This is a patch release containing minor security and performance enhancements as well as quality-of-life improvements for developers.
Warning
We now publish sBTC Docker images to GitHub Container Registry, exclusively. Our images can always be found from the main repository page, under the Packages section.
This change enhances security and transparency across the entire chain of custody, from code to build to image.
Starting with this release, new images will no longer be published on DockerHub.
Highlights • Images • Upgrade Instructions • What's Changed
✨ Highlights
- Docker images are now published to GHCR
- Rust version bumped to 1.86.0
- Connection limiting for P2P networking
🐳 Images:
Important
Always use immutable image tags - the image digests are provided below. Verify the attestation of these images using this guide.
We publish our images on GitHub Container Registry.
sBTC Signer
- 🏷️
ghcr.io/stacks-sbtc/sbtc:signer-v1.0.2 - 🔒
sha256:60832405b3f56e8c8ae9ac9429866ce5173f86ff79652bad7f38481f220b2332
Blocklist Client
- 🏷️
ghcr.io/stacks-sbtc/sbtc:blocklist-client-v1.0.2 - 🔒
sha256:713a19fc6ad6f3538da7849d8c731f65b1bc0d9258f59947b487087c0c94d4be
📙 Database migrations
Important
If you run your signer using the --migrate-db flag, database migrations will be applied automatically. If you do not use this flag, you must manually apply the migrations.
--migrate-db is enabled by default in our official Docker images.
Database migrations may be found at signer/migrations.
🛠️ Upgrade Instructions:
- Stop your sBTC signer
- Backup your database
- Edit your configuration as instructed
- Apply database migrations (only if not running with the
--migrate-dbflag) - Update your sBTC images as specified above
- Restart your sBTC signer and blocklist client
📝 What's Changed
Other Changes
Click to expand
- feat: feature limit signer ability to update emilys database by @Jiloc in #1530
- feat: Update timeout_ms in event observer configs by @fabergat in #1537
- set
stacks_block_heightto Withdrawals by @Jiloc in #1542 - fix
test_conservative_initial_sbtc_limitstest by @cylewitruk in #1549 - feat: Add attestation entry point to Docker Images by @fabergat in #1476
- [feat] add txid to Emily withdrawals by @MCJOHN974 in #1548
- chore: fix a few spelling mistakes in comments by @cylewitruk in #1554
- chore: remove some unused stuff by @matteojug in #1555
- refactor: random nit updates by @djordon in #1556
- chore: more random nits by @matteojug in #1561
- [feat]: Implement rolling withdrawal window on Emily by @MCJOHN974 in #1539
- fix: Allow re-starting devenv while offline by @aldur in #1564
- fix: No need to bind devenv to all interfaces by @aldur in #1565
- chore: bump rust version to 1.85.1 by @djordon in #1552
- chore(ci): add pull_request trigger to on-push workflow by @cylewitruk in #1575
- chore(ci): move cargo vet job to on-push workflow by @cylewitruk in #1574
- fix: re-enable
--helpon CLI binaries by @aldur in #1573 - chore: bump rust to 1.86.0 by @cylewitruk in #1582
- chore: Update
SECURITY.mdandRELEASE.mdby @aldur in #1569 - feat: signers no longer store transactions in the database by @djordon in #1559
- refactor: simplify deposit request processing in block the observer by @djordon in #1560
- [chore]: get rid of fixed random in tests by @MCJOHN974 in #1578
- chore(ci): fix double CI-runs between PR and push by @cylewitruk in #1587
- feat: introduce p2p connection limiting (
#1547) by @cylewitruk in #1568 - Push release Docker images to GHCR instead of DockerHub by @fabergat in #1581
- fix: ignore (and log) coinbase tx by @matteojug in #1592
- fix: update devenv stacks-api by @matteojug in #1595
- chore: 4-eyes to create a tag by @fabergat in #1584
- fix:
cargo clippy --all-targets(partial) by @aldur in #1580 - feat: sidecar locktime management by @Jiloc in #1502
- Fix GH CLI version and add tag name print by @fabergat in #1609
Full Changelog: v1.0.0...v1.0.2