Also available on PyPi and can be installed with pip install -U hwi

Added

• Blockstream Jade is now supported
• Taproot support
  • Taproot signing support for Trezors and Ledger
  • Taproot PSBT fields
  • tr() descriptors and tap address type
• Support for Ledger Bitcoin App 2.0. Note that the 2.0 app changes what the Ledger will sign and may break some workflows.
• Trezor multisig change address verification
• signtx will return a status indicating whether the PSBT was signed
• Trezor labels will be output in enumerate
• PSBTv2 support

Removed

• For Trezor Ones with firmware 1.10.6 and greater and Trezor Ts with firmware 2.4.4 and greater will not be able to sign transactions containing external inputs

Fixed

• Keepkeys will no longer also appear as Trezors
• Nonresponse with some Trezors/Keepkeys when sending PIN

Minor compatibility fixes

• #1392
• #1390
• #1388

Minor bugfixes and performance improvements.

This update brings two brand new apps to the Umbrel App Store — Agora and sparkkiosk, along with updated apps and bugfixes.

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Bugfix: Tzdata module missing on windows fixes #1653 #1654 (Kim Neunert)

API Updates

• Minimum supported rust version (MSRV) is now 1.41.1 (#1310).
• Lightning feature option_scid_alias is now supported and may be negotiated when opening a channel with a peer. It can be configured via ChannelHandshakeConfig::negotiate_scid_privacy and is off by default but will be on by default in the future (#1351).
• OpenChannelRequest now has a channel_type field indicating the features the channel will operate with and should be used to filter channels with undesirable features (#1351). See the Serialization Compatibility section.
• ChannelManager supports sending and receiving short channel id aliases in the funding_locked message. These are used when forwarding payments and constructing invoice route hints for improved privacy. ChannelDetails has a inbound_scid_alias field and a get_inbound_payment_scid method to support the latter (#1311).
• DefaultRouter and find_route take an additional random seed to improve privacy by adding a random CLTV expiry offset to each path's final hop. This helps obscure the intended recipient from adversarial intermediate hops (#1286). The seed is also used to randomize candidate paths during route selection (#1359).
• The lightning-block-sync crate's init::synchronize_listeners method interface has been relaxed to support multithreaded environments (#1349).
• ChannelManager::create_inbound_payment_for_hash's documentation has been corrected to remove the one-year restriction on invoice_expiry_delta_secs, which is only applicable to the deprecated create_inbound_payment_legacy and create_inbound_payment_for_hash_legacy methods (#1341).
• Features mutator methods now take self by reference instead of by value (#1331).
• The CLTV of the last hop in a path is now included when comparing against RouteParameters::max_total_cltv_expiry_delta (#1358).
• Invoice creation functions in lightning-invoice crate's utils module include versions that accept a description hash instead of only a description (#1361).
• RoutingMessageHandler::sync_routing_table has been renamed peer_connected (#1368).
• MessageSendEvent::SendGossipTimestampFilter has been added to indicate that a gossip_timestamp_filter should be sent (#1368).
• PeerManager takes an optional NetAddress in new_outbound_connection and new_inbound_connection, which is used to report back the remote address to the connecting peer in the init message (#1326).
• ChannelManager::accept_inbound_channel now takes a user_channel_id, which is used in a similar manner as in outbound channels. (#1381).
• BackgroundProcessor now persists NetworkGraph on a timer and upon shutdown as part of a new Persister trait, which also includes ChannelManager persistence (#1376).
• ProbabilisticScoringParameters now has a base_penalty_msat option, which default to 500 msats. It is applied at each hop to help avoid longer paths (#1375).
• ProbabilisticScoringParameters::liquidity_penalty_multiplier_msat's default value is now 40,000 msats instead of 10,000 msats (#1375).
• The lightning crate has a grind_signatures feature used to produce signatures with low r-values for more predictable transaction weight. This feature is on by default (#1388).
• ProbabilisticScoringParameters now has a amount_penalty_multiplier_msat option, which is used to further penalize large amounts (#1399).
• PhantomRouteHints, FixedPenaltyScorer, and ScoringParameters now implement Clone (#1346).

Bug Fixes

• Fixed a compilation error in ProbabilisticScorer under --feature=no-std (#1347).
• Invoice creation functions in lightning-invoice crate's utils module filter invoice hints in order to limit the invoice size (#1325).
• Fixed a bug where a funding_locked message was delayed by a block if the funding transaction was confirmed while offline, depending on the ordering of Confirm::transactions_confirmed calls when brought back online (#1363).
• Fixed a bug in NetGraphMsgHandler where it didn't continue to receive gossip messages from peers after initial connection (#1368, #1382).
• ChannelManager::timer_tick_occurred will now timeout a received multi-path payment (MPP) after three ticks if not received in full instead of waiting until near the HTLC timeout block(#1353).
• Fixed an issue with find_route causing it to be overly aggressive in using MPP over channels to the same first hop (#1370).
• Reduced time spent processing channel_update messages by checking signatures after checking if no newer messages have already been processed (#1380).
• Fixed a few issues in find_route which caused preferring paths with a higher cost (#1398).
• Fixed an issue in ProbabilisticScorer where a channel with not enough liquidity could still be used when retrying a failed payment if it was on a path with an overall lower cost (#1399).

Serialization Compatibility

• Channels open with option_scid_alias negotiated will be incompatible with prior releases (#1351). This may occur in the following cases:
  • Outbound channels when ChannelHandshakeConfig::negotiate_scid_privacy is enabled.
  • Inbound channels when automatically accepted from an OpenChannel message with a channel_type that has ChannelTypeFeatures::supports_scid_privacy return true. See UserConfig::accept_inbound_channels.
  • Inbound channels when manually accepted from an OpenChannelRequest with a channel_type that has ChannelTypeFeatures::supports_scid_privacy return true. See UserConfig::manually_accept_inbound_channels.

In total, this release features 43 files changed, 4052 insertions, 1274 deletions in 75 commits from 11 authors, in alphabetical order: * Devrandom * Duncan Dean * Elias Rohrer * Jeffrey Czyz * Jurvis Tan * Luiz Parreira * Matt Corallo * Omar Shamardy * Viktor Tigerström * dependabot[bot] * psycho-pirate

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Bugfix: opening non-installed extensions in new window #1650 (Kim Neunert)
• Bugfix: price provider uses wrong user #1640 (Kim Neunert)
• Bugfix: Restore editing of labels #1649 (Kim Neunert)
• Chore: Bump ansi-regex from 4.1.0 to 4.1.1 in /pyinstaller/electron #1643 (dependabot[bot])
• Chore: Bump minimist from 1.2.5 to 1.2.6 #1639 (dependabot[bot])
• Chore: Update elements to 0.21.0.2 #1641 (Kim Neunert)

General fixes/improvements, mainly restoring the fee reserve improvements made to the Quart branch.

Bug fixes:

• Fix plugin installer @Kukks
• Fix text around shopify settings @pavlenex

• Move account tabs to the left with clearer color hierarchy
• Update BWT for Bitcoin Core v23 compatibility (@shesek)
• Add PDF export of wallet output descriptor from QR display dialog
• Restore collaborative (Stowaway) sends to linked PayNyms
• Support searching for custom PayNyms when initiating collaborative sends
• Use paynym.is onion address when Tor proxy is set
• Always use "Deposit" label for default Account #0 wallet
• Ensure unique Stonewall input txids for entire tx (not just per set)
• Support PSBT Taproot BIP32 derivation field
• Ensure order of unencrypted wallet tabs is retained across app restarts
• Warn if saved certificate file could not be deleted when requested
• Indicate when a server failure occurs when loading a transaction from file or text
• Show an error message if partial signatures do not match the wallet on finalizing a PSBT
• Change show delay duration for help tooltips to 500ms
• Remove earn.com as fee rates source
• Bug fix: Disable BIP47 support for Taproot wallets (for now)
• Bug fix: Omit frozen UTXOs from Soroban collaborations
• Bug fix: Update UTXO tab fiat balances as rates change
• Bug fix: Fix issues updating UTXO chart when mixing
• Bug fix: Ensure wallet rescan occurs when changing the wallet birthday in the transactions table
• Bug fix: Perform signature verification on PSBT inputs only after all have been parsed (required for Taproot signatures)

New features:

• Greenfield: Send email via store (#3181) @woutersamaey @kukks
• Greenfield: Configure store email settings (#3554) @kukks
• Greenfield: Create lightning invoice with description hash (#3559) @dennisreimann

Bug fixes:

• Fix crash on Wallet send page @bolatovumar
• Various UI fixes (#3519 #3522 #3543 #3553 #3584 #3578) @dennisreimann @bolatovumar @dafunction
• Fix plugin listing error due to Github rate limiting (#3502) @kukks
• Fix shopify integration (#3589) @kukks
• Fix order id in invoices updating (#3521) @woutersamaey
• Fix missing permissions in API keys creation pages @Kukks

Improvements:

• Various improvements around plugin system @dennisreimann @kukks
• Various tweaks around copy in UI @phershbe @dennisreimann @kukks @pavlenex

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Feature: added better scrollbar for all table-style-lists #1598 (relativisticelectron)
• Feature: CLI and a publishing model for extensions #1566 (Kim Neunert)
• Feature: Import of raw transaction #1591 (relativisticelectron)
• Feature: initial devhelper extension #1547 (Kim Neunert)
• Feature: introduction of url-prefixes and defaults #1561 (Kim Neunert)
• UIUX: add Added hover titles #1621 (relativisticelectron)
• UIUX: Add margin under Device type dropdown #1616 (cypherhoodlum)
• UIUX: Adds KYC warning and link to learn more #1560 (kdmukai)
• UIUX: Add two missing titles in the settings bar #1618 (cypherhoodlum)
• UIUX: Placeholder for amount send #1545 (VCBhatawadekar)
• UIUX: Redesign the main page #1620 (cypherhoodlum)
• UIUX: Renaming and static plugin list teasering + refactoring #1569 (Kim Neunert)
• UIUX: Update icon for Passport signing device #1589 (BitcoinQnA)
• Buffix: Electrum PSBT import fixes #1544 #1548 (relativisticelectron)
• Bugfix: App Icon for Gnome Doc #1158 #1592 (salderma)
• Bugfix: Chore - update black to fix linter failure #1642 (Kim Neunert)
• Bugfix: electrum single-sig wallet import #1573 (relativisticelectron)
• Bugfix: Fixed missing vsize in tx. This led to no available feerate for RBF #1585 (relativisticelectron)
• Bugfix: fixing the logging-system screwup #1578 (Kim Neunert)
• Bugfix: logging error, caused by passing 2 arguments #1576 (relativisticelectron)
• Bugfix: OAuth2_hostname #1579 (Kim Neunert)
• Bugfix: Price data edge-case, fixes #1554 #1624 (Kim Neunert)
• Bugfix: refactor and fix css #1607 (Kim Neunert)
• Bugfix: Release-process #1608 (Kim Neunert)
• Bugfix: Reserving too many addresses at Swan, fix v2; Bugfix: admin change password #1563 (kdmukai)
• Bugfix: TXs in csv and in the UI now get blocktime for time if confirmed fixes #1552 #1559 (Kim Neunert)
• Bugfix: upgrade pyinstaller #1556 (Kim Neunert)
• Bugfix: versionChecker and downloadloc #1633 (Kim Neunert)
• Chore: Build Script improvements #1612 (Kim Neunert)
• Chore: Bump follow-redirects from 1.14.4 to 1.14.7 #1557 (dependabot[bot])
• Chore: Bump follow-redirects from 1.14.7 to 1.14.8 #1590 (dependabot[bot])
• Chore: Migrate to elements v0.21.0.1 #1601 (Kim Neunert)
• Chore: some build-improvements #1603 (Kim Neunert)
• Chore: Service class refactoring #1623 (Kim Neunert)
• Chore: Price Provider and error-management #1551 (Kim Neunert)
• Docs: Changes that didn't make into merge commit for #1591 #1611 (Manolis)
• Docs: Fix various typos and grammatical errors #1606 (Matt Wesley)
• Docs: Update docs/reverse-proxy.md #1587 (GoofyAF)
• Docs: Update daemon.md #1586 (GoofyAF)

Fix wallet creation on some devices

This version fixes an issue on some devices where creating an entry in the keystore would fail, preventing new wallets from being created.

List of commits (filter on phoenix-legacy)

• https://github.com/ACINQ/phoenix/compare/android-legacy-v1.4.21...android-legacy-v1.4.22

Verifying signatures

You will need gpg and our release signing key E434ED292E85643A. Note that you can get it: - from our website: https://acinq.co/pgp/padioupm.asc - from github user @pm47, a committer on eclair: https://api.github.com/users/pm47/gpg_keys

To import our signing key: $ gpg --import padioupm.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

This release contains several enhancements in JSON-RPC interface, Ethereum compatibility fixes and node robustness enhancements. This is a non-comprehensive list of the changes included in this version:

• Fix web3_sha3 method for non-hex encoded strings in https://github.com/rsksmart/rskj/pull/1637
• JSON-RPC compatibility fixes in https://github.com/rsksmart/rskj/pull/1659
• eth_getLogs method performance improvements in https://github.com/rsksmart/rskj/pull/1650
• Mitigated db inconsistency issue after improper node shutdown in https://github.com/rsksmart/rskj/pull/1660
• Enabled fast block propagation mode by default in https://github.com/rsksmart/rskj/pull/1677
• Added tracing options to debug_traceTransaction method in https://github.com/rsksmart/rskj/pull/1644

You can find a complete list of the changes introduced in Iris 3.3.0 milestone.

SHA256 (see Reproducible Build guide for further details): cce6c949251d1ee6d9ab8bf1d29e026778a846f048a854ca5ef114000b05f079 rskj-core-3.3.0-IRIS-all.jar

Summary

This release upgrades the built-in Tor client from v.0.4.5.10 to v0.4.6.9. There are many significant changes, that greatly increase the network stability and performance. The release also contains some rare but annoying crash fix. Make sure your Tor client is not running in the background so Wasabi can update it - the easiest way is to restart your machine and start the new version of Wasabi.

• Updated Tor client to 0.4.6.9.

Newbie Guide

While setting up Wasabi is straightforward, even a Linux wizard with the longest beard can get stuck on the most basic tasks. Consider taking a look at the Installation Instructions guide.

Advanced Guide

If you want to build Wasabi from source code or update the source code check out these instructions.

From version 1.1.3 Wasabi also introduces reproducible builds: Deterministic Build Guide

Build with .NET Core 3.1.407-win-x64.

FAQ

• Frequently asked questions here.
• Requirements? x64, Linux, >Win10, >macOS 10.13.

Release Notes

• Recover from AddressManager file corruption https://github.com/zkSNACKs/WalletWasabi/pull/6723
• Minor bugfixes https://github.com/zkSNACKs/WalletWasabi/pull/4106 https://github.com/zkSNACKs/WalletWasabi/pull/6683
• Bitcoin Knots to LTS https://github.com/zkSNACKs/WalletWasabi/pull/7016
• Major Tor update https://github.com/zkSNACKs/WalletWasabi/pull/7579

Main changes

Remove send all checkbox

When sending a payment, the "send all" checkbox lets users use all their balance for that payment and forces the app to use the highest possible trampoline fee, which can lead to unintended high fees (especially if the default trampoline fees have been altered by the user). This checkbox has thus been removed until we find a better solution.

• app: https://github.com/ACINQ/phoenix/compare/android-legacy-v1.4.20...android-legacy-v1.4.21

Verifying signatures

You will need gpg and our release signing key E434ED292E85643A. Note that you can get it: - from our website: https://acinq.co/pgp/padioupm.asc - from github user @pm47, a committer on eclair: https://api.github.com/users/pm47/gpg_keys

To import our signing key: $ gpg --import padioupm.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

• Support linking and sending directly to payment codes (without paynym.is)
• Automatically label new BIP47 receive addresses to identify incoming BIP47 transactions
• Allow any linked PayNym contact to be renamed (right-click on the contact in the PayNym dialog)
• Add PayNym contacts from the followers list
• Allow mix partner to more easily retry listening if a timeout occurs via a provided link in the dialog
• Label invalid notification transactions and avoid attempting to relink with them
• Identify and color code signatures in transaction hex witness data
• Bug fix: Make db-updater a daemon thread to fix an issue shutting down properly on Windows
• Bug fix: Enable Create Transaction button when sending max payment to a linked PayNym

This update brings the latest versions of Jam, Krystal Bull, Suredbits Wallet, Bitfeed, LNDg, and Urbit to the Umbrel App Store.

This is a follow-up release that fixes the news badge on Settings for existing Bisq users and handles an additional case where the DAO needs resync.

See https://github.com/bisq-network/bisq/milestone/69?closed=1 for more details.

Here are the release notes from v1.8.3:

Release notes

This release improves privacy by automatically deleting past trade data, improves the UI in many places, and fixes bugs across the board (as always).

Improvements

• Clear payment account payload info from closed trades
• Allow dispute to be closed if trade has paid out
• Include penalty for exceeding transfer limits
• Show buyer/seller in terms of BTC
• Show signed payment account status when applicable in Trade & Dispute information screens
• Show proposal transaction ID with explore and copy icons
• Sign/Verify message for DAO bonded roles
• Obtain trade fee settings from filter
• Warn and prompt for password before showing wallet keys
• Add ability to copy popup text to clipboard
• Add support/help links on the UI
• Add filter option to lists
• Improve text and icon colors for disabled offers
• Remove references to Keybase and switch to Matrix
• Improve BSQ swap error messaging & DAO resync popup

Bug fixes

• Fix exception: heightOfLastBlock must match chainHeight
• Fix issue selecting specific BSQ UTXO for sending BSQ
• Fix error in failed trades view when trade contract is null
• Fix NullPointerException when editing a new payment account
• Fix unhandled exception when locale specifies unknown country/region code.
• Fix column sorting
• Fix sorting on bonded roles view
• Prevent reset offer values after switch to same currency payment account
• Filter out the BSQ swap payment method from dropdown on edit/duplicate offer
• Fix CSV export issue on open offers view
• Enable Tor bridges set in application settings
• Get payment method ID from offerPayload: 1, 2
• Disable roll over popups in combobox item renderers.

Development & Documentation

• API: Add API gettrades method
• API: Fix FeeService NullPointerException
• Update copyright string for Windows
• Update copyright string for macOS
• Cleanup: remove unused classes
• Improve instructions and wording
• Update hostname of BSQ explorer mempool.emzy.de

New Assets

No new assets were added.

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.8.4.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.8.4-all.jar The output need to match the value from the Bisq-1.8.4.jar.txt file.

There are three hashes within the Bisq-1.8.4.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 15.0.5 and the v1.8.4 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.8.4.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @Emzy
• @ghubstan
• @jmacxx
• @MarnixCroes
• @MwithM
• @ripcurlx
• @sqrrm
• @w0000000t
• @wiz
• @xyzmaker123

A special thanks to our first time contributors: - @MarnixCroes: Update Apple plist copyright notice

As well as to everyone that helped with translations on Transifex.

• Add PayNym Addresses dialog to view linked PayNym addresses (Addresses tab)
• Roll back to preferring IPv4 over IPv6 addresses
• Bug fix: Fix issue where BIP47 addresses that were sent to did not get history updates
• Bug fix: Update optimization buttons after Max button pressed
• Bug fix: Fix regression with expanded transaction diagram dark theme background

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#096-mar-4-2022

Changelog:

• raise max P2P message size to account for larger elements dynafed headers
• remove block from in-flight list when a duplicate is received through RPC

• Implement BIP47 - linking, sending to and receiving from PayNyms on Legacy, Nested Segwit and Segwit addresses
• Introduce nested wallet support to allow BIP47 wallets to contribute to the first (master) wallet
• Add BIP39 option to File > Import Wallet dialog, discovering any existing wallets using common script types and derivations
• Improve label handling by detaching and storing labels before a wallet refresh, and labelling matching entries from this store as the wallet is updated
• Buffer address history update notifications to perform fewer wallet history refreshes
• Improved IPv6 handling on NAT64 networks
• Use smaller, shared stage icon to reduce memory usage
• Add link to Server Preferences in status bar on connection failure
• Add SeedSigner to File > Import Wallet dialog
• Bug fix: Fix expanding grey area in Transaction viewer when increasing hex area height
• Bug fix: Add border to undecorated stages on Windows
• Bug fix: Mixing UTXOs should reflect in Send Selected total on UTXOs tab
• Bug fix: Fix resolution of mDNS (.local) hostnames when connecting to Bitcoin Core
• Bug fix: Prevent wallet response updates while Whirlpool is starting to avoid empty UTXO mix queue

New features:

• Plugins: Expose file service @Kukks
• Plugins: Allow writing Greenfield API endpoints (#3495) @dennisreimann

Bug fixes:

• Fix Shopify configuration UI due to shopify changes (#3479) @Kukks
• Various fixes related to store context (#3505) @dennisreimann @Kukks
• Various fixes related to plugin system @dennisreimann @Kukks
• Add missing documentation for wallet generation Greenfield API @Kukks
• Fix broken modal views on mobile (#3504) @dennisreimann
• Custom amount option in point of sale print view was not showing (#3503) @Kukks
• Fix code copying buttons (#3489 #3499) @dennisreimann @bolatovumar
• Various UI fixes @dennisreimann @bolatovumar

This update brings three brand new apps to the Umbrel App Store — Jam (JoinMarket UI), Snowflake Tor Proxy, and Bleskomat Server, along with updated apps and bugfixes.

• Websockets
  • Real-time sync
• Patch DB
  • Closely mirror FE and BE state. Most operating systems are connected to their GUI. Here it is served over the web. Patch DB and websockets serve to close the perceptual gap of this inherent challenge.
• Switch base OS from 32bit Raspbian to 64bit Raspberry Pi OS
• Merging of lifeline, agent, and appmgr into embassyd
  • Elimination of Haskell in favor of pure Rust
  • Unified API for interacting with the OS
  • Easier to build from source
• OS (quarantined from OS and service data)
  • Kernel/boot
  • Persistent metadata (disk guid, product key)
  • Rootfs (the os)
  • Reserved (for updates) - swaps with rootfs
• Revamped OS updates
  • Progress indicators
  • Non-blocking
  • Simple swap on reboot
• Revamped setup flow
  • Elimination of Setup App (Apple/Google dependencies gone)
  • Setup Wizard on http://embassy.local
• Revamped service config
  • Dynamic, validated forms
• Diagnostic UI
  • Missing disk, wrong disk, corrupt disk
• Turing complete API for actions, backup/restore, config, properties, notifications, health checks, and dependency requirements
• Optional, arbitrary inputs for actions
• Install, update, recover progress for apps
• Multiple interfaces
  • E.g. rpc, p2p, ui
• Health checks
  • Developer defined
  • Internal, dependencies, and/or external
• Full Embassy backup (diff-based)
• External drive support/requirement
  • Single at first
  • Groundwork for extension and mirror drives
• Disk encryption
  • Random key encrypted with static value
  • Groundwork for swapping static value with chosen password
• Session Management
  • List all active sessions
  • Option to kill
• More robust and extensive logs
• Donations

API Updates

• Phantom node payments are now supported, allowing receipt of a payment on any one of multiple nodes without any coordination across the nodes being required. See the new PhantomKeysManager's docs for more, as well as requirements on KeysInterface::get_inbound_payment_key_material and lightning_invoice::utils::create_phantom_invoice (#1199).
• In order to support phantom node payments, several KeysInterface methods now accept a Recipient parameter to select between the local node_id and a phantom-specific one.
• ProbabilisticScorer, a Score based on learning the current balances of channels in the network, was added. It attempts to better capture payment success probability than the existing Scorer, though may underperform on nodes with low payment volume. We welcome feedback on performance (#1227).
• Score::channel_penalty_msat now always takes the channel value, instead of an Option (#1227).
• UserConfig::manually_accept_inbound_channels was added which, when set, generates a new Event::OpenChannelRequest, which allows manual acceptance or rejection of incoming channels on a per-channel basis (#1281).
• Payee has been renamed to PaymentParameters (#1271).
• PaymentParameters now has a max_total_cltv_expiry_delta field. This defaults to 1008 and limits the maximum amount of time an HTLC can be pending before it will either fail or be claimed (#1234).
• The lightning-invoice crate now supports no-std environments. This required numerous API changes around timestamp handling and std+no-std versions of several methods that previously assumed knowledge of the time (#1223, #1230).
• lightning-invoice now supports parsing invoices with expiry times of more than one year. This required changing the semantics of ExpiryTime (#1273).
• The CounterpartyCommitmentSecrets is now public, allowing external uses of the BOLT 3 secret storage scheme (#1299).
• Several Sign methods now receive HTLC preimages as proof of state transition, see new documentation for more (#1251).
• KeysInterface::sign_invoice now provides the HRP and other invoice data separately to make it simpler for external signers to parse (#1272).
• Sign::sign_channel_announcement now returns both the node's signature and the per-channel signature. InMemorySigner now requires the node's secret key in order to implement this (#1179).
• ChannelManager deserialization will now fail if the KeysInterface used has a different node_id than the ChannelManager expects (#1250).
• A new ErrorAction variant was added to send warning messages (#1013).
• Several references to chain::Listen objects in lightning-block-sync no longer require a mutable reference (#1304).

Bug Fixes

• Fixed a regression introduced in 0.0.104 where ChannelManager's internal locks could have an order violation leading to a deadlock (#1238).
• Fixed cases where slow code (including user I/O) could cause us to disconnect peers with ping timeouts in BackgroundProcessor (#1269).
• Now persist the ChannelManager prior to BackgroundProcessor stopping, preventing race conditions where channels are closed on startup even with a clean shutdown. This requires that users stop network processing and disconnect peers prior to BackgroundProcessor shutdown (#1253).
• Fields in ChannelHandshakeLimits provided via the override_config to create_channel are now applied instead of the default config (#1292).
• Fixed the generation of documentation on docs.rs to include API surfaces which are hidden behind feature flags (#1303).
• Added the channel_type field to accept_channel messages we send, which may avoid some future compatibility issues with other nodes (#1314).
• Fixed a bug where, if a previous LDK run using lightning-persister crashed while persisting updated data, we may have failed to initialize (#1332).
• Fixed a rare bug where having both pending inbound and outbound HTLCs on a just-opened inbound channel could cause ChannelDetails::balance_msat to underflow and be reported as large, or cause panics in debug mode (#1268).
• Moved more instances of verbose gossip logging from the Trace level to the Gossip level (#1220).
• Delayed announcement_signatures until the channel has six confirmations, slightly improving propagation of channel announcements (#1179).
• Several fixes in script and transaction weight calculations when anchor outputs are enabled (#1229).

Serialization Compatibility

• Using ChannelManager data written by versions prior to 0.0.105 will result in preimages for HTLCs that were pending at startup to be missing in calls to KeysInterface methods (#1251).
• Any phantom invoice payments received on a node that is not upgraded to 0.0.105 will fail with an "unknown channel" error. Further, downgrading to 0.0.104 or before and then upgrading again will invalidate existing phantom SCIDs which may be included in invoices (#1199).

Security

0.0.105 fixes two denial-of-service vulnerabilities which may be reachable from untrusted input in certain application designs.

• Route calculation spuriously panics when a routing decision is made for a path where the second-to-last hop is a private channel, included due to a multi-hop route hint in an invoice.
• ChannelMonitor::get_claimable_balances spuriously panics in some scenarios when the LDK application's local commitment transaction is confirmed while HTLCs are still pending resolution.

In total, this release features 109 files changed, 7270 insertions, 2131 deletions in 108 commits from 15 authors, in alphabetical order: * Conor Okus * Devrandom * Elias Rohrer * Jeffrey Czyz * Jurvis Tan * Ken Sedgwick * Matt Corallo * Naveen * Tibo-lg * Valentine Wallace * Viktor Tigerström * dependabot[bot] * hackerrdave * naveen * vss96

New features:

• Greenfield: Exposes LNUrl's comment and LN address in invoice's payment method (#3427) @Kukks
• Greenfield: Add maxFeePercent/maxFeeFlat to the lightning payment API (#3454) @dennisreimann @NicolasDorier
• Greenfield: Find 1 user by ID or by email, or list all users. (#3176) @woutersamaey

Bug fixes:

• Fix: All PSBT flows were crashing @NicolasDorier

Improvements:

• UI: Add border for mobile menu (#3477 #3469) @denniseimann @dstrukt
• UI: Sticky headers improvements (#3471) @denniseimann
• UX: Remove payment methods not currently configured when creating invoice (#3394) @ubolator
• UX: Add pull payment grouping options (#3177) @ubolator
• UI: Redesign Wallet UI (#3408) @denniseimann @dstrukt
• UI: Remove storeid from the invoice's filter, as it is implicit @NicolasDorier

Cache & Backgroundscan refactor & new apps: LNbits c-lightning, Tallycoin Connect, Helipad, ...

• Fixes issue of LNDHub extension linked to busy wallet taking down LNbits
• Support for AES-encrypted macaroons (for LND)
• Fixes LNURLwithdraw bug where withdraws would fail
• .env theme selection working properly
• Adds "bitcoin" theme

1.9.0

Executive Summary

This release is backwards incompatible with previous releases of bitcoin-s. You will not be able to build a DLC with prior releases of bitcoin-s. This was due to a bug in how we computed contractId in a DLC. See #4012 for more information.

We now have official typescript bindings for our oracleServer and appServer

• https://www.npmjs.com/package/@bitcoin-s-ts/wallet-ts
• https://www.npmjs.com/package/@bitcoin-s-ts/oracle-server-ts

See the individual module sections for more information on lower level updates to the codebase.

Running Bitcoin-S

If you want to run the standalone server binary, after verifying gpg signatures, you can unzip bitcoin-s-server-1.9.0.zip and then run it with ./bin/bitcoin-s-server to start the node. You will need to configure the node properly first, you can find example configurations here.

You can then unzip the bitcoin-s-cli-1.9.0.zip folder and start using the bitcoin-s-cli like this:

```bashrc ./bin/bitcoin-s-cli --help Usage: bitcoin-s-cli [options] []

-n, --network Select the active network. --debug Print debugging information --rpcport The port to send our rpc request to on the server -h, --help Display this help message and exit ```

For more information on what commands bitcoin-s-cli supports check the documentation, here is where to start: https://bitcoin-s.org/docs/next/applications/server#server-endpoints

Verifying signatures

This release is signed with Chris's signing key with fingerprint 339A49229576050819083EB3F99724872F822910

To do the verification, first hash the executable using sha256sum. You should check that the result is listed in the SHA256SUMS.asc file next to its file name. After doing that you can use gpg --verify to authenticate the signature.

Example:

``` sha256sum bitcoin-s-server-1.9.0.zip ec2bccd61bdabc1f0453d1f8b7608b628da28fe45d55754a269e30391106c18d bitcoin-s-server-1.9.0.zip

gpg --verify SHA256SUMS.asc gpg: Signature made Tue 15 Feb 2022 12:58:48 PM CST gpg: using RSA key 339A49229576050819083EB3F99724872F822910 gpg: Good signature from "Chris Stewart stewart.chris1234@gmail.com" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 339A 4922 9576 0508 1908 3EB3 F997 2487 2F82 2910 ```

Contributors

89  Chris Stewart
36  Scala Steward
35  benthecarman
31  rorp
 3  Nadav Kohen
 2  user411
 1  Shreyansh
 1  dependabot[bot]

Website

https://bitcoin-s.org/

Releases

https://repo1.maven.org/maven2/org/bitcoin-s/

Snapshot releases

https://oss.sonatype.org/content/repositories/snapshots/org/bitcoin-s/

Docker

https://hub.docker.com/orgs/bitcoinscala/repositories

app commons

Bug fixes and improve the API for AppConfig

4e6c68155e Sort outcomes in decodeoffer response (#4094) 142612f034 Make newConfigOfType use VectorConfig 2066447cdc Add isEndpoint to numeric contract descriptor serialization (#4033) e802254a20 2022 01 24 rm appconfig varargs (#4011) 3162c1b2d0 Ignore .DS_Store files when making backups (#4000) a7af8cac4c Patch bug where zipdatadir doesn't work if the directory was not created (#3959)

App server

The major features shipped this release is support for websockets. You can now be notified of websocket events from the wallet, dlc wallet, and chain. These are used on the wallet-server-ui to notify when events happen

This module will be renamed to Wallet Server in future releases as that is a more accurate name for this module.

There are various PRs that broke API compatability from 1.8 -> 1.9. See the list

08941206fc Bump timeout to 60 seconds (#4021) d2f53db82e Change BTC RPC log level (#4010) f438ce2897 Refactor zipDatadir (#3999) d88e2494e0 Make RPC authentication optional for localhost (#3980) ee3ee53191 RPC password authentication (#3961) 9dd126bb9f Modify estimatefee endpoint to return a number rather than a string (#3973) 66e23b61a8 2021 01 11 issue 3938 (#3971) eeeecb00c5 Reduce polling log to trace when we try to poll bitcoind (#3964) 5de325e7de Exclude seeds from backup (#3950) f8f8f50aae Implement ping every 5 seconds to keep websocket connection alive (#3947) 7527388be5 2021 12 20 ws dlc callbacks (#3926) 50bec2abc6 2021 12 14 websockets (#3906) 4b07629d56 Add getmediantimepast RPC call (#3921) 4646ef6e19 Remove BitcoinSServerMain.startedFP (#3928) 3cd57d37f5 Remove backupwallet / backup oracle (#3920) f8f5a8e8dc Update docker-application.conf (#3905) 7e214da601 Improve BitcoinSAppConfig.zipDatadir (#3903) 6c67e83d3f 2021 12 10 issue 3891 (#3894) 41585a18ca Make Bitcoin Core RPC backend to retry on Error -28: Verifying blocks (#3896) a38309bed1 Add range of block heights to the error message (#3886) d393848cc2 2021 11 30 issue 3847 (#3862) 0b9500f4f2 Add hex fields to decodecontractinfo JSON response (#3830) 1d7529236f 2021 11 13 scan bitcoind witspkv1 mempool (#3825) 5189b6ad5c revert logging directives on request/response back to DEBUG (#3819) a40ef1ab21 Break existing api to get new address to remove the requirement for null label (#3818) 21fab4ee70 Improve app server validation error handling (#3796) 403c78fd8f Server Docker config (#3775)

bitcoind rpc

Implements rudimentary support for bitcoin core v22. This release does not implement all RPCs on v22.

5366428fb2 Implement BitcoindRpcClient.epochSecondToBlockHeight (#4068) c0c54acc24 Make non-final bitcoind RPC error message more descriptive (#3915) a6898defe2 Support for Bitcoin Core v22 (#3834)

Build

Ergonomic improvements for runnign test suites, make the installer names more readable for non technical users.

52dcf51e82 Automatically download binaries if they are used in test suite (#4005) e24efd65ae 2022 01 12 docker ws (#3976) 6e7af37ca0 2021 12 03 installer rename (#3876) cd3006c020 Verify binary download hashes (#3849)

Cli

chain

Adds a callback so that we can be notified when a header is processed by the chain module.

7ee1f0f406 Implement batching of database calls for our chain callback (#4003) d06b064b6b 2021 12 28 blockprocessed callback (#3946)

clightning rpc

This is a new module in the 1.9 release. It adds support for a clightning RPC.

cb704da927 Add clightning sendcustommsg (#3883) 7933c90741 Update c-lightning to v0.10.2 (#3857) cd5451adaa Add clightning listtransactions func (#3797) 01a7c7c838 Make clightning tests execute async (#3768) 6d43d443ba Initial c-lightning rpc support (#3755)

Core

This release merges support for general payout curves in the core module for the DLC specification. See #3854 for more information

This release also merges support for disjoint union contracts in the DLC specification.

This release fixes a bug in our contractId computation.

This breaks backward compatibility in older releases of bitcoin-s.

13c46e0af8 Move expensive script checks to last inside of P2PKWithTimeoutScriptPubKey (#4087) e2b9c458e4 Change DLCUtil.buildOracleSignatures (#4061) 7a6f0430d6 2022 02 03 issue 4032 (#4042) 71711ca582 Add invariant to make sure spendingTxId is different than the txid (#4019) b918cf78b7 Fix bugs where we were building internally inconsistent SpendingInfoDb (#4016) d983ad14f3 Fix contractid computation (#4012) 21de609ed8 2022 01 22 cetsignatures refactor (#4004) 214213b59d 2022 01 16 issue 3983 (#3987) 93c5121632 2021 01 06 tlv invariants (#3965) 8857af2b66 Address ben's code review on #3854 (#3962) b342f373ae Make ContractDescriptorTemplate an unsealed trait (#3963) 8c5288d758 Implemented general payout curves (#3854) 6652448f99 Added constructor for p2pkh for decompressed public keys (#3944) d66afe9e43 Add satoshisRounded to Bitcoins (#3904) 0d37c4b54f 2021 12 08 block parsing bug caused by 65 byte taproot signatures (#3887) 8765c2f845 Disjoint union dlc (#3839) 422aea2242 Fix TypeIdentifier fromBytes (#3832) 0b3654f020 Remove scientific notation from Bitcoins.toString() (#3811) 09c2562675 Added WitnessScriptPubKeyV1 for sending to Taproot addresses (#3737) aa748c012f 2021 11 03 protocol version (#3793) 18726c10bb Move ValueIterator out of TLVFactory trait (#3794) 92cf042ccb Expose MnemonicCode.toEntropy() and MnemonicCode.toEntropyWithChecksum() methods (#3786) 92ab9faa45 Decide which coin selection solution to use based on waste metric (#3646)

Crypto

f4a2ec8554 Make AesEncryptedData a network element / factory (#3952)

Db commons

A major theme this release is enabling our APIs to use database actions in Slick. This allows us to build database transactions to avoid corrupting data.

We also fixed some bugs in our database implementations around storing very large scriptpubkeys.

4d85b7a3d7 Support for big SPKs (#4084) 3d674c37f3 Create upsertAllAction (#4073) 2166faf61d Make findByPrimaryKeysAction public (#4079) 3991789129 Don't call findByPrimaryKeys if ids is empty (#4074) 48189d5c1d Make CRUD.run and CRUD.runVec transactional (#4059) 0079489a15 Create DbMapper for DoubleSha256Digest (#3995) 6c2bb0d111 Rename database username and password variables (#3930) afb51228b4 Add NodeId to DbCommonsColumnMappers (#3880) 085b8b1910 Implement CRUDAction.deleteAction() (#3877) 2d5732375f Add CRUDAction.{updateAllAction, updateAction} (#3872) f71d3567ed 2021 11 23 crud action (#3851)

DLC node

The major change this release is implementing a connection timeout for dlc node. If we cannot connect to a peer within 45 seconds, we throw a timeout exception.

55ecc1ae8f Implement connection timeout (#4081) 019c9b2644 Fix log message failure in DLCDataHandler (#3845) 41cb26a3bb Make DLC node's external IP configurable (#3838)

DLC Oracle

Improvements to the database handling code so that announcement/attestation creation is transactional.

49d4d7f179 2022 02 06 issue 4049 (#4056) 7f344ad3ff 2022 02 06 announcement creation logging (#4055) 524c5212e0 Add MasterXPubTable to list of DLCOracle tables (#3955) c3d1b2ee12 Give DLCOracle to filter events by pending/completed (#3953)

DLC wallet

This release of dlc wallet fixes bugs for accepting offers multiple times.

We also add a new column in global_dlc_data for serialization_version for when we break binary level serialization in the DLC protocol spec. This will be done in the 2.0 release of bitcoin-s.

Finally there is a ton of improvements to database handling code.

6cfbf67812 Prevent DB state corruption while accepting the same offer multiple times (#4067) bce58ba33d Validate announcement signatures on create/accept offer (#4071) 9de4b0272a 2022 01 31 issue 4030 (#4066) f253b5055e 2022 02 08 dlc accept refactor (#4064) 5aeecdb893 Reworking/refactoring acceptDLCOffer (#4048) 590cd9c72e 2022 02 06 remoteclaimed refactor (#4054) d213e9935d Add better exception messages (#4053) bd5bcfef3a 2022 01 18 issue 3969 Add serialization_version to global_dlc_data (#3992) 8a881b37f4 Add DLC callback for refunded DLC (#3989) ee0d62c5b8 2022 01 14 DLCDataManagement refactor (#3982) 4ca586ca46 2021 12 19 dlc callbacks (#3923)

Eclair rpc

d71208cf0f Support Eclair v0.6.2 (#3765)

Esplora

This release adds a new module so you can use esplora on as a chain data source.

03abb7537b Add basic esplora client (#4018)

fee provider

5f4053b2e4 Create FallbackFeeRateApi (#3974) bf8b165fe9 Implement recovery for when we cannot receive a fee rate from a FeeRateApi (#3975)

gui

Small bug fixes. We are moving to having a web interface for bitcoin-s.

This can be found here:

https://github.com/bitcoin-s/bitcoin-s-ts/tree/master/wallet-server-ui

546e030dde [GUI] Fix 'First and last points must be endpoints' exception (#4029) 2aa6f168eb Implement rpc password in GUI (#3986) 7f9fb87a55 Call trim on peer address in Accept dialog (#3942) 856e455be3 Remove 'not set' rate of return % sign on wallet (#3828)

keymanager

Lnd rpc

Upgrades lnd to 0.14.2, implements more lnd rpc functionality.

44373f8449 Add functions for LND subscription (#4062) afc6a32c62 Update lnd to v0.14.2 (#4040) 3ba8fb6dd4 Allow creating invoices with description hash (#3966) f54ed98c74 Add subscribe invoices function to lnd (#3860) 09f0ac4657 Update lnd to v0.14.1 (#3848) 155301fc1d Allow lnd remote to work with certificate string (#3840) 079fa62073 Lnd v0.14.0 (#3835)

node

Fixes various bugs around broadcasting witness transactions. Also fixes bugs to make sure we fetch the entire witness transaction (witnesses included). Previously we wouldn't get the witness which leads to problems when calculating DLC outcome state.

This release also adds the ability to store peers we see on the p2p network in teh database. Eventually we will be able to connect to random peers we see on the p2p network rather than just connecting to the node configured in bitcoin-s.node.peers

98c5d816ac 2022 01 25 issue 4014 (#4015) dbfd58da86 Add log txids inside of inventories in big endian rather than little endian (#4013) a58ef1cd02 Storing peers in database (#3773) 90e01d7fc6 Fix broadcasting witness vs legacy txs (#3841) 9701769125 Handle TypeIdentifier.MsgWitnessTx messages (#3836) fc09f41db2 Request witness versions of transactions from nodes (#3829)

Oracle explorer client

Oracle server

secp256k1jni

Updates to the underlying libsecp256k1 to give better performance.

9c9a0a618f Update secp256k1-zkp (#3856)

wallet

Improves database handling code in the wallet so we use database transactions more often.

This release included various bug fixes and performance.

dc47c070a2 Fix SpendingInfoDAO.findOutputsReceived() bug (#4090) eeabe5cd77 2022 02 11 clearutxoandaddresses for account transactional (#4077) 883b01006d Fetch blockHeight earlier in TransactionProcessing.processBlock() (#4025) 8d04ca1cd3 2022 01 30 optimize processblock (#4024) cf16d93648 Fix bug where we didn't set spendingTxId when transitioning from Reserved -> PendingConfirmationsSpent (#3909) 42d6955f79 Filter dust from coin selection (#3866) 21c97bba12 Filter transactions for onTransactionProcessed (#3990) 41b96c4c7e Add rescan field to walletinfo response (#3933) 665f931721 Work around for WalletAppConfig.scheduler being blocked by AddressQueueRunnable (#3917) 2d9d12816b Add WalletCallbacks.onBlockProcessed() (#3912) 1969056372 Add better logs for fundTransactionInternal (#3911) 8307fdc0d1 2021 12 12 wallet doublespend tests (#3898) 174c511cd3 2021 12 12 wallet optimization (#3897) d060c1c5fa Use bigendian txids in wallet log messages (#3893) 174c511cd3 2021 12 12 wallet optimization (#3897) d060c1c5fa Use bigendian txids in wallet log messages (#3893) ba88fb1a03 2021 11 12 fix multiple tag issue (#3822) b3d61bc793 Add deleting address tags to to clearAllUtxosAndAddresses() (#3817) 31e8324522 Make sure exception is caught by Future inside of UtxoHandling.unmarkUTXOsAsReserved() (#3816)

testkit

tor

Upgrades tor to 0.4.6.9

1708add6ec Make Tor connect error message more human readable (#4078) 2dcbe73504 Update Tor version to 0.4.6.9 (#3993) 169222a306 Add default proxy params (#3863) e02c9bba12 Overridable Tor config (#3780)

Website

95d9bf44a5 Add 1.9.0 of the website (#4096) e8ee5d7339 Bump website dependencies (#4095) 3931897e7f 2022 02 13 issue 3405 (#4089) 07fcfd0568 2022 02 12 update mdoc fix downloadlink (#4086) e5707d5002 Fix broken website examples (#4085) 526ed37a28 Cleanup docs that use $ (#4083) 4ea87c741f 2022 02 12 cleanup example config (#4082) 35dccd88d6 Add new section to README for running bitcoin-s, add link to the web frontend (#4069) 99418c798a 2022 02 07 release note draft (#4060)

New features:

• Ability to bump fees of transactions and invoices via CPFP (#3395) @NicolasDorier
• Add ability to add description to pull payment (#3363) @ubolator
• Greenfield: Can add store guest/owner to a store (#3363) @Kukks

Bug fixes:

• Fix payment request archival actions (#3443) @dennisreimann
• Fix: filtering paid invoices in the invoice list wasn't working anymore (#3434) @dennisreimann @NicolasDorier
• Fix: Clicking any per-store nav links from the pairing approval page fails with 404 (#3431 #3438) @dennisreimann

Improvements:

• UI improvements for the crowdfund settings (#3437 #3422) @dstrukt @dennisreimann
• Redirect to transactions list after wallet creation (#3451) @dennisreimann
• Setup guide: Link wallet setup always to BTC (#3442)

This update brings four brand new apps to the Umbrel App Store — Urbit, Urbit Bitcoin Connector, Tailscale, and usocial, along with LND 0.14.2, updated apps, and Nunchuk wallet connection support.

Bug fixes:

• Ensure compresed public key is used for SIN generation even if uncompressed key was provided (fix #3432) (#3433) @CherryDT
• After login, redirect user to the main page even if a root app configured (#3429) @NicolasDorier
• docker-entrypoint would crash if missing ssh pubkey, but not the private key @NicolasDorier
• Error messages when starting BTCPay Server where not shown (Fix #3404) @NicolasDorier

Improvements:

• UI: Use sticky headers for pages with tab navigation. (#3416) @dennisreimann
• UI: Prevent initial scroll to section nav (#3411) @dennisreimann

Updated LNURLPoS to LNURLDevices, to give the extension greater scope Added admin users to allow easy debiting of admin accounts, and admin only extensions Added FakeWallet, so LNbits can be used completely detached from bitcoin as a centralised payment server (for use as voucher system in schools, universities, businesses, events, etc)

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#095-feb-4-2022

This is the second minor release of the 0.14x cycle! This release contains no new larger/major features, and instead packages up a series of bug fixes (several obscure crash fixes), and enhancements (like begin able to convert a node to a watch-only mode for use with the remote signer feature).

We strongly recommend that all users update!

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.14.2-beta.sig and manifest-v0.14.2-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.14.2-beta.sig manifest-v0.14.2-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Thu Feb 3 13:55:45 2022 PST gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.14.2-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.14.2-beta.sig.ots -f manifest-roasbeef-v0.14.2-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.17.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.14.2-beta gpg: Signature made Thu 03 Feb 2022 08:21:05 PM UTC using RSA key ID 9B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>"

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.14.2-beta /verify-install.sh v0.14.2-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.14.2-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.14.2-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.2-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.2-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

The release notes can be found here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.2.md

• Add wallet search dialog for labels, address, values and txids across all wallet accounts (View menu)
• Add dialog to sweep a private key in WIF format (e.g. Opendime) to any address (Tools menu)
• Expand transaction diagram in popup by clicking on it to display more inputs, outputs and their values
• Do database updates in a background thread and improve efficiency when refreshing a deep wallet
• Improve deep wallet loading performance by adding a setting to watch only the last X used addresses plus the gap limit (Settings > Advanced)
• General wallet loading performance improvements
• Add broadcasting step to Soroban initiator dialog and indicate when the transaction has been successfully broadcasted
• Add fee rate, RBF and vB from tip information to the tooltip for unconfirmed transactions in transactions tab
• Remove AOPP
• Pass PSBTs and messages to HWI on stdin to avoid overly long process arguments
• Support retrieving a keystore from a scanned crypto-output QR
• Indicate output descriptor key expressions are shown in canonical order
• Indicate payment label is required
• Request focus on password field for encrypted locked wallets when wallet window becomes active
• Increase maximum number of UTXO chart bars
• (Re)allow full addresses in Whirlpool child wallet address CSV exports
• Ensure monotonically increasing ids are used for all JSON-RPC requests in a session
• Tune batch page size for better performance over Tor (maxPageSize config setting)
• Detect Fulcrum version to enable batching (> 1.6.0)
• Upgrade to H2 2.0.206
• Bug fix: Fix memory leak in Jetty ShutdownThread when mixing
• Bug fix: Fix regression selecting a public server in regtest
• Bug fix: Don't enable the Max button when Clear is pressed
• Bug fix: Use unique (per session) integers as ids for all paged server queries
• Bug fix: Adapt to non-commented derivation entries for multiple derivation path wallets in Coldcard export file (firmware > 3.2.1)
• Bug fix: Fix incorrect mix out probability percentage shown in tooltip
• Bug fix: Fix NPE when performing Soroban reply without UTXOs
• Bug fix: Only retain one day of mempool rate sizes to keep memory usage bounded
• Bug fix: Fix reversion of transaction labels when switching servers
• Bug fix: Fix disappearing watch only accounts with the same derivation path
• Bug fix: Improve label cell performance by avoiding clipboard retrieval on creation

• FIX: Reorder wallets screen crash on macOS

This update includes the latest Kollider app which contains a bugfix.

Umbrel 0.4.12 brings four brand new apps in the Umbrel App Store — Kollider, Bitfeed, Suredbits Wallet, and LNDg, updated apps, a security patch, bug fixes, and more.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Umbrel 0.4.12 brings four brand new apps in the Umbrel App Store — Kollider, Bitfeed, Suredbits Wallet, and LNDg, updated apps, a security patch, bug fixes, and more.

Bug fixes:

• Ensure the swagger doc is semantically correct (#3390) @ubolator
• Fix crashes with some plugins (#3401) @Kukks
• Fix crash of payment request list (#3392) @NicolasDorier
• Reference correct payment type definition for webhook events in Swagger docs @ubolator
• Fix pay button type comparison (#3403) @dennisreimann
• No JS error in crowdfund if canvas unavailable @NicolasDorier
• Bump z-index on header (#3393, #3377) @ubolator

Improvements:

• Delete user preferences cookie on logout (#3379) @dennisreimann
• Pay Button Alert: Add missing alert-link classes (#3397)
• Fix pay button type comparison (#3403 #3403) @dennisreimann
• Various CSS UI adjustment @dstrukt

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Bugfix: Import electrum multisig wallet (with available seed) (#1543 relativisticelectron)
• Feature: Adds JS polling to improve Swan integration flow completion (#1546 kdmukai )

Eclair v0.7.0

This release adds official support for two long-awaited lightning features: anchor outputs and onion messages. Support for the PostreSQL database backend is also now production ready! This release also includes a few bug fixes and many new (smaller) features. It is fully compatible with 0.6.2 (and all previous versions of eclair).

Because this release changes the default type of channels that your node will use, make sure you read the release notes carefully! The release notes can be found here.

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it:

• from our website: https://acinq.co/pgp/drouinf.asc
• from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key:

sh $ gpg --import drouinf.asc

To verify the release file checksums and signatures:

sh $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Building

Eclair builds are deterministic. To reproduce our builds, please use the following environment (*):

• Ubuntu 20.04
• AdoptOpenJDK 11.0.6
• Maven 3.8.1

Use the following command to generate the eclair-node package:

sh mvn clean install -DskipTests

That should generate eclair-node/target/eclair-node-0.7.0-a804905-bin.zip with sha256 checksums that match the one we provide and sign in SHA256SUMS.asc

(*) You may be able to build the exact same artefacts with other operating systems or versions of JDK 11, we have not tried everything.

Upgrading

This release is fully compatible with previous eclair versions. You don't need to close your channels, just stop eclair, upgrade and restart.

• ADD: show selected coins summary on CoinControl screen
• ADD: Navigate to selected wallet
• DEL: AOPP
• FIX: Reorder wallet is clunky to use. #4405

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Feature: Add Jade multisig support #1520 (Stepan Snigirev)
• Feature: add liquid-testnet support #1527 (Stepan Snigirev)
• Feature: Allow descriptors with xpubs but without derivations (just wpkh(xpub) ) for wallet imports #1519 (Stepan Snigirev)
• Feature: search improvements #1497 (Kim Neunert)
• Feature: Send dialog refactored and sped up #1454 (Kim Neunert)
• Feature: Service integration - Swan #1517 (kdmukai)
• Bugfix: Coin selection - unselection via toggle #1536 (Manolis)
• Bugfix: deactivate internal Tor for non-AppImages #1499 (Kim Neunert)
• Bugfix: Edge case for electrum label import #1542 (relativisticelectron)
• Bugfix/Feature: Restoring send functionalities and better address validation and fee selection #1532 (Manolis)
• Bugfix: Final Swan service updates #1533 (kdmukai)
• Bugfix: fix jade signing of unconfidential inputs #1528 (Stepan Snigirev)
• Bugfix: fix keypoolrefill perfomance and adjusted callback logic #1508 (Kim Neunert)
• Bugfix: Multiple send bug fixes #1538 (Manolis)
• Bugfix: prevent using keys twice #1500 (Kim Neunert)
• Bugfix: Restore ability to import address labels of unlabeled addresses #1511 (relativisticelectron)
• Bugfix: Revision of test-new-releases.md #1529 (Manolis)
• Bugfix: Servicediscovery in pyinstaller-packages (specterd) #1531 (Kim Neunert)
• Bugfix: service icons breaking liquid #1534 (Stepan Snigirev)
• Bugfix: Very last fixes for Service swan #1537 (Kim Neunert)
• Documentation: message signature #1310 (Kim Neunert)
• Documentation: added endless pacman troubleshooting Guide #1498 (Kim Neunert)
• Documentation: Create document for testing-setups and cleaning up swan #1526 (Kim Neunert)
• Documentation: Update Donation Link #1514 (Moritz)
• I18N: Fixed the translation error. #1507 (2a3dex)
• UIUX: Added suggestion to quit other wallet software when connecting HWI over USB #1535 (Lobbelt)
• UIUX: Improve behaviour for apps #1540 (Kim Neunert)
• UIUX: Fixed help text #1510 (relativisticelectron)
• Chore: Bump HWI to 2.0.2 #1522 (Michael Henke)
• Chore: Fix running bitcoind with docker #1523 (Kim Neunert)

Bug fixes:

• Newly created guest cannot login (#3373) @dennisreimann
• Guest users shouldn't see Payouts menu item @NicolasDorier
• Add plugins link in server nav @Kukks

This is a minor bug fix release for an issue that may cause historical mempool graphs to appear incorrectly after upgrading from v2.2 - we recommend upgrading directly to v2.3.1 instead of v2.3.0 if you are currently using v2.2

Changelog

• Don't set autocommit=0 flag when migrating SQL database

Full Changelog: https://github.com/mempool/mempool/compare/v2.3.0...v2.3.1

Bug fixes:

Fix: Existing Lightning addresses were not loaded (#3367 #3368) @Kukks

BTCPay Server started in August 2017 and meanwhile has been evolving incrementally thanks to the feedback of the community.

It was finally time to cleanup the UI/UX and technical debt we accumulated over the years.

We enumerate here a lot of new features and bug fixes, but we do not enumerate the UI/UX changes, we dedicated a separate blog post for this topic.

The heavy lifting of this work has been mainly brought to you thanks to the collaboration of @dstrukt and @dennisreimann. We thank also all the testers we brought us feedback, and all of you who participated in the weekly design meetings.

The work on the UI/UX is however never over and we will keep on improving it based on your feedback.

Note: If you are using our docker deployment on a raspberry pi 4, there is a small chance your docker version does not support the new docker image. If you have any issue with raspberry pi 4, you need to update your docker version following steps on this blog post. Note that you do not need to update libseccomp2, our update process does this for you automatically.

