed, replaced by ccf::historical::adapter_v3 first introduced in 2.0.0.
  • ccf::EnclaveAttestationProvider has been removed. It is replaced by ccf::AttestationProvider
  • The attestation.environment.security_context_directory configuration entry and --snp-security-context-dir-var CLI option have been removed. SNP collateral must now be provided through the snp_security_policy_file, snp_uvm_endorsements_file and snp_endorsement_servers configuration values. See documentation for details and platform-specific configuration samples.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev10

15 Dec 17:56
7b3f22f
Compare
Choose a tag to compare
5.0.0-dev10 Pre-release
Pre-release
  • The url field in snp_endorsements_servers can now contain environment variables that will be resolved at startup, such as "$Fabric_NodeIPOrFQDN:2377" (#5862).
  • Add a new snp_security_policy_file configuration value under attestation, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR. The value can contain environment variables, for example: "snp_security_policy_file": "$UVM_SECURITY_CONTEXT_DIR/security-policy-base64".
  • Add a new snp_uvm_endorsements_file configuration value under attestation, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR. The value can contain environment variables, for example: "snp_uvm_endorsements_file": "$UVM_SECURITY_CONTEXT_DIR/reference-info-base64". This value can come from an untrusted location, like snp_security_policy_file and AMD endorsements (fetched from snp_endorsements_servers), because the CCF code contains pre-defined roots of trust.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev9

06 Dec 19:25
71194e4
Compare
Choose a tag to compare
5.0.0-dev9 Pre-release
Pre-release
  • snp_endorsements_servers now supports a THIM type, which is the recommended value when running in Confidential AKS preview.

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev8

04 Dec 14:47
4cdebed
Compare
Choose a tag to compare
5.0.0-dev8 Pre-release
Pre-release
  • ccf.crypto.generateEddsaKeyPair, pubEddsaPemToJwk and eddsaPemToJwk now support x25519 as well as curve25519 (#5846).
  • POST /recovery/members/{memberId}:recover is now authenticated by COSE Sign1, making it consistent with the other POST endpoints in governance, and avoiding a potential denial of service where un-authenticated and un-authorised clients could submit invalid shares repeatedly. The submit_recovery_share.sh script has been amended accordingly, and now takes a --member-id-privk and --member-id-cert (#5821).
  • CCF can now fetch SEV-SNP attestations from kernel 6.0 and above (#5848).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev7

15 Nov 07:25
e6b9842
Compare
Choose a tag to compare
5.0.0-dev7 Pre-release
Pre-release
  • POST /recovery/members/{memberId}:recover is now authenticated by COSE Sign1, making it consistent with the other POST endpoints in governance, and avoiding a potential denial of service where un-authenticated and un-authorised clients could submit invalid shares repeatedly. The submit_recovery_share.sh script has been amended accordingly, and now takes a --member-id-privk and --member-id-cert (#5821).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime

5.0.0-dev6

02 Nov 15:44
4fc9ad2
Compare
Choose a tag to compare
5.0.0-dev6 Pre-release
Pre-release
  • Lifted parser size limits on forwarded request from default values to more permissive ones. Note that the limits set out on the interface of the inbound node still apply (#5803).
  • ccf.crypto.unwrapKey() has been added to the JS API (#5792).

MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime