Skip to content

Releases: microsoft/CCF

ccf-0.12.0

29 Jul 15:57
851e8ba
Compare
Choose a tag to compare

New:

  • Tooling
    • New Python proposal and vote generator (#1370). See docs.
    • New CCF tools Python package for client, ledger parsing and member proposal/vote generation (#1429, #1435). See docs.
  • HTTP endpoints
    • Templated URI for HTTP endpoints (#1384, #1393).
    • New remove_user proposal (#1379).
    • New node endpoints: /node/state and /node/is_primary (#1387, #1439)
    • New metrics endpoint (#1422).

Changed:

  • Tooling
    • Updated version of Open Enclave (0.10) (#1424). Users should use the Intel PSW tested with Open Enclave 0.10, see Open Enclave releases notes: https://github.com/openenclave/openenclave/releases/tag/v0.10.0 for more details.
    • CCF releases no longer include a build of Open Enclave, instead the upstream binary release should be used. Playbooks and containers have been updated accordingly (#1437).
    • CCF is now built with LVI mitigations (#1427). CCF should now be built with a new LVI-enabled toolchain, available via CCF playbooks and containers.
    • Updated version of snmalloc (#1391).
  • HTTP endpoints
    • Pass PEM certificates rather than byte-arrays (#1374).
    • Member /ack schema (#1395).
    • Authorisation HTTP request header now accepts unquoted values (#1411).
    • Fix double opening of /app on backups after recovery (#1445).
  • Other
    • Merkle tree deserialisation fix (#1363).
    • Improve resilience of node-to-node channels (#1371).
    • First Raft election no longer fails (#1392).
    • Fix message leak (#1442).

Removed:

  • mkSign endpoint (#1398).

ccf-0.11.7

01 Jul 09:21
8a7bfc3
Compare
Choose a tag to compare

Changed

  1. Fix a bug that could cause signatures not to be recorded on transactions hitting conflicts (#1346)
  2. Fix a bug that could allow transactions to be executed by members before a recovered network was fully opened (#1347)
  3. Improve error reporting on transactions with invalid signatures (#1356)

Added

  1. All format and linting checks are now covered by scripts/ci-checks.sh (#1359)
  2. node/code RPC returns all code versions and their status (#1351)

ccf-0.11.4

26 Jun 13:03
a5d60b1
Compare
Choose a tag to compare

Changed

  • Fix application runtime container, which had been missing a dependency in the previous release (#1340)
  • Add clang-format to the application CI container, to facilitate application development (#1340)
  • Websocket handlers are now distinct, and can be defined by passing ws::Verb::WEBSOCKET as a verb to make_endpoint() (#1333)
  • Custom KV serialisation is documented

ccf-0.11.1

25 Jun 13:07
Compare
Choose a tag to compare

Added

  • CLI tool for managing recovery shares (#1295). usage
  • New standard endpoint node/ids for retrieving node ID from IP address (#1319).
  • Support for read-only transactions. Use tx.get_read_only_view to retrieve read-only views, and install with make_read_only_endpoint if all operations are read-only.
  • Support for distinct handlers on the same URI. Each installed handler/endpoint is now associated with a single HTTP method, so you can install different operations on POST /foo and GET /foo.

Changed

  • The frontend names, used as a prefix on all URIs, have been changed. Calls to /members/... or /users/... should be replaced with /gov/... and /app/... respectively. The old paths will return HTTP redirects in this release, but may return 404 in a future release (#1325).
  • App-handler installation API has changed. install(URI, FN, READWRITE) should be replaced with make_endpoint(URI, VERB, FN).install(). Existing apps should compile with deprecation warnings in this release, but the old API will be removed in a future release. See this diff of logging.cpp for an example of the required changes.
  • Improved quickstart documentation (#1298, #1316).
  • Member ACKs are required, even when the service is opening (#1318).
  • The naming scheme for releases has changed to be more consistent. The tags will now be in the form ccf-X.Y.Z.

0.11

15 Jun 18:18
aa85cd8
Compare
Choose a tag to compare
0.11 Pre-release
Pre-release

Changed:

  • KV reorganisation to enable app-defined serialisation (#1179, #1216, #1234)

kv.h has been split into multiple headers so apps may need to add includes for kv/store.h and kv/tx.h. The typedefs ccf::Store and ccf::Tx have been removed; apps should now use kv::Store and kv::Tx.

CCF now deals internally only with serialised data in its tables, mapping byte-vectors to byte-vectors. By default all tables will convert their keys and values to msgpack, using the existing macros for user-defined types. Apps may define custom serialisers for their own types - see kv/serialise_entry_json.h for an example.