New features:

• Greenfield: Add a missingPermission field to 403 errors (#3195) @NicolasDorier @woutersamaey
• Support for new TLS version of SMTP server (#3202) @NicolasDorier
• Greenfield: Added field "StoreId" to a Payment Request (#3223) @woutersamaey
• Greenfield: Can create a payment request without specifying currency (would then use store's default currency) (#3222) @NicolasDorier
• Add login code, for easy login to BTCPay Server via a mobile device (#2504) @Kukks
• Add LNUrl Auth support as second factor auth (#3083) @Kukks
• Batch unarchive invoices (#3264) @dennisreimann

Bug fixes:

• Fix: BTCPay would crash if running in an unexpected working directory (#1894 #3295) @NicolasDorier
• Fix: Can't add security device on safari (#3197 #3322) @Kukks
• If a root path was used, the Notification dropdown wouldn't automatically fetch new notifications @NicolasDorier
• Clipboard wasn't working over http, mainly used in at home setups (#3296) @dennisreimann
• Greenfield: Creating a payment request would fail if expiry was specified (#3222) @NicolasDorier
• In wallet's receive if you copy a p2sh address, it would be truncated (#3218) @dennisreimann
• Shopify: Fix partial payments. Generate an invoice based on outstanding amount instead of total. (#3193 #3203) @Kukks
• BTCPay Server instance sends 2 emails after invoice is set as expired, paid or confirmed/complete (#968) @NicolasDorier
• Greenfield: Payment Method update was impossible if using internal ln node while being guest (#2860) @NicolasDorier
• Checkout: Error when changing payment method in invoice (#3075) @dennisreimann
• Greenfield: created field of payment request should be a unix timestamp @woutersamaey (#3221)
• Fix LN Node availability check (#3189) @dennisreimann
• Fix CSP violations in payment button page (#3334) @dennisreimann

Improvements:

• Use the invoice terminology Processing/Settled in the UI rather than Paid/Confirmed/Complete.
• Add loading indicator for "Pay" button in POS terminal app (#3342 #3336) @ubolator
• Do not use uppercase in urls (#921) @NicolasDorier
• Add a copy Tor URL in the footer (#2692 #3290) @dennisreimann
• Improve permissions error messages of Greenfield API (#3256 #3212 #3220 #3204 #2795) @NicolasDorier @Kukks
• Greenfield API: Remove redundant/unused parameters in payment methods @ubolator
• Greenfield: Getting the fee rate should work with CanViewStoreSettings permission (#3217) @woutersamaey
• Add suggestion list for currency text inputs (#3347) @NicolasDorier
• Add warning about the security tradeoff the paybutton (#3340) @NicolasDorier
• Migrating from .NET 3.1 to .NET 6.0 @NicolasDorier
• Use C# 10.0 @NicolasDorier

Breaking changes:

• If you activated plugins, you will need to update them.
• We removed support for ETH/ERC20
• Greenfield: created field of payment request should be a unix timestamp @woutersamaey (#3221)
• Some Rapsberry PI 4 deployment with old version of docker might experience issues (see this blog post to update docker, libseccomp2 is already updated as part of our update flow)

IMPORTANT: RSK Testnet consensus rules have changed in this version, and it is not compatible with previous versions (only for Testnet, this doesn't apply to Mainnet). If you've been running previous versions of the RSK client node in Testnet, we encourage you to update to this new version. The Testnet network upgrade will happen at block number 2,581,800. This is a non-mandatory upgrade for RSK Mainnet nodes.

This release contains enhancements to the node's JSON-RPC interface, as well as Ethereum compatibility fixes. It also introduces a consensus change for Testnet that increases the minimum block difficulty and avoids scenarios where a huge number of blocks would be mined in a short period of time if the difficulty dropped to the minimum levels (doesn't apply to Mainnet).

This is a summary of the changes included in this version:

• Improved message queue expiration policy (#1610)
• Added support for pending parameter in eth_getBlockByNumber JSON-RPC method (#1627)
• JSON-RPC compatibility fixes (#1623, #1629)
• Fixed eth_isSyncing method which was not working as expected (#1618)
• Introduced gas exactimation enhancements to the eth_estimateGas method (#1548)
• Mining rate limiting and updated minimum block difficulty for RSK Testnet (#1615, #1671)

You can find a complete list of the changes introduced in Iris 3.2.0 milestone.

SHA256 (see Reproducible Build guide for further details): fe8432293600ba403e48e50253c5cdf322d8ec578b1984d17a26bf508a061c8a rskj-core-3.2.0-IRIS-all.jar

A newer version is already available! Please don’t use this version anymore.

This is a follow-up release that temporarily deactivates the DAO needs to resync popup to prevent presenting too many false positives to the user. It will be re-enabled again in the release after.

See https://github.com/bisq-network/bisq/commit/013dc982366ba348bcc8c179caad7dc498bc8535.

Here are the release notes from v1.8.1:

Release notes

This release improves mediation, extends API capabilities (still in beta), and fixes lots of smaller issues across the board.

Improvements

• Add option to automatically send log files to mediators in chat
• Improve user experience once mediation has been accepted by both parties
• Enable fractional percentages in dispute payout calculation field
• SEPA Account: Make account name and accepted countries editable
• Add Edit offer button in offer book for own offers
• Wording for BSQ swap cancellation popups & withdrawal prompt
• Increase dark mode contrast for fillable fields
• Adapt edit explorer indicator styling

Bug fixes

• Fix trade fee validation bug for multiple BSQ UTXOs inputs
• Fix fat finger protection during offer creation
• Fix exception while taking offer when an account has no selected currency
• OfferBook: Show complete text of action button if enough space is available
• Reset the icon color properly for market price margin information/warning

Development & Documentation

• API: Add methods failtrade, unfailtrade
• API: Rename method keepfunds to closetrade
• API: Deprecate getmyoffer
• API: Fix CLI's --payment-account-id option name, document createcryptopaymentacct
• API: XMR/BTC trading pair support
• API: Support and test creation of Swift accounts
• API: getoffer & gettrade support for BSQ swaps
• Improve DAO state store persistence and statistics logging
• CI Security: Use Github actions via sha1 (not tags) and keep them updated via dependabot
• Upgrade log4j 2.15.0 => 2.17.0
• Set Gradle java src & target compatibility to version 11
• Fixed annoying semicolon colors.
• Make all scripts executable
• Add @KanoczTomas BTC node with onion v3 address

New Assets

No new assets were added.

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.8.2.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.8.2-all.jar The output need to match the value from the Bisq-1.8.2.jar.txt file.

There are three hashes within the Bisq-1.8.2.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 15.0.5 and the v1.8.2 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.8.2.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release: - @alvasw - @cbeams - @cd2357
- @chimp1984 - @dbast - @Emzy - @ghubstan - @jmacxx - @KanoczTomas - @MwithM - @nutel65 - @ripcurlx - @sqrrm - @stejbac - @xyzmaker123

A special thanks to our first time contributors: - @dbast - CI Security: Use Github actions via sha1 (not tags) and keep them updated via dependabot - Update Gradle wrapper to 7.3.3 - @nutel65 - Fixed annoying semicolon colors

As well as to everyone that helped with translations on Transifex.

Release notes

Bug Fixes

• lnd: improve handling for detecting wallet state (d0c1702)

Changelog

The full list of changes since 0.7.5-beta can be found here:

https://github.com/LN-Zap/zap-desktop/compare/v0.7.5-beta...v0.7.6-beta

Verifying the Release

Please refer to our documentation for instructions on how to verify the release.

Main changes

Payment expiry can be modified

Invoice default expiry is still 1 week, but can now be modified in the payment options screen.

Prevent sending more than twice the requested amount

This is to prevent a frustrating scenario for the user where the app will let you overpay more than twice an invoice, even though we know the receiving node will most certainly reject the payment in accordance to BOLT11. (See #232)

Full list of changes

• app: https://github.com/ACINQ/phoenix/compare/android-legacy-v1.4.19...android-legacy-v1.4.20

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it: - from our website: https://acinq.co/pgp/drouinf.asc - from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key: $ gpg --import drouinf.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Umbrel 0.4.11 brings 4 brand new apps in the Umbrel App Store — ItchySats, Lightning Shell, Helipad, and SatSale, updated apps, latest Electrum server, performance improvements, bug fixes, and more.

Thanks to @prusnak and @tlindi for helping with the electrs update and @nevets963 for reporting missing JWT auth on some API endpoints 👏💜

This release introduces a new design for our historical mempool chart legend and API documentation, and improves support for Bitcoin Core v22 and Taproot transactions, among many other enhancements and fixes. All users are encouraged to upgrade.

Notes

• Requires Node.js v16.10.0, npm 7.24.0, MariaDB v10.5
• Requires manually updating nginx.conf if not using Docker
• Docker installation config vars have changed, see README
• MySQL tables now automatically created and/or migrated
• Bitcoin, Liquid, and Bisq now hosted on separate FQDNs

Highlights

• Replaced chartist library with apache/echarts (#738)
• Upgraded to Angular 13.1 and NgBootstrap 11 (#1124)
• Fixed display of mempool graphs data on time axis (#1004)
• Fixed off-by-one fee rate tier in mempool graphs data (#908)
• Fixed addresses not displaying using Bitcoin Core v22 (#779)
• Improved data resolution of historical mempool graphs (#1044)
• Improved layout design of API docs page (#994, #1027)
• Added new chart timespans for 2 year / 3 year (#905)
• Added ability to drag blockchain horizontally (#1024)
• Added ability to highlight outputs using vout index (#880)
• Added web form to Broadcast Transaction using raw hex (#881)
• Added tag for transactions that spend Taproot outputs (#918)
• Added version and locktime data to transaction page (#930)
• Added halving and event countdown with fireworks (#912, #923)
• Added locales Romanian, Macedonian and Thai (#791, #792, #942)
• Added graph for L-BTC in circulation on Liquid dashboard (#799)
• Added support for Liquid Testnet (#1052, #1053, #1131)

