Skip to content

Releases: input-output-hk/mithril

Mithril v2428.0-pre

11 Jul 08:14
@github-actions github-actions
2428.0-pre
6756b0f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2428.0-pre Pre-release
Pre-release

Highlights

  • Support for Cardano node 9.0.0.
  • Database cleanup and optimization once per epoch.
  • Bug fixes and performance improvements.

What's Changed

  • Remove manual workflow step for old snapshot commands availability by @dlachaume in #1734
  • Fix: make prover not certify transactions stored but not certified yet by @jpraynaud in #1721
  • Add Makefiles to facilitate the update of www and www-test dependencies by @dlachaume in #1735
  • Add tooling to verify example conformity in openapi.yaml by @sfauvel in #1728
  • Refactor timepoint retrieval & conversion to signed entities by @Alenar in #1736
  • feat(tls): Allow the underlying TLS implementation to be selected by feature flags. by @stevenj in #1738
  • Update CHANGELOG with 2423.0 distribution release by @jpraynaud in #1733
  • docs: add missing pre-requisites for building crates by @jpraynaud in #1740
  • Remove bottleneck in proof generation of Merkle map by @jpraynaud in #1739
  • Sqlite auto rollback by @Alenar in #1742
  • Rotate documentation for 2423 distribution by @jpraynaud in #1732
  • Update CHANGELOG with 2423.0 distribution release by @jpraynaud in #1745
  • Dev blog post for removed snapshot command in client CLI by @jpraynaud in #1746
  • Implement pooled resource item reset when given back by @jpraynaud in #1744
  • Handle rollbacks when reading blocks from the chain by @Alenar in #1748
  • fix: clippy warnings with Rust 1.79.0 by @jpraynaud in #1749
  • Signed entity lock mechanism by @Alenar in #1758
  • Use macOS-arm64 runner in CI by @dlachaume in #1752
  • Fix macOS-arm64 architecture value from lowercase to uppercase in CI by @dlachaume in #1759
  • Upgrade doc dependencies by @dlachaume in #1764
  • Warmup/Preload cardano transactions & block range roots by @Alenar in #1763
  • Upgrade mithril-explorer, www and www-test dependencies by @dlachaume in #1765
  • Upgrade project dependencies by @dlachaume in #1768
  • Add Mithril Threat Model page on website by @jpraynaud in #1726
  • Import transactions in sequence on signer by @Alenar in #1769
  • Implement database connection pooling for Cardano transaction store by @jpraynaud in #1761
  • Only save rust cache on main branch by @Alenar in #1770
  • Add missing pre-requisites to build WASM client by @dlachaume in #1772
  • Ensure validation of transaction hashes to provide to the prover by @dlachaume in #1774
  • Vacuum sqlite database at startup & after transactions preload by @Alenar in #1771
  • Add MSYS2 building instructions by @jasagredo in #1773
  • Use a macro to limit error in default configuration by @sfauvel in #1778
  • Fix #1762: CardanoTransactionSnapshot block number is not certified by @Alenar in #1779
  • Fix: avoid iterator copy in BlockRangeRootRetriever by @jpraynaud in #1780
  • Import Cardano transactions with Pallas chain reader by @jpraynaud in #1747
  • Fix aggregator Cardano transaction prover benchmark tool by @jpraynaud in #1790
  • Conditional embedding cardano cli in docker image by @sfauvel in #1789
  • Fix sanchonet blocks parsing by @jpraynaud in #1794
  • Upkeep service for aggregator & signer by @Alenar in #1791
  • Support Cardano node 8.12.2 by @jpraynaud in #1788
  • Fix: aggregator and signer blocked during Cardano transactions import by @jpraynaud in #1798
  • Fix: Support Cardano 8.12 by @jpraynaud in #1799
  • Bugfix: Can't generate proof for transactions on the last signed block number by @Alenar in #1795
  • Preload Cardano transactions based on Aggregator's Signing Capability by @dlachaume in #1796
  • Fix explorer crash when proving transaction & enhance mithril-client error by @Alenar in #1800
  • Standardize code formatting in repository by @dlachaume in #1783
  • Fix: avoid pool acquire timeout during Cardano transaction prover cache computation by @jpraynaud in #1801
  • UpkeepService tests flakiness by @Alenar in #1802
  • Refactor: Cardano node configuration in infra by @jpraynaud in #1806
  • Support Cardano node 9.0.0 by @jpraynaud in #1809
  • Remove call to chain observer on pending certificate route by @sfauvel in #1808
  • Update CHANGELOG with 2428 distribution release by @jpraynaud in #1812
  • Upgrade dependencies by @jpraynaud in #1811

