v0.2.0

May 2024 Testnet release of Multi-chain MPC

What's Changed

• mp-eddsa added as a dep by @volovyks in #1
• feat: use unix dependencies where applicable by @itegulov in #3
• README v1 by @volovyks in #13
• feat: create a PoC based on actix actors by @itegulov in #4
• feat: add simple CI by @itegulov in #15
• feat: add integration tests by @itegulov in #17
• feat: add tracing-based logging by @itegulov in #19
• fix: make integration tests work on macos by @itegulov in #20
• feat: add integration tests to CI by @itegulov in #21
• feat: optimize dockerfile by @itegulov in #22
• feat: move away from ractor by @itegulov in #23
• OAuth mock by @volovyks in #24
• OAuth by @volovyks in #26
• Develop -> Main by @volovyks in #25
• feat: add gRPC bindings for GCP by @itegulov in #31
• feat: support loading secret key shares from GCP secret manager by @itegulov in #35
• chore: reduce Docker image size by @miraclx in #38
• docker: quicker CI runs by caching intermediate layers by @miraclx in #39
• fix: run CI on develop by @itegulov in #42
• chore: bump setup-protoc version by @itegulov in #41
• build instractions by @volovyks in #36
• feat: http endpoints + deploy guide by @itegulov in #43
• Transaction creation and new API by @volovyks in #37
• Readme updated by @volovyks in #49
• feat: pull latest block and key nonce by @itegulov in #50
• feat: send txs to rpc by @itegulov in #51
• Daniyar/block hash nonce by @volovyks in #53
• Google PK for signature verification by @volovyks in #40
• Crash fixes by @volovyks in #55
• near crates updated to v0.16.1 by @volovyks in #56
• fix: make audit pass in CI by @itegulov in #58
• Metatransactions by @volovyks in #57
• Real token verification turned on by @volovyks in #60
• feat: send txs to relayer by @itegulov in #59
• change app id by @volovyks in #61
• update-ca-certificates added the Dockerfile by @volovyks in #63
• fix: update certificates in docker image by @itegulov in #62
• Revert "update-ca-certificates added the Dockerfile" by @volovyks in #65
• Internal acc id by @volovyks in #68
• create acc with one transaction by @volovyks in #69
• Added a nix dev env for faster integration test turnaround by @DavidM-D in #67
• Cleaned up the docs by @DavidM-D in #66
• End-to-end tests by @volovyks in #64
• feat: use advanced account creation by @itegulov in #70
• unwraps by @volovyks in #77
• allow cors by @volovyks in #78
• allow all cors by @volovyks in #79
• feat: properly sandboxed integration tests by @itegulov in #71
• feat: integrate with the new relayer api by @itegulov in #82
• fix: generate random oauth tokens for creator registration by @itegulov in #83
• fix: use docker.for.mac.localhost for macos by @itegulov in #87
• feat: add negative integration tests by @itegulov in #85
• allow all cors (permisive) by @volovyks in #90
• chore: update README by @itegulov in #89
• feat: use gcp application default authentication by @itegulov in #95
• chore: Added retry logic by @ChaoticTempest in #86
• API refactoring by @volovyks in #91
• develop -> main by @volovyks in #99
• Optional Account ID in signin flow by @volovyks in #100
• Aud from config by @volovyks in #102
• add same key test added by @volovyks in #105
• Signing node using aggregate signatures by @DavidM-D in #97
• return acc and pk info in signin and new acc flows by @volovyks in #109
• feat: store user keys in GCP Datastore by @itegulov in #103
• fix: various macos issues by @itegulov in #125
• fix: do not unwrap oauth errors by @itegulov in #126
• default acc creator gas updated by @volovyks in #119
• chore: disable ansi codes when in GCP by @itegulov in #128
• chore: ensure signer nodes use random public keys by @itegulov in #127
• New API added to README by @volovyks in #116
• Signature validation using all the keys by @volovyks in #129
• err type added in failed to fetch pk by @volovyks in #130
• fix: disallow test tokens without --test by @itegulov in #133
• chore: suffix secrets and datastore kind with env by @itegulov in #132
• feat: distribute public keys by @ChaoticTempest in #123
• fix: failed broadcast should not fail by @itegulov in #137
• chore: develop -> main, attempt 2 by @itegulov in #138
• Additional loggs in oauth flow by @volovyks in #135
• get_acc_id_from_pk error handling by @volovyks in #140
• Added an optional API key so we can call the mainnet relayer by @DavidM-D in #142
• fix: pass firebase aud id to signer node by @itegulov in #143
• chore: integrate with latest relayer by @ChaoticTempest in #141
• feat: encrypt user credentials in Datastore by @itegulov in #144
• Send user id instead of token to relayer by @volovyks in #148
• yolo by @itegulov in #149
• chore: clarify deploy guide by @itegulov in #151
• chore: pull relayer image from Github Container Registry by @itegulov in #152