Changelog

• Fix API docs examples for Raspberry Pi users using romanz/electrs by @wiz in https://github.com/mempool/mempool/pull/772
• Feature: New charts library. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/738
• Disable mouseover legend for mobile users. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/789
• Fix RTL issues by @TechMiX in https://github.com/mempool/mempool/pull/782
• Add new locale: Romanian (ro) by @wiz in https://github.com/mempool/mempool/pull/791
• Add new locale: Macedonian (mk) by @wiz in https://github.com/mempool/mempool/pull/792
• Set canonical URLs for new 3 site structure by @wiz in https://github.com/mempool/mempool/pull/775
• Credit Romanian and Macedonian translators. by @softsimon in https://github.com/mempool/mempool/pull/793
• Pulled from transifex by @softsimon in https://github.com/mempool/mempool/pull/794
• Handle changes to address RPC api in bitcoin core 22 by @softsimon in https://github.com/mempool/mempool/pull/779
• Always use local hostname for API examples. by @softsimon in https://github.com/mempool/mempool/pull/800
• Transifex language fixes to Romanian, Makedonian and Hungarian. by @softsimon in https://github.com/mempool/mempool/pull/801
• Add Zeus LN as Community Integration by @wiz in https://github.com/mempool/mempool/pull/803
• UI/UX: Fix charts css styling. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/795
• Remove warden from list of Community Integrations by @wiz in https://github.com/mempool/mempool/pull/804
• Update the URL for Unchained Capital to unchained.com by @wiz in https://github.com/mempool/mempool/pull/805
• Upgrading to Angular 12 and NgBootstrap 10 by @softsimon in https://github.com/mempool/mempool/pull/806
• Liquid L-BTC widgets (Backend) by @softsimon in https://github.com/mempool/mempool/pull/799
• Update production backend configuration files by @wiz in https://github.com/mempool/mempool/pull/809
• L-BTC in circulation dashboard widgete by @softsimon in https://github.com/mempool/mempool/pull/810
• Handle search for Liquid block hashes in search bar. by @softsimon in https://github.com/mempool/mempool/pull/812
• Fix for fee rounding not using locale by @softsimon in https://github.com/mempool/mempool/pull/813
• Check for data to possibly fix Liquid test by @softsimon in https://github.com/mempool/mempool/pull/819
• UI/UX: Add inverted feature to mempool fee chart. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/820
• Adding POST /tx API to bitcoind mode by @softsimon in https://github.com/mempool/mempool/pull/821
• Fix tooltip mempool chart hover selection. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/823
• Sort block transactions first by height and then time by @softsimon in https://github.com/mempool/mempool/pull/814
• L-BTC graph: Minor styling update by @softsimon in https://github.com/mempool/mempool/pull/824
• Fix the focus effect on the mempool graph. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/825
• Fix for stuck Bisq transaction page when filtering by @softsimon in https://github.com/mempool/mempool/pull/826
• Change total sum column to fixed color. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/831
• Remove circle symbols when hovering the series. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/837
• Fix parse numbers localized. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/838
• Fix lint 'no-shadowed-variable'. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/839
• Fix total percentage bar value. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/843
• Fix confirmations button positioning. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/840
• Remove vbytesPipe from series data. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/846
• Add mark line to mempool chart. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/845
• Update README preview image by @softsimon in https://github.com/mempool/mempool/pull/848
• Use MEMPOOLBLOCKSAMOUNT config in the frontend by @softsimon in https://github.com/mempool/mempool/pull/853
• Display mempool graph on the Liquid dashboard by @softsimon in https://github.com/mempool/mempool/pull/855
• Remove sitemap.xml from robots.txt by @wiz in https://github.com/mempool/mempool/pull/857
• Display correct amount of mempool blocks on mobile by @softsimon in https://github.com/mempool/mempool/pull/856
• Add mempool chart filtering. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/847
• UI/UX: Make tooltip looks bigger on mempool fee chart. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/862
• Set the iOS status bar when viewing as progressive web app by @wiz in https://github.com/mempool/mempool/pull/866
• UI/UX: Fix fee rate tiers on graphs. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/867
• UI/UX: Fix mempool chart tooltip at dashboard component. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/868
• Ref: Fix typo. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/874
• Broadcast transaction form by @softsimon in https://github.com/mempool/mempool/pull/879
• Add output ID to transaction info by @softsimon in https://github.com/mempool/mempool/pull/880
• Fix ws api docs by @knorrium in https://github.com/mempool/mempool/pull/887
• Add instructions on how to contribute to the Frontend codebase by @knorrium in https://github.com/mempool/mempool/pull/894
• e2e BASE_MODULE cleanup by @knorrium in https://github.com/mempool/mempool/pull/893
• Handle new type of Electrum Server error. by @softsimon in https://github.com/mempool/mempool/pull/884
• UI/UX: Fix height inconsistencies between components. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/873
• UI/UX: Fix Liquid.network missing tooltip series name. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/892
• UI/UX: Fix buttons positions at graphs page. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/890
• UI/UX: Add 2y and 3y statistics time span. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/905
• UI/UX: Fix rtl mobile header menu. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/897
• Enable address autocomplete for all networks by @wiz in https://github.com/mempool/mempool/pull/916
• Doc: Fix nginx package name. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/902
• Adding Taproot transaction tag by @softsimon in https://github.com/mempool/mempool/pull/918
• Display previous output types by @softsimon in https://github.com/mempool/mempool/pull/920
• Fix menu button styles. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/921
• Localization: Add localize strings at echarts tooltip. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/898
• Update mainnet partial address tests by @knorrium in https://github.com/mempool/mempool/pull/922
• Add special blocks animation: fireworks. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/912
• Adding taproot countdown by @softsimon in https://github.com/mempool/mempool/pull/923
• Fix: mempool empty block. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/932
• Adding version and locktime to transaction details by @softsimon in https://github.com/mempool/mempool/pull/930
• Fix local dev proxy by @knorrium in https://github.com/mempool/mempool/pull/928
• Display lower <1 s/vB fee rate tiers for Liquid by @softsimon in https://github.com/mempool/mempool/pull/910
• Handle recent difficulty adjustment estimate gracefully by @softsimon in https://github.com/mempool/mempool/pull/941
• Fix for empty mempool block position by @softsimon in https://github.com/mempool/mempool/pull/940
• Fix: op_return tooltip position. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/935
• Enable i18n locale Thai (th) by @wiz in https://github.com/mempool/mempool/pull/942
• Delete nginx logs after 10 days and explain this in our Privacy Policy by @wiz in https://github.com/mempool/mempool/pull/943
• Post TX API for HTML forms by @softsimon in https://github.com/mempool/mempool/pull/881
• Fix time span menu styles. by @MiguelMedeiros in https://github.com/mempool/mempool/pull/950
• Fixing Bisq transactions page and skeleton loaders by @softsimon in https://github.com/mempool/mempool/pull/954
• Moving chart loading spinner to chart component by @softsimon in https://github.com/mempool/mempool/pull/944
• Extracting i18n from templates by @softsimon in https://github.com/mempool/mempool/pull/956
• Merged block header and markets i18n strings by @softsimon in https://github.com/mempool/mempool/pull/957
• Adding missing loading spinner to L-BTC peg graph by @softsimon in https://github.com/mempool/mempool/pull/959
• Handle database disabled config when running Liquid by @softsimon in https://github.com/mempool/mempool/pull/963
• Remodeling how historical fees are stored and presented. by @softsimon in https://github.com/mempool/mempool/pull/961
• Update i18n strings from Transifex by @wiz in https://github.com/mempool/mempool/pull/968
• Square -> Spiral 🌀 by @wiz in https://github.com/mempool/mempool/pull/967
• Center the Enterprise Sponsor logos on About page by @wiz in https://github.com/mempool/mempool/pull/970
• Display missing taproot inner script by @softsimon in https://github.com/mempool/mempool/pull/974
• Set Dockerfiles to use Node v16.10.0 by @knorrium in https://github.com/mempool/mempool/pull/980
• Adding Core Contributors on the About page by @softsimon in https://github.com/mempool/mempool/pull/982
• Update README for upcoming v2.3.0 release by @wiz in https://github.com/mempool/mempool/pull/984
• Move npm deps in package.json to fix npm install --prod by @wiz in https://github.com/mempool/mempool/pull/981
• Fix string for Project Staff on About page by @wiz in https://github.com/mempool/mempool/pull/983
• Pin node version on e2e GHA by @knorrium in https://github.com/mempool/mempool/pull/988
• Update Cypress dependencies by @knorrium in https://github.com/mempool/mempool/pull/989
• Add .nvmrc file by @knorrium in https://github.com/mempool/mempool/pull/991
• Fixing broken Liquid peg-in and peg-out links by @softsimon in https://github.com/mempool/mempool/pull/986
• Upgrading frontend to Angular 13 by @softsimon in https://github.com/mempool/mempool/pull/993
• Fix graph issue in #992 by @hunicus in https://github.com/mempool/mempool/pull/995
• Upgrading backend libraries by @softsimon in https://github.com/mempool/mempool/pull/997
• Tweak upgrade script to search for remote origin branches by @wiz in https://github.com/mempool/mempool/pull/996
• Move /api to /docs/api by @hunicus in https://github.com/mempool/mempool/pull/994
• Pulling from Transifex by @softsimon in https://github.com/mempool/mempool/pull/998
• Documentation i18n title by @softsimon in https://github.com/mempool/mempool/pull/999
• Add Liquid peg in and peg out tests by @knorrium in https://github.com/mempool/mempool/pull/1000
• Extracting updated i18n strings by @softsimon in https://github.com/mempool/mempool/pull/1001
• Improve x-axis labels and graph data ticks by @nymkappa in https://github.com/mempool/mempool/pull/1004
• Add Blockstream as Enterprise Sponsor by @wiz in https://github.com/mempool/mempool/pull/1008
• Tweak the graph x-axis label date formatting for better i18n by @wiz in https://github.com/mempool/mempool/pull/1009
• Fixing broken RBF alert by @softsimon in https://github.com/mempool/mempool/pull/1011
• Correcting CPFP button position on mobile by @softsimon in https://github.com/mempool/mempool/pull/1012
• Add tests for RBF txs by @knorrium in https://github.com/mempool/mempool/pull/1015
• Revert "Remove dead code FeeDistributionGraphComponent" by @softsimon in https://github.com/mempool/mempool/pull/1017
• Correcting minor interface typing error by @softsimon in https://github.com/mempool/mempool/pull/1019
• UX: Fixing overflowing unconfidential Liquid address by @softsimon in https://github.com/mempool/mempool/pull/1018
• Add failing test for Liquid unconfidential address layout issue by @knorrium in https://github.com/mempool/mempool/pull/1016
• User can drag the blockchain blocks horizontally with the mouse by @nymkappa in https://github.com/mempool/mempool/pull/1024
• Update GitHub issue templates to redirect support requests to chat by @wiz in https://github.com/mempool/mempool/pull/1031
• Update links on About page by @wiz in https://github.com/mempool/mempool/pull/1032
• Revamp docs layout by @hunicus in https://github.com/mempool/mempool/pull/1027
• Extracting i18n string by @softsimon in https://github.com/mempool/mempool/pull/1033
• Switch the 24h chart to 1 min data ticks by @nymkappa in https://github.com/mempool/mempool/pull/1038
• Liquid icons api by @softsimon in https://github.com/mempool/mempool/pull/1010
• Automated database creation and migration by @softsimon in https://github.com/mempool/mempool/pull/1003
• Pulled from transifex by @softsimon in https://github.com/mempool/mempool/pull/1043
• Increase graphs data resolution by @nymkappa in https://github.com/mempool/mempool/pull/1044
• Add support for liquidtestnet in production backend and nginx by @wiz in https://github.com/mempool/mempool/pull/1053
• Update Specter logo on About page by @wiz in https://github.com/mempool/mempool/pull/1056
• Tweak hover effect on profile photos on About page by @wiz in https://github.com/mempool/mempool/pull/1057
• Adding Liquid Testnet as frontend option by @softsimon in https://github.com/mempool/mempool/pull/1052
• Fixing misplaced Unknown text after the Coinbase by @softsimon in https://github.com/mempool/mempool/pull/1060
• Fix backend support for 'liquidtestnet' network by @softsimon in https://github.com/mempool/mempool/pull/1062
• Add missing liquidtestnet backend to upgrade script by @wiz in https://github.com/mempool/mempool/pull/1064
• Block navigation routing fix by @softsimon in https://github.com/mempool/mempool/pull/1065
• Refactoring the Liquid and LiquidTestnet check to a common function. by @softsimon in https://github.com/mempool/mempool/pull/1066
• Fixing missing assets data for Liquid Testnet native asset by @softsimon in https://github.com/mempool/mempool/pull/1080
• Liquid testnet navbar color by @softsimon in https://github.com/mempool/mempool/pull/1067
• Liquid support to the Graph fee filter dropdown by @softsimon in https://github.com/mempool/mempool/pull/1079
• Transifex pull by @softsimon in https://github.com/mempool/mempool/pull/1083
• Tweak html description meta tags / SEO service page titles by @wiz in https://github.com/mempool/mempool/pull/1084
• Add Citadel as Community Integration on About page by @wiz in https://github.com/mempool/mempool/pull/1085
• Transifex pull by @softsimon in https://github.com/mempool/mempool/pull/1086
• Update production configurations + README for v2.3 by @wiz in https://github.com/mempool/mempool/pull/1081
• Remove all references to SQL tables import by @softsimon in https://github.com/mempool/mempool/pull/1087
• Transifex pull by @softsimon in https://github.com/mempool/mempool/pull/1092
• Transifex pull by @softsimon in https://github.com/mempool/mempool/pull/1093
• Transifex pull by @softsimon in https://github.com/mempool/mempool/pull/1099
• Bisq: Adding missing privacy policy, locale selector by @softsimon in https://github.com/mempool/mempool/pull/1102
• Making frontend network URLs configurable by @softsimon in https://github.com/mempool/mempool/pull/1100
• Fix matomo hostname for bisq.markets html by @wiz in https://github.com/mempool/mempool/pull/1103
• Ending support for /bisq /liquid and /liquidtestnet by @softsimon in https://github.com/mempool/mempool/pull/1104
• Pull translated strings from Transifex by @wiz in https://github.com/mempool/mempool/pull/1107
• Pull translated strings from Transifex by @wiz in https://github.com/mempool/mempool/pull/1109
• Bumping mempool.js lib to 2.3.0 by @softsimon in https://github.com/mempool/mempool/pull/1114
• Cap extreme vbytespersecond values by @nymkappa in https://github.com/mempool/mempool/pull/1110
• INDEX 'added' in statistics table by @nymkappa in https://github.com/mempool/mempool/pull/1112
• Pull translated strings from Transifex by @wiz in https://github.com/mempool/mempool/pull/1116
• Mouse scroll is not captured anymore by graphs in the dashboard page by @nymkappa in https://github.com/mempool/mempool/pull/1118
• statistics: ORDER BY id => ORDER BY added by @nymkappa in https://github.com/mempool/mempool/pull/1119
• Link the git commit hash to GitHub on the About page by @knorrium in https://github.com/mempool/mempool/pull/1125
• Bumping minor Angular version and major ngBootstrap by @softsimon in https://github.com/mempool/mempool/pull/1124
• Add production Tor configuration to repo by @wiz in https://github.com/mempool/mempool/pull/1111
• Wrap migration with transactions by @nymkappa in https://github.com/mempool/mempool/pull/1121
• Adding current language to network dropdown links by @softsimon in https://github.com/mempool/mempool/pull/1113
• Improve nginx caching and use redirects for i18n by @wiz in https://github.com/mempool/mempool/pull/1129
• Update liquidtestnet docs by @hunicus in https://github.com/mempool/mempool/pull/1131
• Removing statistics cache and setting headers by @softsimon in https://github.com/mempool/mempool/pull/1130
• Disable graph touch interaction in dashboard on mobile so we can scroll properly by @nymkappa in https://github.com/mempool/mempool/pull/1133
• Add nginx cache warmer script for production use by @wiz in https://github.com/mempool/mempool/pull/1134
• Updates to the docker-compose setup by @knorrium in https://github.com/mempool/mempool/pull/1120
• Fix typo in nginx-cache-warmer script by @wiz in https://github.com/mempool/mempool/pull/1135
• Fix Docker README by @knorrium in https://github.com/mempool/mempool/pull/1136
• Order by native statistics.added field for better query performances by @nymkappa in https://github.com/mempool/mempool/pull/1139
• Remove unused fields from statistics queries since we don't use them in the front end by @nymkappa in https://github.com/mempool/mempool/pull/1141
• Fix newsyslog.conf owner and pidfile location by @wiz in https://github.com/mempool/mempool/pull/1140
• Fixing high vulnerabilities by @softsimon in https://github.com/mempool/mempool/pull/1143
• Update production nginx.conf resource cache times by @wiz in https://github.com/mempool/mempool/pull/1144
• Update nginx.conf for mempool.space services APIs by @wiz in https://github.com/mempool/mempool/pull/1142
• Adding translators to About page by @softsimon in https://github.com/mempool/mempool/pull/1132
• Fix HTML theme color for iOS status bar by @wiz in https://github.com/mempool/mempool/pull/1145
• Adding missing Liquid Testnet Status page by @softsimon in https://github.com/mempool/mempool/pull/1148
• Utilize gettxout to display spent/unspent by @softsimon in https://github.com/mempool/mempool/pull/1147
• Pull translated strings from Transifex by @wiz in https://github.com/mempool/mempool/pull/1149

New Contributors

• @hunicus made their first contribution in https://github.com/mempool/mempool/pull/995
• @nymkappa made their first contribution in https://github.com/mempool/mempool/pull/1004

Full Changelog: https://github.com/mempool/mempool/compare/v2.2.2...v2.3.0

• ADD: show frozen amount on send screen, warn in case of send MAX or amount exceeds balance
• ADD: MZN Fiat
• ADD: support truncated words during slip39 wallet import
• FIX: Show alert when unsupported server is attempted to be saved
• FIX: Incorrect side of transactions displayed when both send and receive wallets are on same device

