Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7 This key has been signed by @k9ert's key which you might have used for validating th 1.7.0 release.

Release notes

• Feature: Default blockchain rescan to first Taproot block for Taproot wallets #1479 (kdmukai)
• Feature: Encrypted user data storage #1453 (kdmukai)
• Feature: More options for address labels imports #1470 (Manolis)
• Feature: Improved export and restore hot wallet process #1495 (singlatushar07)
• Bugfix: Adds no_wait option to rpc calls #1485 (kdmukai)
• Bugfix: Adjust build-badge to Cirrus #1464 (Kim Neunert)
• Bugfix: csrf-exempt for /togglehidesensitive_info endpoint #1478 (Kim Neunert)
• Bugfix: Custom autohide bugfix #1468 (kdmukai)
• Bugfix: Default state for left nav "Devices" should be hidden #1481 (kdmukai)
• Bugfix: 'Specter' object has no attribute 'user_manager' #1476 (Manolis)
• Bugfix: tests on master #1465 (Kim Neunert)
• Documentation: hosted at docs.specter.solutions #1463 (Kim Neunert)
• Chore: Taproot test case #1482 (kdmukai)

Umbrel 0.4.9 brings two-factor authentication (2FA) to add an extra layer of security to your Umbrel, LND 0.14.1, two brand new apps in the Umbrel App Store — Tallycoin Connect and Syncthing, updated apps, bug fixes, and more.

• ADD: Rate last updated date
• ADD: Danish currency.
• ADD: Truncate prop on Copy to Clipboard component
• ADD: Update Outdated Rate

• ADD: Log openURL error

• FIX: Can't adjust multisig setting on 4" iPhone #4206

• FIX: Rare crash on multisig wallet details screen

• FIX: Use containedModal on macOS to unblock prompt UI

• FIX: Pull-to-refresh on main screen

• FIX: refresh lndhub wallet balance after paying for invoice by scanning qrcode on main screen

• FIX: import custom derivation path with passphrase

• FIX: 0 amounts in custom receive would result in undefined

• FIX: lnPayURL scan wallet currency in BTC or local currency

• FIX: Use haptic system settings for biometrics use

• FIX: scroll index was being reset on focus

• FIX: lightning address should now work with .onion addresses

• FIX: Dont allow navigation to other screens when loading

• DEL: Remove contextMenuHidden

• TST: cosign with non-zero account (HD single-sig)

This marks the first minor release of the 0.14.x release cycle! This is primarily a bug fix release that fixes: an issue that would arise with lnd nodes older than 2 years in certain circumstances, a fix to ensure we always advertise a consistent of feature bits, and most importantly a fix to ensure compatibility for new channel opens with the latest versions of c-lightning+eclair.

Database Migrations

There are two database migrations for this version in lnd (that were included in 0.14.0): One optimizes the storage structure of HTLCs for faster payments and the other removes old channel state data from closed channels to free up disk space. See the release notes v0.14.0-beta (and v0.14.1-beta) for more information.

NOTE: Compacting the DB is recommended after running the migration to reclaim the freed up space.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/guggero.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-guggero-v0.14.1-beta.sig and manifest-v0.14.1-beta.txt are in the current directory) with:

gpg --verify manifest-guggero-v0.14.1-beta.sig manifest-v0.14.1-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed 24 Nov 2021 11:15:46 PM CET gpg: using RSA key F4FC70F07310028424EFC20A8E4256593F177720 gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [ultimate] Primary key fingerprint: F4FC 70F0 7310 0284 24EF C20A 8E42 5659 3F17 7720

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-guggero-v0.14.1-beta.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-guggero-v0.14.1-beta.sig.ots -f manifest-guggero-v0.14.1-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.17.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.14.1-beta gpg: Signature made Wed 24 Nov 2021 11:04:06 PM CET gpg: using RSA key F4FC70F07310028424EFC20A8E4256593F177720 gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [ultimate] Primary key fingerprint: F4FC 70F0 7310 0284 24EF C20A 8E42 5659 3F17 7720

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.14.1-beta /verify-install.sh v0.14.1-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.14.1-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.14.1-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.1-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.1-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

Read the full release notes here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.0.md and here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.1.md

Contributors (Alphabetical Order) -- combined 0.14+0.14.1

Abubakar Nur Khalil Adrian-Stefan Mares Alex Bosworth Alyssa Hertig András Bánki-Horváth Bjarne Magnussen Carla Kirk-Cohen Carsten Otto Conner Fromknecht Elle Mouton ErikEk Eugene Siegel Hampus Sjöberg Harsha Goli Jamie Turley Jesse de Wit Johan T. Halseth Johnny Holton Joost Jager Jordi Montes Juan Pablo Civile Kishin Kato Leonhard Weese Martin Habovštiak Michael Rhee Naveen Srinivasan Olaoluwa Osuntokun Oliver Gugger Priyansh Rastogi Roei Erez Simon Males Stevie Zollo Torkel Rogstad Wilmer Paulino Yong Yu Zero-1729 benthecarman de6df1re github2k20 mateuszmp nathanael nayuta-ueno offerm positiveblue xanoni

Improvements:

• Fix breaking changes of LND API 0.14 @NicolasDorier

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#093-nov-20-2021

Note

lnd 0.14.0 has a known issue regarding channel negotiation (e.g. opening channels) with other Lightning implementations. Please upgrade to lnd 0.14.1 which mitigates this issue.

Database Migrations

There are two database migrations for this version in lnd: One optimizes the storage structure of HTLCs for faster payments and the other removes old channel state data from closed channels to free up disk space. See the release notes for more information.

NOTE: Compacting the DB is recommended after running the migration to reclaim the freed up space.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.14.0-beta.sig and manifest-v0.14.0-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.14.0-beta.sig manifest-v0.14.0-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Nov 17 13:20:26 2021 PST gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.14.0-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.14.0-beta.sig.ots -f manifest-roasbeef-v0.14.0-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.17.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.14.0-beta gpg: Signature made Wed 17 Nov 2021 08:04:23 PM UTC using RSA key ID 9B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>"

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.14.0-beta /verify-install.sh v0.14.0-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.14.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.14.0-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.0-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.14.0-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

Read the full release notes here: https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.14.0.md

Contributors (Alphabetical Order)

Abubakar Nur Khalil Adrian-Stefan Mares Alex Bosworth Alyssa Hertig András Bánki-Horváth Bjarne Magnussen Carla Kirk-Cohen Carsten Otto Conner Fromknecht Elle Mouton ErikEk Eugene Siegel Hampus Sjöberg Harsha Goli Jesse de Wit Johan T. Halseth Johnny Holton Joost Jager Jordi Montes Juan Pablo Civile Kishin Kato Leonhard Weese Martin Habovštiak Michael Rhee Naveen Srinivasan Olaoluwa Osuntokun Oliver Gugger Priyansh Rastogi Roei Erez Simon Males Stevie Zollo Torkel Rogstad Wilmer Paulino Yong Yu Zero-1729 benthecarman de6df1re github2k20 mateuszmp nathanael offerm positiveblue xanoni

Bug fixes:

• Fix: Checkout page of for invoices of 0 amount shouldn't crash, but 404 @NicolasDorier
• Swagger doc: Fix type of property cryptoCode (#3088) @ndeet
• Fix bug with fraction amount display in crowdfund app (#3098) @bolatovumar
• Swagger doc: Update Swagger docs for webhook event types (#3104) @bolatovumar
• Payout/pull payment page would crash if no payment method are set on the store @satwo

Improvements:

• Add crypto code for invoice and pull payment payout API response (#3099) @bolatovumar
• Prevent creation of on-chain invoices below the dust limit (#3082) @satwo

Umbrel 0.4.8 brings a new security feature — unique cryptographically secure default app passwords derived from your 24 secret words. This will help protect your Umbrel even if an app's unique Tor URL gets leaked and you have not changed that app's default password.

If you have currently installed ThunderHub, Lightning Terminal, Ride The Lightning, Squeaknode or Code Server on your Umbrel, their default passwords will automatically upgrade to the newer, more secure passwords which can be found on their app store listing pages. In case you have already updated passwords of these apps manually, you can continue to use the same.

This version of Umbrel brings LND 0.13.4 and updated apps (BTCPay Server, Specter Desktop, Pi-hole, Lightning Terminal, and more) to the Umbrel App Store.

LND 0.13.4 fixes a bug discovered in the previous version which will break Neutrino functionality after the Taproot activation in ~3 days. Because Neutrino is only used when Bitcoin Core is still syncing, in short: if Bitcoin Core on your Umbrel hasn't finished syncing, please update immediately. If Bitcoin Core on your Umbrel is 100% synced already, you remain unaffected by this bug and can update at your convenience.

This is a small patch release that fixes a Taproot related bug for Neutrino. If you run neutrino in production, we strongly recommend you update to this version before Taproot activation to ensure your node keeps moving forward in the chain.

This release only contains a single commit on top of the prior 0.13.3 minor release: https://github.com/lightningnetwork/lnd/compare/0-13-3-branch...0-13-4-branch?expand=1

Database Migrations

This release does not contain any database migrations.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.13.4-beta.sig and manifest-v0.13.4-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.13.4-beta.sig manifest-v0.13.4-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Sep 30 17:35:20 2020 PDT gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.13.4-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.13.4-beta.sig.ots -f manifest-roasbeef-v0.13.4-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.13.4-beta gpg: Signature made Tue Sep 15 18:55:00 2020 PDT gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>" [ultimate]

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.13.4-beta /verify-install.sh v0.13.4-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.13.4-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.13.4-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.4-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.4-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

This release bumps the Neutrino dependency to the version that ignores not yet supported Taproot outputs in downloaded blocks.

Contributors (Alphabetical Order)

Olaoluwa Osuntokun

Bug fixes:

• Fix: Do not crash when redirect url is not provided to Authorize page @Kukks
• Fix: Disabling lightning should also disable LNURL @Kukks
• Fix: Paging in payouts did not take additional parameters in consideration @Kukks
• Fix: Payout actions button was misaligned @Kukks
• Fix: Amount validation for payout creation min amount was missing @Kukks

Improvements:

• Point of Sale Print view improvements (#3050) @satwo @dennisreimann
• Upgrade to Bootstrap 5.1.3 @dennisreimann
• Updates display names (#3036) @dstrukt

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files and signed with "Specter Signer's" GPG key. You can get the public key from here. Fingerprint of the key is 785A 2269 EE3A 9736 AC1A 4F4C 864B 7CF9 A811 FEF7

Release notes

• Bugfix: Bitcoin Core as default for fee estimation, error handling improvements #1408 (Kim Neunert)
• Bugfix: fix unknown version bug in pip-installs fixes #1442 #1450 (Kim Neunert)
• Bugfix: no threading for update after creation of wallets #1457 (Kim Neunert)
• Bugfix: version.txt does not get detected #1462 (Kim Neunert)
• Chore: Bump electron from 10.2.0 to 11.5.0 in /pyinstaller/electron #1429 (dependabot[bot])
• Chore: Release signature process #1459 (Kim Neunert)

Bug fixes:

• LNAddress wasn't working if the store supported an altcoin @NicolasDorier
• Fix maintainance view @dennisreimann

This feature include a critical security patch. The vulnerability impacts owner of shared instances which share their internal lightning nodes. Credits to @yilakb to have noticed us.

New Features:

• Greenfield: Adds the Archive status to Invoice model @TheHazeEffect
• Greenfield: Add pagination to the get invoices operation @TheHazeEffect

Bug fixes:

• Crowdfunding topup invoice doesn't work when there isn't a perk added (#3048 #3064) @satwo
• Crowdfund: Fix perk value display (#3060) @dennisreimann
• LNAddress wasn't working if the store supported an altcoin @NicolasDorier
• Lightning address payment would fail if millisatoshi is not 0 mod 1000 on LND (#3056) @NicolasDorier
• The Test Connection feature during lightning setup was hidding cause of failure @NicolasDorier
• Creating a new invoice in payment request with LNURL activated would crash @NicolasDorier
• Improve error reporting in (#3065) @NicolasDorier
• After loading the Update PoS Settings page and selecting an item to edit, it will always show the price type selected as Fixed regardless of what the actual price type is. (#3049) @fabu21
• Fixes label on Point of Sale page (#3037) @dstrukt

Improvements:

• If no default payment method, the fallback should be in order of preference: BTC, then Lightning (via BOLT11)
• UI Improvement of the maintenance page @dstrukt
• In the invoice's details page, show the url of webhook's deliveries (#3034) @satwo
• Improves upload button for files (#3044) @dstrukt

We're pleased to announce the 0.10.2 release of c-lightning, named by @vincenzopalazzo.

This is a recommended upgrade: this release includes the patch for the recently disclosed CVE-2021-41592.

Highlights for Users

• Payments can now be retried without affecting the status of prior attempts.
• The route selection will now use the log-propability-based channel selection to increase success rate and reduce time to completion.
• close now reports the feeranges each side enforced, which allows users to determine which side caused a high or low feerate.
• Removal of old HTLC information and vacuuming shrinks large lightningd.sqlite3 by a factor of 2-3.

Highlights for the Network

• setchannelfee now has a grace period during which both old and new fee policies are considered. This prevents a fee update from making the channel unusable until the update propagated.
• We now perform quick-close if the peer supports it.
• We send regular pings to detect dead connections (particularly for Tor).
• Errors returning a channel_update no longer return an outdated one.
• Anchor output mutual close allow a fee higher than the final commitment transaction

Highlights for Developers

• Plugins now are notified about an upcoming shutdown, allowing them to store data and clean up before exiting.
• The datastore API (datastore, deldatastore, and listdatastore) exposes a simple key-value store, allowing plugin authors to store data in the c-lightning database.
• ping now only works if we have a channel with the peer.
• Relaxed the sqlite3 version match requirements to be at least a minimum version and a major version match

More details can be found in the changelog.

Thanks to everyone for their contributions and bug reports; please keep them coming.

Since 0.10.1, we've had 333 commits from 19 different authors over 85 days.

A special thanks goes to the 4 first time contributors:

• Dustin Dettmer
• Michael Folkson
• jerzybrzoska
• Devrandom

Cheers, Christian, Rusty, Lisa.

API Updates

• This release is almost entirely focused on a new API in the lightning-invoice crate - the InvoicePayer. InvoicePayer is a struct which takes a reference to a ChannelManager and a Router and retries payments as paths fail. It limits retries to a configurable number, but is not serialized to disk and may retry additional times across a serialization/load. In order to learn about failed payments, it must receive Events directly from the ChannelManager, wrapping a user-provided EventHandler which it provides all unhandled events to (#1059).
• get_route has been renamed find_route (#1059) and now takes a RouteParameters struct in replacement of a number of its long list of arguments (#1134). The Payee in the RouteParameters is stored in the Route object returned and provided in the RouteParameters contained in Event::PaymentPathFailed (#1059).
• ChannelMonitors must now be persisted after calls that provide new block data, prior to MonitorEvents being passed back to ChannelManager for processing. If you are using a ChainMonitor this is handled for you. The Persist API has been updated to Optionally take the ChannelMonitorUpdate as persistence events that result from chain data no longer have a corresponding update (#1108).
• routing::Score now has a payment_path_failed method which it can use to learn which channels often fail payments. It is automatically called by InvoicePayer for failed payment paths (#1144).
• The default Scorer implementation is now a type alias to a type generic across different clocks and supports serialization to persist scoring data across restarts (#1146).
• Event::PaymentSent now includes the full fee which was spent across all payment paths which were fulfilled or pending when the payment was fulfilled (#1142).
• Event::PaymentSent and Event::PaymentPathFailed now include the PaymentId which matches the PaymentId returned from ChannelManager::send_payment or InvoicePayer::pay_invoice (#1059).
• NetGraphMsgHandler now takes a Deref to the NetworkGraph, allowing for shared references to the graph data to make serialization and references to the graph data in the InvoicePayer's Router simpler (#1149).
• routing::Score::channel_penalty_msat has been updated to provide the NodeId of both the source and destination nodes of a channel (#1133).

Bug Fixes

• Previous versions would often disconnect peers during initial graph sync due to ping timeouts while processing large numbers of gossip messages. We now delay disconnecting peers if we receive messages from them even if it takes a while to receive a pong from them. Further, we avoid sending too many gossip messages between pings to ensure we should always receive pongs in a timely manner (#1137).
• If a payment was sent, creating an outbound HTLC and sending it to our counterparty (implying the ChannelMonitor was persisted on disk), but the ChannelManager was not persisted prior to shutdown/crash, no Event::PaymentPathFailed event was generated if the HTLC was eventually failed on chain. Events are now consistent irrespective of ChannelManager persistence or non-persistence (#1104).

Serialization Compatibility

• All above new Events/fields are ignored by prior clients. All above new Events/fields are not present when reading objects serialized by prior versions of the library.
• Payments for which a Route was generated using a previous version or for which the payment was originally sent by a previous version of the library will not be retried by an InvoicePayer.

This release was singularly focused and some contributions by third parties were delayed. In total, this release features 38 files changed, 4414 insertions, and 969 deletions in 71 commits from 2 authors, in alphabetical order:

• Jeffrey Czyz
• Matt Corallo

Summary

This release contains an important stability upgrade on Tor. Some of our users encountered network instability like delays on Tor so it is recommended to upgrade your client to this version. In addition, there were some minor bug fixes as well. Make sure your Tor client is not running in the background so Wasabi can update it - the easiest way is to restart your machine and start the new version of Wasabi.

• Updated Tor client to 0.4.5.10.

Newbie Guide

While setting up Wasabi is straightforward, even a Linux wizard with the longest beard can get stuck on the most basic tasks. Consider taking a look at the Installation Instructions guide.

Advanced Guide

If you want to build Wasabi from source code or update the source code check out these instructions.

From version 1.1.3 Wasabi also introduces reproducible builds: Deterministic Build Guide

Build with .NET Core 3.1.407-win-x64.

FAQ

• Frequently asked questions here.
• Requirements? x64, Linux, >Win10, >macOS 10.13.

Release Notes

• Knots update https://github.com/zkSNACKs/WalletWasabi/issues/5995
• Minor bugfixes https://github.com/zkSNACKs/WalletWasabi/pull/5982 https://github.com/zkSNACKs/WalletWasabi/pull/6131 https://github.com/zkSNACKs/WalletWasabi/pull/4207
• Tor update https://github.com/zkSNACKs/WalletWasabi/pull/6569
• Fallback mechanism https://github.com/zkSNACKs/WalletWasabi/pull/6575 https://github.com/zkSNACKs/WalletWasabi/pull/6577
• PR for all changes https://github.com/zkSNACKs/WalletWasabi/pull/6572

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#092-oct-31-2021

Bug fixes:

• Fix: The checkout page would reload the page when changing payment method, causing an annoying flickering @NicolasDorier
• Fix: When browsing to BTCPay with explicit paymentMethodId such as https://btcpay.../i/{invoiceId}/{paymentMethodId}, it was impossible to switch to any other payment method @NicolasDorier

See our blog post for an overview.

Improvements:

• Various Bootstrap related updates (#2785 #2841 #2870 #2893 #2915 #2932 #2957) @dennisreimann @dstrukt @bolatovumar
• Various GreenField API improvements (#2817 #2880 #2905 #2934) @bolatovumar @kukks @woutersamaey
• PSBT UI improvements (#2713) @dennisreimann
• Revamp Theme system (#2794 #2927) @dennisreimann @dstrukt
• Revamp confirmation modals (#2614) @dennisreimann @dstrukt
• Unify Fido2 authentication under two-factor tab (#2866) @dennisreimann
• Remove slack link (#2887) @dstrukt
• Improve warning when creating invoice without wallet (#2844) @bolatovumar
• Improve public LN node info (#2876) @dennisreimann
• Adds social links to footer @1nF0rmed
• Switch to offcanvas navigation system @dennisreimann
• Crowdfund public UI re-design (#2918 #2926 #2938) @dennisreimann
• Remove Coinswitch entirely @kukks
• Improve display and structure of payment related configuration (#2945) @dennisreimann
• Coin selection improvements (#2956) @dennisreimann
• Add Passport hardware wallet option to the wallet import screens (#2962) @BitcoinQnA
• Improve language dropdown UX (#2972 #2976) @dennisreimann @satwo
• Add paging to pull payments list page (#2997) @kukks
• Pull payments & Payouts moved to store from wallet pages (#2987) @kukks
• Add number formatting in crowdfund app @bolatovumar
• Improve the language dropdown of the checkout (#2971) @satwo
• Validation of payment method criteria fails silently in keypad-only PoS (#2991) @satwo

New features:

• Taproot support (#2830 #2837) @sageprogrammer @nicolasdorier
• Specify default payment method through UI and Greenfield API (#2815 #2986) @bolatovumar @NicolasDorier
• Disallow cancelling payment request when "Allow payee to create invoices in their own denomination" is not enabled (#2843) @bolatovumar
• Support custom currencies for Pay button generator (#2896) @bolatovumar
• Show total balance on wallets list (#2882) @maxdignan @dennisreimann
• Greenfield: Payment Settled Webhook event (#2944) @kukks
• Add ability to set invoice status from details page (#2923) @bolatovumar
• Add ability to accept tips in POS terminal (#2983) @bolatovumar
• Add ability to wipe all the transactions of a wallet for admins (#2857) @NicolasDorier
• Allow User to delete own account (#2949) @kukks
• Allow email notifications when creating invoices from Web UI (#2959) @sipsorcery
• Dev Cheat mode (#2672 #2965) @NicolasDorier @woutersamaey
• Add support for CryptoMarket exchange rates (more accurate rates for Chilean Pesos, Brazilian Reals and Argentine Peso) @bolatovumar
• Add support for rpio exchange rate (close #2960) @NicolasDorier
• Greenfield: Provide negative undue when overpaid. (#2936) @kukks
• Support topup invoices in apps (#2958) @kukks
• Support Lightning in Pull Payments. (#2958) @kukks
• Support LNURL and Lightning address in Pull Payments (#2958) @kukks
• Add boolean overPaid to the invoice settled webhook @NicolasDorier
• Ability to display and update the appname in crowdfund and PoS @satwo
• Add ability to require refund email from app level @bolatovumar
• Azerbaijan support for the checkout (Orkhan Guliyev)

Bug fixes:

• Fix Summernote editor (#2829) @dennisreimann
• Fix topup invoices not created when payment method criteria specified (#2847) @bolatovumar
• Check for empty theme URI before saving theme settings (#2851) @bolatovumar
• Signing a transaction with too many inputs (around 500), should not timeout @nicolasdorier
• Fix Vault issues: If signing took more than one minute, the connection to HWI would drop @nicolasdorier
• Fix CSP issues (#2872 #2946 #2954) @nicolasdorier @dennisreimann @bolatovumar
• Fix issues with Authorization Request page (#2894) @bolatovumar
• Do not activate payment methods for non-new invoices @nicolasdorier
• Fix camera not working on wallet send (Fix #2922) @nicolasdorier
• Properly handle InvoiceMetadata string properties (Fix #2906) @NicolasDorier
• fix: Plugins disabled message never dissappers even after re-enabling it. @kukks
• Fix: Impossible to see relative time of transaction in wallet list @NicolasDorier
• Fix bug: Importing seed with Is hot wallet checked was not working (#2966) @NicolasDorier
• fix pos app logo (#2977) @satwo
• Fix cryptic error message issue (#2978) @Bananenbieger123
• Fix BIP21 pull payment support (#2985) @kukks
• Fix: favicon wasn't shown if using rootpath @NicolasDorier
• Fix: The redirect url of crowdfund invoices wasn't set correctly if rootpath is used @NicolasDorier
• Fix: Many SVG assets were not showing properly if rootpath is used @NicolasDorier
• Fix: Fonts and Home background not loading properly when using rootpath @NicolasDorier
• If the local culture of the server was not english, numeric values greenfield were not properly interpreted @NicolasDorier
• Default payment method settings was not working properly @satwo @NicolasDorier
  • Fix scanning of animated QR codes (#3003) @dennisreimann

Main changes

Fix payment details screen for lnurl-pay

Phoenix now correctly displays the description of a lnurl payment, as well as other metadata that the service could have provided (such as identifiers for lightning addresses).

