Skip to content

Releases: celo-org/celo-monorepo

ContractKit SDKs v3.0.0

02 Dec 20:50
8ff0094
Compare
Choose a tag to compare

New Features

This release provides SDK support for querying ODIS 2.0.0, including the new ODIS quota endpoints. Changes are primarily in the @celo/identity SDK.

Breaking Changes

@celo/identity

  • It is no longer possible to query ODIS v1 in this version. Note that the previous quota calculation logic is still available under the "legacy PNP" endpoint in ODIS 2.0.0 (initially). We encourage upgrading to the new and improved PNP endpoint, as the legacy endpoint will eventually be deprecated.
    • Underlying ODIS service URL has been updated.
  • Several function signatures have changed, notably:
    • getPhoneNumberIdentifier: new required parameters -- existing function calls must be updated.
    • queryOdis: new required parameters -- existing function calls must be updated.
    • getBlindedPhoneNumberSignature: optional parameters have changed -- existing function calls should be reviewed and possibly updated.
  • Request and response types must now be imported directly from @phone-number-privacy-common.
  • Code related to ODIS matchmaking, including OdisUtils.Matchmaking, has been removed.

Other

  • Reverts support for StableTokenRegistry, see this PR for more details

Fixes

  • Provides more helpful error messages when instantiating the default WasmBlsBlindingClient.

Upgrades

  • @phone-number-privacy-common from 1.0.39 to 2.0.0
  • @celo/poprf from ^0.1.6 to ^0.1.9

ODIS 2.0.0

02 Dec 20:52
8ff0094
Compare
Choose a tag to compare

@oblivious-decentralized-identifier-service-2.0.0

ODIS 2.0.0 is a complete refactor of ODIS that adds support for

  • The CIP40 API and PEAR Account Recovery protocol.
  • Improved rate limiting via OdisPayments.sol to support the Federated Attestations Identity protocol (CIP51)
  • Multiple key versions, to enable future key rotations and enhanced security

ODIS signers should upgrade to us.gcr.io/celo-testnet/celo-monorepo:oblivious-decentralized-identifier-service-2.0.0

Before upgrading

  1. Please ensure that your key shares are named correctly in your keyvault prior to upgrading your signer.
  • If you are using Azure or AWS , the original bls share should be named phoneNumberPrivacy-1 and the more recent version of that key share (generated during the resharing ceremony on 10/22/21) should be labeled phoneNumberPrivacy-2. The CIP40 key share generated during the DKG ceremony on 10/22/21 should be named domains-1.
  • If you are using Google Cloud, you should create two keys named phoneNumberPrivacy (with versions 1 and 2) and domains (with only version 1). The KEYSTORE_GOOGLE_SECRET_NAME env variable isn't used anymore.
  • Please do not delete or rename any existing shares, but rather add the shares to your vault as duplicates under these new names. If you are unsure for any reason about how to label your key shares please reach out on Discord. If you would like to setup time to go through the update synchronously, don't hesitate to reach out.
  1. Please ensure that you have set the following environment variables to true in order to enable all APIs (See Signer README for more info)
    LEGACY_PHONE_NUMBER_PRIVACY_API_ENABLED
    PHONE_NUMBER_PRIVACY_API_ENABLED
    DOMAINS_API_ENABLED

NOTE / UPDATE : This upgrade is currently incompatible with MySQL. If you're using MySQL for your signer DB, please let us know and hold off on upgrading.

NOTE: You will not be able to roll back the upgrade because the database will be updated in a non-backwards compatible way. If your signer is having trouble starting up, it is almost certainly an issue with how your keys are labeled. Please double check your key configuration prior to upgrading, and if an issue does occur there's no need to worry. The system is able to handle limited downtime from 1 or 2 signers at a time and we will be readily available on discord to help troubleshoot.

After upgrading

  1. Please checkout celo-monorepo on master, run yarn && yarn build from the root directory (might take 10-15 mins), and follow the Validating before going live instructions in the Signer README to test that your service is configured properly. If you encounter difficulties or would like further guidance, don't hesitate to reach out on Discord.
  2. Please post in the Discord channel once your upgraded service is live and passing the configuration tests.

@phone-number-privacy-common 2.0.0

New Features

Support for ODIS 2.0.0, including new types, enums, error messages, and more. From now on, request and response types should be imported directly from this package instead of the identity SDK when directly querying ODIS, or else using the convenience query methods in the identity SDK.

Fixes

  • Removes blind-threshold-bls dependency to allow for browser compatibility.
  • Removes btoa dependency.

Breaking Changes

  • This is a major release and is not backwards compatible for use with ODIS v1.
  • The previous quota logic is still (initially) available in ODIS 2.0 and is referred to as the "legacy PNP" (LEGACY_PNP) throughout the code base and SDKs. We encourage folks to upgrade to the new and improved PNP endpoint, as the legacy endpoint will eventually be deprecated.

