Attention! This release is for testnet/stagenet only! Not for mainnet.
In this release
This release improves the Deterministic Finality feature, as well as enables P-256 signature verification in RIDE.
RIDE V9
The following functions have been re-estimated:
| Function | V8 Complexity | V9 Complexity |
|---|---|---|
drop
| 6 | 2 |
dropRight
| 6 | 2 |
take
| 6 | 2 |
takeRight
| 6 | 2 |
sha256
| 118 | 36 |
sha256_16Kb
| 12 | 5 |
sha256_32Kb
| 23 | 9 |
sha256_64Kb
| 47 | 17 |
sha256_128Kb
| 93 | 32 |
toBase16String
| 10 | 4 |
fromBase16String
| 10 | 4 |
toBase64String
| 35 | 3 |
fromBase64String
| 40 | 12 |
getInteger
| 4 | 2 |
getBoolean
| 4 | 2 |
getBinary
| 4 | 2 |
getString
| 4 | 2 |
getIntegerValue
| 4 | 2 |
getBooleanValue
| 4 | 2 |
getBinaryValue
| 4 | 2 |
getStringValue
| 4 | 2 |
size
| 2 | 1 |
getElement
| 2 | 1 |
removeByIndex
| 4 | 1 |
replaceByIndex
| 4 | 1 |
drop
| 20 | 2 |
dropRight
| 20 | 2 |
take
| 20 | 2 |
takeRight
| 20 | 2 |
createMerkleRoot
| 30 | 3 |
The following new functions have been added:
| Function | Description | Complexity |
|---|---|---|
fill
| Creates the list of n elements filled with a.
| 2 |
replaceAll
| Replaces all occurrences of pattern with subst in str.
| 2 |
replaceFirst
| Replaces the first occurrence of pattern with subst in str.
| 2 |
toBase16String_1C
| Input size is limited to 1024 bytes. | 1 |
fromBase16String_1C
| Input size is limited to 2048 chars. | 1 |
toBase64String_1C
| Input size is limited to 1024 bytes. | 1 |
fromBase64String_1C
| Max resulting byte array size is 1024 bytes. | 1 |
P-256 EC Signature Verification
The following new functions have been added to support Intel TDX:
p256Verify(message: ByteVector, signature: ByteVector, publicKey: ByteVector): Boolean, complexity: 43.
This function takes raw message bytes (unhashed), raw signature bytes and raw public key bytes and verifies P-256 signature. This function uses SHA-256 to hash the message. Both signature and public key must be exactly 64 bytes.validateCertificateChain(certificates: List[ByteVector], crls: List[ByteVector], timestamp: Int): ByteVector, complexity: 43.
This function takes a list of DER-encoded X.509 certificates (the first one being the most specific, and the last one being the root certificate), a list of corresponding CRLs, and a timestamp, and performs certificate chain validation. All CRLs and certificates must be valid at the given timestamp. If the certificate chain is valid, this function returns the public key (raw 64 bytes) of the first certificate (the most specific one) and throws an error otherwise. Only valid EC public keys are supported.
Native Crypto Providers
This release includes two native crypto providers: Amazon Corretto and Conscrypt. These providers significantly improve P-256 verification performance, as well as SHA-256 hashing performance. Both providers have comparable performance. However, due to the way Amazon Corretto is distributed, when node is started from a fat jar under Linux running on ARM, Java based Bouncy Castle provider will be used. This provider has significantly lower performance. For now it's recommended to use Docker images on Linux on ARM instead of a fat jar.
Update notes
There's no need to rebuild the state when updating from 1.6.0 or 1.5.12.