Official repository for core projects comprising the Celo platform
APACHE-2.0 License
Bot releases are hidden (Show)
Published by medhakothari almost 4 years ago
This release was published on January 20th, 2021 and includes commits from 6148646a29e5e719df9a1b32d1580ea7e6e61be8
to d532d06f60999e0ed951839cc0cff9e0abf4d505
inclusive. See this blogpost for more details.
Published by medhakothari almost 4 years ago
This release was published on January 20th, 2021 and includes commits from d4ae6eccc2cfc760818b9132a57c6da67c10b561
to d532d06f60999e0ed951839cc0cff9e0abf4d505
inclusive.
Published by AlexBHarley almost 4 years ago
This is a feature release for all validators.
Full documentation is here.
Validator operators are advised to test first on Baklava before deploying changes on Mainnet.
Deploy the Docker image identified as follows:
us.gcr.io/celo-testnet/celo-monorepo:attestation-service-v1.2.0
us.gcr.io/celo-testnet/celo-monorepo@sha256:4416fc61b0941de7f0299fc0ccdb0fe6c47112eb165484b1d6b702fba3e04a4d
Existing configurations should work as is.
Attestation Service 1.2.0 adds support for 8 security codes, this is a quality of life improvement for end users and entails no operational changes.
Relevant pull request #6209
It is recommended that validators sign up and add MessageBird as an additional SMS provider. From internal testing, MessageBird has performed better in some regions than the current providers, notably Ghana (where the network has observed high traffic). It is recommended that validators configure it as one of their SMS_PROVIDERS
and set SMS_PROVIDERS_GH
to use MessageBird first. As more validator adopt the new provider, better recommendations for provider+country performance can be made.
Relevant pull request #5616
Added SMS_PROVIDERS_RANDOMIZED
configuration. This enables randomizing the provider used for an incoming request in the default use-case. The ordered per-country provider lists are never shuffled. This balances the load to all providers so that better data on provider+country success rates can be collected. It is suggested that validators enable this feature.
Relevant pull request #5880
Adding a MAX_AGE_LATEST_BLOCK_SECS
config option which makes the maximum age of the latest block at which the health check fails to be configurable. Previously, we saw issues in baklava where slow blocks were causing spewing of Attestation Service alerts. It is recommended that validators experiencing this issues on baklava to extend the block age.
Relevant pull request #5880
Published by etuleu almost 4 years ago
Just using this to capture changes since 1.7.1 We will probably aggregate all the changes into one release note when this release goes public.
This release was cut from master on December 22, 2020 from https://github.com/celo-org/celo-monorepo/commit/d9cea78963c7a53a53ddf9a49f19dadadb9e5119. See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.7.2
Published by etuleu almost 4 years ago
This is a bug fix release on top of 1.7.0.
This release was cut from master on December 21, 2020 from https://github.com/celo-org/celo-monorepo/commit/51f643db9c05c97f26f91d5920f360f5ff1e0e0b. See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.7.1
Published by etuleu almost 4 years ago
This release is focused on stability. The aim is to minimize crashes and bugs. A few major components such as react native, animation and navigation libraries and hermes-engine have been updated.
This release was cut from master on December 20, 2020 from https://github.com/celo-org/celo-monorepo/commit/296f60860d8d4cd4ebf28a20a401ae30c49b1dfd. No PRs have been cherry-picked. See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.7.0
Published by nambrot almost 4 years ago
This is the second release of the Celo Core Contracts. It follows the release process per the docs.
https://blog.openzeppelin.com/celo-contracts-audit/#phase-5
This release's audit scope will cover the verification tooling that has been built to allow Celo stakeholders to have confidence in the safety and correctness of a Celo Core Contract Upgrade Release Proposal.
After the sizable initial release 1, release 2 is much lighter in scope and reflects the core developer's intention to ship smaller changes more frequently as opposed to fewer, but larger changes.
Signatures.sol
with EIP-712 support #5122:The Signatures
library was updated with EIP-712 support to allow contracts to easily verify EIP-712 signatures. The prime consumer of this new functionality is the MetaTransactionWallet
that was added as part of the audit scope (while not deployed as a Core Contract). As a result, per the versioning docs, this means that consuming contracts (Accounts
, Attestations
, AttestationsTest
, LockedGold
, Escrow
) have been incremented in their patch versions.
SortedOracles
#6125
For the upcoming tBTC integration, SortedOracles
may be reused to report CELO/BTC prices. However reporting might happen on different frequencies, thus this change allows Governance to specify separate expirations for different tokens.