Upgrades

  • (devDependency) @celo/poprf from ^0.1.6 to ^0.1.9
  • celo SDK dependencies and ContractKit from 2.2.1 to 3.0.0

@celo/celocli 1.7.3

13 Oct 16:25
54ab996
Compare
Choose a tag to compare

Fixes

  • Cannot find module '@celo/contractkit/src/wrappers/BaseWrapper'

ContractKit SDKs v2.3.0

@celo/celocli 1.7.2

11 Oct 13:48
1522250
Compare
Choose a tag to compare

fixes

This Release fixes issue with 1.7.1. not being able to approve until 1.3.0.0 Governance.sol is deployed. Approve fails since it expects proposal in Referendum stage.

1.7.2 is compatible with both pre 1.3.0.0 and post 1.3.0.0 Governance

package

https://www.npmjs.com/package/@celo/celocli/v/1.7.2

ContractKit SDKs v2.2.0

29 Sep 11:07
4deea97
Compare
Choose a tag to compare

Celo CLI @1.7.1

29 Sep 11:20
4deea97
Compare
Choose a tag to compare

New Features

Upgrades

  • use @celo/ContractKit/ + @celo/connect 2.2.0

using

yarn add @celo/[email protected]

special notes

1.7.0 was accidentally published pointing to alpha release of @celo/contrctkit without alpha tag or name. but is otherwise essentially identical

Core Contracts Release 8

05 Aug 10:37
4bf959b
Compare
Choose a tag to compare

Release Notes:

This is the eighth release of the Celo Core Contracts. It follows the release process per the docs.

Audits:

  • Hacken.io Core Contracts Release 8 audit: Report
  • Verilog Solutions Core Contracts Release 8 audit: Report

Key updates in this release:

Release 8 adds a new identity registry contract, FederatedAttestations.sol, to the Celo Core Contracts. Similar to Attestations.sol, this new contract records mappings from bytes32 identifiers to addresses, and is used primarily to resolve off-chain identities like phone numbers to addresses so that users can more easily send each other payments. The Federated Attestations protocol introduces 'trusted' issuers that verify claims about a user's identity, such as their phone number (see this doc for more info). In the original Celo identity protocol, Attestations.sol mappings can only be updated by a fixed 'issuer', which is a randomly selected quorum of 3 Celo Validators that must each verify the user's phone number by sending separate SMS messages. This design minimizes trust requirements, but leads to subpar UX and performance. The FederatedAttestations.sol contract partitions the identifier to address mapping by issuer so that users of the contract can filter for mappings verified by issuers they trust, such as well-known telcos or mobile wallets. This allows applications that trust each other to benefit from an open and interoperable identity protocol while retaining control of their UX and performance. For example, a mobile wallet will now be able to verify phone numbers on Celo using any method of choice (i.e. secret code, magic link, SIM card) while also optimizing success rates in regions that are most critical for its specific market strategy.

In addition to FederatedAttestations.sol, release 8 includes updates to Escrow.sol to allow escrowed payments to be gatekeeped by the same 'trusted' issuer logic described above (see this design doc for more info)

Finally, release 8 adds a new OdisPayments.sol contract to which future payments for ODIS quota will be directed. ODIS is a distributed system consisting of 7 'signers' each possessing a partial share of a BLS private key (see the docs for more info). These signers accept requests to sign blinded messages according to a rate limit determined by the request type. In both the original identity protocol and the new Federated Attestations protocol phone numbers are signed by ODIS and hashed before they are recorded on-chain to preserve user privacy. The goal of ODIS's rate limit is to impose a cost on querying phone number identifiers so that reading phone numbers from the blockchain in large quantities is prohibitively expensive. While the original ODIS rate limit imposed this cost by calculating quota as a function of on-chain transaction history, the new rate limit will impose this cost by requiring direct payments to a smart contract. This change has been made in order to make ODIS's privacy guarantees more explicit, and is enabled by the fact that most ODIS requests will now be routed through issuer servers as part of the Federated Attestations protocol. (see this PR for more details)

Specific Version Updates:

Contract Name Old New
Escrow 1.1.1.2 1.2.0.0
FederatedAttestations 0.0.0.0 1.1.0.0
UsingRegistryV2 1.0.0.0 1.1.1.0
UsingRegistryV2BackwardsCompatible 0.0.0.0 1.1.0.0
OdisPayments 0.0.0.0 1.1.0.0

ContractKit SDKs v2.1

22 Aug 09:40
3474007
Compare
Choose a tag to compare

What's Changed

new features

Upgrades

  • Update google-libphonenumber and types by @MuckT in #9531

CLI 1.6

22 Aug 09:40
3474007
Compare
Choose a tag to compare

What's Changed

  • add setWalletAddress command to celocli by @critesjosh in #9134
  • use ContractKit / SDKs version 2.1 in CLI
  • Make governance tooling work with arbitrary transactions by @bowd in #9735