• chore: fix logging by @itegulov in #154
• feat: add limited key option by @itegulov in #150
• feat: make add_key accept CreateAccountOptions by @itegulov in #156
• release: fix for near-discovery by @itegulov in #157
• fix: empty method names by @itegulov in #158
• release: hotfix for LAKs by @itegulov in #159
• feat: migrate to testcontainers by @itegulov in #161
• fn renamings by @volovyks in #162
• feat: terraform configuration by @itegulov in #170
• Integration tests instractions updated, workspaces branch updated by @volovyks in #173
• CLI Logs by @volovyks in #174
• fix: add tracing-subscriber to integration test runner by @itegulov in #179
• chore: add test-log to integration tests by @itegulov in #180
• feat: Added rogue key attack mitigation by @ChaoticTempest in #169
• fix: return 200 on the same pk set by @itegulov in #181
• fix: remaining macos issues by @itegulov in #182
• chore: merge terraform configuration to main by @itegulov in #188
• claim_oidc by @volovyks in #177
• feat: enable macos CI by @itegulov in #197
• add_key -> sign endpoint by @volovyks in #189
• infra: feature environments by @itegulov in #195
• fix: refactor integration tests to fix macos issues by @itegulov in #198
• feat: add prometheus metrics by @itegulov in #201
• Enforce FRP for /sign by @volovyks in #196
• infra: tie docker image tags to git commit hash by @itegulov in #208
• chore: enable anyhow backtrace by default by @itegulov in #207
• fix: trigger cache invalidation for delegate actions by @itegulov in #212
• User Credentials FRP turned on by @volovyks in #209
• Add and Delete key actions whitelisted by @volovyks in #213
• feat: rotate node-keys by @ChaoticTempest in #211
• chore: dedup test code by @ChaoticTempest in #216
• chore: cleanup clones by @ChaoticTempest in #217
• Claiming fixes by @volovyks in #221
• chore: Cleanup public key in messages by @ChaoticTempest in #226
• chore: handle json serialization error by @ChaoticTempest in #227
• Claiming flow docs by @volovyks in #225
• fix: make API more uniform by @itegulov in #228
• chore: Added malformed for testing requests that are invalid by @ChaoticTempest in #232
• fix: GHA permissions by @itegulov in #240
• fix: Add 5 retries before moving on to rotate keys by @ChaoticTempest in #239
• Disable mac ci by @ChaoticTempest in #256
• dep fix by @volovyks in #247
• chore: Remove unnecessary dependencies by @ChaoticTempest in #238
• feat: Add OidcToken by @ChaoticTempest in #237
• chore: unified errors by @ChaoticTempest in #245
• fix: make API use hex and transparent structs by @itegulov in #259
• fix: properly handle final execution status by @itegulov in #261
• fix: Add sleep for rotate key test to fix non-determinism with datastore updates by @ChaoticTempest in #262
• chore: use a separate creator account for dev env by @itegulov in #267
• fix: Make OidcVerificationFail unauthorized by @ChaoticTempest in #266
• FAQ mac update by @volovyks in #273
• Signing flow explained in README by @volovyks in #265
• chore: Make new_account request use AccountId instead of String by @ChaoticTempest in #268
• Error messages in 5xx responces are hidden by @volovyks in #272
• Remove CORs TODO by @volovyks in #270
• fix: use borsh-serialized type for sign requests by @itegulov in #275
• feat: support multiple firebase audiences by @ChaoticTempest in #264
• Integration tests refactoring by @volovyks in #276
• Readme fix by @volovyks in #278
• Update issue templates by @trechriron in #280
• Update issue templates by @trechriron in #284
• chore: Removed malformed public key and account type by @ChaoticTempest in #290
• Relayer url and api_key moved to the partner struct, refactoring by @volovyks in #286
• Update issue templates by @trechriron in #293
• chore: Rebase off of latest relayer by @ChaoticTempest in #292
• Atomic account creation by @volovyks in #257
• fix: Log missing Err(_) for GCP and metrics by @ChaoticTempest in #295
• feat: add terraform module for partners by @itegulov in #294
• Main -> Develop (solved conflicts) by @volovyks in #297
• git fix by @volovyks in #299
• chore: main -> develop by @itegulov in #301
• chore: rewrite deploy guide by @itegulov in #302
• feat: decouple Docker management from terraform by @itegulov in #303
• Fix docker image name by @volovyks in #304
• chore: Internalize RwLock into ShiningState by @ChaoticTempest in #305
• chore: improve clone behavior in axum by @ChaoticTempest in #306
• Relayer setup refactored to mach new toml.config approach by @volovyks in #307
• Load Testing (Goose setup, instructions, simple test) by @volovyks in #308
• chore: cleaning up TestContext by @ChaoticTempest in #309
• chore: Moved unnecessary items outside of retry loop by @ChaoticTempest in #311