New Contributors

Full Changelog: 2423.0...2428.0-pre

Crates Versions

Crate Version
mithril-aggregator 0.5.40
mithril-client 0.8.7
mithril-client-cli 0.9.6
mithril-client-wasm 0.3.7
mithril-common 0.4.29
mithril-signer 0.2.161
mithril-stm 0.3.24

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️...
Read more

Contributors

stevenj, Alenar, and 4 other contributors
Loading

Mithril v2423.0

12 Jun 07:56
@github-actions github-actions
2423.0
665621d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2423.0

Highlights:

  • 🔥 BREAKING changes in Mithril client CLI:
    • The deprecated snapshot command has been removed.
    • It has been superseded by the cardano-db command.
  • Bug fixes and optimizations.

What's Changed

Full Changelog: 2418.1...2423.0

Crates Versions

Crate Version
mithril-aggregator 0.5.16
mithril-client 0.8.3
mithril-client-cli 0.9.2
mithril-client-wasm 0.3.3
mithril-common 0.4.13
mithril-signer 0.2.141
mithril-stm 0.3.22

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 4 other contributors
Loading

Mithril v2423.0-pre

06 Jun 08:36
@github-actions github-actions
2423.0-pre
665621d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2423.0-pre Pre-release
Pre-release

Highlights:

  • 🔥 BREAKING changes in Mithril client CLI:
    • The deprecated snapshot command has been removed.
    • It has been superseded by the cardano-db command.
  • Bug fixes and optimizations.

What's Changed

Full Changelog: 2418.1...2423.0-pre

Crates Versions

Crate Version
mithril-aggregator 0.5.16
mithril-client 0.8.3
mithril-client-cli 0.9.2
mithril-client-wasm 0.3.3
mithril-common 0.4.13
mithril-signer 0.2.141
mithril-stm 0.3.22

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 4 other contributors
Loading

Mithril v2418.1

13 May 09:20
@github-actions github-actions
2418.1
512fe8d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2418.1

Highlights:

  • ⚠️ BREAKING changes in Mithril client / Mithril client CLI:
    • Certificate chain structure has been modified to remove coupling with immutable file number.
    • Client must be updated to verify certificate chain.
  • Switched memory allocator to jemallocator on signer and aggregator to avoid memory fragmentation.
  • Always enabled BLST portable feature for runtime check of intel ADX instruction set.

What's Changed

Full Changelog: 2412.0...2418.1

Crates Versions

Crate Version
mithril-aggregator 0.5.0
mithril-client 0.8.0
mithril-client-cli 0.8.0
mithril-client-wasm 0.3.0
mithril-common 0.4.0
mithril-signer 0.2.130
mithril-stm 0.3.19

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 2 other contributors
Loading

Mithril v2418.1-pre

30 Apr 08:16
@github-actions github-actions
2418.1-pre
512fe8d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2418.1-pre Pre-release
Pre-release

Highlights:

  • ⚠️ BREAKING changes in Mithril client / Mithril client CLI:
    • Certificate chain structure has been modified to remove coupling with immutable file number.
    • Client must be updated to verify certificate chain.
  • Switched memory allocator to jemallocator on signer and aggregator to avoid memory fragmentation.
  • Always enabled BLST portable feature for runtime check of intel ADX instruction set.

What's Changed

Full Changelog: 2412.0...2418.1-pre

Crates Versions

Crate Version
mithril-aggregator 0.5.0
mithril-client 0.8.0
mithril-client-cli 0.8.0
mithril-client-wasm 0.3.0
mithril-common 0.4.0
mithril-signer 0.2.130
mithril-stm 0.3.19

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 2 other contributors
Loading

Mithril v2418.0-pre

29 Apr 13:09
@github-actions github-actions
2418.0-pre
dd881df
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2418.0-pre Pre-release
Pre-release

Highlights:

  • ⚠️ BREAKING changes in Mithril client / Mithril client CLI:
    • Certificate chain structure has been modified to remove coupling with immutable file number.
    • Client must be updated to verify certificate chain.
  • Switched memory allocator to jemallocator on signer and aggregator to avoid memory fragmentation.
  • Always enabled BLST portable feature for runtime check of intel ADX instruction set.