Full list of changes

• app: https://github.com/ACINQ/phoenix/compare/android-legacy-v1.4.17...android-legacy-v1.4.19 (this diff is very large because it contains the merge with the phoenix-kmm repository)

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it: - from our website: https://acinq.co/pgp/drouinf.asc - from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key: $ gpg --import drouinf.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

FIX: Manage funds

Release notes

This release introduces 13 new payment methods: Strike, Verse, Monese, Satispay, Bizum, Pix, Nequi, CelPay, PayTM, UPI, RTGS, NEFT and IMPS. It also upgrades Tor to the its latest version and moves all remaining nodes to Tor v3 addresses. And as always, there are many additional bug fixes and minor improvements across the board.

Improvements

• Allow standard mark & copy functionality for displayed text fields
• Allow trader chat to continue after trade complete
• Show a warning if PC has been in sleep mode
• Display support agent's Keybase link when opening mediation / arbitration
• Add payment methods Strike and Verse
• Add payment methods Monese and Satispay
• Add payment methods Bizum and Pix
• Add payment methods Nequi and CelPay
• Add five Indian payment methods: PayTM, UPI, RTGS, NEFT and IMPS
• Remove trade id reference for Amazon gift card
• Add new v3 onions for wiz's bitcoin nodes
• Upgrade Tor to v0.4.5.10

Bug fixes

• Fix issue of Trade Step 1 validation done too soon
• Fix exception in create offer screen
• Fix logic of SEPA country comparison routine
• Disable GC calls if fullDaoNode is set (like in case of seed nodes)
• Fix data handling if DAO is deactivated
• Fix typo (SHA)

Development & Documentation

• Update Tor upgrade documentation
• Remove v2 nodes and backup nodes from DAO monitor
• Replace Adopt with Zulu for GitHub builds
• Refactor desktop Closed Tradable model utils for API
• Move volume formatting from DisplayUtils to VolumeUtil
• Call keepfunds (close trade) on both sides of trade simulation
• CLI bug fix: show trade's contract volume, not moving offer volume
• Add custom bisq.properties to API test harness

New Assets

• Add Tether (ERC20).

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.7.4.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.7.4-all.jar The output need to match the value from the Bisq-1.7.4.jar.txt file.

There are three hashes within the Bisq-1.7.4.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 11.0.10 and the v1.7.4 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.7.4.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @cd2357
• @chimp1984
• @Emzy
• @geertjanw
• @ghubstan
• @Jakub-CZ
• @jmacxx
• @ripcurlx
• @sqrrm
  

As well as to everyone that helped with translations on Transifex.

This version of Umbrel contains a bugfix for the Samourai Server app's connectivity issue. If you're facing an issue with it currently, please try re-installing the app again after the update.

Highlights:

• Stability and improvements release

Changelog:

• ADD: Rate information in Currency Settings
• ADD: loc sync ar, he, it
• ADD: Add unique ID in Settings

• ADD: GCC Arab countries; Saudi riyal, Emirati dirham, Bahraini dinar, Omani rial, Kuwaiti dinar.

• FIX: LNDHub Tor Import

• FIX: Device UID was removable

• FIX: RTL fixes

• FIX: Some android devices where unable to process onPress

• FIX: QR reader freezes on MAC Desktop on Send Page #4057

• FIX: Text was getting overflown on small screens

• FIX: Locale for prompts

• FIX: Delete wallet Alert title had confusing string

• FIX: Quick action update when currency changes

• FIX: Android dark mode text color

• FIX: Add recipient was disabled when using max

• FIX: Sign/Verify uncompressed

• FIX: Unable to scroll up/down signed transaction summary card. #4019

• REF: Use currency module

• REF: INR rate source

This version of Umbrel brings the latest version of Electrum server (electrs 0.9.1), bug fixes, and updated apps to the Umbrel App Store, including the latest Samourai Server app which fixes a connectivity issue in the previous version.

Changelog: * Bring Elements up to date with Bitcoin Core 0.21 * Design and implement new PSET protocol

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

SHA256SUMS file contains sha256 hashes of all binary files. The SHA256SUMS.asc file contains a signature of the SHA256SUM file, signed with @k9ert's GPG key. You can get the public key from keybase. Fingerprint of the key is ECC0 B4AB D74E 716F 5ADE 0952 28B3 58A8 843B 0109

Release notes

• Feature: a framework for migrations and migrating single-node #1414 (Kim Neunert)
• Feature: Auto privacy settings #1415 (kdmukai)
• Feature: Better Error-management, logging for the APP and Macos builds improvements #1405 (Kim Neunert)
• Feature: fix rbf-edit with multiple destinations #1412 (Stepan Snigirev)
• Feature: Improve Jade support #1398 (Stepan Snigirev)
• Feature: Uncle jim paperwallet #1359 (Kim Neunert)
• Feature: use change addresses in order #1393 (Stepan Snigirev)
• Bugfix: asset labels issues #1391 (Stepan Snigirev)
• Bugfix: Babel js backtick fix #1383 (kdmukai)
• Bugfix: changing type of a device fixes #1400 #1257 #575 #1402 (Stepan Snigirev)
• Bugfix: CI failure because of missing wget dependency #1375 (Kim Neunert)
• Bugfix: fixes #1357 as pip3 installation of tar.gz-package was broken #1374 (Kim Neunert)
• Bugfix: Refactor wallet class fixes #1394 #1367 #1241 #1101 #1411 (Stepan Snigirev)
• Bugfix: refactor WalletManager and Wallet, improved performance #1424 (Kim Neunert)
• Bugfix: rollback embit to 0.4.5 #1379 (Kim Neunert)
• Bugfix: Some liquid fixes #1401 (Stepan Snigirev)
• Bugfix: tx dump (failing tests) #1397 (Stepan Snigirev)
• Bugfix: various things including json-file data-corruption #1410 (Kim Neunert)
• Bugfix: remove diy simulator warning #1399 (Stepan Snigirev)
• Bugfix: Fix last release liquid issues #1389 (Stepan Snigirev)
• Bugfix: Fix the Test Tor point of reference #1416 (benk10)
• Bugfix: Leading slashes in paths removed #1380 (B-396)
• Docs: Suggest updating pip to resolve cryptography installation issues #1349 (Nadav Ivgi)
• Translation: Added localization function to html text #1396 (relativisticelectron)
• Chore: Bump axios from 0.21.1 to 0.21.4 #1387 (dependabot[bot])
• Chore: Ci improvements (#103) #1403 (Kim Neunert)
• Chore: migrate tested bitcoin to new v0.21.1 tag #1316 (Kim Neunert)
• Chore: Release process improvements #1434 (Kim Neunert)
• Chore: Some macos specific adjustments to the install and test-cypress scripts #1428 (Kim Neunert)
• Chore: update dependencies and remove demon-mode #1417 (Kim Neunert)
• Chore: update elements testtarget to 0.21.0rc2 #1409 (Kim Neunert)

API Updates

• get_route now takes a Score as an argument. Score is queried during the route-finding process, returning the absolute amounts which you are willing to pay to avoid routing over a given channel. As a default, a Scorer is provided which returns a constant amount, with a suggested default of 500 msat. This translates to a willingness to pay up to 500 msat in additional fees per hop in order to avoid additional hops (#1124).
• Event::PaymentPathFailed now contains a short_channel_id field which may be filled in with a channel that can be "blamed" for the payment failure. Payment retries should likely avoid the given channel for some time (#1077).
• PublicKeys in NetworkGraph have been replaced with a NodeId struct which contains only a simple [u8; 33], substantially improving NetworkGraph deserialization performance (#1107).
• ChainMonitor's HashMap of ChannelMonitors is now private, exposed via Chainmonitor::get_monitor and ChainMonitor::list_monitors instead (#1112).
• When an outbound channel is closed prior to the broadcasting of its funding transaction, but after you call ChannelManager::funding_transaction_generated, a new event type, Event::DiscardFunding, is generated, informing you the transaction was not broadcasted and that you can spend the same inputs again elsewhere (#1098).
• ChannelManager::create_channel now returns the temporary channel ID which may later appear in Event::ChannelClosed or ChannelDetails prior to the channel being funded (#1121).
• Event::PaymentSent now contains the payment hash as well as the payment preimage (#1062).
• ReadOnlyNetworkGraph::get_addresses now returns owned NetAddress rather than references. As a side-effect this method is now exposed in foreign language bindings (#1115).
• The Persist and ChannelMonitorUpdateErr types have moved to the lightning::chain::chainmonitor and lightning::chain modules, respectively (#1112).
• ChannelManager::send_payment now returns a PaymentId which identifies a payment (whether MPP or not) and can be used to retry the full payment or MPP parts through retry_payment (#1096). Note that doing so is currently not crash safe, and you may find yourself sending twice. It is recommended that you not use the retry_payment API until the next release.

Bug Fixes

• Due to an earlier fix for the Lightning dust inflation vulnerability tracked in CVE-2021-41591/CVE-2021-41592/CVE-2021-41593 in 0.0.100, we required counterparties to accept a dust limit slightly lower than the dust limit now required by other implementations. This appeared as, at least, latest lnd always refusing to accept channels opened by LDK clients (#1065).
• If there are multiple channels available to the same counterparty, get_route would only consider the channel listed last as available for sending (#1100).
• Persist implementations returning ChannelMonitorUpdateErr::TemporaryFailure from watch_channel previously resulted in the ChannelMonitor not being stored at all, resulting in a panic after monitor updating is complete (#1112).
• If payments are pending awaiting forwarding at startup, an Event::PendingHTLCsForwardable event will always be provided. This ensures user code calls ChannelManager::process_pending_htlc_fowards even if it shut down while awaiting the batching timer during the previous run (#1076).
• If a call to ChannelManager::send_payment failed due to lack of availability of funds locally, LDK would store the payment as pending forever, with no ability to retry or fail it, leaking memory (#1109).

Serialization Compatibility

• All above new Events/fields are ignored by prior clients. All above new Events/fields, except for Event::PaymentSent::payment_hash are not present when reading objects serialized by prior versions of the library.

In total, this release features 32 files changed, 2248 insertions, and 1483 deletions in 51 commits from 7 authors, in alphabetical order:

• 1nF0rmed
• Duncan Dean
• Elias Rohrer
• Galder Zamarreño
• Jeffrey Czyz
• Matt Corallo
• Valentine Wallace

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#091-oct-19-2021

1.8.0 DLC Wallet Tor negotiation

Running Bitcoin-S

If you want to run the standalone server binary, after verifying gpg signatures, you can unzip bitcoin-s-server-1.8.0.zip and then run it with ./bin/bitcoin-s-server to start the node. You will need to configure the node properly first, you can find example configurations here.