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#094-dec-30-2021

API Updates

• A PaymentFailed event is now provided to indicate a payment has failed fully. This event is generated either after ChannelManager::abandon_payment is called for a given payment, or the payment times out, and there are no further pending HTLCs for the payment. This event should be used to detect payment failure instead of PaymentPathFailed::all_paths_failed, unless no payment retries occur via ChannelManager::retry_payment (#1202).
• Payment secrets are now generated deterministically using material from the new KeysInterface::get_inbound_payment_key_material (#1177).
• A PaymentPathSuccessful event has been added to ease passing success info to a scorer, along with a Score::payment_path_successful method to accept such info (#1178, #1197).
• Score::channel_penalty_msat has additional arguments describing the channel's capacity and the HTLC amount being sent over the channel (#1166).
• A new log level Gossip has been added, which is used for verbose information generated during network graph sync. Enabling the max_level_trace feature or ignoring Gossip log entries reduces log growth during initial start up from many GiB to several MiB (#1145).
• The allow_wallclock_use feature has been removed in favor of only using the std and no-std features (#1212).
• NetworkGraph can now remove channels that we haven't heard updates for in two weeks with NetworkGraph::remove_stale_channels{,with_time}. The first is called automatically if a NetGraphMsgHandler is passed to BackgroundProcessor::start (#1212).
• InvoicePayer::pay_pubkey was added to enable sending "keysend" payments to supported recipients, using the InvoicePayer to handle retires (#1160).
• user_payment_id has been removed from PaymentPurpose, and ChannelManager::create_inbound_payment{,_for_hash} (#1180).
• Updated documentation for several ChannelManager functions to remove stale references to panics which no longer occur (#1201).
• The Score and LockableScore objects have moved into the routing::scoring module instead of being in the routing module (#1166).
• The Time parameter to ScorerWithTime is no longer longer exposed, instead being fixed based on the std/no-std feature (#1184).
• ChannelDetails::balance_msat was added to fetch a channel's balance without subtracting the reserve values, lining up with on-chain claim amounts less on-chain fees (#1203).
• An explicit UserConfig::accept_inbound_channels flag is now provided, removing the need to set min_funding_satoshis to > 21 million BTC (#1173).
• Inbound channels that fail to see the funding transaction confirm within 2016 blocks are automatically force-closed with ClosureReason::FundingTimedOut (#1083).
• We now accept a channel_reserve value of 0 from counterparties, as it is insecure for our counterparty but not us (#1163).
• NetAddress::OnionV2 parsing was removed as version 2 onion services are no longer supported in modern Tor (#1204).
• Generation and signing of anchor outputs is now supported in the KeysInterface, though no support for them exists in the channel itself (#1176)

Bug Fixes

• Fixed a race condition in InvoicePayer where paths may be retried after the retry count has been exceeded. In this case the Event::PaymentPathFailed::all_paths_failed field is not a reliable payment failure indicator. There was no acceptable alternative indicator, Event::PaymentFailed as been added to provide one (#1202).
• Reduced the blocks-before-timeout we expect of outgoing HTLCs before refusing to forward. This check was overly strict and resulted in refusing to forward som HTLCs to a next hop that had a lower security threshold than us (#1119).
• LDK no longer attempt to update the channel fee for outbound channels when we cannot afford the new fee. This could have caused force-closure by our channel counterparty (#1054).
• Fixed several bugs which may have prevented the reliable broadcast of our own channel announcements and updates (#1169).
• Fixed a rare bug which may have resulted in spurious route finding failures when using last-hop hints and MPP with large value payments (#1168).
• KeysManager::spend_spendable_outputs no longer adds a change output that is below the dust threshold for non-standard change scripts (#1131).
• Fixed a minor memory leak when attempting to send a payment that fails due to an error when updating the ChannelMonitor (#1143).
• Fixed a bug where a FeeEstimator that returns values rounded to the next sat/vbyte may result in force-closures (#1208).
• Handle MPP timeout HTLC error codes, instead of considering the recipient to have sent an invalid error, removing them from the network graph (#1148)

Serialization Compatibility

• All above new events/fields are ignored by prior clients. All above new events/fields are not present when reading objects serialized by prior versions of the library.
• Payment secrets are now generated deterministically. This reduces the memory footprint for inbound payments, however, newly-generated inbound payments using ChannelManager::create_inbound_payment{,_for_hash} will not be receivable using versions prior to 0.0.104. ChannelManager::create_inbound_payment{,_for_hash}_legacy are provided for backwards compatibility (#1177).
• PaymentPurpose::InvoicePayment::user_payment_id will be 0 when reading objects written with 0.0.104 when read by 0.0.103 and previous (#1180).

In total, this release features 51 files changed, 5356 insertions, 2238 deletions in 107 commits from 9 authors, in alphabetical order: * Antoine Riard * Conor Okus * Devrandom * Duncan Dean * Elias Rohrer * Jeffrey Czyz * Ken Sedgwick * Matt Corallo * Valentine Wallace

• Indicate relative sizes of amounts via circles in the transaction diagram
• Allow all accounts to receive Pay to PayNym (Stowaway) payments
• Allow sending amounts below the dust limit when sending to PayNyms
• Delete wallet account using tab context menu
• Add Seed Tool as an airgapped hardware wallet
• Add menu item to show PayNym (Tools menu)
• Show entered labels in transaction view diagram when sending to multiple recipients
• Set TXO label to payment label when sending multiple consolidation outputs
• Support scanning crypto-account and crypto-output through both QR scans on Settings tab
• If disconnected, prompt to connect before initiating a collaborative mix
• Upgrade to logback 1.2.8
• Shuffle UTXOS within input sets
• Bug fix: Ensure selected utxo sets retain stable ordering for PSBT inputs
• Bug fix: Handle double quotes in connected device passphrase on Windows
• Bug fix: Fix mempool size chart tooltip legend

• FIX: Sign/Verify crash

Improvements:

• Update of Bitbank rate provider (#3157) @junderw

Bug fixes:

• Fix visual bug when decoding PSBT (#3172) @dennisreimann
• Swagger fixes: improve API docs and property types (#3170) @woutersamaey
• Fix copy pay button code (#3175) @dennisreimann
• Fix LN Node availability check (#3189) @dennisreimann
• available property of nodes returned by /api/v1/server/info wasn't actually set (ee1a034c0ab7744a2988e5da874084bc7dfa8b73) @NicolasDorier
• Format perk value correctly in crowdfund app (#3141) @bolatovumar
• Invoice page: Dropdown magically disappears (#3167 #3169) @trigger67

• ADD: Send support for Taproot address type
• FIX: Statusbar style on sign/verify
• FIX: reject unknown segwit versions as invalid address
• FIX: scan BC-UR Crypto-Account animated
• FIX: reject unknown segwit versions as invalid address
• FIX: Multisig Provide signature button not scrollable #4238
• FIX: open bankid and external explorer

Umbrel 0.4.10 brings a brand new app to the Umbrel App Store — Uptime Kuma, support for Boltz swaps in Ride The Lightning app, updated apps including the latest Lightning Terminal app which contains an important security fix, bug fixes, and more.

Thanks to @phaus for packaging Uptime Kuma and @aphex3k for bringing Boltz swaps to Ride The Lightning on Umbrel 👏💜

Release notes

Features

• add support for lnd 0.14.1 (25756a5)

Changelog

The full list of changes since 0.7.4-beta can be found here:

https://github.com/LN-Zap/zap-desktop/compare/v0.7.4-beta...v0.7.5-beta

Verifying the Release

Please refer to our documentation for instructions on how to verify the release.

A newer version is already available! Please don’t use this version anymore.

Release notes

This release introduces BSQ swaps: an instant, trustless, and cheaper way to exchange BTC with BSQ. It also ships four new payment methods: ACH Transfer, Domestic Wire Transfer, Tikkie and TransferWise-USD. In addition, this release significantly reduces resources necessary for parsing DAO blocks. You'll find further improvements and bug fixes across the board!

Improvements

• BSQ swaps: 1, 2, 3, 4, 5
• Add payment methods ACH Transfer and Domestic Wire Transfer
• Add payment methods Tikkie and TransferWise-USD
• Optimize DAO charts: 1, 2
• Optimize trade chart view
• Extract persistence of BSQ blocks out of DaoStateStore
• Improve DAO state monitoring
• Improve fee handling
• Improve FilterManager
• Avoid that outdated donation and fee addresses are used.
• Add penalty calculation to dispute agent UI
• Option to not repeat popup message of locked up funds from failed trade
• Confirm button state for BTC seller to be disabled in mediation
• Add "Buy BSQ" button next to trade fee selector
• Improve shutdown process
• Increase trade protocol timeout from 60 sec to 120 sec
• Add Polish translation
• Improve trade statistics validation: 1, 2

Bug fixes

• Fix calculation & display of Locked Funds
• Fix display of missing Failed Trade tab
• Fix blockchain reorg handling
• Fix incorrect app initialization
• Fix incorrect re-opening of dispute ticket by mailbox message
• Prevent NPE in case delayedPayoutTx is not present (failed trade)
• Include holder name field for Monese & Satispay accounts
• Gracefully handle null data in refresh offer message and log error
• Always use fresh address for MULTI_SIG context to prevent problems with address re-usage when funding
• Fix updating of Locked Balance display
• Fix Exception in Portfolio History when a canceled offer with a different onion address os displayed
• Avoid Log4J "Log4Shell" exploit

Development & Documentation

• Upgrade to Gradle 7.3: 1, 2, 3, 4
• Small debugging utils
• API: Deprecate and replace hard-coded CLI console output formatters
• GitHub build: Cache gradle dependencies
• Add I2P as enum entry
• Update package.gradle: rely on local JDK 15

New Assets

• Changes required for GRIN re-listing

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.8.0.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.8.0-all.jar The output need to match the value from the Bisq-1.8.0.jar.txt file.

There are three hashes within the Bisq-1.8.0.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 15.0.5 and the v1.8.0 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.8.0.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release: - @cbeams - @cd2357 - @chimp1984 - @ghubstan - @Jakub-CZ - @jmacxx - @m52go - @ripcurlx - @sqrrm
- @wiz

As well as to everyone that helped with translations on Transifex.

• Fixes a minor build issue causing the QR display dialog to fail to open
• Add menu item to lock all open wallets (Ctrl/Cmd+Shift+L)

Dependabot updates and pinning unchained-libraries

Dependabot updates and pinning unchained-libraries

• Create two person coinjoin transactions using Samourai Soroban (Stonewallx2)
• Pay to PayNym via payjoin using Samourai Soroban (Stowaway)
• Create and claim a PayNym for a P2WPKH software wallet, and follow other PayNyms
• Update UTXOs tab UI to show UTXO balance and count next to smaller UTXO chart
• Remember recent servers for quick reconfiguration via dropdown in the server preferences
• Trigger a full wallet refresh when all the transaction history has changed on loading (e.g. on incorrect passphrase entry)
• Show wallet output descriptors with multipath indexes as per https://github.com/bitcoin/bitcoin/pull/22838
• Improve QR scanning using a double pass, the second pass cropped to an indicated box onscreen
• Allow for a minimum application height of 708px
• Add button in password field to view password in cleartext
• Change default minimum mixes to 3 when mixing out
• Check if wallet is mixing and restart Whirlpool client if necessary
• Add keyboard shortcut (Ctrl+Shift+Alt+W) to log Whirlpool debug information
• Force saving a temporary backup if refreshed wallet transactions are fewer after loading
• Improve UX when validating transaction locktime datetime field
• Add static minimum fee rates provider of 1 sat/vB for all block targets
• Show transaction or PSBT as QR from File menu
• Support Taproot tr() script expressions in UR:crypto-output
• Show script type description when importing a wallet
• Show UTXO sets in transaction diagram
• Make transaction diagram tooltips show indefinitely
• Indicate which accounts are scanned for discovery
• Remember and select previously selected tab when closing a tab
• Show message when no new accounts are discovered
• Allow configuration of a maximum server timeout maxServerTimeout
• Implement batch paging and allow page size configuration with batchPageSize
• Change Windows and Linux installers to use Sparrow menu group
• Set default fingerprint on watch only wallets
• Improve passphrase toggle UX of Bitbox 02 and Trezor T
• Add a public testnet Electrum server
• Upgrade to JavaFX 17
• Upgrade OSX and Linux libsecp256k1 libraries
• Upgrade Hummingbird UR library with revised crypto-account format (non-breaking change)
• Upgrade database to H2 2.0.202
• Bug fix: Fix import of encrypted Sparrow JSON wallets on Linux
• Bug fix: Improve efficiency of fade out animations, especially on Linux
• Bug fix: Fix mix to wallet display name
• Bug fix: Output HWI enumeration and signing errors to log
• Bug fix: Fix version update hyperlink appearing multiple times
• Bug fix: Fix textfield combobox repeat selection
• Bug fix: Show only unspent amount in status bar when refreshing postmix wallets
• Bug fix: Show full wallet name on mix to button
• Bug fix: Allow zero length paths when parsing PSBT key derivations

Changelog:

• fix for header sync performance
• fix for createrawtransaction RPC: make pegin-related fields optional
• add evbparams to manipulate BIP9 deployments, similar to Bitcoin Core's vbparams
• make dynafed signalling opt-out instead of opt-in
• improve logging

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Feature: Default blockchain rescan to first Taproot block for Taproot wallets #1479 (kdmukai)
• Feature: Encrypted user data storage #1453 (kdmukai)
• Feature: More options for address labels imports #1470 (Manolis)
• Feature: Improved export and restore hot wallet process #1495 (singlatushar07)
• Bugfix: Adds no_wait option to rpc calls #1485 (kdmukai)
• Bugfix: Adjust build-badge to Cirrus #1464 (Kim Neunert)
• Bugfix: csrf-exempt for /togglehidesensitive_info endpoint #1478 (Kim Neunert)
• Bugfix: Custom autohide bugfix #1468 (kdmukai)
• Bugfix: Default state for left nav "Devices" should be hidden #1481 (kdmukai)
• Bugfix: 'Specter' object has no attribute 'user_manager' #1476 (Manolis)
• Bugfix: tests on master #1465 (Kim Neunert)
• Documentation: hosted at docs.specter.solutions #1463 (Kim Neunert)
• Chore: Taproot test case #1482 (kdmukai)

Umbrel 0.4.9 brings two-factor authentication (2FA) to add an extra layer of security to your Umbrel, LND 0.14.1, two brand new apps in the Umbrel App Store — Tallycoin Connect and Syncthing, updated apps, bug fixes, and more.

• ADD: Rate last updated date
• ADD: Danish currency.
• ADD: Truncate prop on Copy to Clipboard component
• ADD: Update Outdated Rate

• ADD: Log openURL error

• FIX: Can't adjust multisig setting on 4" iPhone #4206

• FIX: Rare crash on multisig wallet details screen

• FIX: Use containedModal on macOS to unblock prompt UI

• FIX: Pull-to-refresh on main screen

• FIX: refresh lndhub wallet balance after paying for invoice by scanning qrcode on main screen

• FIX: import custom derivation path with passphrase

• FIX: 0 amounts in custom receive would result in undefined

• FIX: lnPayURL scan wallet currency in BTC or local currency

• FIX: Use haptic system settings for biometrics use

• FIX: scroll index was being reset on focus

• FIX: lightning address should now work with .onion addresses

• FIX: Dont allow navigation to other screens when loading

• DEL: Remove contextMenuHidden

• TST: cosign with non-zero account (HD single-sig)

This marks the first minor release of the 0.14.x release cycle! This is primarily a bug fix release that fixes: an issue that would arise with lnd nodes older than 2 years in certain circumstances, a fix to ensure we always advertise a consistent of feature bits, and most importantly a fix to ensure compatibility for new channel opens with the latest versions of c-lightning+eclair.

