diff --git a/CHANGELOG.md b/CHANGELOG.md index 186a52c9cdc..becb8b09725 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,52 +10,57 @@ changes. ## [0.14.0] - UNRELEASED -- Remove hard-coded deposit of 2₳ from internal wallet. Now the wallet does only - use as much deposit for script outputs as minimally needed and reduces the Ada - locked throughout a head life-cycle. +- **BREAKING** Multiple changes to the Hydra Head protocol on-chain: -- Increase maximum number of parties to 5 + - Sign the head identifier as part of snapshot signature and verify it + on-chain. This fully addresses security advisory + [CVE-2023-42806](https://github.com/input-output-hk/hydra/security/advisories/GHSA-gr36-mc6v-72qq). -- **BREAKING** Sign the head identifier as part of snapshot signature - and verify it on-chain + - Switched to using inline datums instead of (optionally) published datums in + transactions. [#1162](https://github.com/input-output-hk/hydra/pull/1162) -- Removed false positive `PostTxOnChainFailed` error from API outputs when the - collect transaction of another `hydra-node` was "faster" than ours. + - Upgraded toolchain to GHC 9.6 and a newer `plutus-tx` compiler. -- Add a `hydra-chain-observer` executable to subscribe to a chain and just - observe Hydra Head transactions (with minimal information right now). +- **BREAKING** Internal persisted chain state serialization changed when + switching to inline datums. Make sure to close heads before and wipe the + `--persistence-dir` before using this `hydra-node` version. -- Improved `gen-hydra-keys` command to not overwrite keys if they are present - already. +- **BREAKING** Introduced messages resending logic in the `Network` layer to + improve reliability in the face of connection issues. + [#188](https://github.com/input-output-hk/hydra/issues/188) This persists + network messages on disk in order to gracefully handle crashes and detects + inconsistencies between persisted state and configuration. + +- Increased maximum number of parties to 5. This is possible to small + optimizations on the Head protocol transactions. + +- Removed hard-coded deposit of 2₳ from internal wallet. Now the wallet does + only use as much deposit for script outputs as minimally needed and reduces + the Ada locked throughout a head life-cycle. + [#1176](https://github.com/input-output-hk/hydra/pull/1176) - Clients are notified when head initialization is ignored via a new `IgnoredHeadInitializing` API server output. This helps detecting misconfigurations of credentials and head parameters (which need to match). [#529](https://github.com/input-output-hk/hydra/issues/529) -- Hydra node API `submit-transaction` endpoint now accepts three types of - encoding: Base16 encoded CBOR string, TextEnvelope type and JSON. - -- **BREAKING** Introduce messages resending logic in the `Network` - layer to improve reliability in the face of transient connection - issues. - -- Persist network messages on disk in order to gracefully handle crashes +- Removed false positive `PostTxOnChainFailed` error from API outputs when the + collect transaction of another `hydra-node` was "faster" than ours. + [#839](https://github.com/input-output-hk/hydra/issues/839) -- **BREAKING** Changes to Hydra scripts: - - Switch to using inline datums instead of (optionally) published datums in - transactions. - - Upgrading our toolchain to GHC 9.6 +- Hydra node API `submit-transaction` endpoint now accepts three types of + encoding: Base16 encoded CBOR string, a TextEnvelope with CBOR and full JSON. + [#1111](https://github.com/input-output-hk/hydra/issues/1111) -- **BREAKING** Changes to persisted state: - - The internal chain state serialization changed when switching to inline datums. +- Improved `gen-hydra-keys` command to not overwrite keys if they are present + already. [#1136](https://github.com/input-output-hk/hydra/issues/1136) -- Fixed TUI key bindings for exiting in dialogs. +- Add a `hydra-chain-observer` executable to subscribe to a