  • Fixed issues that affected the accuracy of tx status reporting (#1157, #1150)
  • All RPCs and external APIs now use view and seqno to describe the components of a transaction ID, regardless of the specific consensus implementation selected (#1187, #1227)
  • Improved resiliency of recovery process (#1051)
  • foreach early-exit semantics are now consistent (#1222)
  • Third party dependency updates (#1144, #1148, #1149, #1151, #1155, #1255)
  • All logging output now goes to stdout, and can be configured to be either JSON or plain text (#1258) doc
  • Initial support for historical query handlers (#1207) sample
  • Implement the equivalent of "log rolling" for the ledger (#1135) doc
  • Internal RPCs renamed to follow more traditional REST conventions (#968) doc

Added:

  • Support for floating point types in default KV serialiser (#1174)
  • The start_test_network.sh script now supports recovering an old network with the --recover flag (#1095) doc
  • Application CI and runtime containers are now available (#1178)
    1. ccfciteam/ccf-app-ci:0.11 is recommended to build CCF applications
    2. ccfciteam/ccf-app-run:0.11 is recommended to run CCF nodes, for example in k8s
  • Initial websockets support (#629) sample

Removed:

ccf::Store and ccf::Tx typdefs, in favour of kv::Store and kv::Tx.

v0.10

01 May 15:35
Compare
Choose a tag to compare
v0.10 Pre-release
Pre-release

New

  • Brand new versioned documentation: https://microsoft.github.io/CCF.
  • New /tx endpoint to check that a transaction is committed (#1111). See docs.
  • Disaster recovery is now performed with members key shares (#1101). See docs.
  • Open Enclave install is included in CCF install (#1125).
  • New sgxinfo.sh script (#1081).
  • New --transaction-rate flag to performance client (#1071).

Changed

  • CCF now uses Open Enclave 0.9 (#1098).
  • cchost's --enclave-type is release by default (#1083).
  • keygenerator.sh's --gen-key-share option renamed to --gen-enc-key to generate member encryption key (#1101).
  • Enhanced view change support for PBFT (#1085, #1087, #1092).
  • JavaScript demo logging app is now more generic (#1110).
  • Updated method to retrieve time in enclave from host (#1100).
  • Correct use of Everycrypt hashing (#1098).
  • Maximum number of active members is 255 (#1107).
  • Python infra: handle proposals correctly with single member (#1079).
  • Dependencies updates (#1080, #1082).

Removed

  • cchost no longer outputs a sealed secrets file to be used for recovery (#1101).

0.9.3

16 Apr 12:09
7756118
Compare
Choose a tag to compare
0.9.3 Pre-release
Pre-release

Added

  1. Install artifacts include virtual build (#1072)
  2. add_enclave_library_c is exposed in ccp_app.cmake (#1073)

0.9.2

15 Apr 21:16
53e5648
Compare
Choose a tag to compare
0.9.2 Pre-release
Pre-release

Added

  • Handlers can decide if transaction writes are applied independently from error status (#1054)
  • Scenario Perf Client is now part of the CCF install to facilitate performance tests (#1058)

Changed

  • Handle writes when host is reconnecting (#1038)
  • Member tables are no longer whitelisted for raw_puts (#1041)
  • Projects including CCF's CMake files now use the same build type default (#1057)

0.9.1

01 Apr 12:46
dc1ae7f
Compare
Choose a tag to compare
0.9.1 Pre-release
Pre-release

Added

0.9

27 Mar 17:34
b1d3916
Compare
Choose a tag to compare
0.9 Pre-release
Pre-release

This pre-release improves support for handling HTTP requests.

Added

  • Key shares will be accepted after multiple disaster recovery operations (#992).
  • HTTP response headers and status can be set directly from handler (#921, #977).
  • Handlers can be restricted to accept only specific HTTP verbs (#966).
  • Handlers can accept requests without a matching client cert (#962).
  • PBFT messages are authenticated by each receiving node (#947).
  • snmalloc can be used as allocator (#943, #990).
  • Performance optimisations (#946, #971).
  • Install improvements (#983, #986).

Changed

  • HTTP request and responses no longer need to contain JSON-RPC objects (#930, #977).
  • Files and binaries have been renamed to use a consistent lower_snake_case (#989). Most app includes should be unaffected, but users of the luageneric app should now look for lua_generic.
  • Threading support relies on fixes from a recent build of OE (#990). Existing machines should re-run the ansible playbooks to install the current dependencies.
  • Consensus is chosen at run-time, rather than build-time (#922).
  • API for installing handlers has changed (#960). See the logging app or documentation for the current style.
  • Several standard endpoints are now GET-only, and must be passed a URL query (ie GET /users/getCommit?id=42).