What's Changed

Full Changelog: 2412.0...2418.0-pre

Crates Versions

Crate Version
mithril-aggregator 0.4.66
mithril-client 0.7.4
mithril-client-cli 0.7.12
mithril-client-wasm 0.2.6
mithril-common 0.3.36
mithril-signer 0.2.130
mithril-stm 0.3.19

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 2 other contributors
Loading

Mithril v2412.0

26 Mar 13:48
@github-actions github-actions
2412.0
2e462c0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2412.0

Highlights

  • ⚠️ Deprecated 'snapshot' command in the Mithril client CLI:
    • Renamed to cardano-db snapshot.
    • Will be removed in a near future.
  • Support for Prometheus endpoint for metrics in signer (setup guide).
  • Full support for chain observer with Pallas in signer and aggregator.
  • Support for Cardano node 8.9.0 in the signer and the aggregator.
  • Bug fixes and performance improvements.

What's Changed

  • Adapt multi platform test for Cardano transactions by @dlachaumepalo in #1518
  • Fix end to end test flakiness in CI by @jpraynaud in #1486
  • Rotate documentation by @dlachaumepalo in #1527
  • Unified temp dir builder by @Alenar in #1529
  • Add dev blog post for mithril-client-cli output update by @dlachaumepalo in #1532
  • Add runbook for 'Mithril client multi-platform test' by @dlachaumepalo in #1534
  • Fix runbook broken link by @dlachaumepalo in #1539
  • Document Mithril signer footprint in SPO Setup guide by @jpraynaud in #1538
  • Reorganize crates by @Alenar in #1540
  • Stabilize namings cardano transactions by @dlachaumepalo in #1542
  • Improve aggregator HTTP server tests by @dlachaumepalo in #1543
  • Activate metrics endpoint on signer by @jpraynaud in #1544
  • Upgrade dependencies by @dlachaumepalo in #1547
  • Fix signature related metrics name in signer by @jpraynaud in #1548
  • Add new npm package step dedicated to release process (latest tag) by @dlachaumepalo in #1545
  • Replacement of serde_cbor dependency by ciborium dependency by @dlachaumepalo in #1549
  • Send aggregator logs in the right output (stdout / stderr) by @dlachaumepalo in #1550
  • Support download binaries for macOS in E2E test by @dlachaumepalo in #1551
  • Cardano Transactions Snapshots/Certification in explorer by @Alenar in #1553
  • Fix parsing Cardano Conway transactions from immutable files by @jpraynaud in #1563
  • feat: implement and calculate the current key period using pallas by @falcucci in #1541
  • Enhance Cardano transaction part in mithril-client-wasm/www by @dlachaumepalo in #1555
  • Use pallas hardano transactions parser by @sfauvel in #1564
  • Reduce Prometheus scrape interval in infra by @jpraynaud in #1565
  • Handle pallas-hardano parsing errors by @dlachaumepalo in #1566
  • Fix E2E flakiness when transferring funds by @jpraynaud in #1568
  • Explorer: Improve Cardano Transaction Certification & Certificate Chain Validation UI by @Alenar in #1569
  • Rename moria Discord channel to ask-mithril by @jpraynaud in #1574
  • Support Cardano node 8.9.0 by @jpraynaud in #1509
  • Fix Cardano configurations in infra by @jpraynaud in #1575
  • Provide latest immutable file number with certified ctx by @sfauvel in #1571
  • feat: refactor get_kes_period to create isolated new queries by @falcucci in #1576
  • Fix SPO on-boarding guide by @jpraynaud in #1579
  • Fix minimum Squid version in SPO guide by @jpraynaud in #1580
  • Add ssh key by @sfauvel in #1578
  • Accept existing but empty db dir for client-cli cardano-db download by @Alenar in #1581
  • Implement Block range merkelization for Cardano transactions by @jpraynaud in #1560
  • Establish a more explicit security policy by @ch1bo in #1582
  • Upgrade dependencies by @jpraynaud in #1584

New Contributors

Full Changelog: 2408.0...2412.0

Crates Versions

Crate Version
mithril-aggregator 0.4.49
mithril-client 0.6.9
mithril-client-cli 0.7.6
mithril-client-wasm 0.2.5
mithril-common 0.3.21
mithril-signer 0.2.116
mithril-stm 0.3.17

