Releases · input-output-hk/mithril

04 Jul 15:06

github-actions

2327.0-pre

26f6b8b

Mithril v2327.0-pre Pre-release

Pre-release

What's Changed

Fix curl commands for latest snapshot digest in docs by @jpraynaud in #943
Update Mithril logo by @jpraynaud in #940
Add Certificate list route to aggregator REST API by @jpraynaud in #949
Update dependencies & rotate current doc by @jpraynaud in #950
Ensemble/895/mithril client snapshot commands by @ghubertpalo in #951
Upgrade Rust 1.70.0 by @jpraynaud in #959
Greg/960/refactoring client by @ghubertpalo in #963
Stake distribution client subcommand by @ghubertpalo in #966
899/greg/ete msd command by @ghubertpalo in #968
Fix retrieve open message from correct epoch by @jpraynaud in #964
Fix clean epoch Certifier service by @jpraynaud in #970
Enhance terraform infrastructure by @jpraynaud in #957
Enhance ImmutableDigesterError::NotEnoughImmutable error by @dlachaumepalo in #971
Greg/960/refacto digester by @ghubertpalo in #972
Fix Mithril Client multi-platform test workflow by @jpraynaud in #965
add blog article about new client API by @ghubertpalo in #975
Update Mithril Client documentation by @dlachaumepalo in #974
update client architecture documentation by @ghubertpalo in #976
Fix aggregator SIGNING state dead-loop by @jpraynaud in #985
Fix snapshot download command error with --download-dir option in client by @dlachaumepalo in #981
Update dependencies by @jpraynaud in #990
Upgrade Rust outdated dependencies by @jpraynaud in #992
Greg/967/stake distribution artifact by @ghubertpalo in #980
Upgrade Cardano node to 8.1.1 by @jpraynaud in #997
fix hanging critical error by @ghubertpalo in #996
Add log with node version at startup in aggregator/signer by @dlachaumepalo in #995
Signer deployment model by @jpraynaud in #999
nix: bump crane to fix build. Add basic hydraJobs. by @jbgi in #1002
Uniformise datetime usage by @Alenar in #994
Fix rfc3339 datetime migration by @Alenar in #1005
Update dependencies by @jpraynaud in #1009
Fix master certificate retrieval by @Alenar in #1007
Simplify aggregator integration tests by @Alenar in #1003
Greg/982/refactoring client by @ghubertpalo in #998
Fix flaky end to end tests by @jpraynaud in #977
Fix darwin nix build by @jbgi in #1008
Clean pending_snapshot directory of aggregator by @dlachaumepalo in #1011
Update dependencies by @jpraynaud in #1014
refactor client snapshot download by @ghubertpalo in #1012
Signer deployment model dev blog post by @jpraynaud in #1016
Aggregator Recompute cert hash command by @Alenar in #1013
Implement Mithril Relay in infra by @jpraynaud in #1021
retry when artifact creation failed by @ghubertpalo in #1019
Update openapi spec examples by @dlachaumepalo in #1020
Use cargo-nextest to run test on CI and reenable tests report by @Alenar in #1022
nix: bump nixpkgs to get newer rustc by @jbgi in #1025
Sqlite upgrade and bundling by @Alenar in #1024
Add infrastructure monitoring by @jpraynaud in #1026
Signer verification key discrepancy by @Alenar in #1028
nix: increase cargo verbosity to avoid hitting max-silent-time by @jbgi in #1029

New Contributors

@dlachaumepalo made their first contribution in #971
@jbgi made their first contribution in #1002

Full Changelog: 2321.1...2327.0-pre

Crates Versions

Crate	Version
mithril-aggregator	`0.3.46`
mithril-client	`0.3.14`
mithril-common	`0.2.73`
mithril-signer	`0.2.57`
mithril-stm	`0.2.17`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

jbgi, Alenar, and 3 other contributors

Assets 11

30 May 08:38

github-actions

2321.1

c271d62

Mithril v2321.1

What's Changed

Make doc ci reports & fail if there's an error by @Alenar in #890
add signable builder in signer by @ghubertpalo in #891
Make Artifact usable as trait object by @jpraynaud in #889
Mithril Stake Distribution Signable builder by @jpraynaud in #885
Cardano Immutable Files Full Artifact builder in aggregator by @jpraynaud in #900
Use Signable Builder Service in aggregator by @jpraynaud in #901
Use Signable Builder Service in signer by @jpraynaud in #903
Use Artifact Builder Service in aggregator by @jpraynaud in #906
Handle multiple Signed Entity Types in aggregator/signer runtimes by @jpraynaud in #908
Update dependencies by @jpraynaud in #923
Implement new Stake Distribution computation by @jpraynaud in #921
Implement Artifact routes by @jpraynaud in #924
Fix legacy snapshot routes redirect by @jpraynaud in #926
Add mithril stake distribution to explorer by @Alenar in #928
Fix stake distribution computation for zero stake pools by @jpraynaud in #931
rename signed entity service by @ghubertpalo in #929
Update state machines runtime in Aggregator/Signer by @jpraynaud in #934
Upgrade Cardano node to 8.0.0 by @jpraynaud in #922
Fix open api version by @jpraynaud in #937