You can then unzip the bitcoin-s-cli-1.8.0.zip folder and start using the bitcoin-s-cli like this:

```bashrc ./bin/bitcoin-s-cli --help Usage: bitcoin-s-cli [options] []

-n, --network Select the active network. --debug Print debugging information --rpcport The port to send our rpc request to on the server -h, --help Display this help message and exit ```

For more information on what commands bitcoin-s-cli supports check the documentation, here is where to start: https://bitcoin-s.org/docs/next/applications/server#server-endpoints

Verifying signatures

This release is signed with Chris's signing key with fingerprint 339A49229576050819083EB3F99724872F822910

To do the verification, first hash the executable using sha256sum. You should check that the result is listed in the SHA256SUMS.asc file next to its file name. After doing that you can use gpg --verify to authenticate the signature.

Example:

$ sha256sum bitcoin-s-server-1.8.0.zip 9c130e51c0ca60021021ea48fab9fa2eae3797bafb1a4c022b3a2cd6d17446a0 bitcoin-s-server-1.8.0.zip $ sha256sum bitcoin-s-cli-1.8.0.zip 5dd0953ed92b03621ed5e359b1f03a2bc25fe1d636854103c4fab4ae1c952daa bitcoin-s-cli-1.8.0.zip $ gpg --verify SHA256SUMS.asc gpg: Signature made Thu 24 Sep 2020 12:49:39 PM CDT gpg: using RSA key 339A49229576050819083EB3F99724872F822910 gpg: issuer "stewart.chris1234@gmail.com" gpg: Good signature from "Chris Stewart <stewart.chris1234@gmail.com>"

Website

https://bitcoin-s.org/

Releases

https://repo1.maven.org/maven2/org/bitcoin-s/

Snapshot releases

https://oss.sonatype.org/content/repositories/snapshots/org/bitcoin-s/

Contributors

Thank you to our contributors this release!

@Christewart @benthecarman @user411 @rorp @shreyanshyad @shruthii625 @MattFaltyn @sambradbury @nkohen

Executive Summary

This release integrates Tor network support for opening a DLC with your counterparty. This is a huge UX improvement over the previous flow where 2 manual round trips were required to open a DLC with your peer.

See individual module sections for updates on per module basis.

app commons

Most changes in app commons this release is related to refactoring code so that it can be used more generically across the code base.

bfbde2abaa Add appCommonsTest to windows test matrix (#3683)

0fb2cd0149 Remove implicit conversions from BitcoinSAppConfig -> {WalletAppConfig,ChainAppConfig,NodeAppConfig} etc (#3652)

6ef30b4996 Add AppConfigFactory for DLCNodeAppConfig (#3598)

b980f4894d Implement BitcoinSAppConfig with ActorSystem (#3596)

75bbda66dd Add AppConfigActorSystem (#3590)

4f7b6422ea 2021 08 06 app config refacotr (#3498)

App server

The app server is the headless backend for bitcoin-s. This runs our wallet, node and chain management modules.

The biggest change this release is integrating end to end automated negotiation for entering into DLCs in PR #3462. This means you can just give your tor address and an offer to a peer and they will be able to enter into a DLC with you automatically.

This release included deprecating old endpoints that were poorly named and renaming them to have an announcement suffix. For instance createenumevent -> createenumannouncement.

The old endpoints will be removed next release. For more information see #3703 .

New rpcs added this release are

• getversion - returns versions of bitcoin-s
• backupwallet - backs up the wallet to the provided destination
• createcontractinfo - creates a contract info based on oracle, total collateral and payouts
• decodeoffer - decodes a dlc offer
• decodeannouncement - decodes an oracle announcement
• decodeattestments - decodes oracle's attestments

7a3497ab9c 2021 10 15 createcontractinfo numeric (#3758)

80d498d288 Fix bug where getbalances was always retruning sats (#3750)

94e219befd Update getbalance rpcs to return a number rather than a string (#3746)

d912665067 Remove cors handler for all requests (#3736)

1b88d26095 Bump logging level back to INFO on http servers (#3734)

99e12a393f Fix missing Config.resolve() call (#3727)

6cbbd8825d 2021 10 02 create contract info (#3713)

26d7f99173 2021 09 30 rename endpoints (#3703)

698fe9e800 Add backupwallet and backuporacle endpoints (#3694)

4a44f9cd58 Run appServerTest on both windows and mac (#3609)

2191eb2049 Add 'getversion' endpoint to fetch the version from the backend (#3689)

515e85b1c5 Decode DLC messages cli commands (#3636)

f5ed232946 Bump fee by more to make sure our fee rate is increasing the test case (#3625)

55c57c487e Add CORS handling for running from a local dev server (#3612)

a5f4f9663c Add BitcoinSServerMain test to connect to bitcoind (#3591)

9ef27e4d7e Turn on bitcoin-s.node.relay=true by default on bundle/appServer (#3580)

0a31d6a4e2 Have wallet broadcast transaction for sendrawtransaction (#3578)

309d9ec217 Add proxy and tor sections to reference conf (#3530)

7cac44de4d DLC P2P in AppServer and GUI (#3462)

5aac4fd8d5 Bump server startup timeout from 60 seconds to 120seconds (#3514)

e2c2798e60 Implemented the ability to fetch unconfirmed transactions (#3429)

bitcoind rpc

The major changes this module breaking up BitcoindInstance to BitcoindInstanceLocal and BitcoindInstanceRemote. These require different parameters. We can do much more with a locally running bitcoind instance.

We also can now fetch the version of a running bitcoind instance.

781e77844f Implement ability to get proper version of BitcoindRpcClient from BitcoindRpcApConfig.clientF (#3699)

4e56fb7901 Make it so bitcoind backend exceptions don't get swallowed (#3697)

af96843e69 Try to fix race condition when shutting down bitcoind connection pool (#3665)

d53f164478 BitcoindRpcClient Improvements (#3600)

0746b14331 Move BitcoindRpcAppConfig into the bitcoind-rpc project (#3610)

Build

We now publish docker images that are available on arm64 as well as amd64.

We also allow docker containers to take a BITCOIN_S_KEYMANAGER_ENTROPY. This is useful for platforms like umbrel that allow external entropy to be provided by the platform. See #3679 for more information.

59e953a1fc Bump CI runs to use scalac 2.12.15 (#3700)

4ef1e6bcb6 CI fixes (#3597)

4a5265801c Allow for enternal entropy to be passed into a docker container for the appServer and oracleServer (#3679)

9b269f0e5e Change userId to work with umbrel (#3667)

cd9db4f4a9 Adjust the permissions of the statup script for the oracle server on docker so that any user can run the script (#3654)

e17ea32faa Update base docker image to openjdk:16-slim (#3650)

8e39b2bbb8 Sbt docker multi platform (#3649)

fd7cd71848 Update .gitmodules (#3390)

c774ce3a34 Implement logic to automatically attach deb,dmg,msi installers to a release when i tag something (#3388)

Cli

466de3e46a Update ConsoleCli endpoints, update docs (#3705)

40f89af597 Give help messages for DLC cli commands and document them (#3642)

chain

Improves filter header verification when receiving filters from a peer.

fa45c74c36 Improve filter header verification (#3566)

Core

Bug fixes, test cases and ergonomic improvements this release for core.

ba713bd98f Fixed edge case of numeric range computation (#3707)

4f65022472 Fix signet parsing of LnInvoices (#3691)

479f8e249c Remove unneeded CoreApi (#3599)

85eb2d5eb4 Fix approximateUtxoSize calculation for p2wpkh (#3669)

f3da45c504 Add CurrencyUnits.fromLong (#3653)

ba21c24d6f Give funding txid in DLC Signed state (#3640)

f2a2874177 Add new invalid BIP 32 test vectors (#3634)

6e41b76f5b Make test vector that times out on CI async (#3628)

e829d03249 Add better CETSignaturesV0TLV.toString so we don't accidentally DOS in the case of large amoutns of adaptor signatures (#3521)

462ffc53e6 Give TLVs subtypes, add LnMessage utilities (#3437)

2597904019 Move DLCWalletApi to core module (#3438)

9aa9a424c2 Implement init message from BOLT 1 (#3407)

Db commons

The release for db commons adds a new class MasterXPubDAO that allows you to store the master xpub for a specific module like the wallet or dlcOracle. If a different seed is used on statup, an exception will be thrown saying that the stored master xpub and the xpub generated from the seed are different.

6df0354a73 Enable WAL mode for SQLite (#3704)

48213d9b81 Implement MasterXPubDAO (#3451)

DLC node

This is a new module. This implements the networking logic to negotiate the building of Contract Execution Transactions (CET) and the funding transaction for a DLC.

1051e6365a DLC P2P Client (#3402)

DLC Oracle

This release for DLC oracle focuses on making sure our DLCOracle construction is safe. Previously we could seed the oracle with entropy that doesn't correspond to entropy on disk or passed via the BITCOIN_S_KEYMANAGER_ENTROPY flag.

One other bug fix in this release is making sure we increment the keyIndex in a thread safe way.

5a5f1e00c7 Store oracle name in the database (#3748)

b02a963ff8 Fix bug with unsigned digit decomp events and signing negative outcomes (#3728)

ea375f9c55 Actually validate master xpub on startup (#3719)

98ecdf7ac3 Refactor DLCOracle construction to be more safe (#3449)

1032669f21 Add unit test for moving seeds and making sure we can get the same public key after moving (#3441)

36c4da7c95 Use AtomicInteger for keyIndex in DLCOracle (#3433)

2d96a9c519 Fix typo in DLCOracle (#3434)

91b88b60ec Add large digits test in DLCOracle (#3432)

ea1ead9a3f Add nonces to error message for easier debugging (#3430)

b7b2a7099f 2021 07 15 dlc oracle pg (#3413)

DLC wallet

Bug fixes this release. The most notable is preserving the ordering of inputs when multiple

9668358807 2021 10 04 issue 3715 (#3724)

inputs are used to fund the DLC from one counterparty (#3647)

099e4469b4 Add ordering of funding inputs to DLC Wallet (#3647)

706c9fe961 Add check for valid broadcast states (#3560)

1d6ede492f Invert updating of DLC state and broadcasting the funding tx (#3526)

621e8e9033 Rescan DLC Tests (#3515)

c1ce9ca115 Disallow signing your own DLCAccept (#3453)

a295b363bd Fix bug where we couldn't execute a DLC twice (#3426)

892096d790 Disallow calling addDLCSigs as Initiator (#3411)

fee provider

BitGo removed some objects from the result they return from their API

3ffa997cc7 remove fields from BitGoResult (#3739)

gui

Tons of improvements to the GUI. Our thinking on the GUI is to re-write it in typescript. We will continue to support for the desktop GUI for now, will the goal of phasing it out over the long term.

656e9b1b5d Sort DLC table by last updated (#3607)

11dd28085a Add debug window button to unreserve all utxos (#3633)

8cff5b6e33 Change bitcoind RPC Password to PasswordField (#3587)

e62615dc5e Add guard to not allow us to check the network configuration on bitcoind (#3582)

072c4164db Add Tor running text to UI (#3546)

68afe90778 Flip buttons for Offer and Accept (#3579)

01617be190 Add welcome pane to right view on startup (#3577)

fd02d3642e Add dialog to show transaction id and link after wallet Send (#3570)

5567d2214f Move DLC/Event loading operations to Pane (#3567)

589077f2f3 Enum outcome labels to match numeric outcome labels (#3568)

b545915fc0 Implement rebroadcast closing tx (#3564)

e08dc636a1 Wallet on top UI, minWidth on DLC View fields (#3540)

63ccfbe1a0 Add Network label to statusbar (#3541)

da0d583471 Style wallet startup screens (#3542)

e0ecafc5f9 Add debug window to view log fixes #3516 (#3536)

77539c570a Adjust DLCTableView column widths and "counter party" to "counterparty" (#3539)

b2065a9c02 SplitPane flat Dialog UI (#3505)

b98aa7c8e1 GUI code cleanup (#3504)

5524f7d393 Add style classes, center Rounding Info (#3496)

84e6097d48 Set disable to context menu items based on selection, add Refund/Execute (#3477)

e315fb0563 Move to GridPane wallet, dynamic sizing (#3492)

66813dc7c5 Fix error parsing address in AcceptOfferDialog (#3491)

831e0fd96d Evenly space footer status items (#3485)

3177b1586b Adds Tor Address to UI, if set (#3481)

2dd348a79f Fix dialog results optionality nesting to match dialogOpt (#3479)

00841160e0 Modifer keys per OS, Mac native menubar (#3474)

ef16082b95 Add preferences for wallet window x,y,w,h persistence (#3473)

c022261c4f Remove colons from DLC view labels (#3471)

9aadf9053d Dialogs to CliCommandProducers with buildView(), common fileChooser (#3456)

bc3140c6bb Default Use Tor to config value, space login pages the same (#3472)

f20cdf667c Pretty print PnL in table view (#3400)

19fb1cf17a Add network selection combobox for Neutrino (#3409)

c1715760c6 Add connection indicator to GUI (#3381)

keymanager

This adds bitcoin-s.keymanager.entropy configuration that allows you to provide external entropy for the modules that depend on the keymanager. These modules are the wallet and dlcOracle as of this writing.

3852a885e1 Try to fix CI for native

3a90115067 disable secp256k1 on native images so we don't run into linking errors (#3718)

132479d271 Implement ability to provide external entropy to bitcoin-s (#3672)

Lnd rpc

This release adds functionality for signing, closing, and leasing ouputs with lnd.

There are various bug fixes in this release too.

98ceddfc22 update lnd to v0.13.3 (#3720)

f6169cc3af Add LndInstanceRemote (#3710)

26efbe783e Add lnd close channel function (#3692)

e6e1fbdab8 Fix typo for signet LndInstances (#3690)

b6f28456e2 Add functions for Lease & Release output functions (#3677)

fd6e0864ac LndRpcClient: Fix listUnspent only showing unconfirmed utxos (#3663)

74777a9683 Add conversion utils for LndRpcClient (#3660)

5089e901bb Add wallet signing functions (#3658)

7cd21edb12 2021 08 17 rebroadcast funding tx (#3561)

35d2c6db4e Update LND to v0.13.1-beta (#3435)

node

This release of node lays the groundwork for multi peer block filter lite client (#3401). This functionality is not usable yet, but will be in the release of bitcoin-s.

This release also includes P2P reconnection logic. Previously you would have to restart the node to re-connect with a peer (#3572).

99107b61ea Add PeerDAO (#3738)

ebdf1e2382 add ControlMessageHandler (#3732)

db46e35172 Fix case where we forget to correctly assign currentPeerMsgHandlerRecv (#3662)

b6ef27eb3e Move block generation and synchronization of th wallet before clearing utxo/addresses (#3623)

ac8bdb120c Implement PeerMessageReceiverState.InitializedDisconnect. This allows us to distinguish between disconnections we initalized and connections the peer intialized. This is needed for determining whether we should reconnect or not (#3583)

20575bcd68 Fix missing afterAll in ReConnectionTest (#3584)

54ce2ebeb2 P2P reconnect logic (#3572)

114fbf35fe Update version, userAgent for bitcoin-s (#3565)

037ab7341e Reduce logs for inv messages and wallet callbacks to DEBUG (#3524)

1426c31483 Multi peer: Sync with random peer (#3454)

85975b8b07 complete handshake with peers (#3446)

4be2b2109b [WIP] Adding multi-peer support (#3401)

1c6d728197 Made relay flag in version message configurable (#3416)

45233be22d Update user agent (#3384)

Oracle explorer client

Updates the API used by oracle explorer client to be v2. Suredbits released this API recently. See the API docs for more info

ab8649a6a1 update oracle explorer client to use v2 of the API (#3747)

Oracle server

This release adds two new endpoint for the oracle server in #3701

WARNING

These endpoints should be used VERY carefully. You can reveal your private key if you delete attestations that were widely shared if you re-attest with a different value. Deleting an announcement that users have built DLCs based on will mean those DLCs will have to exercise the refund clause. If you don't know what you are doing, it's best to not use these endpoints.

• deleteannouncement - deletes the announcement
• deleteattestation - deletes the attestations for an announcement

6aff01ffbf createattesattion -> signenum (#3712)

3d725adc92 2021 09 29 delete announcement (#3701)

27d4c09d37 Add sha256 announcement/event ids on oracleServer 'getevent' for use in UI (#3673)

secp256k1jni

60dbd0252d Update secp256k1 precompiled binaries to use safegcd code on linux64 (#3528)

560edf66d8 update osx64 secp256k1 binaries (#3531)

e3ab76fe6b update arm64 secp256k1 binaries (#3527)

wallet

This release for the wallet fixes bugs and adds tests. No new functionality was added.

9e43a242fa Fix logical error on getunconfirmed balance for an account (#3721)

1f35dbdb85 Fix bug where we weren't waiting on a future to complete in for expression (#3627)

bedc152f33 Write unit test for SpendingInfoDAO.upsert() (#3620)

184bf415df More bitcoind backend wallet tests (#3605)

f85f969500 Revert 60 second delay on broadcast to go back to 4 hour default to not break IBD (#3557)

9666e9d296 2021 08 09 init delay broadcast freq (#3509)

testkit

The major new feature this release is adding the ability to configure the testkit to use postgres with the test harness. You can force the testkit by setting this configuration in your reference.conf bitcoin-s.testkit.pg.enabled=true

2c8a2b0e32 Fix testkit depending on slf4j twice (#3644)

495ab62104 Tor in Testkit (#3484)

902f4aa332 The spaces after the log level cause logging levels not to work (#3545)

b2b2ca45db Add ability to configure postgres database backends for test cases via reference.conf (#3421)

tor

This is a new module introduced in 1.8. This adds support for tor in bitcoin-s.

704b02ae6c Use random ports for pre-packaged Tor daemon (#3604)

cebd289dd6 Implement versioning for packaged tor (#3576)

c915711908 Make Tor setup Docker compatible (#3552)

addb1254ee Fix for if tor is already running (#3562)

f2e68bbfc5 Add guard for the case where tor binary hasn't created log file yet (#3558)

b7d85264a0 Implement TorAppConfig.start(), use tor logs to detect when the tor is fully started (#3549)

bbd3cd2bc4 Stop tor binary when server is shutdown (#3543)

04678b5ed9 Add tor config to bundle application.conf (#3537)

ddd27c3d89 Add TorBundle, make all mac files executable that are required (#3534)

43e0287fed Package Tor with Bitcoin-s (#3483)

3d4cf1fc91 Tor support for all sub-projects (#3506)

8979ac2932 Don't use tor proxy for localhost connections (#3500)

b39ca47268 Create TorAppConfig (#3476)

59963156bc Hidden service setup helper (#3423)

ca40af5d94 Tor support for BTC RPC (#3470)

16e8554756 SOCKS5 client transport (#3396)

8b663d91b6 Tor support for P2P (#3311)

Website

Update various documentation.

6f54fc543b 2021 10 15 wallet numeric example (#3759)

6c5f8fd84a 2021 10 15 release notes update (#3760)

d8722c3f32 Add descriptions for modules that are being updated (#3743)

9bcc79c3d0 Update README (#3745)

9148212800 Clarify documentation on getting-setup.md (#3731)

4c15eb5268 Fix settling section (#3725)

3025a9a874 Add wallet election example to docs (#3716)

aa50ca8d64 Begin adding 1.8.0 release notes (#3717)

d2a7bc02b6 Fix app server docker docs (#3575)

7f7bc1f4bf Update configuration.md (#3503)

6a66f9bfcd Update tor.md (#3507)

c27291a7a2 Getting Setup Fixes (#3517)

c37f982f02 Update tor.md (#3495)

a8fa96b0a4 Add where tor.md modifications need to be made explicitly (#3493)

e61be252bd Updated README (#3489)

79e11c6dce Update path to secp256k1 library in docs (#3385)

Dependencies

87624d7055 Update sbt-scoverage to 1.9.1 (#3741)

779b728834 Update sbt-native-packager to 1.9.5 (#3735)

d807007457 Update sbt-scalajs, scalajs-compiler, ... to 1.7.1 (#3729)

984d575869 Update sbt-native-packager to 1.9.0 (#3733)

f6a2ec5896 Bump prismjs from 1.24.0 to 1.25.0 in /website (#3723)

8cbdf8244a Update scalacheck-1-14 to 3.2.2.0 (#3722)

335bc13f97 Update akka-actor, akka-discovery, ... to 2.6.17 (#3756)

a6ee7360c1 Update sbt-assembly to 1.1.0 (#3641)

7c5967a059 Update breeze-viz to 1.3 (#3550)

41899e6ad6 Update sbt-ci-release to 1.5.10 (#3754)

4b04a54f15 Update sbt-native-image to 0.3.2 (#3752)

bb8997b6a0 Update sbt-native-packager to 1.9.6 (#3753) 51bf5458dc Update metrics-core to 4.2.4 (#3709)

bf16bab881 Update scodec-bits to 1.1.29 (#3698)

f9cfd05414 Update postgresql to 42.2.24 (#3687)

c17cc86ad6 Update sbt-ci-release to 1.5.9 (#3685)

c53b96c77f Update native-lib-loader to 2.4.0 (#3682)

9b429e98da Bump prismjs from 1.24.0 to 1.25.0 in /website (#3680)

dc56c69c6a Update scalafx to 16.0.0-R25 (#3676)

b80710eaaf Update native-lib-loader to 2.3.6 (#3678)

619fd5a1fb Update scalatest to 3.2.10 (#3675)

3c64af39d9 Update sbt-scoverage to 1.9.0 (#3671)

11c3626fac Update sbt-bloop to 1.4.9 (#3664)

87b8c4a138 Update scala-library to 2.12.15 (#3668)

911fd3429d Update scala-async to 1.0.1 (#3656)

576680a419 Update logback-classic to 1.2.6 (#3655)

14ea28bfa2 Update akka-grpc-runtime_2.12, ... to 2.1.0 (#3638)

3c9b30b974 Update scodec-bits to 1.1.28 (#3639)

2d429db60d Update sqlite-jdbc to 3.36.0.3 (#3630)

554869e72a Update akka-actor, akka-discovery, ... to 2.6.16 (#3574)

168da1ae1e Update sbt-mdoc to 2.2.23 (#3613)

0200ae8beb Update sqlite-jdbc to 3.36.0.2 (#3608)

90c3f69713 Update scalajs-stubs to 1.1.0 (#3508)

004b6cc59d Update sbt-scalajs, scalajs-compiler, ... to 1.7.0 (#3475)

fc88aa077b Update sbt-mdoc to 2.2.22 (#3439)

3cdc0d19c7 Update akka-http, akka-http-testkit, ... to 10.2.6 (#3488)

520e8e5715 Update janino to 3.1.6 (#3457)

07b4e722c1 Update akka-http, akka-http-testkit, ... to 10.2.5 (#3455)

7b1c5639cc Update logback-classic to 1.2.5 (#3452)

62a8897d7f Update slf4j-api to 1.7.32 (#3427)

7f07ed7a7a Update metrics-core to 4.2.3 (#3419)

6e04010cba Update scala-async to 1.0.0 (#3392)

74964ab145 Update sbt to 1.5.5 (#3391)

cddecc2075 Update sbt-scalafmt to 2.4.3 (#3386)

38c55ad0c0 Update scala-collection-compat to 2.5.0 (#3387)

This release contains several enhancements in JSON-RPC interface, Ethereum compatibility fixes and node performance improvements. This is a summary of the changes included in this version:

• Added support for newPendingTransactions subscription (#1580)
• Added support for EIP-1898: add blockHash to JSON-RPC methods which accept a default block parameter. (#1581)
• Added support for debug_traceBlockByHash JSON-RPC method (#1546)
• Added support for blockHash filter in eth_getLogs JSON-RPC method (#1527)
• JSON-RPC compatibility fixes (#1491, #1522, #1564, #1588, #1601)
• Performance improvements (#1459, #1557, #1569, #1579, #1585)

You can find a complete list of the changes introduced in Iris 3.1.0 milestone.

SHA256 (see Reproducible Build guide for further details): 07dea8cd7b80e1341c06e1c9f6d15f2b381f5d46443db777ebded194088a5784 rskj-core-3.1.0-IRIS-all.jar

c-lightning integration & refactor of setup process (prepare for upcomming WebUI)

• ADD: ISK Fiat
• ADD: Copy QRCode to Clipboard

• ADD: loc sync fr, he, ar

• FIX: multisig not exporting correct psbt with all signatures

• FIX: Clipboard Popup not working #4000

• FIX: App would crash if navigate was called prior to menu show

• FIX: The term "Alert" is not part of the localisation file #3895

• REF: change default electrum servers list

This version of Umbrel brings Bitcoin Core 22.0, lower disk space usage (free up ~50GB), 3 brand new apps in the Umbrel App Store — Node-RED, Krystal Bull and LN Markets, performance improvements, updated apps, and more.

Please note that the Electrum server on your Umbrel will be unavailable for ~12 hours after the update, and any wallets connected to it (BitBoxApp, BlueWallet on-chain only, Electrum Wallet and Sparrow) will not be able to connect to your Umbrel during that time, along with the Mempool and BTC RPC Explorer apps.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel"

Eclair v0.6.2

This releases fixes a known vulnerability, makes several performance improvements, includes a few bug fixes and many new features. It is fully compatible with 0.6.1 (and all previous versions of eclair).

This release requires a few actions from node operators when upgrading: make sure you read the release notes carefully!

The release notes can be found here.

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it:

• from our website: https://acinq.co/pgp/drouinf.asc
• from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key:

sh $ gpg --import drouinf.asc

To verify the release file checksums and signatures:

sh $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Building

Eclair builds are deterministic. To reproduce our builds, please use the following environment (*):

• Ubuntu 20.04
• AdoptOpenJDK 11.0.6
• Maven 3.8.1

Use the following command to generate the eclair-node package:

sh mvn clean install -DskipTests

That should generate eclair-node/target/eclair-node-0.6.2-6817d6f-bin.zip with sha256 checksums that match the one we provide and sign in SHA256SUMS.asc

(*) You may be able to build the exact same artefacts with other operating systems or versions of JDK 11, we have not tried everything.

Upgrading

This release is fully compatible with previous eclair versions. You don't need to close your channels, just stop eclair, upgrade and restart.

• FIX: Lightning wallet was throwing error with Tor
• FIX: choose next electrum server if current one is dead
• FIX: dark mode in new import screens
• FIX: If null or undefined, dont show manage funds button

SECURITY UPDATE: This version of Umbrel brings the latest LND 0.13.3 which includes an important security fix.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Security Fixes

This release contains a security fix for CVE-2021-41593 which would allow an attacker to cause loss of funds through a griefing vector related to high accepted dust values. This release addresses the issue by enforcing stricter clamps on accepted dust values during channel funding, and also adds hltcswitch level dust accounting to limit the total dust exposure (triggered by an instantaneous force close) at any moment. The default allotted fully forwarded dust exposure level is set at 500k sats, this value can be tweaked with a new config flag: --dust-threshold=.

If upgrading is not possible to prevent CVE-2021-41593, the dust-tool can intercept bad open_channel parameters and reject them via our ChannelAcceptor. In addition, it can also scan your node's current set of confirmed channels and recommend closing potentially risky ones out.

Alternatively, your node's advertised min_htlc value can be increased to ensure it is well above all the dust limits of its active channels.

Database Migrations

This release does not contain any database migrations.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.13.3-beta.sig and manifest-v0.13.3-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.13.3-beta.sig manifest-v0.13.3-beta.txt

You should see the following if the verification was successful:

``` gpg: Signature made Mon Oct 4 08:20:20 2021 PDT gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun laolu32@gmail.com" [ultimate]

```

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.13.3-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.13.3-beta.sig.ots -f manifest-roasbeef-v0.13.3-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.13.3-beta gpg: Signature made Mo 04 Okt 2021 16:08:05 CEST gpg: using RSA key F4FC70F07310028424EFC20A8E4256593F177720 gpg: Good signature from "Oliver Gugger <gugger@gmail.com>" [unknown]

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.13.3-beta /verify-install.sh v0.13.3-beta $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.13.3-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.13.3-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.3-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.3-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.3.md

Contributors (Alphabetical Order)

• Conner Fromknecht
• Eugene Siegel
• Harsha Goli
• Jordi Montes
• Olaoluwa Osuntokun
• Oliver Gugger

https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#090-sep-30-2021

Highlights:

• Wallet accounts search & discovery
• Offline wallet import
• Custom derivation paths
• Passphrases in advanced mode
• Toggle for disabling Tor
• Sinhala language

Improvements:

• View QRCode button on 'is it my address'
• Support for electrum with bitcoin core 22+
• Proper fee estimation for multisig
• Handoff in-app rather than browser
• Prompts were inaccessible on macOS
• Screenshot prevented in onchain receive

Minor bug fixes release, update recommended for shared hosting.

Bug fixes

• If Only enable the payment method after user explicitly chooses it is enabled for a store and a payment method is unavailable, the server could become unresponsive. @NicolasDorier
• Authorize API key page was broken when trying to select specific stores (#2858) @ubolator
• The /docs page was broken in 1.2.3 due to CSP @NicolasDorier
• Fixing crashes happening when someone migrate from BTCPay Server altcoins edition back to bitcoin only @Kukks

A newer version is already available! Please don’t use this version anymore.

Release notes

This release enables you to connect to a Bitcoin Core node with a Tor v3 address.

Tor v2 addresses will not be supported after October 15th, so please update your Bitcoin and Bisq nodes ASAP.

This version also introduces three new payment methods: SWIFT, Paysera, and Paxum. As always, there are many additional bug fixes and minor improvements across the board as well.

Improvements

• Add bitcoinj Tor v3 support
• Update to BTC node Tor v3 onions
• Add SWIFT payment method
• Add Payment Methods: Paysera and Paxum
• Allow user to initiate arbitration once locktime has expired
• Update @leo816's onion address
• Improve japanese bank branch validation
• Reduce # of hash calculations in UI OfferBook view

Bug fixes

• Fix failed trade / missing payment information

Development & Documentation

• Override/disable gRPC call rate meters in test harness driver
• Add new api method editoffer: 1, 2, 3

New Assets

No new assets were added.

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.7.4.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.7.4-all.jar The output need to match the value from the Bisq-1.7.4.jar.txt file.

There are three hashes within the Bisq-1.7.4.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 11.0.10 and the v1.7.4 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.7.4.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @Emzy
• @ghubstan
• @jmacxx
• @ripcurlx
• @sqrrm
• @wiz

As well as to everyone that helped with translations on Transifex.

API Updates

• Custom message types are now supported directly in the PeerManager, allowing you to send and receive messages of any type that is not natively understood by LDK. This requires a new type bound on PeerManager, a CustomMessageHandler. IgnoringMessageHandler provides a simple default for this new bound for ignoring unknown messages (#1031, #1074).
• Route graph updates as a result of failed payments are no longer provided as MessageSendEvent::PaymentFailureNetworkUpdate but instead included in a new field in the Event::PaymentFailed events. Generally, this means route graph updates are no longer handled as a part of the PeerManager but instead through the new EventHandler implementation for NetGraphMsgHandler. To make this easy, a new parameter to lightning-background-processor::BackgroundProcessor::start is added, which contains an Optional NetGraphmsgHandler. If provided as Some, relevant events will be processed by the NetGraphMsgHandler prior to normal event handling (#1043).
• NetworkGraph is now, itself, thread-safe. Accordingly, most functions now take &self instead of &mut self and the graph data can be accessed through NetworkGraph.read_only (#1043).
• The balances available on-chain to claim after a channel has been closed are now exposed via ChannelMonitor::get_claimable_balances and ChainMonitor::get_claimable_balances. The second can be used to get information about all closed channels which still have on-chain balances associated with them. See enum variants of ln::channelmonitor::Balance and method documentation for the above methods for more information on the types of balances exposed (#1034).
• When one HTLC of a multi-path payment fails, the new field all_paths_failed in Event::PaymentFailed is set to false. This implies that the payment has not failed, but only one part. Payment resolution is only indicated by an Event::PaymentSent event or an Event::PaymentFailed with all_paths_failed set to true, which is also set for the last remaining part of a multi-path payment (#1053).
• To better capture the context described above, Event::PaymentFailed has been renamed to Event::PaymentPathFailed (#1084).
• A new event, ChannelClosed, is provided by ChannelManager when a channel is closed, including a reason and error message (if relevant, #997).
• lightning-invoice now considers invoices with sub-millisatoshi precision to be invalid, and requires millisatoshi values during construction (thus you must call amount_milli_satoshis instead of amount_pico_btc, #1057).
• The BaseSign interface now includes two new hooks which provide additional information about commitment transaction signatures and revocation secrets provided by our counterparty, allowing additional verification (#1039).
• The BaseSign interface now includes additional information for cooperative close transactions, making it easier for a signer to verify requests (#1064).
• Route has two additional helper methods to get fees and amounts (#1063).
• Txid and Transaction objects can now be deserialized from responses when using the HTTP client in the lightning-block-sync crate (#1037, #1061).

Bug Fixes

• Fix a panic when reading a lightning invoice with a non-recoverable signature. Further, restrict lightning invoice parsing to require payment secrets and better handle a few edge cases as required by BOLT 11 (#1057).
• Fix a panic when receiving multiple messages (such as HTLC fulfill messages) after a call to chain::Watch::update_channel returned Err(ChannelMonitorUpdateErr::TemporaryFailure) with no ChannelManager::channel_monitor_updated call in between (#1066).
• For multi-path payments, Event::PaymentSent is no longer generated multiple times, once for each independent part (#1053).
• Multi-hop route hints in invoices are now considered in the default router provided via get_route (#1040).
• The time peers have to respond to pings has been increased when building with debug assertions enabled. This avoids peer disconnections on slow hosts when running in debug mode (#1051).
• The timeout for the first byte of a response for requests from the lightning-block-sync crate has been increased to 300 seconds to better handle the long hangs in Bitcoin Core when it syncs to disk (#1090).

Serialization Compatibility

• Due to a bug in 0.0.100, Events written by 0.0.101 which are of a type not understood by 0.0.100 may lead to Err(DecodeError::InvalidValue) or corrupt deserialized objects in 0.100. Such Events will lead to an Err(DecodeError::InvalidValue) in versions prior to 0.0.100. The only such new event written by 0.0.101 is Event::ChannelClosed (#1087).
• Payments that were initiated in versions prior to 0.0.101 may still generate duplicate PaymentSent Events or may have spurious values for Event::PaymentPathFailed::all_paths_failed (#1053).
• The return values of ChannelMonitor::get_claimable_balances (and, thus, ChainMonitor::get_claimable_balances) may be spurious for channels where the spend of the funding transaction appeared on chain while running a version prior to 0.0.101. Balance information should only be relied upon for channels that were closed while running 0.0.101+ (#1034).
• Payments failed while running versions prior to 0.0.101 will never have a Some for the network_update field (#1043).

In total, this release features 67 files changed, 4980 insertions, 1888 deletions in 89 commits from 12 authors, in alphabetical order: * Antoine Riard * Devrandom * Galder Zamarreño * Giles Cope * Jeffrey Czyz * Joseph Goulden * Matt Corallo * Sergi Delgado Segura * Tibo-lg * Valentine Wallace * abhik-99 * vss96

Highlights: - Sat/vByte instead of sat/byte - Tor stability on android - Faster native navigation

Improvements: - Typos in language file - Display built branch on about screen - Remove blur package. Use builtin solution - Pause QRCode during Export - Cobo Vault compatibility - Improved currency exchange module

Bitcoin Core version 22.0 is now available from:

https://bitcoincore.org/bin/bitcoin-core-22.0/

For the release notes please see the git repository:

https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-22.0.md

Do not use the links provided by GitHub, rather use the above download links, they are guaranteed to be generated deterministically and signed.

Umbrel 0.4.2 brings the latest versions of Samourai Server, Mempool, Home Assistant, BTCPay Server, Nextcloud, BTC RPC Explorer, Pi-hole, Synapse, Element, LNbits, Gitea, code-server, and a brand new app — Squeaknode, to the Umbrel App Store, along with an updated Electrum server, performance upgrades, bug fixes, and more.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

This release fixes three XSS vulnerabilities. Those vulnerabilities only impacts shared BTCPay instances. Special thanks to Ajmal "@b3ef" Aboobacker and Abdul "@b1nslashsh" muhaimin for finding them who contacted us through @huntrdev. See 1, 2 and 3.

Bug fixes:

• Use CSP to prevent future XSS attacks. (#2856, #2863) @NicolasDorier
• Fix XSS vulnerabilities in summernote, the rich text editor (#2859) @dennisreimann
• The page could crash if the user clicks too many time on Notificate 'Mark as Seen' @NicolasDorier
• Fix plugins page crashing @Kukks
• Fix page crash of the perk editor in the crowdfund settings when the title is not set @dennisreimann
• Do not generate payment methods when 0 amount invoice (#2776)
• When using the BTCPay Vault, some hardware wallet types were considered unknown @NicolasDorier

• ADD: support for truncated BIP39 wordlist (3-4 chars per word)
• FIX: Lightning address error when typing anything after @
• FIX: storage issues
• FIX: Cosign for multisig was not a visible option
• FIX: Localize LN Invoice Expire time
• FIX: Unit wasnt defaulting to BTC
• FIX: localizations ar, es, he, ko, de, fa_IR
• REF: Update details UI to match design
• REF: Update payjoin-client

This is a minor release for fixes and minor enhancements. All users are encouraged to upgrade.

Changelog:

• Fix memory leaks in the frontend causing webapp to crash (#755)
• Fix median fee not displayed when viewing a block page (#749)
• Fix incorrect API documentation and related examples (#716)
• Fix displaying significant digits of transaction fee (#722)
• Fix search bar addresses types and case sensitivity (#765)
• Fix current difficulty period progress calculation (#746)
• Add block navigation arrows for next and previous (#710)
• Add base module setting for Liquid / Bisq builds (#669)

The complete changelog is available at: https://github.com/mempool/mempool/compare/v2.2.1...v2.2.2

Main changes

Manual input support and sending to Lightning addresses

You can now pay lightning addresses over LNUrl-pay with Phoenix. Go to the Send screen > Manual input to enter an address. You can also manually enter a Bitcoin address or a BOLT11 invoice if you want to.

Arabic translation

The app has been translated to Arabic. Thanks @EZ0010 for the translation, and @Jean-Gray for the review.

Full list of changes

• app: https://github.com/ACINQ/phoenix/compare/v1.4.15...v1.4.17
• core: https://github.com/ACINQ/eclair/compare/v0.4.13-android-phoenix...v0.4.14-android-phoenix

Verifying signatures

You will need gpg and our release signing key E434ED292E85643A. Note that you can get it: - from our website: https://acinq.co/pgp/padioupm.asc - from github user @pm47, a committer on eclair: https://api.github.com/users/pm47/gpg_keys

To import our signing key: $ gpg --import padioupm.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Fix to test suite for Coldcard

• ADD: Open Receive screen on push
• FIX: Address list would crash on lack of item
• ADD: lightning address send support (closes #3690)
• FIX: Use preferred unit for min and max information
• FIX: Update UI for Send screen if new deeplink data is available
• FIX: Expand option was available even after use
• FIX: When selecting to send MAX on part or a X is shown in amount. #2412
• ADD: pending transaction status screen UX (closes #3183)
• ADD: onchain receive address now shows ETA on incomming transaction (rel #3183)
• FIX: Disable toggle if server is for Tor
• FIX: small RTL alignment issue #3677
• FIX: multisig cosigner type inferred from the path (closes #3653)
• FIX: Reordering Wallets UX
• FIX: If Tor is not supported, throw alert.
• FIX: If offline mode, disable import button
• FIX: ImagePicker wasnt processing selected asset
• REF: Localization for QR
• FIX: lnurl-pay comment
• ADD: Enhance offline mode UI
• ADD: Borders to Dynamic QR Code
• REF: Use ContextButton for advanced options
• ADD: lnurl-pay comments (closes #3617)
• FIX: single-address realm txs storage
• REF: store HD wallets txs in realm properly, one per row (closes #3357)

Bug fixes:

• It was impossible to send from the wallet to more than two destinations (#2825) @NicolasDorier
• Fix rounding issue in the invoice refund flow (#2778, #2810) @NicolasDorier
• When cloning an expired payment request, the new payment request was also expired (#2820) @dennisreimann
• Fix instructions to import a coldcard wallet via file upload (#2809) @mandelbit
• Lightning payments should not be proposed for top-up invoices (#2772, #2780) @ubolator
• Typo fixes (#2774) @jorisvial
• Fix payjoin client to properly handle receiver using output substitution (#2677) @NicolasDorier
• The checkout would crash for some client if automatic detection of language was checked, and the browser was not setting the accepted language @NicolasDorier

A newer version is already available! Please don’t use this version anymore.

Release notes

This summer vacation release fixes some minor bugs.

Improvements

• Improved tooltip for signed and unsigned accounts
• Allow LTC accounts to use SegWit addresses

Bug fixes

• Fix issue with extraData field when editing offer
• Fix issue for deprecated payment account imported from backup
• Prevent negative suggested mining fee when burning BSQ for fees
• Arbitration: Avoid creating more than one refund payout
• Update @ripcurlx expired public key

Development & Documentation

• Pricenode: Remove the Exmo exchange as a price provider
• Pricenode: Only bind jmxremote management interface to 127.0.0.1

New Assets

No new assets were added.

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.7.3.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.7.3-all.jar The output need to match the value from the Bisq-1.7.3.jar.txt file.

NEW: There are three hashes within the Bisq-1.7.3.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 11.0.10 and the v1.7.3 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.7.3.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @BtcContributor
• @jmacxx
• @ripcurlx
• @sqrrm
• @xyzmaker123

A special thanks to our first time contributors: - @xyzmaker123 - Improved tooltip for signed and unsigned accounts

As well as to everyone that helped with translations on Transifex.

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Devices: Add Passport support #1343 (benk10)
• Devices: Improved Liquid support for Specter-DIY #1358 (Stepan Snigirev)
• Bugfix: Fix Liquid addresses UTXO count #1350 (benk10)
• Bugfix: Fix add keys #1355 (Tushar Singla)
• Bugfix: Fix key import on liquid #1370 (Stepan Snigirev)
• Bugfix: Fix imported labels not being saved #1362 (relativisticelectron)
• Bugfix: Fix add key functionality for hot wallets #1354 (Tushar Singla)
• Bugfix: Use the configured bitcoind data directory #1348 (Nadav Ivgi)
• Bugfix: Delete pending psbts if inputs were spent #1366 (Stepan Snigirev)
• Bugfix: Fix amount and label parsing #1368 (Stepan Snigirev)
• Bugfix: Fix assetlabel and default asset properties for bitcoin #1351 (Stepan Snigirev)
• Feature: Add Export Specter Format for wallets #1345 (Hani Mohammed)
• Feature: Add assets registry for Liquid wallets #1360 (benk10)
• Feature: Add single-key taproot support #1364 (Stepan Snigirev)
• Docs: run tests and avoid elm-tests if you don't want them #1326 (Kim Neunert)
• UI: More information while backing up specter data #1346 (Tushar Singla)
• UI: Warn user when hidden advanced fields are not empty #1356 (benk10)
• UI: Fetch asset labels #1352 (Stepan Snigirev)
• Chore: Bump path-parse from 1.0.6 to 1.0.7 in /pyinstaller/electron #1344 (dependabot[bot])
• Chore: pytest for Electrum address label import #1363 (relativisticelectron)

Added

Electrum connection toggle Share/Save QRCode Resize selected Images for less error prone QR scanning Share button on sign/verify screen

Refactored

Move LT to Tools Speedup wait for electrum Use new UIMenu Dont load address txs if > 1000 Connect BlueElectrum explicitly

Fixed

Realm encryption mismatch after backup restore (closes #3332) Disable slower fees if they match faster fee Replace ',' with '.' instead of empty string. Unable to Browse Past First Wallet Widgets were not reloading (macOS) Provide more context when local QR code scan fails Update session state on app termination Apple Watch invoice gets stuck #1529 OnePlus text cutoff Don't start WatchConnectivity on macOS

This a patch release that contains a fix for a known issue where -under certain conditions- calls to the eth_getLogs method would return incorrect results (see issue #1600).

This is a non-mandatory upgrade, however we encourage users to upgrade to this version if they are running nodes used to retrieve blockchain event logs.

These are the changes included in this version: - Fix data retrieval for eth_getLogs method (#1605) - Ignore ‘type’ argument in JSON-RPC calls (#1606).

SHA256 (see Reproducible Build guide for further details): a6223f3a9d289f1d5a4ab535b5e748f43b5829ab6274050b93f86d2c77223683 rskj-core-3.0.1-IRIS-all.jar

Umbrel 0.4.1 brings LND v0.13.1, along with the latest versions of apps including Mempool, Specter Desktop, BTCPay Server, Samourai Server to the app store, visual improvements for Windows/Linux users, better Tor performance, persistent lnd.conf modifications, Tor access bugfix for Nextcloud, celsius/fahrenheit switch for CPU temperature, and more.

API Updates

• The lightning crate can now be built in no_std mode, making it easy to target embedded hardware for rust users. Note that mutexes are replaced with no-ops for such builds (#1008, #1028).
• LDK now supports sending and receiving "keysend" payments. This includes modifications to lightning::util::events::Event::PaymentReceived to indicate the type of payment (#967).
• A new variant, lightning::util::events::Event::PaymentForwarded has been added which indicates a forwarded payment has been successfully claimed and we've received a forwarding fee (#1004).
• lightning::chain::keysinterface::KeysInterface::get_shutdown_pubkey has been renamed to get_shutdown_scriptpubkey, returns a script, and is now called on channel open only if lightning::util::config::ChannelConfig::commit_upfront_shutdown_pubkey is set (#1019).
• Closing-signed negotiation is now more configurable, with an explicit lightning::util::config::ChannelConfig::force_close_avoidance_max_fee_satoshis field allowing you to select the maximum amount you are willing to pay to avoid a force-closure. Further, we are now less restrictive on the fee placed on the closing transaction when we are not the party paying it. To control the feerate paid on a channel at close-time, use ChannelManager::close_channel_with_target_feerate instead of close_channel (#1011).
• lightning_background_processor::BackgroundProcessor now stops the background thread when dropped (#1007). It is marked #[must_use] so that Rust users will receive a compile-time warning when it is immediately dropped after construction (#1029).
• Total potential funds burn on force-close due to dust outputs is now limited to lightning::util::config::ChannelConfig::max_dust_htlc_exposure_msat per channel (#1009).
• The interval on which lightning::ln::peer_handler::PeerManager::timer_tick_occurred should be called has been reduced to once every five seconds (#1035) and lightning::ln::channelmanager::ChannelManager::timer_tick_occurred should now be called on startup in addition to once per minute (#985).
• The rust-bitcoin and bech32 dependencies have been updated to their respective latest versions (0.27 and 0.8, #1012).

Bug Fixes

• Fix panic when reading invoices generated by some versions of c-lightning (#1002 and #1003).
• Fix panic when attempting to validate a signed message of incorrect length (#1010).
• Do not ignore the route hints in invoices when the invoice is over 250k sats (#986).
• Fees are automatically updated on outbound channels to ensure commitment transactions are always broadcastable (#985).
• Fixes a rare case where a lightning::util::events::Event::SpendableOutputs event is not generated after a counterparty commitment transaction is confirmed in a reorg when a conflicting local commitment transaction is removed in the same reorg (#1022).
• Fixes a remotely-triggerable force-closure of an origin channel after an HTLC was forwarded over a next-hop channel and the next-hop channel was force-closed by our counterparty (#1025).
• Fixes a rare force-closure case when sending a payment as a channel fundee when overdrawing our remaining balance. Instead the send will fail (#998).
• Fixes a rare force-closure case when a payment was claimed prior to a peer disconnection or restart, and later failed (#977).

Serialization Compatibility

• Pending inbound keysend payments which have neither been failed nor claimed when serialized will result in a ChannelManager which is not readable on pre-0.0.100 clients (#967).
• Because lightning::chain::keysinterface::KeysInterface::get_shutdown_scriptpubkey has been updated to return a script instead of only a PublicKey, ChannelManagers constructed with custom KeysInterface implementations on 0.0.100 and later versions will not be readable on previous versions. ChannelManagers created with 0.0.99 and prior versions will remain readable even after the a serialization roundtrip on 0.0.100, as long as no new channels are opened. Further, users using a lightning::chain::keysinterface::KeysManager as their KeysInterface will have ChannelManagers which are readable on prior versions as well (#1019).
• ChannelMonitorUpdates created by 0.0.100 and later for channels when lightning::util::config::ChannelConfig::commit_upfront_shutdown_pubkey is not set may not be readable by versions prior to 0.0.100 (#1019).
• HTLCs which were in the process of being claimed on-chain when a pre-0.0.100 ChannelMonitor was serialized may generate PaymentForwarded events with spurious fee_earned_msat values. This only applies to payments which were unresolved at the time of the upgrade (#1004).
• 0.0.100 clients with pending Event::PaymentForwarded events at serialization-time will generate serialized ChannelManager objects which 0.0.99 and earlier clients cannot read. The likelihood of this can be reduced by ensuring you process all pending events immediately before serialization (as is done by the lightning-background-processor crate, #1004).

In total, this release features 59 files changed, 5861 insertions, and 2082 deletions in 95 commits from 6 authors.

Release notes

Bug Fixes

• deps: update dependency debug to v4.3.2 (853c9b9)
• deps: update dependency lodash to v4.17.21 security
• lnd: update log parsing to detect neutrino wallet state (1e506a3)

Features

• lnd: depreciated assumechanvalid param (ebff95f)
• lnd: update lnd to v0.13.1-beta (835d0b6)

Changelog

The full list of changes since 0.7.3-beta can be found here:

https://github.com/LN-Zap/zap-desktop/compare/v0.7.3-beta...v0.7.4-beta

Verifying the Release

Please refer to our documentation for instructions on how to verify the release.

Bug fix:

• Fix Display app on website root feature @NicolasDorier

Changelog:

• UI: New component for difficult adjustment (#602)
• UI: Add blockchain skeleton loader (#615)
• UI: Added links to block header and transaction hex (#630) (#682)
• UI: Reflect hash rate into mempool blocks estimations. (#637)
• API: Add endpoint for difficulty adjustment data (#628)
• Bug: Fix for difficulty adjustment when still synchronizing (#677)
• Bug: Fix for transaction tracking when network goes offline (#702)
• Bug: Fix for mempool blocks displaying wrong gradient color (#623)
• i18n: Added support for Hindi and Catalan locales

Notes:

• If you maintain your own nginx.conf, update it for the new i18n locales

The complete changelog is available at: https://github.com/mempool/mempool/compare/v2.2.0...v2.2.1

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Bugfix: Add newline char when writing bitcoin.conf setting #1325 (jeffthibault)
• Bugfix: Fix specifying datadir for internal node #1315 (benk10)
• Bugfix: Fix login issue for non-English mode #1321 (Kim Neunert)
• Bugfix: Fix Electrum import issues #1318 (benk10)
• Bugfix: Update rpc None error #1333 (Hani Mohammed)
• Bugfix: Fix wallet PDF backup issues #1338 (benk10)
• Feature: Electrum address label import #1314 (relativisticelectron)
• Translation: Update Greek translation #1317 (glowleaf)
• Translation: Update Hebrew translation #1308 (Sh0ham)
• Translation: Update French translation #1309 (KST-Energy)
• UIUX: Add RTL languages support #1276 (benk10)
• Chore: Automatic Testing and Documentation for Liquid #1286 (Kim Neunert)
• Chore: Refactor internal keypool management #1330 (benk10)
• Chore: Refactor out ugly hack in components JS #1302 (benk10)
• Chore: Make Specter DIY simulator connection error message more descriptive #1337 (Tushar Singla)

We're pleased to announce the 0.10.1 release of c-lightning, named by @nalinbhardwaj.

This is a recommended upgrade: payment secrets in invoices are now compulsory, and offers and dual funding drafts have been updated, so these (experimental) features are incompatible with previous releases!

NOTE: Users of the rebalance or drain plugins MUST update, as payment secret is now compulsory.

Highlights for Users

• experimental-dual-fund allows advertizement of funding rates which we will contribute to channels automatically, on a 1-month lease.
• withdraw and close (if peer supports) now supports Taproot (and other future) addresses.
• listchannels can now be queried by destination, as well as source.
• plugin rescan now automatically reloads plugins which have changed.
• We try to restart automatically if we notice subdaemons have been upgraded underneath us.
• fundpsbt will no longer include uneconomic UTXOs (unless all).
• close will return a stream of notifications if there is a delay in closing.
• Unilateral close feerates were reduced from bitcoind's "2 CONSERVATIVE" to "6 ECONOMICAL".
• Tor v2 is deprecated: please upgrade to v3!
• Fixed disconnection bug when an HTLC failed.
• Fixed bug in rapid feerate changes, and make code space them out (LND compat).
• Fixed bug where Tor on different ports could be advertized incorrectly.
• Fixed various bugs to make pay more robust.

Highlights for the Network

• payment secrets in invoices are now compulsory, finally closing a potential probing (or, with amountless invoices, stealing) attack.
• option_shutdown_anysegwit allows peers to close channels to any future segwit version address (taproot!).
• keysend now understands routehints, for routing to unpublished nodes, and sets the final CLTV to 22, for rust-lightning nodes.
• invoice now allows creation of wumbo invoices (> 0.0429 BTC).
• We will now discuss old channels with peers who reconnect, even if we consider them closed.

Highlights for Developers

• Manual pages now document exactly the JSON you can expect from each command (and it's tested!)
• Plugins can now publish notifications for other plugins to listen to.
• force-feerates allows complete feerate override (mainly for regtest), and a bug fixed where we could send 0 update_fee on regtest.
• The HSM daemon is now separated into libhsmd, which also provides Python bindings.
• createonion can now make variable-sized onions, and sendonion no longer requires direction and channel for firsthop.
• dev-sendcustommsg is now simply sendcustommsg.
• Many offers API improvements and updates, including unsigned offers (smaller QR codes!).

More details can be found in the changelog.

Thanks to everyone for their contributions and bug reports; please keep them coming.

Since 0.10.0, we've had 526 commits from 15 different authors over 114 days.

A special thanks goes to the 6 first time contributors:

• Nalin Bhardwa
• Nathanael
• LightningHelper
• OpenOms
• Urza
• Valentine Wallace

Cheers, Lisa, Christian, ZmnSCPxj, Rusty.

Improvements:

• Migrate to Bootstrap5 (#2490) @dennisreimann
• Greenfield: Server Info: Support all currency codes for sync status (#2511) @kukks
• Greenfield: Add StoreId to Invoice model (#2592) @kukks
• Greenfield: Change enabledOnly filter to enabled @kukks
• Self host PoS app default images (#2449) @dennisreimann
• Various UI Tweaks and improvements (#2558 #2562 #2568 #2572 #2606 #2608 #2615 #2627 #2628 #2649 #2645 #2673 #2646 #2647 #2745 #2746) @dstrukt @dennisreimann @woutersamaey @johanf85 @bolatovumar
• Notify users to use newer BTCPay Vault app if necessary @nicolasdorier
• Set lightning invoice fallback in QR code as uppercase (#2492) @bjarnemagnussen @Kukks
• Optimize payout database fetching @nicolasdorier
• Wallet Signing UI improvements (#2559) @dennisreimann
• Add payjoin to hot wallet setup and turn on by default (#2450) @dennisreimann
• Add permission code to API page (#2599) @woutersamaey @dennisreimann
• Introduce Server paging for Payouts List (#2564) @kukks @dennisreimann
• Hide referer URL to hide our BTCPay Server URL (#2655) @woutersamaey
• Deeper accessibility for plugin system @kukks
• Add webhook delivery status indicator (#2679) @bolatovumar
• Auto-select store when creating a new invoice (#2680) @bolatovumar
• Save paymentRequestId in Metadata when creating invoice for Payment Request (#2644) @woutersamaey
• Support multiple file upload (#2705) @cypherbeerus
• Improve Dutch translation (https://github.com/btcpayserver/btcpayserver/commit/7ac83575d4c50e42f2ecc02c8bf80f66697b6d57) @woutersamaey
• Improve Portuguese translation (https://github.com/btcpayserver/btcpayserver/commit/7ac83575d4c50e42f2ecc02c8bf80f66697b6d57) rafaelpac
• Improve payment view (#2748) @dennisreimann @dstrukt
• Improve Wallet Send UI (#2750) @dennisreimann
• Show new store warning icon only if neither on-chain wallet nor LN is configured (#2760) @bolatovumar
• Update successful refund message (#2764) @cypherbeerus
• Fix translation on finnish, bulgarian, Kazath (fa91174b1a310e46a37e1862f2b9c263f5e26408, 10e3595a829052573a9918eacafabc6d10e03ea6 965beebc6624906a1f3127623576088dee23e9bf) @NicolasDorier

New features:

• Greenfield: Delete User API (#2340) @bolatovumar @kukks
• Can create invoices without a specific amount: Top-up invoices (#2730 #2659) @NicolasDorier
• Greenfield: Add misc/permissions to document the hierarchical structure (#2654) @nicolasdorier
• Greenfield: Add "skip" and "limit" params for onchain txs API endpoint (#2688) @bolatovumar
• Greenfield: Add CanModifyInvoices permission (#2595) @kukks
• Greenfield: Add text search terms to an invoice (#2648) @NicolasDorier
• Greenfield: Add Get store Payment methods API (#2545) @kukks @bolatovumar
• GreenField: Add Generate Store OnChain Wallet API (#2708) @kukks
• Test Webhooks functionality (#2474) @bolatovumar
• Allow marking payout as paid manually (#2539) @Kukks
• Pull payments: Detect External OnChain Payouts (#2462) @Kukks
• Auto-detect language on payment page (#2552) @woutersamaey @Kukks
• Support spending to Taproot (#2718) @nicolasdorier
• Show Immature Balance in walletsend page (#2731 @732) @sageprogrammer @nicolasdorier
• Add hebrew translation for checkout (https://github.com/btcpayserver/btcpayserver/commit/7ac83575d4c50e42f2ecc02c8bf80f66697b6d57) @jonathanalevi
• Add korean translation for checkout (https://github.com/btcpayserver/btcpayserver/commit/7ac83575d4c50e42f2ecc02c8bf80f66697b6d57) Saeyoung Kim

Bug fixes:

• Fix issue with mysql migration and maxLength (#2541) @jkljajic
• Fix broken shopify links @kukks
• Fix bug with LN payment method API endpoint throwing 500 (#2567) @bolatovumar
• Fix various wording and typos @pavlenex @britttttk @Zaxounette Jimi Ford
• Fix visual bug with invoices search help text overlapping invoice action buttons (#2583) @bolatovumar
• Fix: Invoice Search Text crashes invoice creation when value is too long (#2675) @kukks
• Greenfield documentation fixes (#2657 #2674 #2681 #2598) @woutersamaey @bolatovumar
• Re-enable "Create" button for invoices on correct form input (#2694) @bolatovumar
• Fix: Payment Request status does not update on invoice marked events or when pr amount is changed (#2700) @kukks
• Properly clip taxIncluded and invoice's amount (#2724) @nicolasdorier
• Fix PoS bug on dark mode (#2743) @dennisreimann
• Remove support for payout to a Bitcoin Url (#2766) @NicolasDorier
• Fix: Support Clightning 0.10.1 @kukks

Main changes

Extract invoices from images stored on device

You can now browse the device's file system (using the device's browser, hence not needing any permissions) to load an image containing a Lightning invoice (or a Bitcoin URI, or a LNURL) and read the invoice as usual. This is useful when trying to pay someone using a QR code image shared over the internet, for example on Twitter.

Full list of changes

• app: https://github.com/ACINQ/phoenix/compare/v1.4.14...v1.4.15
• core: https://github.com/ACINQ/eclair/compare/v0.4.12-android-phoenix...v0.4.13-android-phoenix

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it: - from our website: https://acinq.co/pgp/drouinf.asc - from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key: $ gpg --import drouinf.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Introducing Umbrel v0.4 — a personal server OS for everyone. You can now run your own personal cloud with Nextcloud, host your photos and videos with PhotoPrism, passwords with Vaultwarden, code repositories with Gitea, block ads on your entire network with Pi-hole, automate your home with Home Assistant, run your own messaging server with Matrix, stream torrents with SimpleTorrent, code in VS Code with code-server, view your RAM and storage usage, along with your uptime and Raspberry Pi’s temperature in the settings.

Read the full announcement here: https://bit.ly/umbrel-v04

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

• Add utxo selection to manual spend wallet interface
• Fix a UI bug with bip32 paths

Added: - UI for import electrum wallet with passphrase Refactored: - Better handling large transactions from electrum

New: - Passphrase support for wallets - Korean language - Derivation path for watch only wallets

Improvements: - Support lnurl-withdraw via Tor - Remove error-prone placeholder scroll calculation - Don't use hardcoded label - Backup QR doesn't have a "@server" suffix

A newer version is already available! Please don’t use this version anymore.

Release notes

This release reduces memory consumption and fixes a couple of minor issues that were introduced in the v1.7.0 hardfork.

Improvements

• Optimize DaoState snapshot behaviour
• Enable lost payment accounts to be imported from backups
• Add Capitual payment method
• PriceNode: exclude currencies via config to enable markets that have no reliable price ticker
• Add don't show again option to DAO resync popup
• Add @pazza's mediator onion address and Keybase user name
• Mediation grammar improvements

Bug fixes

• Fix payment account deserialize issue (e.g. CHASEQUICKPAY)
• Fix bug in chat message status display
• Fix custom withdrawal fee bug

Development & Documentation

• Update relay-node address

New Assets

• RSK Smart Bitcoin (R-BTC)

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.7.2.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.7.2-all.jar The output need to match the value from the Bisq-1.7.2.jar.txt file.

NEW: There are three hashes within the Bisq-1.7.2.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 11.0.10 and the v1.7.2 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.7.2.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @chimp1984
• @devinbileck
• @harrigan
• @huey735
• @jmacxx
• @m52go
• @ripcurlx
• @sqrrm

A special thanks to our first time contributors: - @harrigan
- List RSK Smart Bitcoin (R-BTC)

As well as to everyone that helped with translations on Transifex.

This marks the first minor release of the 0.13.x cycle. This release is primarily a maintenance release including several bug fixes that didn't make it into 0.13.0, a series of fixes for introduced regressions, and a few small optimizations.

Database Migrations

This release does not contain any database migrations.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.13.1-beta.sig and manifest-v0.13.1-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.13.1-beta.sig manifest-v0.13.1-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Mon Jul 19 23:41:37 2021 CEST gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun laolu32@gmail.com" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.13.1-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands: ots verify manifest-roasbeef-v0.13.1-beta.sig.ots -f manifest-roasbeef-v0.13.1-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.3, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, watchtowerrpc and monitoring. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

$ git verify-tag v0.13.1-beta gpg: Signature made Mon 19 Jul 2021 06:04:34 PM UTC using RSA key ID 9B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>"

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker pull lightninglabs/lnd:v0.13.1-beta $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.13.1-beta /verify-install.sh $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.13.1-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf lnd-source-v0.13.1-beta.tar.gz GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.1-beta" ./cmd/lnd GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.1-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.1.md

Eclair v0.6.1

This release makes major performance improvements, includes a few bug fixes and several new features. It is fully compatible with 0.6.0 (and all previous versions of eclair).

Major changes

Performance improvements

Sqlite

Eclair now uses write-ahead logging in Sqlite (#1871). WAL is better suited to our DB access patterns, and is both much more performant and safer than the default rollback journal that we were using previously.

1. WAL is significantly faster in most scenarios.
2. WAL provides more concurrency as readers do not block writers and a writer does not block readers.
3. Disk I/O operations tends to be more sequential using WAL.
