Skip to content

Releases: ecadlabs/signatory

v1.1.4-rc

15 Aug 23:11
Compare
Choose a tag to compare
v1.1.4-rc Pre-release
Pre-release

Changelog

  • 0fc5162 Bump github.com/aws/aws-sdk-go from 1.44.305 to 1.44.318 (#430)
  • cc2c737 Bump github.com/go-playground/validator/v10 from 10.14.1 to 10.15.0 (#429)
  • 0cd8391 Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#428)
  • 97cd7e1 Bump golang.org/x/term from 0.10.0 to 0.11.0 (#427)
  • 1ac0b0c Coverage focused testcases (#426)
  • 7374c12 Upgrade go to version v1.21.0 and all dependencies (#433)
  • 38f44c3 avoid device or resource busy error

v1.1.3

03 Aug 19:23
b03183a
Compare
Choose a tag to compare

Changelog

  • b51a0ec Bump cloud.google.com/go/kms from 1.9.0 to 1.15.0 (#417)
  • 31a0709 Bump github.com/aws/aws-sdk-go from 1.44.219 to 1.44.305 (#400)
  • a7de510 Bump github.com/decred/dcrd/dcrec/secp256k1/v4 from 4.1.0 to 4.2.0 (#418)
  • f56ec1a Bump github.com/go-playground/validator/v10 from 10.11.2 to 10.14.1 (#392)
  • 4230b9a Bump github.com/golang-jwt/jwt/v5 from 5.0.0-rc.1 to 5.0.0 (#393)
  • c8911ac Bump github.com/prometheus/client_golang from 1.14.0 to 1.16.0 (#406)
  • 05f308c Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 (#394)
  • b260264 Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 (#409)
  • 771d62a Bump github.com/stretchr/testify from 1.8.2 to 1.8.4 (#396)
  • 08f5f58 Bump golang.org/x/crypto from 0.7.0 to 0.11.0 (#408)
  • 6cc9d24 Bump google.golang.org/api from 0.112.0 to 0.134.0 (#416)
  • 460ba53 Integrationtest codecoverage (#380)
  • e76b84c add dependabot config with separator as hyphen (#390)
  • 184de99 combined code coverage (#413)
  • 1c991b3 dependabot - disable npm, schedule go monday aft (#415)
  • 8469114 fix release changelog, currently only lists last commit (#424)
  • 16b4da9 integration tests - bump octez version to 17.2 (#414)
  • ad58b17 npm - replace slash with hyphen in branch name (#399)
  • b03183a use goreleaser conditionals properly (#422)

v1.1.3-rc

02 Aug 19:36
Compare
Choose a tag to compare
v1.1.3-rc Pre-release
Pre-release

Changelog

  • 50e98dd fix goreleaser config: use inert -v flag to avoid empty flags value

v1.1.2

17 Jul 18:42
9eef74d
Compare
Choose a tag to compare

Changelog

v1.1.1

06 Jul 18:01
11d91a4
Compare
Choose a tag to compare

This release is a patch release fixing 2 issues:

#379 - intermittent watermark validation error on block sign
#383 - fail to start with destroyed version in gcp kms

v1.1.0

14 Jun 10:53
515e271
Compare
Choose a tag to compare

Release Notes

  • client authentication and signing request authorization using JWT was added in this release. Please find full details in product documentation
  • watermark feature protecting against double baking updated to include round information introduced in the Tenderbake protocol. Operators running Signatory in a docker container should mount Signatory's /var/lib/signatory directory to the host filesystem to preserve the watermarks
  • significant integration test coverage has been added to Signatory's build pipeline
  • a number of documentation improvements have been made