Full Changelog: 2318.0...2321.1

Crates Versions

Crate	Version
mithril-aggregator	`0.3.23`
mithril-client	`0.2.22`
mithril-common	`0.2.56`
mithril-signer	`0.2.46`
mithril-stm	`0.2.13`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, jpraynaud, and ghubertpalo

Assets 11

24 May 16:01

github-actions

2321.1-pre

c271d62

Mithril v2321.1-pre Pre-release

Pre-release

What's Changed

Make doc ci reports & fail if there's an error by @Alenar in #890
add signable builder in signer by @ghubertpalo in #891
Make Artifact usable as trait object by @jpraynaud in #889
Mithril Stake Distribution Signable builder by @jpraynaud in #885
Cardano Immutable Files Full Artifact builder in aggregator by @jpraynaud in #900
Use Signable Builder Service in aggregator by @jpraynaud in #901
Use Signable Builder Service in signer by @jpraynaud in #903
Use Artifact Builder Service in aggregator by @jpraynaud in #906
Handle multiple Signed Entity Types in aggregator/signer runtimes by @jpraynaud in #908
Update dependencies by @jpraynaud in #923
Implement new Stake Distribution computation by @jpraynaud in #921
Implement Artifact routes by @jpraynaud in #924
Fix legacy snapshot routes redirect by @jpraynaud in #926
Add mithril stake distribution to explorer by @Alenar in #928
Fix stake distribution computation for zero stake pools by @jpraynaud in #931
rename signed entity service by @ghubertpalo in #929
Update state machines runtime in Aggregator/Signer by @jpraynaud in #934
Upgrade Cardano node to 8.0.0 by @jpraynaud in #922
Fix open api version by @jpraynaud in #937

Full Changelog: 2318.0...2321.1-pre

Crates Versions

Crate	Version
mithril-aggregator	`0.3.23`
mithril-client	`0.2.22`
mithril-common	`0.2.56`
mithril-signer	`0.2.46`
mithril-stm	`0.2.13`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, jpraynaud, and ghubertpalo

Assets 11

24 May 13:19

github-actions

2321.0-pre

f55fc6f

Mithril v2321.0-pre Pre-release

Pre-release

What's Changed

Make doc ci reports & fail if there's an error by @Alenar in #890
add signable builder in signer by @ghubertpalo in #891
Make Artifact usable as trait object by @jpraynaud in #889
Mithril Stake Distribution Signable builder by @jpraynaud in #885
Cardano Immutable Files Full Artifact builder in aggregator by @jpraynaud in #900
Use Signable Builder Service in aggregator by @jpraynaud in #901
Use Signable Builder Service in signer by @jpraynaud in #903
Use Artifact Builder Service in aggregator by @jpraynaud in #906
Handle multiple Signed Entity Types in aggregator/signer runtimes by @jpraynaud in #908
Update dependencies by @jpraynaud in #923
Implement new Stake Distribution computation by @jpraynaud in #921
Implement Artifact routes by @jpraynaud in #924
Fix legacy snapshot routes redirect by @jpraynaud in #926
Add mithril stake distribution to explorer by @Alenar in #928
Fix stake distribution computation for zero stake pools by @jpraynaud in #931
rename signed entity service by @ghubertpalo in #929
Update state machines runtime in Aggregator/Signer by @jpraynaud in #934
Upgrade Cardano node to 8.0.0 by @jpraynaud in #922

Full Changelog: 2318.0...2321.0-pre

Crates Versions

Crate	Version
mithril-aggregator	`0.3.22`
mithril-client	`0.2.21`
mithril-common	`0.2.56`
mithril-signer	`0.2.45`
mithril-stm	`0.2.13`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, jpraynaud, and ghubertpalo

Assets 11

05 May 07:59

github-actions

2318.0

9e5ab51

Mithril v2318.0

What's Changed

Create/Migrate signer store by @jpraynaud in #861
Update dependencies by @jpraynaud in #863
Create/Migrate single_signature store by @jpraynaud in #864
Implement Signable & Artifact Builders by @jpraynaud in #865
Add flake.nix by @manveru in #811
#850 Certifier service by @ghubertpalo in #866
Add open message domain type by @Alenar in #879
Fix Signer Registration Discrepancy by @jpraynaud in #877
Implement Artifact Restorer by @jpraynaud in #875
Update Cardano node to 1.35.7 by @jpraynaud in #882
Update dependencies by @jpraynaud in #883
Cleanup legacy single signature store by @jpraynaud in #884
Mithril Stake Distribution Signable builder in aggregator by @jpraynaud in #867
Greg/852/immutable signable by @ghubertpalo in #886
Mithril Stake Distribution Artifact builder in aggregator by @jpraynaud in #887