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 4 other contributors
Loading

Mithril v2412.0-pre

22 Mar 13:31
@github-actions github-actions
2412.0-pre
2e462c0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2412.0-pre Pre-release
Pre-release

Highlights

  • ⚠️ Deprecated 'snapshot' command in the Mithril client CLI:
    • Renamed to cardano-db snapshot.
    • Will be removed in a near future.
  • Support for Prometheus endpoint for metrics in signer (setup guide).
  • Full support for chain observer with Pallas in signer and aggregator.
  • Support for Cardano node 8.9.0 in the signer and the aggregator.
  • Bug fixes and performance improvements.

What's Changed

  • Adapt multi platform test for Cardano transactions by @dlachaumepalo in #1518
  • Fix end to end test flakiness in CI by @jpraynaud in #1486
  • Rotate documentation by @dlachaumepalo in #1527
  • Unified temp dir builder by @Alenar in #1529
  • Add dev blog post for mithril-client-cli output update by @dlachaumepalo in #1532
  • Add runbook for 'Mithril client multi-platform test' by @dlachaumepalo in #1534
  • Fix runbook broken link by @dlachaumepalo in #1539
  • Document Mithril signer footprint in SPO Setup guide by @jpraynaud in #1538
  • Reorganize crates by @Alenar in #1540
  • Stabilize namings cardano transactions by @dlachaumepalo in #1542
  • Improve aggregator HTTP server tests by @dlachaumepalo in #1543
  • Activate metrics endpoint on signer by @jpraynaud in #1544
  • Upgrade dependencies by @dlachaumepalo in #1547
  • Fix signature related metrics name in signer by @jpraynaud in #1548
  • Add new npm package step dedicated to release process (latest tag) by @dlachaumepalo in #1545
  • Replacement of serde_cbor dependency by ciborium dependency by @dlachaumepalo in #1549
  • Send aggregator logs in the right output (stdout / stderr) by @dlachaumepalo in #1550
  • Support download binaries for macOS in E2E test by @dlachaumepalo in #1551
  • Cardano Transactions Snapshots/Certification in explorer by @Alenar in #1553
  • Fix parsing Cardano Conway transactions from immutable files by @jpraynaud in #1563
  • feat: implement and calculate the current key period using pallas by @falcucci in #1541
  • Enhance Cardano transaction part in mithril-client-wasm/www by @dlachaumepalo in #1555
  • Use pallas hardano transactions parser by @sfauvel in #1564
  • Reduce Prometheus scrape interval in infra by @jpraynaud in #1565
  • Handle pallas-hardano parsing errors by @dlachaumepalo in #1566
  • Fix E2E flakiness when transferring funds by @jpraynaud in #1568
  • Explorer: Improve Cardano Transaction Certification & Certificate Chain Validation UI by @Alenar in #1569
  • Rename moria Discord channel to ask-mithril by @jpraynaud in #1574
  • Support Cardano node 8.9.0 by @jpraynaud in #1509
  • Fix Cardano configurations in infra by @jpraynaud in #1575
  • Provide latest immutable file number with certified ctx by @sfauvel in #1571
  • feat: refactor get_kes_period to create isolated new queries by @falcucci in #1576
  • Fix SPO on-boarding guide by @jpraynaud in #1579
  • Fix minimum Squid version in SPO guide by @jpraynaud in #1580
  • Add ssh key by @sfauvel in #1578
  • Accept existing but empty db dir for client-cli cardano-db download by @Alenar in #1581
  • Implement Block range merkelization for Cardano transactions by @jpraynaud in #1560
  • Establish a more explicit security policy by @ch1bo in #1582
  • Upgrade dependencies by @jpraynaud in #1584

New Contributors

Full Changelog: 2408.0...2412.0-pre

Crates Versions

Crate Version
mithril-aggregator 0.4.49
mithril-client 0.6.9
mithril-client-cli 0.7.6
mithril-client-wasm 0.2.5
mithril-common 0.3.21
mithril-signer 0.2.116
mithril-stm 0.3.17

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 4 other contributors
Loading

Mithril v2408.0

26 Feb 13:46
@github-actions github-actions
2408.0
5afc6fc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2408.0

Highlights

  • ⚠️ Breaking change introduced in the Mithril client CLI: the logs output are switched from stdout to stderr from version 0.7.0.
  • Support for stake distribution and Mithril era markers retrieval in the Pallas chain observer in signer and aggregator.
  • Enhanced support for Conway era and Sanchonet network.
  • Bug fixes and performance improvements.