chain and just + observe Hydra Head transactions (with minimal information right now). + [#1158](https://github.com/input-output-hk/hydra/pull/1158) -- Prevent users from resuming a Hydra node after changing its configurations. -Ensure that the node terminates when attempting to start a Hydra node with a -number of configured peers that doesn't match the persisted state (i.e., the -number of parties in the /acks vector). +- Fixed `hydra-tui` key bindings for exiting in dialogs. + [#1159](https://github.com/input-output-hk/hydra/issues/1159) ## [0.13.0] - 2023-10-03 @@ -72,9 +77,9 @@ number of parties in the /acks vector). - Remove hydra-tools package. Move functionality to generate hydra keys to the hydra-node executable. -Changes to `hydra-node` state persistency: - Remove the recursive definition of the chain state. - This makes the event store more lightweight and easier to read and work with. +- Changes to `hydra-node` state persistency: + - Remove the recursive definition of the chain state. + - This makes the event store more lightweight and easier to read and work with. ## [0.12.0] - 2023-08-18 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3ed6359a8c3..aebaf6e15ec 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -198,7 +198,8 @@ During development To perform a release of next ``: 1. Publish hydra scripts onto `preview`, `preprod`, and `mainnet` using the - [smoke test][smoke-test] and take note of the transaction ids. + [smoke test][smoke-test] and put the transaction ids as new `` + entries into [networks.json](./networks.json). 2. Update CHANGELOG.md by replacing `UNRELEASED` with a date in [ISO8601](https://en.wikipedia.org/wiki/ISO_8601) and prepare contents. 3. Run `./release.sh ` diff --git a/docs/docs/tutorial/index.md b/docs/docs/tutorial/index.md index aaa859d560b..b1b1176b143 100644 --- a/docs/docs/tutorial/index.md +++ b/docs/docs/tutorial/index.md @@ -41,11 +41,12 @@ components of the Cardano ecosystem, putting them in a `bin/` directory: ```shell mkdir -p bin -curl -L -O https://github.com/input-output-hk/hydra/releases/download/0.14.0/hydra-x86_64-linux-0.14.0.zip -unzip -d bin hydra-x86_64-linux-0.14.0.zip +version=0.13.0 +curl -L -O https://github.com/input-output-hk/hydra/releases/download/${version}/hydra-x86_64-linux-${version}.zip +unzip -d bin hydra-x86_64-linux-${version}.zip curl -L -o - https://github.com/input-output-hk/cardano-node/releases/download/8.1.2/cardano-node-8.1.2-linux.tar.gz \ | tar xz -C bin ./cardano-node ./cardano-cli -curl -L -o - https://github.com/input-output-hk/mithril/releases/download/2331.1/mithril-2331.1-linux-x64.tar.gz \ +curl -L -o - https://github.com/input-output-hk/mithril/releases/download/2347.0/mithril-2347.0-linux-x64.tar.gz \ | tar xz -C bin mithril-client chmod +x bin/* ``` @@ -55,8 +56,9 @@ chmod +x bin/* ```shell mkdir -p bin -curl -L -O https://github.com/input-output-hk/hydra/releases/download/0.14.0/hydra-aarch64-darwin-0.14.0.zip -unzip -d bin hydra-aarch64-darwin-0.14.0.zip +version=0.13.0 +curl -L -O https://github.com/input-output-hk/hydra/releases/download/${version}/hydra-aarch64-darwin-${version}.zip +unzip -d bin hydra-aarch64-darwin-${HYDRA_VERSION}.zip curl -L -o - https://github.com/input-output-hk/mithril/releases/download/2347.0/mithril-2347.0-macos-x64.tar.gz \ | tar xz -C bin curl -L -o - https://github.com/input-output-hk/cardano-node/releases/download/8.1.2/cardano-node-8.1.2-macos.tar.gz \ @@ -327,14 +329,14 @@ will be used on the layer two by the `hydra-node`. For this, we will use the ```shell -hydra-tools gen-hydra-key --output-file credentials/alice-hydra +hydra-node gen-hydra-key --output-file credentials/alice-hydra ``` ```shell -hydra-tools gen-hydra-key --output-file credentials/bob-hydra +hydra-node gen-hydra-key --output-file credentials/bob-hydra ``` @@ -379,11 +381,11 @@ In summary, the Hydra head participants exchanged and agreed on: ## Step 3: Start the Hydra node -With all these parameters defined, we now pick a version