New Contributors

@manveru made their first contribution in #811

Full Changelog: 2315.0...2318.0

Crates Versions

Crate	Version
mithril-aggregator	`0.3.8`
mithril-client	`0.2.19`
mithril-common	`0.2.44`
mithril-signer	`0.2.36`
mithril-stm	`0.2.12`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

manveru, Alenar, and 2 other contributors

Assets 11

02 May 09:58

github-actions

2318.0-prerelease

9e5ab51

Mithril v2318.0-prerelease Pre-release

Pre-release

What's Changed

Create/Migrate signer store by @jpraynaud in #861
Update dependencies by @jpraynaud in #863
Create/Migrate single_signature store by @jpraynaud in #864
Implement Signable & Artifact Builders by @jpraynaud in #865
Add flake.nix by @manveru in #811
#850 Certifier service by @ghubertpalo in #866
Add open message domain type by @Alenar in #879
Fix Signer Registration Discrepancy by @jpraynaud in #877
Implement Artifact Restorer by @jpraynaud in #875
Update Cardano node to 1.35.7 by @jpraynaud in #882
Update dependencies by @jpraynaud in #883
Cleanup legacy single signature store by @jpraynaud in #884
Mithril Stake Distribution Signable builder in aggregator by @jpraynaud in #867
Greg/852/immutable signable by @ghubertpalo in #886
Mithril Stake Distribution Artifact builder in aggregator by @jpraynaud in #887

New Contributors

@manveru made their first contribution in #811

Full Changelog: 2315.0...2318.0-prerelease

Crates Versions

Crate	Version
mithril-aggregator	`0.3.8`
mithril-client	`0.2.19`
mithril-common	`0.2.44`
mithril-signer	`0.2.36`
mithril-stm	`0.2.12`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

manveru, Alenar, and 2 other contributors

Assets 11

14 Apr 09:06

github-actions

2315.0

66b7a2e

Mithril v2315.0

What's Changed

823 dependency injection by @ghubertpalo in #836
Create/Migrate epoch settings store by @jpraynaud in #826
Create signed_entity_type store by @jpraynaud in #831
Create/Migrate certificatestore by @jpraynaud in #835
Fix Epoch Setting store panic by @jpraynaud in #841
Update current documentation by @jpraynaud in #842
#827 open message provider & repository by @ghubertpalo in #840
Create/Migrate signer_registration store by @jpraynaud in #838
Remove store retention limit in aggregator infra by @jpraynaud in #845
Update Cardano node to 1.35.6 by @jpraynaud in #844
Update dependencies by @jpraynaud in #855
Fix pruning panic by @jpraynaud in #856
embed beacon in open_message type by @ghubertpalo in #857
Create/Migrate signed_entity store by @jpraynaud in #858
849 - Add ticker service by @ghubertpalo in #860

Full Changelog: 2313.0...2315.0

Crates Versions

Crate	Version
mithril-aggregator	`0.2.50`
mithril-client	`0.2.17`
mithril-common	`0.2.38`
mithril-signer	`0.2.31`
mithril-stm	`0.2.10`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

jpraynaud and ghubertpalo

Assets 11

13 Apr 08:15

github-actions

2315.0-prerelease

66b7a2e

Mithril v2315.0-prerelease Pre-release

Pre-release

What's Changed

823 dependency injection by @ghubertpalo in #836
Create/Migrate epoch settings store by @jpraynaud in #826
Create signed_entity_type store by @jpraynaud in #831
Create/Migrate certificatestore by @jpraynaud in #835
Fix Epoch Setting store panic by @jpraynaud in #841
Update current documentation by @jpraynaud in #842
#827 open message provider & repository by @ghubertpalo in #840
Create/Migrate signer_registration store by @jpraynaud in #838
Remove store retention limit in aggregator infra by @jpraynaud in #845
Update Cardano node to 1.35.6 by @jpraynaud in #844
Update dependencies by @jpraynaud in #855
Fix pruning panic by @jpraynaud in #856
embed beacon in open_message type by @ghubertpalo in #857
Create/Migrate signed_entity store by @jpraynaud in #858
849 - Add ticker service by @ghubertpalo in #860