MetaTransactionWallet
#4587As part of fee-less onboarding, also known as Komenci, MetaTransactionWallet
was built to support submitting transactions on behalf of another account. While MetaTransactionWallet
(and MetaTransactionWalletDeployer
) are not a Celo Core Contract
(as they are not owned by Governance), they nonetheless are part of the audit scope and thus will be reflected as part of these release reports.
After cutting for release 2, a bug was reported that under narrow circumstances could allow for a malicious user to vote on the same governance proposal twice. You can find the incident report on the forum. The fix was pulled in to ensure safety after deployment of release 2.
Minor changes have been made, partially in response to an intermediary audit by OpenZeppelin (that will be part of this release's audit report).
Core Contracts:
Accounts
: 1.1.1.0
=> 1.1.1.1
Attestations
: 1.1.1.0
=> 1.1.1.1
AttestationsTest
: 1.1.1.0
=> 1.1.1.1
LockedGold
: 1.1.1.0
=> 1.1.1.1
Escrow
: 1.1.1.0
=> 1.1.1.1
SortedOracles
: 1.1.1.0
=> 1.1.2.0
MetaTransactionWallet
: new 1.1.0.1
MetaTransactionWalletDeployer
: new 1.1.0.0
Libraries:
Signatures
: 1.1.1.0
=> 1.1.2.0
Published by annakaz almost 4 years ago
Relative to the 1.5.5 release, this update includes an improved restore account experience with different languages and adds Australian dollar support. It also addresses bugs causing some crashes on Android.
This release was cut from master on November 25, 2020 from https://github.com/celo-org/celo-monorepo/commit/1275eb0ad85f842c97317925c5402c6eb9dd274dand contains additional cherry-picked commits. See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.6.0
#5862 Add AUD in Valora
#5825 Restore mnemonics in any language if default fails
#5925 Add support for 8 digits verification code (hidden behind a feature flag)
#5941 Update Account Key backup prompt
#5963 Dismiss keyboard on PIN code screen
#5900 Fix Cancel and Edit buttons on withdraw when coming from Deep Link
#5905 Do not update Valora balance if balance query was unsuccessful
#5926 Fix decimals keyboard in some Samsung devices
#5960 Update proguard rules to fix a crash at startup for release builds
#5896 Upgrade react-navigation libraries to fix Android crashes
#5911 Fix yarn dev:ios
with iOS 14 by updating react native cli version
Published by jeanregisser almost 4 years ago
Relative to the 1.3.0 release, this update enables buying cUSD using Simplex, makes verification faster and more reliable, improves deep links handling and includes a "Shake-to-Contact" feature to easily get in touch with our support team. Other improvements include showing the CELO balance in the menu, bug fixes around CELO withdrawal and connectivity issues. It also restricts CP-DOTO for users in the Philippines and Japan.
Note: this release was abandoned and replaced by the v1.5 release. It was never published publicly on the Play Store or App Store.
This release was cut from master on November 5, 2020 from 7bb077594e5b08be6fb646d090f50adb9c528e25.
See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.4.0
Published by i1skn almost 4 years ago
Relative to the 1.4.0 release, this update enables feeless verification. This allows users to verify their phone numbers without paying fees for SMS messages. Also it enables users to invite their friends using Invite functionality and brings redesign to Cash In Cash Out flows.
This release was cut from master on November 10, 2020 from https://github.com/celo-org/celo-monorepo/commit/e7818bf02f376222e1fc98858e1afc9150447288. All subsequent PRs been cherry-picked onto release branch from master. See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.5.0
Published by gnardini almost 4 years ago
The 1.3.0 update saves names from scanned QR codes and shows them on the transaction feed, adds support for push notifications that open an URL and improves the phone verification experience. Other changes include bug fixes around exchanging CELO to avoid failures and connectivity improvements.
This release was cut from master on October 16, 2020 from 57eca5206104e213893dd588276a10c236380591 and contains additional cherry-picked commits.
See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.3.0
Published by YazzyYaz almost 4 years ago
This release was published on October 23rd, 2020 and includes commits from e22f1c02f1d60bae7f12bee0abe3e81e12d244df
to aaaf01be40ba88fe074c4e1410fb7bc3f74c705e
inclusive.
@celo/utils
(0.1.21) & fixes backward compatibility issues from the last releasePublished by YazzyYaz almost 4 years ago
This release was published on October 23rd, 2020 and includes commits from e22f1c02f1d60bae7f12bee0abe3e81e12d244df
to aaaf01be40ba88fe074c4e1410fb7bc3f74c705e
inclusive.
@celo/contractkit
(0.4.17) & fixes backward compatibility issues from the last release--force
with account:claim-attestation-service-url
for non-TLS urls #5599Published by timmoreton about 4 years ago
This is a feature release for all validators.
Full documentation is here.
Validator operators are advised to test first on Baklava before deploying changes on Mainnet.