4. WAL uses many fewer fsync() operations.

This small change improves performance by more than 5x.

Payment Handling

Invoice generation (#1878) and handling of incoming payments (#1880) are now processed in parallel, resulting in a higher throughput under load.

Improved Postgres support

This is the continuation of an effort to make PosgreSQL production-ready. The database schema has been reworked (#1866) and is now better organized, with appropriate types for timestamps (#1862). There have been several concurrency-related bug fixes.

We have also added JSONB columns for local channels and for network announcements (#1865). All individual data fields can now be accessed from SQL and indexed, which is very convenient for advanced analysis and tuning of a routing node.

Upfront shutdown script

This release adds support for option_upfront_shutdown_script (feature bits 4/5). This feature lets you specify a closing address when you open a channel: your peer will ensure that when you close, your funds can only go to that address.

It can be useful to protect against future hacks of your node, because the attacker won't be able to close your channels and send the funds to an address that he controls. However, it doesn't prevent the attacker from exfiltrating funds by paying lightning invoices, so you shouldn't rely on this feature alone to make your node hack-proof.

This option is disabled by default, but can be enabled in your eclair.conf. Note that if you enable it, the closing address will be automatically generated by your bitcoind node.

Transaction publishing improvements

This release reworks our internal transaction publishing architecture (see #1844 for details). The new architecture is more flexible, provides better logging and makes it easy to add dynamic fee bumping in the future for anchor output channels. It will also make it easier to automatically use CPFP to ensure funding transactions confirm before the 2016 blocks timeout is reached.

API changes

This release updates a few APIs:

• parseinvoice displays Bolt 11 invoices routing hints (#1833)
• Plugins can inject their own routes into the API instead of spawning a separate HTTP server (#1805 and #1819)

Miscellaneous improvements and bug fixes

• Eclair now uses Bitcoin Core 0.21.1 by default (#taproot)
• Eclair now supports warning messages
• Eclair uses additional entropy on top of the operating system RNG to mitigate random number generation failures (#1774)

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it:

• from our website: https://acinq.co/pgp/drouinf.asc
• from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key:

sh $ gpg --import drouinf.asc

To verify the release file checksums and signatures:

sh $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

Building

Eclair builds are deterministic. To reproduce our builds, please use the following environment (*):

• Ubuntu 20.04
• AdoptOpenJDK 11.0.6
• Maven 3.8.1

Use the following command to generate the eclair-node package:

sh mvn clean install -DskipTests

That should generate eclair-node/target/eclair-node-0.6.1-XXXXXXX-bin.zip with sha256 checksums that match the one we provide and sign in SHA256SUMS.asc

(*) You may be able to build the exact same artefacts with other operating systems or versions of JDK 11, we have not tried everything.

Upgrading

This release is fully compatible with eclair v0.6.0. You don't need to close your channels, just stop eclair, upgrade and restart.

Changelog

a658fa26f Set version to 0.6.1-SNAPSHOT (#1813) 76894bd2e Add additional PRNG (#1774) 9a20aade0 Allow plugins to inject their own routes into API (#1805) d437ea1ed Improve API plugin support (#1819) 98cae455f Rename pendingrelay to pendingcommands (#1822) e8c33baf5 Various improvements and fixes (#1817) f829a2e8c Add json type hints on channel data (#1824) 4dc2910c4 Make result set an iterable (#1823) 6f6c458a2 Add metrics on channels processing time (#1826) 43a89f865 Add a random delay before processing blocks (#1825) af618bc44 Symmetrical HTLC limits (#1828) dbecb28d9 Include routing hints in parseinvoice API call response (#1833) 2b6d564d2 Expose eclair datadir to plugins (#1837) bd6bad1bf Fix eventually statements (#1835) a7bb2c2b2 Do not store CannotAffordFees errors (#1834) d4b25d565 Udpate to Bitcoin Core 0.21.1 (#1841) e750474c7 Use bitcoin-lib 0.19 (#1839) bbfbad597 Validate payment secret when decoding (#1840) afb1b41ea Update bolt 3 spec test vectors (#1669) d43d06f6e Rework TxPublisher (#1844) 45204e238 Schedule backup at regular interval (#1845) 85ed4338a Reject 0-value trampoline payments (#1851) f857368ea Make trampoline payments use per-channel fee and cltv (#1853) f52c3dd3f Decode warning messages (#1854) 516929b1a Fix default file backup config (#1857) 4ca5c62ab Remove println in tests (#1861) 291c128ca Reduce some log levels (#1864) d9a03a52b Use warning messages for connection issues (#1863) af8394a28 Add support for dual db backend (#1746) 3a573e267 Improve message for CannotRetrieveFeerates error (#1859) bd57d41ef Add a globalbalance api call (#1737) 08faf3b7f Add json columns in Postgres (#1865) f8feb1959 Use schemas in Postgres (#1866) cea3fc026 Use proper data type for timestamps in Postgres 2 (#1862) 95fffe348 Reduce pg transaction isolation (#1860) 547d7e700 Create chain directory (#1872) e9df4eece Channels data format migration (#1849) 733c6e768 Refactor global balance tests (#1874) ca51a2d16 Enable WAL mode on Sqlite (#1871) 3ae9a4ae3 Additional reestablish test (#1875) d02760d96 Fail unsigned outgoing htlcs on force-close (#1832) 3bb7ee8a3 Parallel payment request generation (#1878) 51824028b Fix flaky channel integration tests (#1879) b4183edfa Fetch incoming payments in parallel (#1880) 8c49f779a Fix payment handler tests (#1882) 01b40730f Implement option-upfront-shutdown-script (#1846) 79729c78c Update README (#1881) c22596bb9 Update dependencies and enable fatal warnings (#1885) adf36de0e Fix yet another flaky test (#1886) 3f1c2506a Fix watcher flaky test (#1883) c8c5e76d2 Update akka-http-json4s dependency (#1889) 5fa8fedb9 Set version to 0.6.1 (#1887)

IMPORTANT: Since consensus rules have changed, this version is not compatible with previous versions. If you've been running previous versions of RSK client node, we encourage you to update to this new version. The Mainnet network upgrade will happen at block number 3,614,800. The Testnet network upgrade will happen at block number 2,060,500.

A non-comprehensive list of consensus changes included in this version is:

• Add BLAKE2 compression function F precompile (RSKIP153)
• Enable 2WP peg-in transactions to any RSK address (RSKIP170).
• Flyover protocol consensus changes (RSKIP176).
• BTC-RSK timestamp linking protection (RSKIP179).
• Enable refunds for 2WP peg-out transactions with invalid amounts (RSKIP185)
• Time-locked emergency multisignature (RSKIP201).
• Reduced 2WP peg-in and peg-out minimum amounts (RSKIP219).
• Open Bitcoin blockchain oracle (RSKIP220).

These are the most relevant non-consensus improvements included in this version:

• Improvements and compatibility fixes at the JSON-RPC interface (#1481, #1482, #1483, #1451, #1352, #1299, #1339, #1284)
• New rewind feature added to CLI tool (#1443)
• Block propagation enhancements (#1326)
• Node performance improvements (#1327)
• Use native library for recovery signature (#1258)
• Add Java11 support (#1252)

For a detailed description of the consensus changes introduced in this network upgrade, please refer to RSKIP 187 Network Upgrade: Iris. You can also find a complete list of the changes introduced in Iris 3.0.0 milestone.

SHA256 (see Reproducible Build guide for further details): 8c975d8489599dbe551e90f96b450ec8a2589385c3176e4ce6ced9d44b09782b rskj-core-3.0.0-IRIS-all.jar

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Feature: Translation (Babel) integration and initial translations #1247 (kdmukai, 2a3dex, rafa1239, Volker Herminghaus, glowleaf, DirkVdk, mutatrum, Kryptoministern, PommbearBTC, Gummybear, sreshta suresh, KST-Energy, alltheseas, dudezoo, Sergei Tikhomirov, Bitpaint)
• Feature: Api framework #1232 (Kim Neunert)
• Bugfix: Delete raw transactions when wallet is deleted #1300 (Stepan Snigirev)
• Bugfix: Fix error when importing transaction #1259 (benk10)
• Bugfix: Fix multi-hot-multisig signing #1294 (Stepan Snigirev)
• Bugfix: Fix saving a transaction as pending #1261 (benk10)
• Bugfix: Fix test connection crash when node can't be reached #1285 (benk10)
• Chore: Improve logging #1282 (Kim Neunert)
• DevOps: Removing blobs and adjusting automations #1299 (Kim Neunert)
• Translation: Update Portuguese translation #1277 (bitsenca)
• Translation: Update Portuguese translation #1279 (KoreaComK)
• Translation: Update Spanish translation (2a3dex)
• Translation: Update Hebrew translation #1288 (Sh0ham)
• Translation: Update messages.po #1290 (Pat4cryptoFR)
• Translation: Update messages.po #1293 (alltheseas)
• Translation: Update French translation #1297 (KST-Energy)
• Translation: Update French translation #1305 (KST-Energy)
• Translation: Update Chinese (Simplified) translation #1275 (kdmukai)
• Translation: Update to Chinese (Traditional) translations #1274 (kdmukai)
• Docs: Adds steps to install Rust compiler dependency #1303 (kdmukai)
• Docs: more details about missing funds #1254 (Kim Neunert)
• Docs: Updates Babel README to remove temporary kdmukai fork references #1269 (kdmukai)
• Liquid: Disable elements hot wallet for bitcoin wallets #1295 (Stepan Snigirev)
• Liquid: Add support for unconfidential addresses #1292 (Stepan Snigirev)
• Liquid: Fix addressinfo lookup and category assignments #1296 (Stepan Snigirev)
• Liquid: Fix change address derivation #1304 (Stepan Snigirev)
• Liquid: Fix fee estimation on liquid #1289 (Stepan Snigirev)
• Liquid: Fix nested segwit wallets on liquid #1298 (Stepan Snigirev)
• Liquid: Minor liquid fixes #1301 (Stepan Snigirev)
• Liquid: TxList and AddressList classes for Liquid #1280 (Stepan Snigirev)

Added: * Support for URv2 QR codes * Offer additional file save destinations on Android * macOS Widgets

Fixes: * PSBT File save would fail on Android

API Updates

• lightning_block_sync::poll::Validate is now public, allowing you to implement the lightning_block_sync::poll::Poll trait without lightning_block_sync::poll::ChainPoller (#956).
• lightning::ln::peer_handler::PeerManager no longer requires that no calls are made to referencing the same SocketDescriptor after disconnect_socket returns. This makes the API significantly less deadlock-prone and simplifies SocketDescriptor implementations significantly. The relevant changes have been made to lightning_net_tokio and PeerManager documentation has been substantially rewritten (#957).
• lightning::util::message_signing's sign and verify methods now take secret and public keys by reference instead of value (#974).
• Substantially more information is now exposed about channels in ChannelDetails. See documentation for more info (#984 and #988).
• The latest best block seen is now exposed in ChannelManager::current_best_block and ChannelMonitor::current_best_block (#984).
• Feerates charged when forwarding payments over channels is now set in ChannelConfig::fee_base_msat when the channel is opened. For existing channels, the value is set to the value provided in ChannelManagerReadArgs::default_config::channel_options the first time the ChannelManager is loaded in 0.0.99 (#975).
• We now reject HTLCs which are received to be forwarded over private channels unless UserConfig::accept_forwards_to_priv_channels is set. Note that UserConfig is never serialized and must be provided via ChannelManagerReadArgs::default_config at each start (#975).

Bug Fixes

• We now forward gossip messages to peers instead of only relaying locally-generated gossip or sending gossip messages during initial sync (#948).
• Correctly send channel_update messages to direct peers on private channels (#949). Without this, a private node connected to an LDK node over a private channel cannot receive funds as it does not know which fees the LDK node will charge.
• lightning::ln::channelmanager::ChannelManager no longer expects to be persisted spuriously after we receive a channel_update message about any channel in the routing gossip (#972).
• Asynchronous ChannelMonitor updates (using the ChannelMonitorUpdateErr::TemporaryFailure return variant) no longer cause spurious HTLC forwarding failures (#954).
• Transaction provided via ChannelMonitor::transactions_confirmed after ChannelMonitor::best_block_updated was called for a much later block now trigger all relevant actions as of the later block. Previously some transaction broadcasts or other responses required an additional block be provided via ChannelMonitor::best_block_updated (#970).
• We no longer panic in rare cases when an invoice contained last-hop route hints which were unusable (#958).

Node Compatibility

• We now accept spurious funding_locked messages sent prior to channel_reestablish messages after reconnect. This is a known, long-standing bug in lnd (#966).
• We now set the first_blocknum and number_of_blocks fields in reply_channel_range messages to values which c-lightning versions prior to 0.10 accepted. This avoids spurious force-closes from such nodes (#961).

Serialization Compatibility

• Due to a bug discovered in 0.0.98, if a ChannelManager is serialized on version 0.0.98 while an Event::PaymentSent is pending processing, the ChannelManager will fail to deserialize both on version 0.0.98 and later versions. If you have such a ChannelManager available, a simple patch will allow it to deserialize. Please file an issue if you need assistance (#973).

Fixes:

Wallet carousel was not rending properly on large screens

ADD: Hierarchy navigator screen ADD: IRR currency ADD: better accessibility for buttons FIX: hardware wallet with BIP44/BIP49 wallet reports incorrect change address in PSBT FIX: for slip39 wallets import bech32 even if no tx found FIX: Scanning for a batch tx would reset contentOffset FIX: Re-order wallet bug FIX: Typing 1 would turn into 10 due to default custom value FIX: Ports from previous scan were not cleared

1.7.0 DLC wallet & Installers

Running Bitcoin-S

If you want to run the standalone server binary, after verifying gpg signatures, you can unzip bitcoin-s-server-1.7.0.zip and then run it with ./bin/bitcoin-s-server to start the node. You will need to configure the node properly first, you can find example configurations here.

For more information on what commands bitcoin-s-cli supports check the documentation, here is where to start: https://bitcoin-s.org/docs/next/applications/server#server-endpoints

Verifying signatures

This release is signed with Chris's signing key with fingerprint 339A49229576050819083EB3F99724872F822910

Example:

$ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped bitcoin-s-cli-x86_64-apple-darwin: OK bitcoin-s-cli-x86_64-pc-linux: OK bitcoin-s-cli-x86_64-pc-linux.zip: OK bitcoin-s-cli-x86_64-pc-win32.exe: OK bitcoin-s-deb-1.7.0-028b6f896bb030ce4d13659b4b9c2292a4d4cdb2.zip: OK bitcoin-s-dmg-1.7.0-028b6f896bb030ce4d13659b4b9c2292a4d4cdb2.zip: OK bitcoin-s-msi-1.7.0-028b6f896bb030ce4d13659b4b9c2292a4d4cdb2.zip: OK bitcoin-s-oracle-server-1.7.0.zip: OK bitcoin-s-server-1.7.0.zip: OK

Website

https://bitcoin-s.org/

Releases

https://repo1.maven.org/maven2/org/bitcoin-s/

Snapshot releases

https://oss.sonatype.org/content/repositories/snapshots/org/bitcoin-s/

Executive Summary

DLC Wallet

This release merges our feature branch called adaptor-dlc into master. This means that all DLC features are now in our master branch.

Installers

We now support installers for mac, windows, and linux (deb) builds. Everytime a PR is merged into master, we publish artifacts for that commit. For more information, please see our website

With these installers, you can install the bitcoin-s wallet and start using DLCs with a rudimentary GUI. In future releases, we will be iterating and improving the GUI user experience.

Versioning changes

To support publishing artifacts for both mac and windows, we had to drop the leading v on our version scheme. We also were required by apple to add a leading 1 to our version scheme. Thus, this release will be 1.7.0 rather than the expected version of v0.7.0.

New modules

DLC wallet

This new module contains all logic for our DLC Wallet

Tor

We are beginning to integrate TOR support into bitcoin-s to for a variety of reasons. In this release, we have added bare bones support, in future releases we will be integrating this deeper into other modules.

Updates for modules

App commons

c72c5f84e3d Add extranious json readers, writers, and column mappers (#3325)

5a79acb59ce Fix DLCStatusPickler (#3190)

App server

This release optimizes the support for bitcoind as a backend in the app server. It also fixes a variety of bugs adds a few new endpoints. You can find all supported end points on our website here

629c2a2c31e Set sync height on new wallet (#3368)

af9bf210589 Improve logs in BitcoindRpcBackendUtil (#3339)

d6878b02269 Use same network as bitcoind backend (#3285)

7ecf3edbd60 Update utxo states correctly for bitcoind backend (#3276)

5036c419be7 Add from file ability for AddDLCSigsAndBroadcast DLCs (#3219)

46b33ec0b80 Make add sigs broadcast the funding transaction (#3179)

66e160a918a Send txId instead of full serialized transaction (#3175)

55db4fbd6b1 Remove logging requests and responses for directives unless logging is DEBUG level (#3141)

1e87cb0fdec Remove need for bitcoind install with remote (#3114)

11d58813c1b Remove zmq configurations for bitcoind backend setup as they aren't needed (#3080)

8e29b5c6f6a Change outpoint output format for cli commands (#3048)

1cda5cbf1ec Allow remote bitcoind backend (#3034)

507f5c772e7 Remove request rejection duplication in ServerRoute (#3010)

Build

Most build related commits are related to automatically publishing installers everytime a commit is merged into master.

d669bd58aec Resolve bundle config and read/write in tmp file (#3327)

cb5ec20eacf Silence all scaladoc warnings (#3336)

94081502c83 Remove previous stable version usage for windows builds as for some reason it doesn't work when setting up dev envs for the first time (#3292)

6cd85765a58 Try downgrading the jdk to 15 for linux release builds (#3287)

898ebed4e95 Windows packaging (#3210)

11cef133e02 2021 06 15 issue 3266 (#3269)

4c9f174a4b9 Remove all flyway plugin sbt config (#3215)

8432712dba3 Fix sbt deprecation warnings (#3163)

fcf55df1650 2021 05 19 jpackage bundle release (#3108)

aff2374f455 Update README.md (#3071)

9b06cdd832a 2021 05 07 cleanup build (#3055)

Bundle

Bundle combines both the GUI and AppServer project and bundles them together to make a standalone application. One problem we encountered this release is how to allow users to configure their node from the GUI on first startup.

In #3142 we added support for this by adding a new configuration file that is automatically generated and written to ~/.bitcoin-s/bitcoin-s-bundle.conf. This file saves the user's configuration, and uses it the next time the bundle is started.

bc79a24f532 Get both bundle and app server logging working (#3362)

2f7e5876d30 Set default neutrino peer based on network (#3360)

bd877c80a9f Get logging working in bundle (#3200)

96fc5445727 Fix logging in bundle (#3167)

6c9d82166ee Fix main class in bundle (#3161)

379ffebd9cf Add startup config flow for bundle (#3142)

caf6c2e7243 Enable java app packaging on bundle project (#3144)

80e6a910567 Add application.conf to bundle (#3118)

ba91ba5596d Add assembly instructions for bundle project (#3104)

Chain

639043227c6 Add logs to make it more apparent that No Common Ancestors isn't necessarily bad (#3354)

Cli

42966b3cbe6 Remove logback from the cli module (#3117)

Core

Most changes in the core module this release is related to optimizing adaptor point computations. This is very important as when doing numeric DLCs we have to generate thousands of points. We use parallelism to speed up this computation.

The other notable change in core is adding DLCAccounting. This is used to caclulate things like PNL and rate of return for a DLC you were in.

e098aba6806 Create and implement OrderedAnnouncements type (#3356)

78e2fceb908 Use OrderedNonces type in DLC data types (#3352)

a9292fcad80 Add FutureUtil tests (#3126)

d7b753a869d Add invariant and better error message for invalid numeric contract descriptor (#3338)

5685371e119 Sorted and Ordered Vector Type Support (#3310)

9234cf3ca23 Add new BIP 32 leading zero test vectors (#3313)

fc5bb956dcf Try making the dlc fee test suite async (#3227)

bf02e89faa1 2021 05 29 dlc pnl (#3198)

4b42b90784b Multi-threaded DLC CET signature verification (#3176)

eafaff9ee84 Made DLCTxSigner's async signing methods actually multi-threaded (#3122)

87f353b08f9 DLC Adaptor Point Computation Memoization (#3110)

ac3bae403bb Pulled down all remaining non-wallet non-gui code on adaptor-dlc (#3101)

3205e4e2759 Implement createCETsAndCETSigsAsync() to fix performance issue in test (#3089)

58070f41209 Pulled down dlc and dlcTest projects into core and dlcTest (#3068)

aacba1c077a Pulled down core diff from adaptor-dlc (#3038)

a55a97ba6ff Optimize shift operations in Number (#3025)

Crypto

This release for the crypto module reduces unnecessary computation that was being when instantiating a ECPrivateKey and ECPublicKey pair. This was done to improve performance when computing adaptor points, for which ECPrivateKey and ECPublicKey are used.

745e4c89fa2 Removed point multiplication from ECPrivateKey.freshPrivateKey (#3116)

6bc0943a62f Call decompression on public keys less (#2988)

78f4dfb8c66 Pubkey Refactor (#2936)

63a6f9309dc Introduced AsyncAdaptorSign and AdaptorSign traits (#3037)

DB Commons

88187abf1a9 Add LnInvoice db mapper (#3286)

dee044eb4e2 2021 05 26 uint64 mapper (#3155)

17d11455049 Removed extraneous findAll call from CRUD.updateAll (#3154)

DLC Wallet

cada6fdc636 Fix DLC not storing nSequence for funding inputs (#3342)

Numerous optimization, bug fixes, and support for multi-wallet DLC wallet.

0d2bc7a9270 Remove unneeded asInstanceOf calls in DLCWallet (#3345)

cfe0c2f0d86 Multi wallet support for DLC database (#3289)

ca2ddbb7ec1 Preserve noncedb outcomes when adding oracle (#3273)

e63a12e47f6 Better error message for invalid DLC refunds (#3209)

a526ad14ee1 Fix DLC Accounting errors (#3249)

c2237ab6fec Only unreserve our utxos when canceling a DLC (#3250)

95f6c0d790f Skip adding DLC sigs if we already have them (#3236)

9431be2f25f 2021 06 07 dlc wallet pnl (#3229)

a56086b751a Use nonceDb's outcome to calc oracle outcome (#3217)

2269a052b15 Rework findDLC() (#3214)

43a5c5fc49a Add dlc wallet test to postgres matrix (#3199)

0e701bc9d06 Fix verify funding sigs (#3194)

45d24facee7 Add announcement data tests (#3173)

dd865c73296 Fix serialId columns to use a String instead of Integer (#3170)

fb81552f6d0 Don't fetch all DLC data when canceling DLC (#3159)

80ace5a9119 Use groupByExistingAnnouncements when accepting (#3157)

880c8898dad Upsert remote txs in DLC Wallet (#3150)

be8e965367d DLC Wallet pulldown (#3138)

Fee rate provider

a98a26c9296 Make mempool.space fee provider network specific (#3316)

41f3cb4dbfc Fix CachedHttpFeeRateProvider (#3069)

GUI

Numerous improvements to the GUI. The most notable is the auto population of a dialogs when files are attached to the dialog or announcements/contract infos are pasted into the dialog.

There is also quality of life improvements such as showing the sync height of the wallet, showing wallet wide PNL and rate of return.

6af9e47e389 Fix showing error popups in GUI (#3353)

6414833111a Call trim on DLC message text boxes (#3348)

81fe7d76eec Remove canceled DLCs from table (#3349)

53cafa78984 Set closing txid on execute from View Dialog (#3340)

1f43a1910fd Add ExplorerEnv.fromBitcoinNetwork() and use for View on Oracle Explorer siteUrl (#3332)

88b99b03b5a Add view on oracle explorer button (#3328)

05204e6235f Make it so table doesn't reorder on single update (#3321)

b8538f0300c Fix DLC Table View not being updated (#3315)

00e11b49307 Fix rows in ViewDLCDialog (#3275)

63083bf6425 Make getDLCs async to improve performance (#3222)

935354993ba Populate Broadcast DLC GUI (#3260)

65f096f65a6 Populate Sign GUI when choosing a file (#3243)

cd59aff0637 Fix for showing txid on send (#3237)

a61c11acfc8 Implement sharing of actor systems across the GUI and backend app server (#3220)

1af94658815 Update balance on cancel DLC (#3205)

549d840d02f Only update DLC we are viewing (#3211)

deb0862e07e Fix showing reserved balance instead of unconfirmed in GUI (#3207)

d3f827a127f Update DLC Table with scheduler (#3204)

acc3d228d15 Better messaging while syncing headers (#3202)

4f4c342f80b Sort points in numeric gui (#3203)

ccc40350560 Sync Height on screen (#3196)

5580771f03b Add export and copy result buttons (#3193)

7a5e108ff2b Add button to zip datadir in GUI (#3183)

bcda2467efa Add error messages for when DLC GUI functions timeout (#3184)

03a0ca5ee91 Add QR Code to get adress dialog (#3186)

604194293c8 Replace GUI balance thread with a akka scheduler (#3174)

f8d5202974e Add contract info to ViewDLC (#3177)

957c5c3a8a1 Open bundle GUI at last used tab (#3164)

521a1e25556 Remove unused AcceptDLCDialog file (#3158)

180d7dfcd3c Make loading icon appear until server is full started (#3168)

3d728837ee7 Add ability to enter contract info in offer dialogue (#3160)

c7bb783b1a3 DLC GUI pulldown (#3148)

Lnd rpc

Upgrades to lnd-rpc to support the latest release v0.13.0-beta

639adf1181d Use PaymentHashTag type in LndRpcClient (#3333)

fafc564da81 Update LND to v0.13.0-beta (#3290)

db486163f97 Remove caveat for supressing 2.12.x warnings on lnd rpc (#3057)

Node

This release for node fixes a bug where we had a race condition when syncing compact filters.

7ba7f8b9ba5 Try to add block generate to address in fixture setup to get around compact filter sync edge case (#3231)

41e22b3cbcd 2021 05 23 Sync race condition (#3129)

a104787985c Fix Node.sync() bug that was caused by not starting filter header sync from the current best filter headers block hash (#3092)

Oracle

2b8ac08cdcb Give oracle ability to sign messages with private key (#3070)

Oracle explorer Client

c3b982726e2 Fix error messages in SbExplorerClient (#3323)

Secp256k1jni

37a4b5c1ea8 Add secp256k1jni tests to Mac & Windows CI (#3367)

8374ddf601c Removes dead symlinks for secp256k1 on osx_arm64 (#3279)

b23b5ad55f9 Make sure secp256k1 is published for java8, not the class version of the jdk it was built on (#3145)

8b8066d1f38 Fix windows secp bindings (#3075)

Server routes

41468763695 Add DatadirUtil to centralize logic for finding our actual datadir (#3171)

Wallet

This release for the wallet was focused on optimizing performance when receiving a block.

fdba5ad6bef Silence warning log if no error (#3314)

bd11c844621 Add ability to sweep wallet (#3274)

aaa7b42ae7c Add unit test we can handle spending funds and receiving funds in same tx (#3185)

5caf7ee38b8 2021 06 10 cache spendinginfodbs for block (#3245)

af8aaa7bad7 2021 06 07 markasspent optimization (#3244)

8574edede71 Move addressDb database read out of inner loop (#3239)

c9798d6842e Test for processing a block we receive and send in (#3189)

701418f89f3 Fix issue 3102 to allow a user to create an offer with an announcement embedded inside a contract info that the user's wallet has seen before (#3140)

cea8802c052 parallelize matching compact filters as this is a bottleneck during IBD (#3137)

68c7bc1040f 2021 05 21 fetch height parallel (#3124)

9c9e27a8f5b Add optimzations for IBD when the wallet is empty, basically skip all logic for matching filters since there is nothing to match against (#3121)

7468cbec238 Optimize updateUtxoConfirmedStates() to fetch confirmations for blocks in parallel (#3094)

72636b7180a 2021 05 09 received utxos (#3063)

f86f90dc32a Add getbalances cli command (#3022)

Tor

02c4505948a Initial Tor support (#3043)

Website

e47cee85d06 Add high level descriptions of what changed in modules

0b5b2adb342 Add first draft for release notes for 1.7

feeb3749bdb Fix most warnings in documentation code (#3358)

50804fe999d Add docs for backing up the wallet (#3351)

cc1cfe6594c Add more explicit instructions for install java9+ for getting-setup.md (#3347)

3ef842eca51 Adjust --depth doc from 100 -> 500 (#3300)

97785561bad Add link to installers, add docs for requirement of java9+ for development environments (#3299)

cdee40b379d Fixed bitcoin-s-cli dir location under bin (#3293)

410ea152240 update website, remove references to a DLC specific branch (#3280)

13409d29c3b Fix header on configuration.md (#3153)

73668bb66c3 Remove old ZMQ config from documentation (#3090)

97a854c5bb8 2021 05 07 fix getting setup (#3053)

4381b93afbd 2021 05 03 improve release notes (#3019)

d25dff14b46 Add 0.6.0 website (#3020)

zmq

5df7a8bdf32 Add test for ZMQ Polling backend (#3088)

Installers

Release notes

This is a general bug fix and maintenance release.

Bug Fixes

• build: adjust desktop icon name as per icon images (22597b8)
• lnd: case insensitive parsing of lnd debug log (e46ef82)
• lnd: enable unconfirmed outputs to be spent (5632d58)
• lnd: implementing neutrino.feeurl (8940f81)
• lnd: patching lnd to support interceptors (801f20b)
• lnd: selecting correct htlc from probe attempt (3edd322)
• lnd: support paying to invoices with payment secret (bd8cb54)
• ui: add tooltip to wallet qrcode button (1b22b19)
• ui: always display payment route (cbb1293)
• ui: cleanup route summary display (b9591f1)
• ui: fix channel capacity sort (331cacc), closes #3633
• ui: keep activity spinner during loading (645dd43)
• ui: make csv delay input thin (8416628)
• ui: only count active channels as usable capacity (112cf87)
• ui: use chanId to sort channel by open date (b22d33a)
• wallet: adding sanity check for page load handlers (cb528db)
• wallet: fetch info before page reload (8c1ef50)
• wallet: improve channels menu balance display (0a17bec)
• wallet: limit address fetch to first info load (04e01e0)
• wallet: prevent endless transaction loading (e2ca600)
• wallet: prevent reinit on lnurl change (c773c33)
• wallet: refetch peer data as part of channel refresh (d2548f6)
• wallet: reset app right before launching lnd (a9bcc66)
• wallet: use correct payload for connectPeer (1b64157)

Features

• lnd: enable wumbo channels (2e2967e)
• lnd: support for interceptor nodes (115cc21)
• lnd: update to 0.12.0-beta (c599c83)
• ui: ability to add wallet name in onboarding (f20701a), closes #1262
• ui: add time display mode setting to general preferences (8cbfc75), closes #3600
• ui: add tooltip to channel private option (3234db3)
• ui: display timelock for force closing channels (4a9e582)
• ui: show payment route on probe summary (62302b8)
• ui: use date formatting component for rendering date (dd54622), closes #3600
• wallet: ability to set transaction fee on channel close (6713501)
• wallet: fetch latest payment on external htlc settle (729194a), closes #3420

Performance Improvements

• limiting scheduler usage (d48e387)
• ui: tweaking activity pagesize (edcaf6a)
• wallet: bound transaction loading to page size (cecad88)
• wallet: fetch balance and channels before activity (d186670)
• wallet: fetch peer node info early (90c07df)
• wallet: insert fetched activity early (e1dfefd)
• wallet: limit activity refetch to first page (afb20f3)
• wallet: limit transaction polling to local wallets (69ca996)
• wallet: loading activity data in parallel (217e3f0)
• wallet: pagination for onchain transactions (4b6a4e2)
• wallet: prevent multiple concurrent page loads (e20f2db)
• wallet: remove redundant data fetch on wallet init (7de0e9b)
• wallet: throttling channel refetch to once per minute (3c1786c)
• reduce default activity page size (2305ecb)

Changelog

The full list of changes since 0.7.2-beta can be found here:

https://github.com/LN-Zap/zap-desktop/compare/v0.7.2-beta...v0.7.3-beta

Verifying the Release

Please refer to our documentation for instructions on how to verify the release.

A newer version is already available! Please don’t use this version anymore.

Release notes

This release prepares nodes for the upcoming Tor Onion Service upgrade to v3, makes several UI refinements, and fixes bugs across the board.

This version also fixes a privacy issue that will be disclosed in about 1 week (that's when this version will be set as the required minimum version for trading). Please update as soon as possible!

Improvements

• Set custom security deposit when cloning an offer
• Improve chat message reliability
• Remind user when their DAO state needs to be refreshed
• Enable disputes user avatars and tag editing
• Add Account owner full name field to Uphold payment method
• Remove Chase QuickPay as a payment method
• Add hint to upgrade to Tor Onion Service v3
• Add a placeholder on the "Search Disputes" field
• Remove old feature information popups
• Remove borders on separators in main nav
• Improve translations

Bug fixes

• Add pending callbacks to FeeService
• Fix incorrect address link to explorer in dispute details
• Wrong information popup is shown when you click on own offer in offer book
• Disable payment received button after mediation has been accepted
• Fix broken translation in "DAO requires restart" popup

Development & Documentation

• Add mempool fees to PriceServer getAllMarketPrices endpoint
• Remove create CHASEQUICKPAY apitest case
• Bump Google Guice version to fix startup warnings

Assets

No new assets.

Verification

For a detailed description on how to verify your Bisq installer please have a look at our wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key: curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures? gpg --digest-algo SHA256 --verify BINARY{.asc*,} Replace BINARY with the file you downloaded (e.g. Bisq-1.7.0.dmg)

Verify jar file inside binary: You can verify on OSX the jar file with: shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.7.0-all.jar The output need to match the value from the Bisq-1.7.0.jar.txt file.

NEW: There are three hashes within the Bisq-1.7.0.jar.txt file (macOS, Windows, Linux). If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java 11.0.10 and the v1.7.0 release tag. Because of the signing and notarization process that requires the developer certificate used for the build on macOS it is not possible to create the same jar on macOS.

Known issues with installation

Windows:

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files): C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet): C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users: If you have problems starting Bisq on Debian use: /opt/bisq/bin/Bisq

If your Linux distro does not support .deb files please follow this instruction: cd ~/Downloads mkdir tmp cd tmp ar x ../Bisq-64bit-1.7.0.deb sudo tar Jxvf data.tar.xz sudo cp -rp opt/Bisq /opt/ That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Credits

Thanks to everyone who directly contributed to this release:

• @andyheko
• @BtcContributor
• @cd2357
• @chimp1984
• @ghubstan
• @jmacxx
• @m52go
• @ripcurlx
• @sqrrm
• @Emzy
• @xyzmaker123

A special thanks to our first time contributors: - @andyheko - Remove Chase QuickPay as a payment method - Add a placeholder on the "Search Disputes" field - Remove borders on separators in main nav - @xyzmaker123 - Fix incorrect address link to explorer in dispute details - Wrong information popup is shown when you click on own offer in offer book

As well as to everyone that helped with translations on Transifex.

This release contains many fixes and improvements from the past few months. All users are encouranged to upgrade.

Notes:

• If you maintain your own nginx.conf, update it for the new i18n locales

Changelog:

• CPFP effective rate calculation for all CPFP transactions (#395)
• Difficulty adjustment calculation fixes for main dashboard (#475)
• Bisq dashboard with market prices, graphs, other improvements (#381)
• UX improvements for more responsive design on mobile devices (#458)
• API docs page improvements with new mempool.js API library (#544)
• About page now lists project contributors from GitHub API (#382)
• FOSS license updated to dual-license of GNU AGPLv3 / GPLv3 (#410)

...and much more!

The complete changelog is available at: https://github.com/mempool/mempool/compare/v2.1.2...v2.2.0

This update resolves a stability issue that can cause Umbrel to randomly disconnect from the network and become inaccessible.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Diff: https://github.com/getumbrel/umbrel/compare/v0.3.13...v0.3.14

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Feature: Add Keystone device #1237 (Stepan Snigirev)
• Feature: Export device types and labels #1226 (kdmukai)
• Feauture: Liquid - asset support #1216 (Stepan Snigirev)
• UIUX: Redesign the Tor settings screen #1245 (benk10)
• Bugfix: Apostrophes in device labels need proper escaping in PDF export template #1246 (kdmukai)
• Bugfix: cleanup annoying test_artifacts #1236 (Kim Neunert)
• Bugfix: Filter non liquid devices from create liquid wallet #1243 (benk10)
• Bugfix: fix elementsd process #1240 (Stepan Snigirev)
• Chore: Bump normalize-url from 4.5.0 to 4.5.1 in /pyinstaller/electron #1223 (dependabot[bot])
• Chore: Bump urllib3 from 1.25.10 to 1.26.5 #1211 (dependabot[bot])
• Chore: Wallet new refactoring #1244 (Kim Neunert)
• Chore: del elm comp from gitlab + ensure master green #1250 (Kim Neunert)
• Chore: refactor psbt-creation #1249 (Kim Neunert)
• Chore: Refactor wallet creation to Wallet.create method #1242 (Stepan Snigirev)

Misc

at 01.July there way a virus-alarm on the Specter-Setup-v1.4.6.exe. This alarm turned out to be a false positive. It's safe to use that file. A Post-Mortem will be released soon. Post Mortem will follow.

Umbrel v0.3.13 brings the latest versions of Ride The Lightning, Specter Desktop, ThunderHub and LNbits in the Umbrel App Store. The new Ride The Lightning version includes an important security fix and updating quickly is strongly recommended.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Diff: https://github.com/getumbrel/umbrel/compare/v0.3.12...v0.3.13

Improvements: - Rare alert that recipients list can't be empty - Widget App Group - Header would flash on dark mode transitions - Recipient amount text align - Don't open screen with loading indicator

0.0.98 should be considered a release candidate to the first alpha release of Rust-Lightning and the broader LDK. It represents several years of work designing and fine-tuning a flexible API for integrating lightning into any application. LDK should make it easy to build a lightning node or client which meets specific requirements that other lightning node software cannot. As lightning continues to evolve, and new use-cases for lightning develop, the API of LDK will continue to change and expand. However, starting with version 0.1, objects serialized with prior versions will be readable with the latest LDK. While Rust-Lightning is approaching the 0.1 milestone, language bindings components of LDK available at https://github.com/lightningdevkit are still of varying quality. Some are also approaching an 0.1 release, while others are still much more experimental. Please note that, at 0.0.98, using Rust-Lightning on mainnet is strongly discouraged.

This release marks the first major release in the 0.13 series, and the second major release of the year! This release includes a number of compelling additions including: first-class pruning support, AMP sending+receiving support, arbitrary pubkey/xpub import w/ PSBT transaction crafting, clustered lnd using etcd failover, and much more!

Database Migrations

The lnd database is migrated to store all wire messages with an additional TLV field. See details below.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

shell $ curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import $ curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.13.0-beta.sig and manifest-v0.13.0-beta.txt are in the current directory) with:

shell $ gpg --verify manifest-roasbeef-v0.13.0-beta.sig manifest-v0.13.0-beta.txt

You should see the following if the verification was successful:

```text gpg: Signature made Thu Jun 17 09:48:09 2021 PDT gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306 gpg: Good signature from "Olaoluwa Osuntokun laolu32@gmail.com" [ultimate]

```

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onward, in addition time-stamping the git tag with OpenTimestamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.13.0-beta.txt.asc.ots.

Assuming you have the OpenTimestamps client installed locally, the timestamps can be verified with the following commands:

shell $ ots verify manifest-roasbeef-v0.13.0-beta.sig.ots -f manifest-roasbeef-v0.13.0-beta.sig

Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally. These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.3, which is required by verifiers to arrive at the same ones.

They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided. The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

Finally, you can also verify the tag itself with the following command:

shell $ git verify-tag v0.13.0-beta gpg: Signature made Thu 17 Jun 2021 02:25:51 AM UTC using RSA key ID 9B280306 gpg: Good signature from "Olaoluwa Osuntokun <laolu32@gmail.com>"

Verifying the Docker Images

To verify the lnd and lncli binaries inside the docker images against the signed, reproducible release binaries, there is a verification script in the image that can be called (before starting the container for example):

shell $ docker pull lightninglabs/lnd:v0.13.0-beta $ docker run --rm --entrypoint="" lightninglabs/lnd:v0.13.0-beta /verify-install.sh $ OK=$? $ if [ "$OK" -ne "0" ]; then echo "Verification failed!"; exit 1; done $ docker run lightninglabs/lnd [command-line options]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.13.0-beta.tar.gz are in the current directory, follow these steps:

shell $ tar -xvzf vendor.tar.gz $ tar -xvzf lnd-source-v0.13.0-beta.tar.gz $ GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.0-beta" ./cmd/lnd $ GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.13.0-beta" ./cmd/lncli

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:

shell $ make release sys="linux-arm64 darwin-amd64"

⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️

Release Notes

Database and wire changes

Wire Message TLV Support

The wire messages sent between LN peers have the ability to carry additional data, using the TLV format. This allows attaching data and protocol extensions to messages in a non-breaking way, paving the way for future feature upgrades to the protocol.

In this release all stored messages in the lnd database are migrated to a format supporting these TLV extensions, and message parsing now always read out these fields and keep them for future handling.

Protocol Updates

Anchor Output Channels

The spec compliant anchor channel format introduced in v0.12 is now the default channel type if both nodes support it when opening a new channel. You can read more about it in the v0.12.0 release notes, and it can be disabled by providing the --protocol.no-anchors flag at startup.

Since a node having channels using this format must keep on-chain funds around in case unilateral fee bumping is needed, we reserve 10k sats per channel for this purpose. In this release we cap this at 100k sats, and in addition avoid reserving this value for private channels.

Finally a change to breach handling has been made, to mitigate a theoretical attack the channel peer can perform by pinning HTLC outputs on a breached commitment transaction. If we suspect such pinning is taking place, lnd will now attempt to sweep the breached commitment outputs separately.

P2P Gossip Handling, Hardening & Optimizations

Ephemeral & Persistent Gossip Reject Caches

Those that run larger lnd instances may have noticed a cyclic nature of gossip traffic that would lead to many announcements being rejected, only to be processed hours later. This burst of traffic typically causes high CPU and memory usage, along with a large batch of blocks fetched from the node backend.

During this release cycle we dug into the issue and found that the culprit was actually a new variant of zombie channel churn: fully closed channels (funding UTXO spent) being continually offered by nodes that aren't (for some reason) pruning their channel graph.

In this release, we'll now add channels that fail full validation irrevocably to the existing zombie index cache. Expanding the usage of this cache means that new lnd nodes will only validate those spent channels once (as they should), then never request them again during the historical sync spot checks that happen periodically.

Related to the above fix, a bug has been fixed that would cause us to continually re-validate a channel announcement that we had already rejected.

Dependent Gossip Processing

ChannelUpdate and NodeAnnouncement gossip messages depend on its ChannelAnnouncement being processed successfully. Throughout our investigative efforts above, we also noticed that lnd would process these messages when their corresponding ChannelAnnouncement's validation failed, which has now been fixed.

Improved Gossip Rate Limiting

lnd v0.12.1-beta featured a new gossip rate limiting heuristic in which keep-alive updates were throttled to allow one per day, while non-keep-alive updates were throttled to allow one per block. The latter heuristic for non-keep-alive updates proved to be inconsistent, especially for our auto enable/disable channel behavior, as blocks are not guaranteed to arrive at a constant rate. To mitigate this, we've moved towards a token bucket based approach to allow by default one update per minute with a maximum burst tolerance of 10 updates. These defaults may change as the structure of the network does, but they can also be changed through two new config options: gossip.channel-update-interval and gossip.max-channel-update-burst.

Routing Optimizations & New Payment Types

Atomic Multi-Path (AMP) Payments

This version of lnd introduces initial support for AMP payments, which is a generalized version of the experimental keysend protocol added in lnd-v0.9.0-beta. While keysend payments must be fulfilled with a single HTLC, AMP offers the ability to perform multi-path spontaneous payments and leverage channel liquidity more effectively. It also offers an initial incarnation of AMP invoices, which helps to facilitate spontaneous payments to private nodes, and serve as a basis for recurring payments down the road.

Receiving Spontaneous Payments

Users can set the accept-amp=1 configuration option to automatically accept incoming, spontaneous AMP payments. Without setting this option, all spontaneous AMP payments will be rejected. Note that this setting is not required to accept one-time payments to an AMP Invoice.

Sending Spontaneous Payments

Users can send spontaneous AMP payments to nodes with accept-amp=1 using lncli, routerrpc.SendToRouteV2, or routerrpc.SendPaymentV2.

When paying with lncli: by including the --amp flag, payments only need to specify the amount and pubkey of the destiation, e.g. lncli sendpayment --amt 100 --dest 0247a5b3b2f6794da6ab930974e3396fd9973aa7dc333ea8dd3b59fb71a70165be --amp. This will only work for nodes in public channel graph, to pay private nodes see below regarding AMP Invoices.

When paying withrouterrpc.SendPaymentV2: when manually specifiying arguments, setting the Amp flag to true and omitting the PaymentHash will cause lnd to initiate an AMP payment. This behavior can also be forced by providing an AMP Invoice in the PaymentRequest field.

When paying with routerrpc.SendToRouteV2: users can force an AMP payment by setting AmpRecord field to a well crafted lnrpc.AmpRecord on the route's final lnrpc.Hop.

AMP Invoices

In this version of lnd, we introduce a new concept of AMP invoices. Having invoices at all may seem counterintuitive to the spontaneous use case of AMP, however AMP invoices will provided two necessary use cases: - Offering the ability to pay private nodes via AMP, by providing the sender with hop hints to reach the desination. - In the future, the ability to make recurring payments to an invoice, e.g. subscriptions, deposits/withdrawals, etc.

Full-blown recurring invoices are not implemented in this release, but will be available at a later point. For now an AMP invoice can only be settled by one payment. That said, this release does include support for simulating recurring payments, making the existing AMP invoices "pseudo-reusable".

In order to do so, users can make payments via routerrpc.SendPaymentV2 by passing in the (AMP) PaymentRequest, and providing an randomly-generated PaymentAddr. The external PaymentAddr will causelnd to ignore the payment address provided in the invoice, and make a spontaneous payment using the rest of the parameters in the payment request. Note that the receiver must have accept-amp=1 set, otherwise these subsequent payments will be ignored.

The default expiry for AMP invoices is set 30 days. Users may wish to increase this duration using the Expiry field to further amortize the setup costs of obtaining a new invoice.

MPP+AMP Payment Splitting on by Default

In this version of lnd, MPP/AMP payment splitting is now activated by default. Prior versions of lnd required a caller to manually specify that they wanted their payment to possibly be split via the MaxShards RPC/CLI flag. The default number of attempted splits is now 16 (we'll attempt to split up to 16 times by default). In addition, a new MaxShardAmt flag has been added that allows the caller to control how large the largest split can be. This new flag can effectively be used to force lnd to adhere to a given maximum payment unit expressed in satoshis, which means lnd may split more frequently than before.

Strict Zombie Pruning

Typically lnd will mark a channel as a zombie when both of its edges aren't re-advertised within a two week period. This is typically referred to as a channel's heartbeat update. Analysis by Conner Fromknecht demonstrated that the channel graph itself could be shrunk by ~20% if a stricter pruning heuristic was adopted: pruning a channel once only a single edge fails the heartbeat check. The latest version of lnd has implemented this stricter pruning variant in an opt-in manner.

This new graph pruning variant is on by default for neutrino nodes as it was common for them to never actually receive a "double disable" of a channel's edges, meaning it would never actually remove certain closed channels from its channel graph. Routing nodes and nodes that frequently send outbound payments can activate the new pruning variant with a new flag: --routing.strictgraphpruning. The new logic also requires that party that originally failed the heartbeat check to the be one that re-publishes the channel update in order for a prior zombie channel to be resurrected.

New M1 Release Target

This is the first release that includes binaries for the recently released Apple Silicon (M1) architecture! roasbeef has switched to using an M1 machine as his primary development machine over the past few months and hasn't reported any unsafe behavior. We encourage those switching to run lnd on an M1 machine to reach out to us if any abnormal behavior is detected.

For the 0.14 release, we aim to start to remove architectures for binaries included with the final packaged release that are either in the bottom tier of downloads, or have no downloads at all.

P2P Networking

A bug that wouldn't allow a node to listen on an IPv6 REST port when Tor is active has been fixed.

Wallet Enhancements

This release features several improvements that will enable lnd (in a future release!) to operate without the access of private keys within its process.

Watch-Only Key Import

The wallet is now able to import BIP-0049 and BIP-0084 accounts/public keys as watch-only through xpubs! This feature was made possible by the introduction of watch-only accounts to btcwallet, our internal wallet. This functionality is exposed through two new RPCs within the WalletKit sub-server: ImportAccount and ImportPublicKey.

Events (deposits/spends) for imported keys or keys derived from an imported account will only be detected by lnd if they happen after the import. Rescans to detect past events will be supported in a future release, so make sure to use a new unused wallet when using this functionality.

A new document was added that explains the account import and PSBT signing process.

ECDH Revocation Seed

The revocation seed is used to generate revocation secrets during the lifetime of a channel. The seed-generation code has been updated to no longer handle raw private keys, using ECDH to achieve this.

Auto-unlock wallet from password file

In automated or unattended setups such as cluster/container environments, unlocking the wallet through RPC presents a series of challenges. Usually, the password is present as a file somewhere in the container already anyway so writing an extra custom script for unlocking is error prone and tedious. Instead the new --wallet-unlock-password-file flag was added that can be used to read the password for an existing wallet from a file (or device or named pipe) to auto-unlock it.

Random Coin Selection

By default lnd's internal wallet uses a coin selection algorithm that always picks the largest UTXOs available first when crafting a transaction. This can lead to a wallet state that has many small and uneconomical UTXOs. To counteract that, a new --coin-selection-strategy flag was added that can be set to random instead of the default larges value to enable random coin selection.

Backend Enhancements & Optimizations

Daemon-Level Block Cache

lnd now maintains a global daemon-level block cache to prevent redundant GetBlock calls across all of its sub-systems. This cache can store up to 20MB worth of block data by default, and can be changed through the new config option blockcachesize.

bitcoind Pruned Node Support

lnd now supports connecting to pruned bitcoind backends! A new sub-system has been introduced that maintains connections to bitcoin peers to retrieve pruned blocks from and caches them. These peers are sourced from the peer list of the connected bitcoind instance, or from the getnodeaddress RPC otherwise. The number of connections (4 by default) can be configured through the new config option bitcoind.pruned-node-max-peers.

Neutrino Optimizations

The memory footprint used throughout the initial block header sync has been reduced by 50%.

The set of filter header checkpoints for the mainnet and testnet chains have been updated.

Neutrino Channel Validation

Compact filters retrieved from peers to determine whether the corresponding block contains any relevant transactions are now validated by checking whether they were constructed correctly.

lnd instances backed by Neutrino now have channel validation disabled by default. Channel validation includes obtaining the block a channel was included in and verifying the channel output remains unspent. This is an intensive process for light-clients as they don't maintain a block index and UTXO set. The routing.assumechanvalid config option, which disables channel validation, has now been deprecated. Channel validation can be re-enabled for Neutrino-backed lnd nodes with the new config option neutrino.validatechannels.

Neutrino Configuration

neutrino.broadcasttimeout allows users to specify how long they wish their broadcast attempts to last before giving up.

neutrino.persistfilters allows users to persist compact filters retrieved from the network. This will result in less bandwidth consumption at the expense of storage.

neutrino.validatechannels can be activated to enable channel validation. Note that light-clients are not well-equipped to perform this type of validation without SPV channel proofs (keep an eye out for this in future releases!).

Immediate graph updates for local channels

In lnd v0.12.0 we saw a massive enhancement to graph sync, since batch writing of gossip messages to the database was introduced. However, this also included local updates made, which could cause these to become slightly delayed. In this release the local updates will now get special treatment, and are added immediately.

Clustered LND configuration with leader elected primary

So far lnd has mainly been used in single node setups with local databases. This configuration makes it challenging to build a highly available lighting service, since the node itself has to be online and users have to build ad-hoc solutions for database replication and re-deployment in case of failure or datacenter migration. With the recent addtion of the etcd kvdb driver for lnd we've made incremental steps toward an out-of-the box HA solution. With this release we add experimental support for leader elected lnd cluster, where apart from the graph, all important state can reside in a replicated etcd database. This allows us to use etcd's leader election facilities to form a cluster of multiple lnd nodes, where one of them is the primary node accessing the DB, while the rest are waiting in line to become the leader if a failover happens (eg. primary is decomissioned, crash, network partition, etc). In such configuration all the nodes in the cluster share the same lightning identity but only the active leader has full control while the rest are dormant.

RPC

Unification of WalletUnlocker and Lightning services

This release brings a massive overhaul to the way the wallet is unlocked on the backend, while staying backwards compatible.

Earlier version of lnd would bring up a gRPC server that exposed the WalletUnlocker service, which would in turn be stopped and restarted to bring up the Lightning service after successful unlock. This caused issues with some clients that didn't expect the available services to change during runtime, and it also made it hard to determine the state of the wallet without string matching on the error received from calling the RPC server.

In lnd v0.13.0, the two gRPC services (and subserver services) are available at all times such that we avoid tearing down the gRPC server at runtime. The RPC endpoints are gated by the wallet state (see below) such that only RPCs from the WalletUnlocker service are available as long as the wallet remains locked.

If you relied on the RPC errors or availability of the different services to determine the wallet state, you should change to use the new State service.

New State Service

A new service is now exposed on the lnd gRPC server: State. This can be used to get the state of the wallet at all times, and should be used to programatically drive the unlocking process.

The possible wallet states are [NON_EXISTING, LOCKED, UNLOCKED, RPC_ACTIVE] and the state can be subscribed to using the SubscribeState RPC, or fetched using lncli state.

Mission Control

Mission Control's parameters can now read and set while lnd is running using the GetMissionControlConfig and SetMissionControlConfig endpoints. This allows nodes to experiment with these parameters without restarting lnd.

An experimental XImportMissionControl API has been added to allow nodes to import state from other lnd nodes' QueryMissionControl output. This allows new nodes to start include routing insights that another node has learned, rather than starting with no information about the network. This imported information is not currently persisted. Note that sharing your QueryMissionControl output with another party may leak information about your payment history.

Bi-directional Stream Support for REST WebSockets

A fix to the WebSocket proxy now allows all RPCs to be used over REST/WebSockets, including the client-streaming ones (specifically lnrpc.Lightning.ChannelAcceptor, lnrpc.Lightning.SendPayment and routerrpc.Router.HtlcInterceptor).

An example for using the channel acceptor over REST was added to the documentation.

Option to delete failed payments

In earlier versions of lnd you could delete all finished payments from the database using the DeleteAllPayments RPC. Two new flags failed_payments_only and failed_htlcs_only have been added to this RPC, which can be used to delete only payments (HTLCs) that failed.

WalletKit & Wallet-Related RPCs

LeaseOutput has been extended to allow custom lease expirations and a new ListLeases RPC has been added to allow users to determine which outputs are currently being leased and for how long.

As part of our watch-only key import efforts, three new RPCs have been added to the WalletKit sub-server to interact with them:

• ImportAccount imports an BIP-0049/BIP-0084 account as watch-only through its extended public key (xpub).
• ImportPublicKey imports a BIP-0049/BIP-0084 public key into a default "imported" account.
• ListAccounts exposes information for accounts (watch-only or not) existing within the wallet.

Several existing RPCs were also modified (in a backwards-compatible manner) to either accept an account parameter in their requests or break down their responses by accounts.

• GetTransactions and ListUnspent can now filter through transactions and outputs belonging to a specific account.
• FundPSBT/FinalizePSBT can now fund/finalize PSBTs from a specific account.
• NewAddress can now generate addresses for a specific account.
• WalletBalance now returns an additional breakdown of the total wallet balance by accounts.

Longer Default Invoice Expiries

Over the past few months, we've heard from multiple sources that the default invoice expiries are too short. As a result, the default expiry for MPP invoices has been raised from one hour to one day.

Surfacing INVALID_ONION_PAYLOAD failures

Payments that fail with INVALID_ONION_PAYLOAD are now properly reported via SendToRoute and SendPaymentV2 as lnrpc.INVALID_ONION_PAYLOAD. Prior to 0.13 these were reported as lnrpc.Failure_UNKNOWN_FAILURE.

pprof Security

lnd will no longer make its pprof port accessible to the world by default, and will instead listen on localhost if a port is specified. Exposing the pprof port is still left as an option for certain use cases.

Mobile

Simplified API using the State service

Using the mobile bindings one would earlier need to wait for the unlockerReady callback to fire to unlock the wallet, and then the second callbackrpcReady before the lnd RPCs were ready to be used. This was a bit awkward, and not very well supported with React Native.

This release moves back to a single rpcReady callback, which together with the new State service can be used to determine the state of lnd at all times.

To build lnd with these new bindings for mobile, falafel v0.9.0 should be used.

Avoid killing the app on lnd failure

Instead of killing the application in case lnd fails to start, we now return an error back over the API.

Delayed Zombie Pruning

We delay graph zombie pruning on startup by 30 sec, to avoid blocking on this operation. This shortens the delay from unlocking to lnd is ready, which especially should improve the experience on mobile.

Bug Fixes

• A regression in the channel state-machine that would lead to de-sync and force close has been fixed. Channels between upgraded nodes should not experience incorrect force closes.
• The failure message used by the HTLC Interceptor to reject HTLCs has been updated to include a channel update with the temporary channel failure error code.
• A bug that could cause lnd to fail starting up if a new channel was in the process of being opened has been fixed.
• In case a channel announcment for a local channel was received after channel closure, neutrino backed nodes could end up re-adding the channel to the graph. This has been fixed by ignoring all local announcements coming from our peers.
• A bug in the payment state machine which would result in a payment getting stuck if it received a terminal payment error shortly before dispatching another shard has been addressed.
• The SubscribeSingleInvoice API has been updated to terminate the stream of events once the invoice reaches a terminal state.
• During a block storm or integration tests the router subsystem can lag behind on its best known block due to the pruning work it has to complete for each block. Previously the synced_to_chain flag of the GetInfo RPC would only look at the best height of the wallet vs. its chain backend. To make sure the router is also up to date, the flag now only turns true if the router subsystem is synced to the same height as the wallet
• Some terminals don't allow more than 4096 characters to be pasted if running in interactive/TTY mode. This lead to large PSBTs being cut off during channel open. This was fixed by allowing the PSBT to be read from a file in addition to the terminal.
• The GetNodeInfo RPC has been updated to output the channel policies for the requested node in the expected order. Previously, its ordering was inconsistent with DescribeGraph and GetChanInfo.
• The num_pending_backups stat exposed by configured watchtower clients through the WatchtowerClient sub-server is now properly decremented after a backup has been accepted by a watchtower.

Contributors (Alphabetical Order)

Alex Bosworth Andras Banki-Horvath Anton Kovalenko Bjarne Magnussen Carla Kirk-Cohen Conner Fromknecht Elle Mouton Elliott Jin Eugene Siegel GameXG Hampus Sjöberg Jake Sylvestre Johan T. Halseth Jonathan Underwood Joost Jager Juan Pablo Civile Martin Habovštiak Olaoluwa Osuntokun Oliver Gugger Pierre Rochard Roei Erez Tom Kirkpatrick Umar Bolatov Vlad Stan Wilmer Paulino Yaacov Akiba Slama rockstardev whythat yuki-js Yong Yu

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Feature: Add Blockstream Jade support #1234 (benk10)
• Feature: Add SeedSigner device #1225 (Stepan Snigirev)
• Feature: Show Liquid icon on node manager #1224 (benk10)
• Bugfix: non_witness_utxo hash mismatch problem #1235 (Stepan Snigirev)
• Bugfix: RPC-password as pin for multiple nodes #1231 (Kim Neunert)
• Bugfix: Missing prop setter bugfix #1228 (kdmukai)
• Bugfix: "NameError: name 'protocol' is not defined" #1229 (DerM007)
• Chore: Elements testing #1212 (Kim Neunert)

Umbrel v0.3.12 fixes a bug that made Umbrel inaccessible over Tor.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Diff: https://github.com/getumbrel/umbrel/compare/v0.3.11...v0.3.12

Umbrel v0.3.11 is here with the latest versions of Specter Desktop, ThunderHub, Sphinx Relay, Ride The Lightning, and LNbits in the Umbrel App Store, hardware failure detection, low RAM alerts, and stability improvements.

If you face any difficulties while updating, please message us on Telegram: https://t.me/getumbrel

Diff: https://github.com/getumbrel/umbrel/compare/v0.3.10...v0.3.11

Binaries

There are two types of binaries:

Specter Desktop

It's a windowed GUI application with Specter server included. Supported platforms: Windows, MacOS, Linux (x86_64)

Note on Linux: you need to set up udev rules (included in the archive). Check out readme.

Note on macOS: The current build supports only macOS Catalina (10.15) or higher. If you'd like to run Specter on an older macOS version, you can install Specter from Pip.

specterd

It's a command-line program that only runs Specter server. Supported platforms: Windows, MacOS, Linux (x86_64)

Signatures and hashes

sha256.signed.txt file contains sha256 hashes of all binary files and signed with @ben-kaufman's GPG key. You can get the public key from here: https://benkaufman.info/ben-kaufman.asc. It is also available via keys.gnupg.net or keys.openpgp.org. Fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD, short id: 5d27de564153f2bd

Release notes

• Bugfix: add some liquid fixes #1194 (Stepan Snigirev)
• Feature: Fully unblind liquid transactions sent by Specter #1220 (Stepan Snigirev)

Changelog:

• Support supplying contract hash to issueasset RPC
• Fix description of -chain parameter
• Add liquidv1test chainparams
• Add logging for dynafed activation and transitions
• Undo default signalling behavior for dynafed unless enabled

Main changes

Remove editable fee rate in swap-out

Swap-outs (LN -> on-chain) are actually spending from a shared UTXO set. To make things consistent and ensure good UX for every users, the swap-out fee rate is now defined by the swap service.

More info here: https://phoenix.acinq.co/faq#why-dont-you-let-me-set-the-feerate-myself-when-sending-on-chain

Added a button to enlarge the receive QR code

This will help scanning a invoice with low resolution camera.

Added an option to disable pay-to-open

On-the-fly channel creation has a fee and users may want to disable it. In that case, if a new channel was required to be created in order for a incoming payment to be received, the payment will fail and a notification will be displayed (with a cooldown to prevent notification spam).

Full list of changes

• app: https://github.com/ACINQ/phoenix/compare/v1.4.13...v1.4.14
• core: https://github.com/ACINQ/eclair/compare/v0.4.11-android-phoenix...v0.4.12-android-phoenix

Verifying signatures

You will need gpg and our release signing key 7A73FE77DE2C4027. Note that you can get it: - from our website: https://acinq.co/pgp/drouinf.asc - from github user @sstone, a committer on eclair: https://api.github.com/users/sstone/gpg_keys

To import our signing key: $ gpg --import drouinf.asc

To verify the release file checksums and signatures: $ gpg -d SHA256SUMS.asc > SHA256SUMS.stripped $ sha256sum -c SHA256SUMS.stripped

This release of btcd is primarily to act as a catchup for the various changes that have accumulated.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

Once you have the required PGP keys, you can verify the release (assuming manifest-v0.22.0-beta.txt and manifest-v0.22.0-beta.txt.sig are in the current directory) with:

gpg --verify manifest-v0.22.0-beta.txt.sig

You should see the following if the verification was successful:

