Skip to content

v3.0.0

Compare
Choose a tag to compare
@agouin agouin released this 24 May 19:35
· 47 commits to main since this release
aa4dc42

Highlights

  • Sign multiple chains from a single horcrux cluster. #122 #130 #144
  • The same config.yaml file can now be used on all cosigners #147
  • horcrux config migrate command to migrate config.yaml and share.json files from v2 to v3 format.
  • Each chain to sign blocks for must have a respective key {chain-id}_shard.json file. This serves as a dual purpose of authorizing chain IDs for validation and which key shard to sign blocks with for that chain.

Breaking Changes

  • Naming and grouping of config.yaml properties updated for clarity. (migrate to new format with horcrux config migrate)
  • chain-id in the config.yaml is no-longer-needed/ignored. The chain-id that will be used for the signature is now sourced from the vote/proposal sign requests from the sentries.
  • Cosigner share.json key shards, or single signer priv_validator_key.json, must now have relevant chain-id prepended to file name (now {chain-id}_shard.json or {chain-id}_priv_validator_key.json respectively). horcrux config migrate command is provided to automate this migration to the new v3 format.
  • Ed25519 priv_validator_key.json key sharding must be done per chain with horcrux create-ed25519-shards <chain-id> <priv-validator-key-file> <threshold> <number of cosigners (total shards)>.
  • Cosigner communication encryption keys are now a separate rsa_keys.json file per cosigner. They used to be generated in priv_validator_key.json sharding process, but now must be generated separately with horcrux create-rsa-shards <number of cosigners>. These keys were split out into a separate file per cosigner because they are one set of keys per cluster, not one set of keys per chain like the ed25519 keys.
  • horcrux config init no longer takes a [chain-id] argument.
  • horcrux cosigner start and horcrux signer start are now consolidated into horcrux start. The signMode in the config.yaml determines which mode will be used for signing.
  • horcrux cosigner address [bech32] command is now horcrux address <chain-id> [bech32]
  • horcrux state commands now require an additional chain-id argument.
  • Removed the following horcrux config CLI commands: chain-id set, peers add, peers remove, peers set-shares, nodes add, nodes remove.

Updating:

Due to Cosigner GRPC interface changes, a rolling update from a prior version is not supported.

  • shut down all cluster nodes and delete ~/.horcrux/raft directory
  • update binary or docker image to v3.0.0
  • run horcrux config migrate command to migrate key files and config to new format
  • start cosigner nodes back up

Changelog

New Contributors

Full Changelog: v2.1.1...v3.0.0