Deploy the Docker image identified as follows:
Existing configurations should work as is. New configuration options are described in the documentation.
Attestation Service 1.1.0 adds support for security codes. This entails no operational changes.
For clients, the flow is as follows:
/attestations
endpoint with a securityCodePrefix
parameter (whose value is a single digit number intended to allow the client to disambiguate different senders) and an optional language
parameter.securityCode
parameter to the /get_attestations
endpoint. If the security code supplied is as recorded, the attestation service response will include the signed attestation message.Published by medhakothari about 4 years ago
This release was published on October 23rd, 2020 and includes commits from 49ea377cd99c7d9baaa902a10bbe1db4aa04ddc6
to fb4ea1e5dc1891a996f40a4865f38ddeb10da61b
inclusive.
jsonTransactions
flag to governance:show
for use in the (contract release process)[https://docs.celo.org/community/release-process/smart-contracts] - ( #5111 )Published by medhakothari about 4 years ago
This release was published on October 23rd, 2020 and includes commits from 49ea377cd99c7d9baaa902a10bbe1db4aa04ddc6
to 7e8622f10cda8452b9639419037641eea3b2d394
inclusive.
signTypedData
across all different wallets/signers - #5311
AwsHsmSigner
and AwsHsmWallet
moved from default exports to named exports - #5337
PROXY_SET_IMPLEMENTATION_SIGNATURE
- #5111
Published by tarikbellamine about 4 years ago
Relative to the 1.1.0 release, this update improves the verification experience by allowing the user to request more invite codes, adds more information about withdrawals to the "Add and Withdraw" screen, and improves the design of the home transaction feed. Other improvements include bug fixes around restoring accounts with non-English Account Keys, withdrawing CELO, and the phone number verification process.
This release was cut from master on September 28, 2020 from 5b949c6dbbe6ce6f5ba9d46ff77609f1db0defeb and contains additional cherry-picked commits.
See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.2.0
Published by timmoreton about 4 years ago
This is a feature release targeted at operators running multiple validators. Other validators need not upgrade.
Full documentation is here.
Validator operators are advised to test first on Baklava before deploying changes on Mainnet.
Deploy the Docker image identified as follows:
Existing configurations should work as is. New configuration options are described in the documentation.
Deployments of multiple Attestation Service instances sharing a single database are now supported and the documentation has been updated. All delivery state is now persisted in the database, so an SMS can be sent by one instance, and an other instance can receive a matching delivery status failure and proceed to retry.
The test attestation endpoint now accepts provider
parameter to force provider to test:
tim@Tims-MacBook-Pro attestation-service % curl -H "Content-Type: application/json" -d '{ "phoneNumber":"+1415xxxxxxx","message":"hello","signature":"", "provider":"nexmo"}' localhost:3000/test_attestations
{"success":true,"identifier":"0xfc992dad242cca0dd8607aad3cab6ff4e2f9e47b0cd5c34df1ca19d7d641a373","account":"0xxxx","issuer":"0xxxx","attempt":0,"countryCode":"US","status":"Sent","salt":"9f68a7c35c9d2b04cbb39a714096d66c927132edb72f4be93dd92b919c8db47a","provider":"nexmo"}
It also randomly generates a "salt" so that tests can be stored alongside regular attestations in the database, so they can share more code and be accessible via get_attestations
.
A requester can make the same attestation request again, which now has the effect of assuming the previous send failed (even if a delivery receipt was received indicating the send was successful. If there are additional retries available, the next provider is selected, and another SMS is sent. If no retries are available, the endpoint returns 422
.
A new endpoint /get_attestations
allows the original requester to retrieve delivery info.
The celocli identity:test-attestation-service
command in its next release will also use the /get_attestations
endpoint to await a delivery receipt, so that validators have another way of testing that receipts are configured correctly.
tim@Tims-MacBook-Pro attestation-service % curl -i -H "Content-Type: application/json" 'localhost:3000/get_attestations?account=0xxxx&issuer=0xxxx&phoneNumber=%2B1415xxxxxxx&salt=9f68a7c35c9d2b04cbb39a714096d66c927132edb72f4be93dd92b919c8db47a'
HTTP/1.1 200 OK
X-Powered-By: Express
X-Request-Id: ba5f9a0c-dc47-40dd-a6b9-df8c2b31caeb
X-RateLimit-Limit: 50
X-RateLimit-Remaining: 48
Date: Tue, 08 Sep 2020 23:01:13 GMT
X-RateLimit-Reset: 1599606076
Content-Type: application/json; charset=utf-8
Content-Length: 278
ETag: W/"116-lQIpekV90rYPlJEkNfRYo95+NcA"
Connection: keep-alive
{"success":true,"identifier":"0xfc992dad242cca0dd8607aad3cab6ff4e2f9e47b0cd5c34df1ca19d7d641a373","account":"0xxxx","issuer":"0xxxx","attempt":0,"countryCode":"US","status":"Delivered","provider":"nexmo","duration":2274}
Delivery info includes time taken to final delivery success or failure, in ms.
