Hello there!
We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 135836.
Here is a summary of the changes since the last release:
Release Notes for release-2025-03-14_03-10-base (f6f5e0927d14886e4bd67f776ee889f31cec2364)
This release is based on changes since release-2025-03-06_03-10-base (de6e339b323f59fc07b18c23f37c3cd2aa8ceb55).
Please note that some commits may be excluded from this release if they’re not relevant, or not modifying the GuestOS image. Additionally, descriptions of some changes might have been slightly modified to fit the release notes format.
To see a full list of commits added since last release, compare the revisions on GitHub.
Features:
cc90e1de9
Consensus,Interface: Time out vetKD requests that take longer than one DKG interval (#4078)a171c4263
Crypto,Interface(crypto): improve vetKD API naming (#4354)e005586c6
Execution,Interface: Implement ReshareChainKey endpoint (#4177)ceee1f65c
Execution,Interface(fuzzing): Add new Wasm module generator for system API (#4275)62f408bed
Execution,Interface: New system API to retrieve liquid cycle balance of a canister (#4255)5ed9bb96f
Execution,Interface,Message Routing: Add CyclesUseCase::DroppedMessages variant (#4283)787ec33a0
Node: Remove firmware from GuestOS (#4371)f0c82237a
Node: Upgrade components to SEV-SNP compatible versions (#4320)
Bugfixes:
c494f861b
Execution,Interface: EXC: Fix metric overflow in tests (#4359)5f9b37f3e
Execution,Interface: Fix in-round DTS for memory copy (#4066)c94db9ef7
Execution,Interface: Limit compilation cache entries (#4312)6b9af1eb0
Interface(utils): Add invariants check for pop_lru (#4329)bcd271802
Interface,Message Routing: No warnings on XNet payload building (#4193)61f37f7d6
Node: Remove CPU microcode from GuestOS (#4306)50418d4f0
Node: Move StandardOutput+StandardError to correct section (#4304)07090259b
Node: extracting of sampling period for power measurements (#4266)
Chores:
d7549e90d
Consensus,Interface: Remove unnecessary certified_height argument (#4350)556620982
Consensus,Interface: Check block proposal version before integrity (#4345)d778e277d
Consensus,Interface: Fix typos in http_outcalls metrics.rs file (#4339)5bed068be
Execution,Interface: Revert “chore: Ignore wasmtime validation errors (#3338)” (#4328)bebd89a36
Execution,Interface: Move OnLowWasmMemoryHookStatus to management types (#4318)2b947f437
Execution,Interface(EXC): Remove outdated TODO (#4291)c5857e9d3
Execution,Interface: Add a metric observing the number of open signature request contexts (#4305)1c22acdd5
Execution,Interface: Bump wasmtime version (#4188)f6f5e0927
Interface: upgrade stable-structures (#4284)4d40e10c7
Interface(IDX): use correct .gz name for canisters (#4300)f53cd0ae0
Interface(ICP-Ledger): migrating protobuf query endpoints from dfn to cdk (#4299)972b38c05
Interface: upgrade axum to 0.8 (#4256)2e7d6c76a
Interface,Message Routing: Add TaskQueue to CanisterStateBits (#2254)cc7b6f155
Owners: Bump wasm tools (#4246)267655a59
Node: Update Base Image Refs [2025-03-13-2203] (#4372)1d7a1173c
Node: update ic-gateway dep & release (#4315)5e8587031
Node: address guestOS/hostOS FW findings (#4093)650602101
Node: Update Base Image Refs [2025-03-06-0807] (#4253)
Refactoring:
f024f61df
Consensus,Interface(consensus): remote transcript delivery (#4279)e8fa4c5ef
Execution,Interface: Move canister manager types in their own module (#4282)4b7c9fee3
Interface(nervous-system): Move canister interfaces into canister crate (#4351)
Tests:
Other changes:
Full list of changes (including the ones that are not relevant to GuestOS) can be found on GitHub.
IC-OS Verification
To build and verify the IC-OS disk image, run:
# From https://github.com/dfinity/ic#verifying-releases
sudo apt-get install -y curl && curl --proto '=https' --tlsv1.2 -sSLO https://raw.githubusercontent.com/dfinity/ic/f6f5e0927d14886e4bd67f776ee889f31cec2364/ci/tools/repro-check.sh && chmod +x repro-check.sh && ./repro-check.sh -c f6f5e0927d14886e4bd67f776ee889f31cec2364 --guestos
The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.
While not required for this NNS proposal, as we are only electing a new GuestOS version here, you have the option to verify the build reproducibility of the HostOS by passing --hostos
to the script above instead of --guestos
, or the SetupOS by passing --setupos
.