Hello there!
We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 134900.
Here is a summary of the changes since the last release:
Release Notes for release-2025-01-16_16-18-base (233c1ee2ef68c1c8800b8151b2b9f38e17b8440a)
This release is based on changes since release-2025-01-09_03-19-base (aa705aaa621c2e0d4f146f3a1de801edcb0fa0d5).
Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.
To see a full list of commits added since last release, compare the revisions on GitHub.
Features:
572afbcdbCrypto,Interface,Node(node): add fstrim datadir observability (#3322)c4739e9adExecution,Interface: Use Wasmtime deserialize_open_file. (#3412)760e1f764Execution,Interface,Message Routing: Implement MutableIntMap (#3303)c16efb073Interface: Limit cache disk space (#3366)fb3fc37aeOwners(icrc-ledger-types): Add default encoding and decoding of a Principal in a Subaccount. (#3459)19e3c685aNode: Add log-config service to GuestOS (#3389)
Bugfixes:
80c6776c1Consensus,Interface: Consider all fields in is_empty and count_bytes implementation for BatchPayload (#3471)cf2f2cc97Consensus,Interface: Make the consensus manager API resemble a classic channel interface (#3233)57047d6d8Execution,Interface: Low Wasm memory hook will run once the canister’s unfrozen if it was scheduled before freezing (#3455)38a497106Execution,Interface: Ignore empty data segment pages (#3435)4e0a28df6Execution,Interface: Account instructions for bytes accessed and dirty pages on system subnets (#3396)f9f2491d3Interface,Message Routing: mocked xnet in PocketIC (#3376)233c1ee2eNode: deployments when no ipv4 or domain name provided (#3477)
Performance improvements:
Chores:
5cce4f5cbConsensus,Interface: Split the user ingress artifacts and the artifacts coming from P2P (#3419)4a7957ba6Consensus,Interface: Log HTTP request body on signature verification failure (#3239)8054acfacExecution,Interface: upgrade wasmtime to v.28 (#3330)111bac358Interface,Message Routing: state-tool copy commands (#3440)dce918ac8Owners(IDX): bump rules_rust (#3449)1f1d8dd8cNode: Update Base Image Refs [2025-01-16-0807] (#3466)85af5fc7bNode: Update Base Image Refs [2025-01-16-0145] (#3463)145aff3e5Node(nftables): update IPv6 prefix list in the HostOS firewall (#3414)6704c1438Node: Update Base Image Refs [2025-01-09-0807] (#3374)ba5e99bf1Node(IDX): don’t cache ic-os images (#3256)
Refactoring:
f491f848cConsensus,Interface(consensus): simplify IngressPayload implementation (#3444)86357ae40Execution,Interface,Message Routing: Use test_strategy over proptest macro in replicated state tests (#3462)6da5c715eInterface: move serve_journal into upgrade_journal.rs (#3393)
Tests:
df2145592Consensus,Interface(consensus): move the IngressPayload serialization/deserialization unit test from test_utilities/types/ to rs/types/types (#3384)6b7b92b24Interface(ICRC_Ledger): Verify ICRC ledger and archive block equality (#3404)d6bb598cfInterface(ICRC_Ledger): canbench benchmarks for icrc2_approve, icrc2_transfer_from and icrc3_get_blocks (#3400)
Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.
IC-OS Verification
To build and verify the IC-OS disk image, run:
# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/233c1ee2ef68c1c8800b8151b2b9f38e17b8440a/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c 233c1ee2ef68c1c8800b8151b2b9f38e17b8440a --guestos
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos to the script above instead of --guestos, or the SetupOS by passing --setupos.