Delivery attempts are now striped across providers, i.e try other provider next before retry with same provider. The default config has been fixed to refer to the MAX_DELIVERY_ATTEMPTS
setting.
If an attestation is not found on-chain, the request retries up to 10 secs to avoid the case where the full node is running behind a block or two (not if the attestation is found on-chain but is complete)
A new metric attestation_service_healthy
for overall service health has been added. It is strongly recommended to monitor this metric.
A new metric attestation_requests_rerequest
counts re-requests.
Metrics attestation_requests_believed_delivered_sms
and attestation_requests_failed_to_deliver_sms
have been fixed.
DB_RECORD_EXPIRY_MINS
to set db record expiry, and now done on a timer, not when attestations happenNODE_ENV=dev
allows signature and other checks to be skipped (do not run in production)Published by nambrot about 4 years ago
As the first upgrade to the Celo core smart contracts, this release debuts a new release process that will enable the community to translate governance proposals and CIPs into actual changes on mainnet.
https://blog.openzeppelin.com/celo-contracts-audit/#phase-3
OpenZeppelin audited all core Celo contracts and found no “critical” or “high” severity issues. Three “medium” issues were found in contracts outside the scope of this release. One was in TransferWhitelist which has been obsolete since CELO transfers were enabled and two were in MetaTransactionWallet which is not set for release. The remaining “light” recommendations included using SafeMath everywhere, keeping interfaces perfectly consistent with their implementations, and updating all native transfer operations to be fully compatible with the Istanbul fork. Some “light” suggestions have been left unaddressed to maintain backwards compatibility. For example, the reentrancy guard could be made more gas efficient but it would require redeploying all proxy contracts.
#3806 Slot-based downtime slashing
The existing mechanism for verifying that a validator should be slashed for downtime costs excessive gas to execute when the downtime interval is sufficiently large and can even exceed the block gas limit (#3664). To fix this, the DowntimeSlasher contract now verifies downtime in ‘slots’ rather than a single large interval. This allows verification to be split up into multiple transactions, avoiding the block gas limit.
#4461 Wiggle Room for validator LockedGold requirements
Voting with CELO in the LockedGold contract can lead to a 1 wei rounding error (#3843). This has presented a problem for validators who lock up and vote with exactly 10k CELO, and then find themselves 1 wei short of the staking requirement. Furthermore, groups that are short of the staking requirement may not distribute epoch rewards (#3959). To resolve this, the Validators contract has added ‘wiggle room’ of 10 wei to the staking requirement.
#4298 Allow signer to withdraw attestation fees
Previously, fees earned by running the attestations service could only be withdrawn from the Attestations contract by the validator address that earned them. In many cases, this address is a ReleaseGold contract that has no function for withdrawing from the Attestations contract, leaving validators unable to withdraw their attestation fees (#4296). To resolve this, the withdrawal
function has been modified to be called by the attestation signer address, which is an externally owned account controlled by the validator.
#4580 Add sell/buy functions to Exchange.sol
Replaces the exchange(...) function with buy(..., maxPrice) and sell(..., minPrice). Previously, the exchange(...) function only allowed you to set a minimum price and had the same functionality as sell(...).
Related CIP: celo-org/celo-proposals#26
#4583 Allow transferring of attestations
Enables the transfer of phone number attestations to a new address. A new mapping is added to the Attestations contract that records transfer approvals. Users write to this mapping to approve the transfer of their phone number attestations to a new address, and that new address can then complete the approved attestations transfer to assume the user’s phone number.
Also included in this release are many small changes such as the addition of several require(...) statements to improve input verification, and the removal of unnecessary imports. Some contracts were extended to include a getVersionNumber(...) function in order to support the new versioning scheme.
Published by jeanregisser about 4 years ago
Relative to the 1.0.1 release, this update improves the verification experience, reduces the invite code redemption time, adds a daily limit to CELO withdrawals, supports BRL and CVE currencies and includes redesigned DAppKit screens. Other improvements include bug fixes around payment requests, p2p discovery of full nodes, better performance in Data Saver mode and better Spanish translations.
This release was cut from master on September 3, 2020 from 861fae182457b0c029808ec7cc64fd9958f30f14 and contains additional cherry-picked commits.
See release branch: https://github.com/celo-org/celo-monorepo/tree/release/wallet/1.1.0