• fix: integration test not showing up by @ChaoticTempest in #312
• Local OIDC Provider and refactoring by @volovyks in #316
• feat: dedockerize nodes by @ChaoticTempest in #319
• feat: add opentelemetry exporter layer for tracing by @itegulov in #318
• licenses by @volovyks in #323
• workspaces version by @volovyks in #324
• fix: nonce issues by @ChaoticTempest in #310
• new_acc load tests by @volovyks in #325
• feat: multichain key generation and resharing by @itegulov in #313
• remove oidc providers check from signing nodes by @volovyks in #334
• feat: profiling/flamegraph by @ChaoticTempest in #331
• Fixed the nix deps by @DavidM-D in #339
• feat: implement Beaver triple generation by @itegulov in #335
• sandbox readme instructions updated by @volovyks in #344
• feat: use Grafana OTLP collector by @itegulov in #345
• Relayer hack deleted by @volovyks in #347
• Fixed relayer version by @volovyks in #349
• fix: address Beaver triple generation comments by @itegulov in #348
• Redundant contract state deleted by @volovyks in #350
• feat: add tracecontext middleware for axum by @itegulov in #351
• Make the contract build wasm by default by @DavidM-D in #355
• feat: Multichain tests no longer require prebuilding by @ChaoticTempest in #360
• feat: use local Lake Indexer in integration tests by @itegulov in #358
• Internal LB by @volovyks in #321
• feat: implement presignature generation by @itegulov in #342
• Update terraform-dev.yml by @kmaus-near in #362
• Allow all actions in signing nodes by @volovyks in #361
• Do not build Dcoker image in deployment script by @volovyks in #364
• fix: split mainnet and testnet infra by @itegulov in #365
• setting leader node to be accessable to internal traffic only by @kmaus-near in #366
• Kmaus near/change vpc connector by @kmaus-near in #367
• chore: Only run integration tests if specific folders change by @ChaoticTempest in #368
• updated network to us-east1 for mainnet and testnet by @kmaus-near in #369
• fix: use bigger runner for multichain by @itegulov in #370
• chore: cleanup infra by @itegulov in #371
• fix: remove artifact registry by @itegulov in #376
• Terraform prod "env" and docker immage changed by @volovyks in #377
• feat: secure p2p by @ChaoticTempest in #354
• feat: implement signing by @itegulov in #380
• fix: Protocol loop should continue on error by @ChaoticTempest in #387
• fix: ignore RUSTSEC-2023-0071 by @itegulov in #394
• fix: make Lake indexer work with macos by @itegulov in #392
• removed signer node ILBs by @kmaus-near in #397
• chore: structured errors by @ChaoticTempest in #391
• feat: implement terraform for multichain by @itegulov in #390
• fix: decrypt message during joining phase by @itegulov in #399
• fix: Added queue for sending encrypted messages by @ChaoticTempest in #395
• feat: implement key derivation by @itegulov in #402
• fix: testnet rpc url by @itegulov in #404
• feat: add persistent secret storage by @itegulov in #396
• make testnet near_root_account = "testnet" by @ppca in #410
• fix: Format error so context can show full chain by @ChaoticTempest in #408
• Randomly assign triples to a node after creation by @DavidM-D in #412
• chore: cleanup protocol types by @ChaoticTempest in #417
• create terraform for multichain testnet and prod by @ppca in #411
• Determine Participant Id automatically by @volovyks in #400
• chore: Expose root public key in mpc contract by @ChaoticTempest in #421
• differentiate the logging messages by @ppca in #422
• feat: Added the ability to refresh the protocol on failures by @ChaoticTempest in #423
• adding experiment with self calls by @bowenwang1996 in #401
• fix terraform multichain by @ppca in #432
• Use Participants only in a context where they actually exist by @volovyks in #429
• chore: cleanup testing by @ChaoticTempest in #440
• Contract logs by @volovyks in #443
• try fix CI by @ppca in #459
• persist triples by @ppca in #444
• add more info to node state output by @ppca in #450
• Added key versions by @DavidM-D in #453
• fix: start triple generation and presignature generation when #mine < 2 by @ppca in #460
• fix: protocol timeout by @ChaoticTempest in #462
• 5x faster unit test compilation on nix dev env by @DavidM-D in #467
• Removed spurious recompile on integration tests by @DavidM-D in #468
• restore triple/presignature generation condition and optimize triple persistence by @ppca in #466
• chore: Ignore RUSTSEC-2024-0019 by @ChaoticTempest in #472
• GCE Based Multichain by @kmaus-near in #458
• feat: Persist block height by @ChaoticTempest in #465
• fix/test: derive recovery id for same address by @ChaoticTempest in #470
• fix: vm terraform minor fixes by @ppca in #475
• Update multichain-prod.yml by @kmaus-near in #474