What's Changed

  • Fix npm authentication to registry in CI by @jpraynaud in #1448
  • Fix mithril-client wasm basic JS code example by @dlachaumepalo in #1449
  • Specify explicitly permissions for prerelease creation by @Alenar in #1452
  • Rotate current documentation by @dlachaumepalo in #1446
  • Increment mithril-client-wasm version for npm publish by @dlachaumepalo in #1453
  • Add dev blog post to announce Mithril client npm package by @jpraynaud in #1454
  • Gather and store Cardano transactions from immutable files by @jpraynaud in #1451
  • Fix npm badge in mithril-client-wasm README files by @dlachaumepalo in #1458
  • Compute message to sign for Cardano transactions by @jpraynaud in #1455
  • Fix missing test data in nix flake build by @jpraynaud in #1461
  • Enhance end to end test for Cardano hard forks by @jpraynaud in #1459
  • Fix building mithril-common with some features and targets combinatory by @Alenar in #1463
  • Failed end to end tests artifact names by @jpraynaud in #1472
  • List immutables resilience by @Alenar in #1465
  • Implement CardanoTransactions proof generation route in aggregator by @jpraynaud in #1473
  • Add mithril-client-wasm tests in multi platform test by @dlachaumepalo in #1462
  • Clean www/ directory by @dlachaumepalo in #1477
  • Update dependencies by @Alenar in #1476
  • Implement CardanoTransactions artifact routes in aggregator by @jpraynaud in #1479
  • Certificate hash in transaction set message by @Alenar in #1485
  • More explicit error message when db dir is not writable by @abailly-iohk in #1483
  • Remove http from dependencies by @Alenar in #1490
  • Support Sanchonet Cardano network by @jpraynaud in #1384
  • Add Cardano transactions proofs support to mithril-client by @Alenar in #1489
  • Fix clippy lint from rust 1.76 by @Alenar in #1493
  • Sfa/improve signed entity test by @sfauvel in #1460
  • Add dev blog post announcing testing-sanchonet network by @jpraynaud in #1491
  • Minor adjustments to generic identifier descriptions by @olgahryniuk in #1498
  • Extract persistence related code to a new shared crate by @Alenar in #1494
  • get datums using pallas observer by @falcucci in #1403
  • Cardano transaction sets & proof in client cli by @Alenar in #1501
  • Update Mithril architecture documentation by @jpraynaud in #1499
  • Fix clippy warning in common when using only fs flag by @Alenar in #1504
  • Upgrade Cardano configurations in infra by @jpraynaud in #1505
  • Add signing capabilities to aggregator root route by @dlachaumepalo in #1506
  • Update SPO-on-boarding-guide.md, it's not required (anymore?) to run … by @brouwerQ in #1507
  • Add example crate for Cardano transactions by @dlachaumepalo in #1511
  • Generate documentation on module command lines by @sfauvel in #1424
  • Implement Cardano transactions verification in mithril-client-wasm by @dlachaumepalo in #1512
  • Mithril client CLI: fix remove archive directory by @dlachaumepalo in #1517
  • Enhance client-cli standard output by @Alenar in #1516
  • add pallas stake snapshots integration by @falcucci in #1513
  • CI: Upgrade actions by @Alenar in #1521
  • Fix update_release action version in CI by @Alenar in #1525
  • Upgrade mithril-client-wasm minor version to 0.2.0 by @dlachaumepalo in #1526

New Contributors

Full Changelog: 2403.1...2408.0

Crates Versions

Crate Version
mithril-aggregator 0.4.39
mithril-client 0.6.4
mithril-client-cli 0.7.0
mithril-client-wasm 0.2.0
mithril-common 0.3.7
mithril-signer 0.2.109
mithril-stm 0.3.15

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 5 other contributors
Loading

Mithril v2408.0-pre

23 Feb 09:52
@github-actions github-actions
2408.0-pre
5afc6fc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Mithril v2408.0-pre Pre-release
Pre-release

Highlights

  • ⚠️ Breaking change introduced in the Mithril client CLI: the logs output are switched from stdout to stderr from version 0.7.0.
  • Support for stake distribution and Mithril era markers retrieval in the Pallas chain observer in signer and aggregator.
  • Enhanced support for Conway era and Sanchonet network.
  • Bug fixes and performance improvements.