``` gpg: assuming signed data in 'manifest-v0.22.0-beta.txt' gpg: Signature made Tue 08 Jun 2021 10:07:53 AM EDT gpg: using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54 gpg: Good signature from "John C. Vernaleo john@netpurgatory.com" [ultimate]

```

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Binaries

As of this release, our release binaries are fully reproducible thanks to go1.13! Third parties are now able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.5, which is required by verifiers to arrive at the same ones.

Finally, you can also verify the tag itself with the following command: git verify-tag v0.22.0-beta

You should see something along the lines of this in the case of a valid tag: gpg: Signature made Tue 08 Jun 2021 09:42:52 AM EDT gpg: using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54 gpg: Good signature from "John C. Vernaleo <john@netpurgatory.com>" [ultimate]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and btcd-source-v0.22.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf btcd-source-v0.22.0.tar.gz GO111MODULE=on go install -v -mod=vendor GO111MODULE=on go install -v -mod=vendor ./cmd/btcctl

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's also possible to use the enclosed release.sh script to bundle a release for a specific system like so:

BTCBUILDSYS="linux-arm64 darwin-amd64" ./build/release/release.sh

Release Notes

Protocol and network-related changes:

• Added support for witness tx and block in notfound msg. (#1625)

• Added support for receiving sendaddrv2 messages from a peer. (#1670)

• Fixed bug in peer package causing last block height to go backwards. (#1606)

• Added chain parameters for connecting to the public Signet network. (#1692, #1718)

Also added --signet command line flag to btcctl and btcd utilities.

Crypto changes:

• Fixed bug causing panic due to bad R and S signature components in btcec.RecoverCompact. (#1691)
• Set the name (secp256k1) in the CurveParams of the S256 curve. (#1565)

Notable developer-related package changes:

• Improve gc for txscript.IsUnspendable method. (#1615)

Significantly reduced allocations, which should bring a performance gain during sync. * Used RLock/RUnlock when possible in the addrmgr package. (#1697) * Removed unknown block version warning in the blockchain package, due to false positives triggered by AsicBoost. (#1463) * Added proper types for flag field and improve docs, for msgtx in the wire package. (#1632) * Added chaincfg.RegisterHDKeyID function to populate HD key ID pairs. (#1617) * Fixed flaky hash cache test due to resetting RNG. (#1689) * Added new method mining.AddWitnessCommitment to add the witness commitment as an OP_RETURN output within the coinbase transaction. (#1716)

RPC changes:

• Implemented Batch JSON-RPC in rpcclient and server. (#1583)

Please refer to rpcclient/examples/bitcoincorehttpbulk/README.md for examples.

• Implemented rpcclient method to invoke getdescriptorinfo JSON-RPC command. (#1578)
• Updated the rpcserver handler for validateaddress JSON-RPC command to have parity with the bitcoind 0.20.0 interface. (#1613)
• Implemented rpcclient method to invoke getblockfilter JSON-RPC command. (#1579)
• Implemented signmessagewithprivkey JSON-RPC command in rpcserver. (#1585)
• Implemented rpcclient method to invoke importmulti JSON-RPC command. (#1579)
• Implemented watchOnly argument in rpcclient method to invoke listtransactions JSON-RPC command. (#1628)
• Updated btcjson.ListTransactionsResult for compatibility with Bitcoin Core 0.20.0. (#1626)

Two new fields BlockHeight and Label were added as optional, to keep backwards compatibility. * Implemented nullable optional JSON-RPC parameters. (#1594)

Fixed command marshalling dropping params that follow params with nil value. * Implemented rpcclient and server method to invoke getnodeaddresses JSON-RPC command. (#1590) * Implemented rpcclient methods to invoke PSBT JSON-RPC commands. (#1596)

The walletcreatefundedpsbt and walletprocesspsbt commands were implemented. * Implemented rpcclient method to invoke listsinceblock with the include_watchonly parameter enabled. (#1451) * Implemented rpcclient method to invoke deriveaddresses JSON-RPC command. (#1631) * Implemented rpcclient method to invoke getblocktemplate JSON-RPC command. (#1629)

The corresponding btcjson structs were also updated to reflect changes in Bitcoin Core. * Implemented rpcclient method to invoke getaddressinfo JSON-RPC command. (#1633) * Implemented rpcclient method to invoke getwalletinfo JSON-RPC command. (#1638) * Fixed error message in rpcserver when an unknown RPC command is encountered. (#1695) * Fixed error message returned by estimatefee when the number of blocks exceeds the max depth. (#1678) * Updated btcjson.GetBlockChainInfoResult to include new fields in Bitcoin Core. (#1676)

Two new fields InitialBlockDownload and SizeOnDisk were added. * Added ExtraHeaders in rpcclient.ConnConfig struct. (#1669)

It's useful when the RPC provider needs customized headers, for example, the X-Auth-Token header. * Fixed bitcoind compatibility issue with the sendrawtransaction JSON-RPC command. (#1659) * Added new JSON-RPC errors to btcjson package, and documented them. (#1648) * Implemented rpcclient method to invoke createwallet JSON-RPC command. (#1650)

This is also the first rpcclient method that uses the functional options pattern, which will be used more and more in future. * Implemented rpcclient methods to invoke backupwallet, dumpwallet, loadwallet and unloadwallet JSON-RPC commands. (#1645) * Fixed unmarshalling error in getmininginfo JSON-RPC command, for valid integers in scientific notation. (#1644) * Implemented rpcclient method to invoke gettxoutsetinfo JSON-RPC command. (#1641) * Implemented rpcclient method to invoke signrawtransactionwithwallet JSON-RPC command. (#1642) * Added txid to getblocktemplate response of rpcserver. (#1639) * Fixed monetary unit used in createrawtransaction JSON-RPC command in rpcserver. (#1614) * Added rawtx field to btcjson.GetBlockVerboseTxResult to provide backwards compatibility with older versions of Bitcoin Core. (#1677)

Misc changes:

• Updated btcutil dependency. (#1704)
• Updated documentation links to use https://pkg.go.dev instead of http://godoc.org. (#1693)
• Added Dockerfile to build and run btcd on Docker. (#1465)
• Reworked documentation and published on https://btcd.readthedocs.io. (#1468)
• Added support for Go 1.15. (#1619)
• Added Go 1.14 as the minimum supported version of Golang. (#1621)
• Removed unnecessary GOMAXPROCS function calls. (#1627)
• Enabled Go Race detector and code coverage on GitHub Actions. (#1601)

Changelog

The full list of changes since v0.21.0-beta can be found here:

• https://github.com/btcsuite/btcd/compare/v0.21.0-beta..v0.22.0-beta

Contributors (Alphabetical Order)

10gic Andrew Tugarinov Anirudha Bose Appelberg-s Armando Ochoa Aurèle Oulès Calvin Kim Christian Lehmann Conner Fromknecht Dan Cline David Mazary Elliott Minns Federico Bond Friedger Müffke Gustavo Chain Hanjun Kim Henry Fisher Iskander Sharipov Jake Sylvestre Johan T. Halseth John C. Vernaleo Liran Sharir Mikael Lindlof Olaoluwa Osuntokun Oliver Gugger Rjected Steven Kreuzer Torkel Rogstad Tristyn Victor Lavaud Vinayak Borkar Wilmer Paulino Yaacov Akiba Slama ebiiim ipriver wakiyamap yyforyongyu

This release of btcd is primarily to act as a catchup for the various changes that have accumulated.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

Once you have the required PGP keys, you can verify the release (assuming manifest-v0.22.0-beta.txt and manifest-v0.22.0-beta.txt.sig are in the current directory) with:

gpg --verify manifest-v0.22.0-beta.txt.sig

You should see the following if the verification was successful:

``` gpg: assuming signed data in 'manifest-v0.22.0-beta.txt' gpg: Signature made Tue 08 Jun 2021 10:07:53 AM EDT gpg: using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54 gpg: Good signature from "John C. Vernaleo john@netpurgatory.com" [ultimate]

```

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Binaries

As of this release, our release binaries are fully reproducible thanks to go1.13! Third parties are now able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.5, which is required by verifiers to arrive at the same ones.

Finally, you can also verify the tag itself with the following command: git verify-tag v0.22.0-beta

You should see something along the lines of this in the case of a valid tag: gpg: Signature made Tue 08 Jun 2021 09:42:52 AM EDT gpg: using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54 gpg: Good signature from "John C. Vernaleo <john@netpurgatory.com>" [ultimate]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and btcd-source-v0.22.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz tar -xvzf btcd-source-v0.22.0.tar.gz GO111MODULE=on go install -v -mod=vendor GO111MODULE=on go install -v -mod=vendor ./cmd/btcctl

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's also possible to use the enclosed release.sh script to bundle a release for a specific system like so:

BTCBUILDSYS="linux-arm64 darwin-amd64" ./build/release/release.sh

Release Notes

Protocol and network-related changes:

• Added support for witness tx and block in notfound msg. (#1625)

• Added support for receiving sendaddrv2 messages from a peer. (#1670)

• Fixed bug in peer package causing last block height to go backwards. (#1606)

• Added chain parameters for connecting to the public Signet network. (#1692, #1718)

Also added --signet command line flag to btcctl and btcd utilities.

Crypto changes:

• Fixed bug causing panic due to bad R and S signature components in btcec.RecoverCompact. (#1691)
• Set the name (secp256k1) in the CurveParams of the S256 curve. (#1565)

Notable developer-related package changes:

• Improve gc for txscript.IsUnspendable method. (#1615)

Significantly reduced allocations, which should bring a performance gain during sync. * Used RLock/RUnlock when possible in the addrmgr package. (#1697) * Removed unknown block version warning in the blockchain package, due to false positives triggered by AsicBoost. (#1463) * Added proper types for flag field and improve docs, for msgtx in the wire package. (#1632) * Added chaincfg.RegisterHDKeyID function to populate HD key ID pairs. (#1617) * Fixed flaky hash cache test due to resetting RNG. (#1689) * Added new method mining.AddWitnessCommitment to add the witness commitment as an OP_RETURN output within the coinbase transaction. (#1716)

RPC changes:

• Implemented Batch JSON-RPC in rpcclient and server. (#1583)

Please refer to rpcclient/examples/bitcoincorehttpbulk/README.md for examples.

• Implemented rpcclient method to invoke getdescriptorinfo JSON-RPC command. (#1578)
• Updated the rpcserver handler for validateaddress JSON-RPC command to have parity with the bitcoind 0.20.0 interface. (#1613)
• Implemented rpcclient method to invoke getblockfilter JSON-RPC command. (#1579)
• Implemented signmessagewithprivkey JSON-RPC command in rpcserver. (#1585)
• Implemented rpcclient method to invoke importmulti JSON-RPC command. (#1579)
• Implemented watchOnly argument in rpcclient method to invoke listtransactions JSON-RPC command. (#1628)
• Updated btcjson.ListTransactionsResult for compatibility with Bitcoin Core 0.20.0. (#1626)

Two new fields BlockHeight and Label were added as optional, to keep backwards compatibility. * Implemented nullable optional JSON-RPC parameters. (#1594)

Fixed command marshalling dropping params that follow params with nil value. * Implemented rpcclient and server method to invoke getnodeaddresses JSON-RPC command. (#1590) * Implemented rpcclient methods to invoke PSBT JSON-RPC commands. (#1596)

The walletcreatefundedpsbt and walletprocesspsbt commands were implemented. * Implemented rpcclient method to invoke listsinceblock with the include_watchonly parameter enabled. (#1451) * Implemented rpcclient method to invoke deriveaddresses JSON-RPC command. (#1631) * Implemented rpcclient method to invoke getblocktemplate JSON-RPC command. (#1629)

The corresponding btcjson structs were also updated to reflect changes in Bitcoin Core. * Implemented rpcclient method to invoke getaddressinfo JSON-RPC command. (#1633) * Implemented rpcclient method to invoke getwalletinfo JSON-RPC command. (#1638) * Fixed error message in rpcserver when an unknown RPC command is encountered. (#1695) * Fixed error message returned by estimatefee when the number of blocks exceeds the max depth. (#1678) * Updated btcjson.GetBlockChainInfoResult to include new fields in Bitcoin Core. (#1676)

Two new fields InitialBlockDownload and SizeOnDisk were added. * Added ExtraHeaders in rpcclient.ConnConfig struct. (#1669)

It's useful when the RPC provider needs customized headers, for example, the X-Auth-Token header. * Fixed bitcoind compatibility issue with the sendrawtransaction JSON-RPC command. (#1659) * Added new JSON-RPC errors to btcjson package, and documented them. (#1648) * Implemented rpcclient method to invoke createwallet JSON-RPC command. (#1650)

This is also the first rpcclient method that uses the functional options pattern, which will be used more and more in future. * Implemented rpcclient methods to invoke backupwallet, dumpwallet, loadwallet and unloadwallet JSON-RPC commands. (#1645) * Fixed unmarshalling error in getmininginfo JSON-RPC command, for valid integers in scientific notation. (#1644) * Implemented rpcclient method to invoke gettxoutsetinfo JSON-RPC command. (#1641) * Implemented rpcclient method to invoke signrawtransactionwithwallet JSON-RPC command. (#1642) * Added txid to getblocktemplate response of rpcserver. (#1639) * Fixed monetary unit used in createrawtransaction JSON-RPC command in rpcserver. (#1614) * Added rawtx field to btcjson.GetBlockVerboseTxResult to provide backwards compatibility with older versions of Bitcoin Core. (#1677)

Misc changes:

• Updated btcutil dependency. (#1704)
• Updated documentation links to use https://pkg.go.dev instead of http://godoc.org. (#1693)
• Added Dockerfile to build and run btcd on Docker. (#1465)
• Reworked documentation and published on https://btcd.readthedocs.io. (#1468)
• Added support for Go 1.15. (#1619)
• Added Go 1.14 as the minimum supported version of Golang. (#1621)
• Removed unnecessary GOMAXPROCS function calls. (#1627)
• Enabled Go Race detector and code coverage on GitHub Actions. (#1601)

Changelog

The full list of changes since v0.21.0-beta can be found here:

• https://github.com/btcsuite/btcd/compare/v0.21.0-beta..v0.22.0-beta

Contributors (Alphabetical Order)

10gic Andrew Tugarinov Anirudha Bose Appelberg-s Armando Ochoa Aurèle Oulès Calvin Kim Christian Lehmann Conner Fromknecht Dan Cline David Mazary Elliott Minns Federico Bond Friedger Müffke Gustavo Chain Hanjun Kim Henry Fisher Iskander Sharipov Jake Sylvestre Johan T. Halseth John C. Vernaleo Liran Sharir Mikael Lindlof Olaoluwa Osuntokun Oliver Gugger Rjected Steven Kreuzer Torkel Rogstad Tristyn Victor Lavaud Vinayak Borkar Wilmer Paulino Yaacov Akiba Slama ebiiim ipriver wakiyamap yyforyongyu