• Update multichain-prod.yml by @kmaus-near in #476
• Update multichain-prod.yml by @kmaus-near in #477
• Update multichain-prod.yml by @kmaus-near in #478
• feat: Added stockpiling beaver triples at the start by @ChaoticTempest in #413
• nit: remove excessive logging of gcp by @ppca in #479
• Revert "Removed spurious recompile on integration tests (#468)" by @DavidM-D in #483
• Contract reinit should not be possible by @volovyks in #491
• feat: metrics for node up and signing latency by @ppca in #490
• Added a missing step to the integration tests instructions by @DavidM-D in #495
• feat: Added connection pool for offline participants by @ChaoticTempest in #446
• Feat: added partner code for infrastructure, and updated dev code by @kmaus-near in #493
• feat(partner use): rust script to generate cipher keys by @ppca in #494
• feat: stop infinite loop of triple timeout by adding cache for failed triples by @ppca in #480
• fix: stockpile condition by @ppca in #497
• Keep the build caches between builds by @DavidM-D in #500
• partner deploy: var names for easier onboard by @ppca in #496
• FIX: add cloud nat and router by @kmaus-near in #503
• Remove automatic vote mechanism by @volovyks in #498
• fix: Added max_concurrent_generation for limiting triple timeouts by @ChaoticTempest in #499
• partner: add metrics for latest block height by @ppca in #505
• Make the key version mandatory by @DavidM-D in #509
• Feat: Add multichain env that mirrors partners by @kmaus-near in #511
• Making sure we're not fetching dependencies from the heads of other repos by @DavidM-D in #515
• FIX: remove dev loadbalancer by @kmaus-near in #516
• fix: signature timeout and add triple latency metric by @ppca in #517
• fix: added naive intersection check for bypassing threshold by @ChaoticTempest in #504
• Switched over to a newer version of cait sith by @DavidM-D in #518
• Multichain load tests by @volovyks in #510
• add more metric by @ppca in #519
• No delay experiment by @volovyks in #512
• add tracing for error signature by @ppca in #521
• Contract call limits by @volovyks in #520
• feat: configure presignature generation to limit max supply of presignature by @ChaoticTempest in #507
• fix: protocol too fast and spamming messages by @ChaoticTempest in #522
• add metric for contract version by @ppca in #523
• FIX: update dev env image by @kmaus-near in #532
• fix: Remove ciphertext debug logs spam by @ChaoticTempest in #533
• Check if responder is a participant by @volovyks in #534
• fix: issues with already taken triple and presig by @ChaoticTempest in #535
• add metrics around success rates by @ppca in #530
• modify default timeout for triple = 20 min by @ppca in #537
• fix: triple persistance tests by @ppca in #540
• fix: Make multichain docker image builds in release mode by @ChaoticTempest in #542
• terraform: add tuning perf env params into terraform by @ppca in #541
• Add send_encrypted metric by @ppca in #544
• Request counter by @volovyks in #531
• fix: add multichain_sign_requests_count_mine to correct sign success rate by @ppca in #547
• feat: /msg endpoint now takes vectorized encrypted messages by @ChaoticTempest in #549
• chore: cleanup triple storage and unnecessary clones by @ChaoticTempest in #550
• Added init_running contract function by @volovyks in #536
• fix: broken unit test h2 version by @ppca in #561
• Feat: dev deployment pipeline by @kmaus-near in #557
• Node and contract version metrics by @volovyks in #553
• clear_payloads func by @volovyks in #551
• Feat: Dev Contract deployment automation by @kmaus-near in #562
• Subaccounts for load tests by @volovyks in #552
• vote_kick test by @volovyks in #556
• Make sure when we fail in the busy loop we cleanup by @DavidM-D in #586
• fix: stop infinite process of presignature message missing triples by @ppca in #560
• fix: only retry signature generators with proposer = me by @ppca in #588
• Make sure signing works after resharing by @volovyks in #572
• Lowered the minimum gas limit and upped the depth by @DavidM-D in #589
• FIX: removed workflow automation for mpc cloudrun envs by @kmaus-near in #582
• FIX: Removed old testnet VM instances by @kmaus-near in #584
• feat: separate sign key for signing protocol messages by @ChaoticTempest in #565
• contract: make multichain contract versioned by @ppca in #558
• fix: allow triple memory only by @ChaoticTempest in #594
• fix: possible deadlock in load triple by @ppca in #595
• test: node back online by @ppca in #567
• chore: Made failed generators only get added on self proposers by @ChaoticTempest in #597
• remove infra code for non-vm by @ppca in #600
• Contract API and other functions grouped by @volovyks in #604

Full Changelog: https://github.com/near/mpc-recovery/commits/v0.2.0