What's Changed

  • Fix npm authentication to registry in CI by @jpraynaud in #1448
  • Fix mithril-client wasm basic JS code example by @dlachaumepalo in #1449
  • Specify explicitly permissions for prerelease creation by @Alenar in #1452
  • Rotate current documentation by @dlachaumepalo in #1446
  • Increment mithril-client-wasm version for npm publish by @dlachaumepalo in #1453
  • Add dev blog post to announce Mithril client npm package by @jpraynaud in #1454
  • Gather and store Cardano transactions from immutable files by @jpraynaud in #1451
  • Fix npm badge in mithril-client-wasm README files by @dlachaumepalo in #1458
  • Compute message to sign for Cardano transactions by @jpraynaud in #1455
  • Fix missing test data in nix flake build by @jpraynaud in #1461
  • Enhance end to end test for Cardano hard forks by @jpraynaud in #1459
  • Fix building mithril-common with some features and targets combinatory by @Alenar in #1463
  • Failed end to end tests artifact names by @jpraynaud in #1472
  • List immutables resilience by @Alenar in #1465
  • Implement CardanoTransactions proof generation route in aggregator by @jpraynaud in #1473
  • Add mithril-client-wasm tests in multi platform test by @dlachaumepalo in #1462
  • Clean www/ directory by @dlachaumepalo in #1477
  • Update dependencies by @Alenar in #1476
  • Implement CardanoTransactions artifact routes in aggregator by @jpraynaud in #1479
  • Certificate hash in transaction set message by @Alenar in #1485
  • More explicit error message when db dir is not writable by @abailly-iohk in #1483
  • Remove http from dependencies by @Alenar in #1490
  • Support Sanchonet Cardano network by @jpraynaud in #1384
  • Add Cardano transactions proofs support to mithril-client by @Alenar in #1489
  • Fix clippy lint from rust 1.76 by @Alenar in #1493
  • Sfa/improve signed entity test by @sfauvel in #1460
  • Add dev blog post announcing testing-sanchonet network by @jpraynaud in #1491
  • Minor adjustments to generic identifier descriptions by @olgahryniuk in #1498
  • Extract persistence related code to a new shared crate by @Alenar in #1494
  • get datums using pallas observer by @falcucci in #1403
  • Cardano transaction sets & proof in client cli by @Alenar in #1501
  • Update Mithril architecture documentation by @jpraynaud in #1499
  • Fix clippy warning in common when using only fs flag by @Alenar in #1504
  • Upgrade Cardano configurations in infra by @jpraynaud in #1505
  • Add signing capabilities to aggregator root route by @dlachaumepalo in #1506
  • Update SPO-on-boarding-guide.md, it's not required (anymore?) to run … by @brouwerQ in #1507
  • Add example crate for Cardano transactions by @dlachaumepalo in #1511
  • Generate documentation on module command lines by @sfauvel in #1424
  • Implement Cardano transactions verification in mithril-client-wasm by @dlachaumepalo in #1512
  • Mithril client CLI: fix remove archive directory by @dlachaumepalo in #1517
  • Enhance client-cli standard output by @Alenar in #1516
  • add pallas stake snapshots integration by @falcucci in #1513
  • CI: Upgrade actions by @Alenar in #1521
  • Fix update_release action version in CI by @Alenar in #1525
  • Upgrade mithril-client-wasm minor version to 0.2.0 by @dlachaumepalo in #1526

New Contributors

Full Changelog: 2403.1...2408.0-pre

Crates Versions

Crate Version
mithril-aggregator 0.4.39
mithril-client 0.6.4
mithril-client-cli 0.7.0
mithril-client-wasm 0.2.0
mithril-common 0.3.7
mithril-signer 0.2.109
mithril-stm 0.3.15

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <mithril@iohk.io>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./public-key.gpg ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <mithril@iohk.io>"
  • there is a line with Primary key fingerprint: 2AC0 7B11 8B23 1443 F544 2D0C 6E2C 1160 3E79 0021
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [mithril@iohk.io] and let us know of the outcome of your run of this process ⚠️

Contributors

Alenar, sfauvel, and 5 other contributors
Loading