of the Head protocol we -want to use. This is defined by the `hydra-node --version` itself and the +With all these parameters defined, we now pick a HYDRA_VERSION of the Head protocol we +want to use. This is defined by the `hydra-node --HYDRA_VERSION` itself and the `--hydra-scripts-tx-id` which point to scripts published on-chain. -For all [released](https://github.com/input-output-hk/hydra/releases) versions +For all [released](https://github.com/input-output-hk/hydra/releases) HYDRA_VERSIONs of the `hydra-node` and common Cardano networks, the scripts do get pre-published and we can just use them. See the [user manual](../getting-started/quickstart#reference-scripts) for more information @@ -395,12 +397,13 @@ Let's start the `hydra-node` with all these parameters now: ```shell +version=0.13.0 hydra-node \ --node-id "alice-node" \ --persistence-dir persistence-alice \ --cardano-signing-key credentials/alice-node.sk \ --hydra-signing-key credentials/alice-hydra.sk \ - --hydra-scripts-tx-id e5eb53b913e274e4003692d7302f22355af43f839f7aa73cb5eb53510f564496 \ + --hydra-scripts-tx-id $(curl https://raw.githubusercontent.com/input-output-hk/hydra/master/networks.json | jq -r ".preprod.\"${version}\"") \ --ledger-protocol-parameters protocol-parameters.json \ --testnet-magic 1 \ --node-socket node.socket \ @@ -417,12 +420,13 @@ hydra-node \ ```shell +version=0.13.0 hydra-node \ --node-id "bob-node" \ --persistence-dir persistence-bob \ --cardano-signing-key credentials/bob-node.sk \ --hydra-signing-key credentials/bob-hydra.sk \ - --hydra-scripts-tx-id e5eb53b913e274e4003692d7302f22355af43f839f7aa73cb5eb53510f564496 \ + --hydra-scripts-tx-id $(curl https://raw.githubusercontent.com/input-output-hk/hydra/master/networks.json | jq -r ".preprod.\"${version}\"") \ --ledger-protocol-parameters protocol-parameters.json \ --testnet-magic 1 \ --node-socket node.socket \ @@ -697,7 +701,7 @@ You can do this through the websocket API one last time: { "tag": "Fanout" } ``` -This will again submit a transactin to the layer one and once successful is +This will again submit a transaction to the layer one and once successful is indicated by a `HeadIsFinalized` message which includes the distributed `utxo`. To confirm, you can query the funds of both, `alice` and `bob`, on the layer diff --git a/networks.json b/networks.json new file mode 100644 index 00000000000..32afe6ea3be --- /dev/null +++ b/networks.json @@ -0,0 +1,12 @@ +{ + "mainnet": { + "0.13.0": "989e3ab136a2cdd3132a99975e76e02f62bcb03ba64ddbb5d2dfddffca8d390d" + }, + "preprod": { + "0.13.0": "f917dcd1fa2653e33d6d0ca5a067468595b546120c3085fab60848c34f92c265", + "0.14.0": "d8ba8c488f52228b200df48fe28305bc311d0507da2c2420b10835bf00d21948" + }, + "preview": { + "0.13.0": "1e00c627ec4b2ad0b4aa68068d3818ca0e41338c87e5504cda118c4050a98763" + } +} diff --git a/release.sh b/release.sh index f76b55ad498..398ca1cc93c 100755 --- a/release.sh +++ b/release.sh @@ -7,13 +7,24 @@ cd $(dirname $0) main() { local version="$1" - [[ -z "$version" ]] && usage "Missing version number" + [[ -z "$version" ]] && usage "Missing version number" check_can_release "$version" prepare_release "$version" - publish_release "$version" # fake for now + publish_release_instructions "$version" +} + +# Like 'echo' but on stderr +err() { + echo >&2 "$1" +} + +# Print error and exit with status 1 +exit_err() { + err "$1" + exit 1 } usage() { @@ -23,7 +34,8 @@ usage() { $message $0 -Publishes a new release of hydra. + +Prepares a new release of hydra. must respect [Semantic Versioning](http://semver.org/) EOF @@ -33,9 +45,11 @@ EOF check_can_release() { local version="$1" - check_no_uncommited_changes + check_on_master + confirm_uncommitted_changes check_version_is_valid $version check_changelog_is_up_to_date $version + check_networks_is_up_to_date $version true #avoid error on last instruction of function (see bash -e) } @@ -57,29 +71,46 @@ prepare_release() { git tag -as "$version" -F <(changelog "$version") # Make branch release