Mithril v2329.0-pre

What's Changed

• Fix documentation by @jpraynaud in #1032
• Fix failing end to end test in Hydra CI by @jpraynaud in #1031
• Remove certificate hash from Artifact by @dlachaumepalo in #1027
• Fix QA issues by @jpraynaud in #1034
• Update dependencies by @jpraynaud in #1036
• Update current documentation by @jpraynaud in #1038
• check epoch when validating certificate chain by @ghubertpalo in #1033
• Update Signer Deployment Models Firewall documentation by @jpraynaud in #1042
• Add monitoring persistent storage by @jpraynaud in #1039
• Fix prometheus infrastructure by @jpraynaud in #1044
• Add created_at field in Mithril Stake Distribution messages by @dlachaumepalo in #1047
• #1023 - fix flaky end-to-end tests by @ghubertpalo in #1050
• Add monitoring loki endpoint by @jpraynaud in #1046
• CI: Build linux binaries using ubuntu 20-04 and add vulnerabilities check by @Alenar in #1043
• Fix dependency-review check when merging to main by @Alenar in #1054
• Factorize crypto operation by @Alenar in #1045
• Add SPO On-boarding Guide by @jpraynaud in #1051
• Aggregator refactoring: services and dependencies container by @ghubertpalo in #1057
• Add run-only option in mithril-end-to-end test by @dlachaumepalo in #1052
• Add min libc version to distribution release note by @Alenar in #1056
• Fix min libc message in distribution release notes by @Alenar in #1059
• Upgrade Rust 1.71.0 by @jpraynaud in #1060
• Tech writing review by @olgahryniuk in #1061
• Add mainnet verification keys & address in infrastructure by @jpraynaud in #1063
• Tech writing review by @olgahryniuk in #1064
• Add release-mainnet deployment to CD by @jpraynaud in #1066

New Contributors

• @olgahryniuk made their first contribution in #1061

Full Changelog: 2327.0...2329.0-pre

Crates Versions

Crate	Version
mithril-aggregator	0.3.53
mithril-client	0.3.20
mithril-common	0.2.79
mithril-signer	0.2.61
mithril-stm	0.2.19

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

• Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
• Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
• Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

• Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

• Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
• Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1

• Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

• there is a line with gpg: Good signature from "Input Output / Mithril <[email protected]>"
• there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

• Step 8:
  If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
  If not, contact us at [[email protected]] and let us know of the outcome of your run of this process ⚠️