Full Changelog: 2313.0...2315.0-prerelease

Crates Versions

Crate	Version
mithril-aggregator	`0.2.50`
mithril-client	`0.2.17`
mithril-common	`0.2.38`
mithril-signer	`0.2.31`
mithril-stm	`0.2.10`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

jpraynaud and ghubertpalo

Assets 11

31 Mar 07:57

github-actions

2313.0

b61945b

Mithril v2313.0

What's Changed

Update Era Switch documentation by @jpraynaud in #790
Fix Docker Client crash by @jpraynaud in #792
Fix clippy warnings from Rust 1.68.0 by @jpraynaud in #795
Update dependencies by @jpraynaud in #796
Update dev blog post Era Switch by @jpraynaud in #797
add stake_pool provider by @ghubertpalo in #789
Upgrade VM testing-preview & pre-release-preview networks by @jpraynaud in #802
Update Mithril Client multi-platform test workflow by @jpraynaud in #793
Avoid compute stake distribution multiple times per epoch by @jpraynaud in #805
Add aggregator 'genesis' command doc by @jpraynaud in #806
Update KES by @iquerejeta in #783
Greg/799/pruning by @ghubertpalo in #808
Greg/799/refactor sqlite connection by @ghubertpalo in #809
Fix devnet Genesis Alonzo URL by @jpraynaud in #819
Handle API version with Era Switch by @jpraynaud in #812
Clean Genesis Verification Key by @jpraynaud in #821
#799 stake pool service by @ghubertpalo in #800
Enhance Key Registration errors by @jpraynaud in #822
Update dependencies by @jpraynaud in #830
Update Rust dependencies by @jpraynaud in #832
Cleanup multi-signer by @jpraynaud in #825
Fix mislabeled critical error by @jpraynaud in #833

Full Changelog: 2310.0...2313.0

Crates Versions

Crate	Version
mithril-aggregator	`0.2.38`
mithril-client	`0.2.14`
mithril-common	`0.2.33`
mithril-signer	`0.2.28`
mithril-stm	`0.2.9`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

jpraynaud, iquerejeta, and ghubertpalo

Assets 11

29 Mar 07:55

github-actions

2313.0-prerelease

b61945b

Mithril v2313.0-prerelease Pre-release

Pre-release

What's Changed

Update Era Switch documentation by @jpraynaud in #790
Fix Docker Client crash by @jpraynaud in #792
Fix clippy warnings from Rust 1.68.0 by @jpraynaud in #795
Update dependencies by @jpraynaud in #796
Update dev blog post Era Switch by @jpraynaud in #797
add stake_pool provider by @ghubertpalo in #789
Upgrade VM testing-preview & pre-release-preview networks by @jpraynaud in #802
Update Mithril Client multi-platform test workflow by @jpraynaud in #793
Avoid compute stake distribution multiple times per epoch by @jpraynaud in #805
Add aggregator 'genesis' command doc by @jpraynaud in #806
Update KES by @iquerejeta in #783
Greg/799/pruning by @ghubertpalo in #808
Greg/799/refactor sqlite connection by @ghubertpalo in #809
Fix devnet Genesis Alonzo URL by @jpraynaud in #819
Handle API version with Era Switch by @jpraynaud in #812
Clean Genesis Verification Key by @jpraynaud in #821
#799 stake pool service by @ghubertpalo in #800
Enhance Key Registration errors by @jpraynaud in #822
Update dependencies by @jpraynaud in #830
Update Rust dependencies by @jpraynaud in #832
Cleanup multi-signer by @jpraynaud in #825
Fix mislabeled critical error by @jpraynaud in #833

Full Changelog: 2310.0...2313.0-prerelease

Crates Versions

Crate	Version
mithril-aggregator	`0.2.38`
mithril-client	`0.2.14`
mithril-common	`0.2.33`
mithril-signer	`0.2.28`
mithril-stm	`0.2.9`

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
Step 3: In your terminal, go to the asset folder by running:

cd ***YOUR_ASSET_FOLDER***

Step 4: Then verify the checksum of the asset by running:

sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK

Step 5: Download the public key file from this link gpg-public.key and save it in the same folder as the asset
Step 6: Then import the GPG public key:

gpg --import ./gpg-public.key

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Step 7: Then verify the GPG signature of the checksum file:

gpg --verify ./gpg-public.key ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021

Step 8:
If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

jpraynaud, iquerejeta, and ghubertpalo

Assets 11

Releases: input-output-hk/mithril

Mithril v2327.0-pre

What's Changed

New Contributors

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2321.1

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2321.1-pre

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2321.0-pre

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2318.0

What's Changed

New Contributors

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2318.0-prerelease

What's Changed

New Contributors

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2315.0

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2315.0-prerelease

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2313.0

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors

Mithril v2313.0-prerelease

What's Changed

Crates Versions

Verify the authenticity of a downloaded asset

Contributors