point to tag so that the website is published - git checkout release + git checkout --track origin/release git merge "${version}" --ff-only + + git checkout master } -publish_release() { +publish_release_instructions() { local version="$1" - >&2 echo Prepared the release commit and tag, review it now and if everything is okay, push using: - >&2 echo git push origin master - >&2 echo git push origin release - >&2 echo git push origin ${version} - >&2 echo - >&2 echo And then you shall manually create the release page, see CONTRIBUTING.md + err "Prepared the release commit and tag, review it now and if everything is okay, push using:" + err "" + err "git push origin master" + err "git push origin release" + err "git push origin ${version}" } # Checking helper functions -check_no_uncommited_changes() { +confirm_uncommitted_changes() { if [ ! -z "$(git status --porcelain)" ] then git status >&2 - echo >&2 - usage "Please commit your pending changes first" + echo >&2 "WARNING: You have unstaged changes. The release will stage everything and commit it." + ask_continue + fi +} + +# Ask user whethery they want to continue, exit with error if not +ask_continue() { + read -p "Do you want to continue? [y/n] " -n 1 -r + echo >&2 "" + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit_err "Aborted release" + fi +} + +check_on_master() { + if [ $(git rev-parse --abbrev-ref HEAD) != "master" ]; then + exit_err "Not on branch 'master'" fi } @@ -87,10 +118,10 @@ check_version_is_valid() { local version="$1" echo $version | grep -E '^[0-9]*\.[0-9]*\.[0-9]*$' >/dev/null \ - || usage "Invalid format for version: $version" + || exit_err "Invalid format for version: $version" git tag | grep "^$version$" >/dev/null \ - && usage "A tag for this version already exists" + && exit_err "A tag for this version already exists" true #avoid error on last instruction of function (see bash -e) } @@ -101,14 +132,32 @@ check_changelog_is_up_to_date() { local next_release="$(sed '/## *\[.*\]/ !d' CHANGELOG.md | head -n1)" echo "$next_release" | grep "\[$version\]" >/dev/null \ - || usage "$version is not the next release in CHANGELOG.md" + || exit_err "$version is not the next release in CHANGELOG.md" echo "$next_release" | grep UNRELEASED >/dev/null \ - && usage "$version is not released in CHANGELOG.md. Please replace UNRELEASED with the current date" + && exit_err "$version is not released in CHANGELOG.md. Please replace UNRELEASED with the current date" true #avoid error on last instruction of function (see bash -e) } +# Check whether a transaction id is present for all networks and given version. +check_networks_is_up_to_date() { + local version="$1" + + local networks=( + mainnet + preprod + preview + ) + + local networks_file=networks.json + + for network in "${networks[@]}"; do + cat ${networks_file} | jq -e ".\"${network}\".\"${version}\"" > /dev/null \ + || exit_err "Missing transaction id for ${version} on ${network} in ${networks_file}" + done +} + # Prepare helper functions update_cabal_version() { @@ -117,7 +166,7 @@ update_cabal_version() { for file in $cabal_files do - sed -i.bak -e "s,\(^version: *\)[^ ]*,\1$version," $file + sed -i"" -e "s,\(^version: *\)[^ ]*,\1$version," $file done } @@ -125,20 +174,20 @@ update_api_version() { local version="$1" ; shift local api_file=hydra-node/json-schemas/api.yaml - sed -i.bak -e "s,\(version: *\)'.*',\1'$version'," $api_file + sed -i"" -e "s,\(version: *\)'.*',\1'$version'," $api_file } update_tutorial_version() { local version="$1" local tutorial_file=docs/docs/tutorial/index.md - sed -i.bak -e "s,\(hydra/releases/download/)[^/]*,\1$version," $tutorial_file + sed -i"" -e "s,\(version=\).*,\1$version," $tutorial_file } update_demo_version() { local version="$1" ( cd demo - sed -i.bak -e "s,\(ghcr.io/input-output-hk/hydra-[^:]*\):[^[:space:]]*,\1:$version," docker-compose.yaml seed-devnet.sh + sed -i"" -e "s,\(ghcr.io/input-output-hk/hydra-[^:]*\):[^[:space:]]*,\1:$version," docker-compose.yaml seed-devnet.sh ) }