Database Migrations

There are two database migrations for this version in lnd (that were included in 0.14.0): One optimizes the storage structure of HTLCs for faster payments and the other removes old channel state data from closed channels to free up disk space. See the release notes v0.14.0-beta (and v0.14.1-beta) for more information.

NOTE: Compacting the DB is recommended after running the migration to reclaim the freed up space.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/guggero.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-guggero-v0.14.1-beta.sig and manifest-v0.14.1-beta.txt are in the current directory) with:

gpg --verify manifest-guggero-v0.14.1-beta.sig manifest-v0.14.1-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed 24 Nov 2021 11:15:46 PM CET gpg: using RSA key F4FC70F07310028424EFC20A8E4256593F177720 gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [ultimate] Primary key fingerprint: F4FC 70F0 7310 0284 24EF C20A 8E42 5659 3F17 7720

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-guggero-v0.14.1-beta.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-guggero-v0.14.1-beta.sig.ots -f manifest-guggero-v0.14.1-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.17.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.14.1-beta gpg: Signature made Wed 24 Nov 2021 11:04:06 PM CET gpg: using RSA key F4FC70F07310028424EFC20A8E4256593F177720 gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [ultimate] Primary key fingerprint: F4FC 70F0 7310 0284 24EF C20A 8E42 5659 3F17 7720

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.14.1-beta /verify-install.sh v0.14.1-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.14.1-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.14.1-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.1-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.1-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

Read the full release notes here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.0.md and here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.1.md

Contributors (Alphabetical Order) -- combined 0.14+0.14.1

Abubakar Nur Khalil Adrian-Stefan Mares Alex Bosworth Alyssa Hertig András Bánki-Horváth Bjarne Magnussen Carla Kirk-Cohen Carsten Otto Conner Fromknecht Elle Mouton ErikEk Eugene Siegel Hampus Sjöberg Harsha Goli Jamie Turley Jesse de Wit Johan T. Halseth Johnny Holton Joost Jager Jordi Montes Juan Pablo Civile Kishin Kato Leonhard Weese Martin Habovštiak Michael Rhee Naveen Srinivasan Olaoluwa Osuntokun Oliver Gugger Priyansh Rastogi Roei Erez Simon Males Stevie Zollo Torkel Rogstad Wilmer Paulino Yong Yu Zero-1729 benthecarman de6df1re github2k20 mateuszmp nathanael nayuta-ueno offerm positiveblue xanoni

Improvements:

• Fix breaking changes of LND API 0.14 @NicolasDorier

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#093-nov-20-2021

Note

lnd 0.14.0 has a known issue regarding channel negotiation (e.g. opening channels) with other Lightning implementations. Please upgrade to lnd 0.14.1 which mitigates this issue.

Database Migrations

There are two database migrations for this version in lnd: One optimizes the storage structure of HTLCs for faster payments and the other removes old channel state data from closed channels to free up disk space. See the release notes for more information.

NOTE: Compacting the DB is recommended after running the migration to reclaim the freed up space.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.14.0-beta.sig and manifest-v0.14.0-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.14.0-beta.sig manifest-v0.14.0-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Nov 17 13:20:26 2021 PST gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.14.0-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.14.0-beta.sig.ots -f manifest-roasbeef-v0.14.0-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.17.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.14.0-beta gpg: Signature made Wed 17 Nov 2021 08:04:23 PM UTC using RSA key ID 9B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>"

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.14.0-beta /verify-install.sh v0.14.0-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.14.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.14.0-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.0-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.0-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

Read the full release notes here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.0.md

Contributors (Alphabetical Order)

Abubakar Nur Khalil Adrian-Stefan Mares Alex Bosworth Alyssa Hertig András Bánki-Horváth Bjarne Magnussen Carla Kirk-Cohen Carsten Otto Conner Fromknecht Elle Mouton ErikEk Eugene Siegel Hampus Sjöberg Harsha Goli Jesse de Wit Johan T. Halseth Johnny Holton Joost Jager Jordi Montes Juan Pablo Civile Kishin Kato Leonhard Weese Martin Habovštiak Michael Rhee Naveen Srinivasan Olaoluwa Osuntokun Oliver Gugger Priyansh Rastogi Roei Erez Simon Males Stevie Zollo Torkel Rogstad Wilmer Paulino Yong Yu Zero-1729 benthecarman de6df1re github2k20 mateuszmp nathanael offerm positiveblue xanoni

Bug fixes:

• Fix: Checkout page of for invoices of 0 amount shouldn't crash, but 404 @NicolasDorier
• Swagger doc: Fix type of property cryptoCode (#3088) @ndeet
• Fix bug with fraction amount display in crowdfund app (#3098) @bolatovumar
• Swagger doc: Update Swagger docs for webhook event types (#3104) @bolatovumar
• Payout/pull payment page would crash if no payment method are set on the store @satwo

Improvements:

• Add crypto code for invoice and pull payment payout API response (#3099) @bolatovumar
• Prevent creation of on-chain invoices below the dust limit (#3082) @satwo

Umbrel 0.4.8 brings a new security feature — unique cryptographically secure default app passwords derived from your 24 secret words. This will help protect your Umbrel even if an app's unique Tor URL gets leaked and you have not changed that app's default password.

If you have currently installed ThunderHub, Lightning Terminal, Ride The Lightning, Squeaknode or Code Server on your Umbrel, their default passwords will automatically upgrade to the newer, more secure passwords which can be found on their app store listing pages. In case you have already updated passwords of these apps manually, you can continue to use the same.

• Fixes an issue with SSL Certificate renewal process

This version of Umbrel brings LND 0.13.4 and updated apps (BTCPay Server, Specter Desktop, Pi-hole, Lightning Terminal, and more) to the Umbrel App Store.

LND 0.13.4 fixes a bug discovered in the previous version which will break Neutrino functionality after the Taproot activation in ~3 days. Because Neutrino is only used when Bitcoin Core is still syncing, in short: if Bitcoin Core on your Umbrel hasn't finished syncing, please update immediately. If Bitcoin Core on your Umbrel is 100% synced already, you remain unaffected by this bug and can update at your convenience.

This is a small patch release that fixes a Taproot related bug for Neutrino. If you run neutrino in production, we strongly recommend you update to this version before Taproot activation to ensure your node keeps moving forward in the chain.

This release only contains a single commit on top of the prior 0.13.3 minor release: https://github.com/lightningnetwork/lnd/compare/0-13-3-branch...0-13-4-branch?expand=1

Database Migrations

This release does not contain any database migrations.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.13.4-beta.sig and manifest-v0.13.4-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.13.4-beta.sig manifest-v0.13.4-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Sep 30 17:35:20 2020 PDT gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.13.4-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.13.4-beta.sig.ots -f manifest-roasbeef-v0.13.4-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.13.4-beta gpg: Signature made Tue Sep 15 18:55:00 2020 PDT gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.13.4-beta /verify-install.sh v0.13.4-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.13.4-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.13.4-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.4-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.4-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

This release bumps the Neutrino dependency to the version that ignores not yet supported Taproot outputs in downloaded blocks.

Contributors (Alphabetical Order)

Olaoluwa Osuntokun

Bug fixes:

• Fix: Do not crash when redirect url is not provided to Authorize page @Kukks
• Fix: Disabling lightning should also disable LNURL @Kukks
• Fix: Paging in payouts did not take additional parameters in consideration @Kukks
• Fix: Payout actions button was misaligned @Kukks
• Fix: Amount validation for payout creation min amount was missing @Kukks

Improvements:

• Point of Sale Print view improvements (#3050) @satwo @dennisreimann
• Upgrade to Bootstrap 5.1.3 @dennisreimann
• Updates display names (#3036) @dstrukt

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7

Release notes

• Bugfix: Bitcoin Core as default for fee estimation, error handling improvements #1408 (Kim Neunert)
• Bugfix: fix unknown version bug in pip-installs fixes #1442 #1450 (Kim Neunert)
• Bugfix: no threading for update after creation of wallets #1457 (Kim Neunert)
• Bugfix: version.txt does not get detected #1462 (Kim Neunert)
• Chore: Bump electron from 10.2.0 to 11.5.0 in /pyinstaller/electron #1429 (dependabot[bot])
• Chore: Release signature process #1459 (Kim Neunert)

Bug fixes:

• LNAddress wasn't working if the store supported an altcoin @NicolasDorier
• Fix maintainance view @dennisreimann

This feature include a critical security patch. The vulnerability impacts owner of shared instances which share their internal lightning nodes. Credits to @yilakb to have noticed us.

New Features:

• Greenfield: Adds the Archive status to Invoice model @TheHazeEffect
• Greenfield: Add pagination to the get invoices operation @TheHazeEffect

Bug fixes:

• Crowdfunding topup invoice doesn't work when there isn't a perk added (#3048 #3064) @satwo
• Crowdfund: Fix perk value display (#3060) @dennisreimann
• LNAddress wasn't working if the store supported an altcoin @NicolasDorier
• Lightning address payment would fail if millisatoshi is not 0 mod 1000 on LND (#3056) @NicolasDorier
• The Test Connection feature during lightning setup was hidding cause of failure @NicolasDorier
• Creating a new invoice in payment request with LNURL activated would crash @NicolasDorier
• Improve error reporting in (#3065) @NicolasDorier
• After loading the Update PoS Settings page and selecting an item to edit, it will always show the price type selected as Fixed regardless of what the actual price type is. (#3049) @fabu21
• Fixes label on Point of Sale page (#3037) @dstrukt

Improvements:

• If no default payment method, the fallback should be in order of preference: BTC, then Lightning (via BOLT11)
• UI Improvement of the maintenance page @dstrukt
• In the invoice's details page, show the url of webhook's deliveries (#3034) @satwo
• Improves upload button for files (#3044) @dstrukt

We're pleased to announce the 0.10.2 release of c-lightning, named by @vincenzopalazzo.

This is a recommended upgrade: this release includes the patch for the recently disclosed CVE-2021-41592.

Highlights for Users

• Payments can now be retried without affecting the status of prior attempts.
• The route selection will now use the log-propability-based channel selection to increase success rate and reduce time to completion.
• close now reports the feeranges each side enforced, which allows users to determine which side caused a high or low feerate.
• Removal of old HTLC information and vacuuming shrinks large lightningd.sqlite3 by a factor of 2-3.

Highlights for the Network

• setchannelfee now has a grace period during which both old and new fee policies are considered. This prevents a fee update from making the channel unusable until the update propagated.
• We now perform quick-close if the peer supports it.
• We send regular pings to detect dead connections (particularly for Tor).
• Errors returning a channel_update no longer return an outdated one.
• Anchor output mutual close allow a fee higher than the final commitment transaction

Highlights for Developers

• Plugins now are notified about an upcoming shutdown, allowing them to store data and clean up before exiting.
• The datastore API (datastore, deldatastore, and listdatastore) exposes a simple key-value store, allowing plugin authors to store data in the c-lightning database.
• ping now only works if we have a channel with the peer.
• Relaxed the sqlite3 version match requirements to be at least a minimum version and a major version match

More details can be found in the changelog.

Thanks to everyone for their contributions and bug reports; please keep them coming.

Since 0.10.1, we've had 333 commits from 19 different authors over 85 days.

A special thanks goes to the 4 first time contributors:

• Dustin Dettmer
• Michael Folkson
• jerzybrzoska
• Devrandom

Cheers, Christian, Rusty, Lisa.

API Updates

• This release is almost entirely focused on a new API in the lightning-invoice crate - the InvoicePayer. InvoicePayer is a struct which takes a reference to a ChannelManager and a Router and retries payments as paths fail. It limits retries to a configurable number, but is not serialized to disk and may retry additional times across a serialization/load. In order to learn about failed payments, it must receive Events directly from the ChannelManager, wrapping a user-provided EventHandler which it provides all unhandled events to (#1059).
• get_route has been renamed find_route (#1059) and now takes a RouteParameters struct in replacement of a number of its long list of arguments (#1134). The Payee in the RouteParameters is stored in the Route object returned and provided in the RouteParameters contained in Event::PaymentPathFailed (#1059).
• ChannelMonitors must now be persisted after calls that provide new block data, prior to MonitorEvents being passed back to ChannelManager for processing. If you are using a ChainMonitor this is handled for you. The Persist API has been updated to Optionally take the ChannelMonitorUpdate as persistence events that result from chain data no longer have a corresponding update (#1108).
• routing::Score now has a payment_path_failed method which it can use to learn which channels often fail payments. It is automatically called by InvoicePayer for failed payment paths (#1144).
• The default Scorer implementation is now a type alias to a type generic across different clocks and supports serialization to persist scoring data across restarts (#1146).
• Event::PaymentSent now includes the full fee which was spent across all payment paths which were fulfilled or pending when the payment was fulfilled (#1142).
• Event::PaymentSent and Event::PaymentPathFailed now include the PaymentId which matches the PaymentId returned from ChannelManager::send_payment or InvoicePayer::pay_invoice (#1059).
• NetGraphMsgHandler now takes a Deref to the NetworkGraph, allowing for shared references to the graph data to make serialization and references to the graph data in the InvoicePayer's Router simpler (#1149).
• routing::Score::channel_penalty_msat has been updated to provide the NodeId of both the source and destination nodes of a channel (#1133).

Bug Fixes

• Previous versions would often disconnect peers during initial graph sync due to ping timeouts while processing large numbers of gossip messages. We now delay disconnecting peers if we receive messages from them even if it takes a while to receive a pong from them. Further, we avoid sending too many gossip messages between pings to ensure we should always receive pongs in a timely manner (#1137).
• If a payment was sent, creating an outbound HTLC and sending it to our counterparty (implying the ChannelMonitor was persisted on disk), but the ChannelManager was not persisted prior to shutdown/crash, no Event::PaymentPathFailed event was generated if the HTLC was eventually failed on chain. Events are now consistent irrespective of ChannelManager persistence or non-persistence (#1104).

Serialization Compatibility

• All above new Events/fields are ignored by prior clients. All above new Events/fields are not present when reading objects serialized by prior versions of the library.
• Payments for which a Route was generated using a previous version or for which the payment was originally sent by a previous version of the library will not be retried by an InvoicePayer.

This release was singularly focused and some contributions by third parties were delayed. In total, this release features 38 files changed, 4414 insertions, and 969 deletions in 71 commits from 2 authors, in alphabetical order:

• Jeffrey Czyz
• Matt Corallo