Changelog

Full Changelog: v1.0.0-beta3...v1.1.0

Docker Images

docker pull ecadlabs/signatory:v1.1.0-amd64
docker pull ecadlabs/signatory:v1.1.0-arm64
docker pull ecadlabs/signatory:v1.1.0-armv7

v1.0.0-beta3

15 Mar 01:32
36138c3
Compare
Choose a tag to compare

Changelog

  • 0df82ce Document change to add file vault to import not supported vault list (#308)
  • 62769e0 Enable Mermaid diagram support on signatory website (#283)
  • edbe3de Fix pipeline triggering multiple times for PRs
  • 36138c3 Ledger/Speculos TCP APDU transport (#288)
  • 286c248 Remove redundant yarn.lock file from website folder
  • 7cd50a1 Revert "added signatory architecture page"
  • 5984cbd Update go dependencies to the latest version (#304)
  • 952e99a added diagram to readme and docs (#293)
  • 674df0a added signatory architecture page
  • cb5f30c chore: run npm audit fix for website (#284)
  • a91b80d chore: update docusarus to 2.2.0 and tidy npm deps (#280)
  • 047ce23 documentation improvements (#278)
  • e0805dc fix: update discord invite link and twitter link (#285)
  • 11a9150 fix: update footer to display Apache license. (#286)
  • 16b5f4f remove duplicate backend from readme (#277)
  • cbd96e2 small documentation changes (#287)

v1.0.0-beta2

19 Jan 04:07
b8a7a46
Compare
Choose a tag to compare

Changelog

  • bc0cc28 Docs upzo (#259)
  • b8a7a46 Import secrets are received without any terminal history (#267)
  • d900ee2 Rename tezos-client binaries to octez-client (#260)
  • c2d6ecb Revert "YubiSHM: append elliptic curve to the signature" (#272)
  • 27bc256 YubiSHM: append elliptic curve to the signature (#271)
  • 37ee34d YubiSHM: append elliptic curve to the signature (#273)
  • cd47445 secp256k1 updated to v4 (#256)
  • 74a0c56 update env name in integration test to limanet (#276)

Docker Images

docker pull ecadlabs/signatory:v1.0.0-beta2-amd64
docker pull ecadlabs/signatory:v1.0.0-beta2-arm64
docker pull ecadlabs/signatory:v1.0.0-beta2-armv7

v1.0.0-beta1

31 Oct 23:58
dd13b69
Compare
Choose a tag to compare

Changelog

Remote Policy Service

Docker Images

docker pull ecadlabs/signatory:v1.0.0-beta1-amd64
docker pull ecadlabs/signatory:v1.0.0-beta1-arm64
docker pull ecadlabs/signatory:v1.0.0-beta1-armv7

v0.4.0-beta

28 Oct 18:52
dae3146
Compare
Choose a tag to compare

Summary

This release of Signatory contains several new features and a lot of polish, making the service easier to configure and operate.

New Operations

Signatory only signs operations that it recognizes. We have added support for most new operation types, such as VDF Revelations, Increase Paid storage and TORU rollup commitments. Signatory is not only for Bakers. It is helpful for signing operations in many other contexts, such as hot wallets operated by an exchange, Oracles and commitments related to Layer 2 ORUs.

New config syntax for Policies

We simplified the YAML policy syntax structure to make it easier to understand. The old syntax still works, but Signatory will warn the Signatory operator to update their configuration to the new layout.

You can find example configurations with the new policy definition in the official docs Configuration Example - File-based Vault

Use animal-mnemonics for ledgers

To stay consistent with the Octez implementation, we now use the same "animal mnemonics" scheme to identify the root keys on a Ledger device.

Logging updates

Logs are more succinct, especially when signing batch operations.

Docker images

We now ship armv7 docker images.

Connect to all backends at startup

Signatory will now connect to all backends at startup and print details on each configured address. Previously, Signatory would be lazy and wait for a signing request before connecting to a backend. The new behaviour helps Signatory operators detect configuration issues quickly.

Bug Fixes

An Azure infinite loop condition was found and is fixed.

What's coming next?

We are busy adding support for new Lima operations. We are also adding a "Remote Policy Hook", which will allow Signatory operators to have Signatory send authentication requests to an external web service. This feature enables Signatory operators flexibility to compose their security defences precisely, given their threat profiles.

Docker Images

docker pull ecadlabs/signatory:v0.4.0-beta-amd64
docker pull ecadlabs/signatory:v0.4.0-beta-arm64
docker pull ecadlabs/signatory:v0.4.0-beta-armv7