Release Notes for new replica version 04fe

Dear IC Community,

we are happy to announce a new replica version that will get proposed to be elected within the next 8 hours.
Sorry for the late notice. We ran into some discussions with teams late on Friday due to the huge number of changes in this RC that blocked us from posting the commit hash earlier. In the future we will post the release notes on Friday and adapt it to whatever commit hash is ready on Monday.

The release notes are as follows:

* Consensus: iDKG complaint handling
* Crypto: Extend load_transcript to handle complaints in IDKM+CSP
* Crypto: Implement Threshold ECDSA complaints
* Crypto: Include additional associated data in the complaint proof
* Crypto: Minor cleanup of canister threshold sig test utils
* Crypto: Remove two asserts from the tECDSA code
* Crypto: adding accessors to public keys of canister threshold sigs
* Execution: Check invariants of the shared memory
* Execution: Ensure that Wasm cache doesn't keep the sandbox service alive
* Execution: Fix backtrace compilation warnings
* Execution: Fix logs inconsistency
* Execution: Make Cycles balance of a canister private
* Execution: Move the Bitcoin canister into the `ic` repo
* Execution: Opened Wasm and memory objects refer to `SandboxProcess`
* Execution: Remove comment shipshape
* Execution: Save the newly created memory in `create_execution_state`
* Execution: Terminate inactive sandbox processes
* Execution: Validate inter-canister responses
* Message Routing: Add ingress history byte size metric
* Message Routing: Wrap messages in streams into `Arc`
* Networking: Enable scalability/cleanup-reports again with the test fix
* Networking: Instead of event loop let's just use an async mutex when accessing the Adapter class
* Networking: Introduce event loop into the adapter class that processes different requests
* Networking: Remove duplicate types
* Networking: Remove the P2PEventHandlerControl abstraction
* Networking: Remove the async_safe_block_on_await function
* Networking: Rename HttpSubmitContent to HttpCallContent to be consistent with the HTTPs entry point and other types
* Networking: Use a threadpool with one worker thread instead of even loop for processing adverts
* Networking: Merge all the peer channels per flow into single one so we don't do async select
* Node: Add unwind, selinux libs as dependencies for building
* Node: Fix tag for guestos dev base image
* Node: Report terminating signal of sandbox process
* Node: Store flamegraphs in /var/lib/ic/data
* Node: Use separate dev + prod baseline for guest OS
* Node: Wait until http handler is idle before starting iteration
* Node: backtrace from canister sandbox on crash
* Node: synchronize access to config partition
* Orchestrator: Add removed fields back to BlessReplicaVersionPayload
* Various bugfixes and test updates

This RC is disabling sandboxing for all subnets. We got sufficient signals from the previous attempt to enable the canister sandboxing on all subnets and our development team is actively working on resolving the observed performance issues. We plan to enable canister sandboxing on all subnets as soon as the development team is confident that all known performance issues have been resolved.
We expect that we can rollout sandboxing to all subnets during the next few weeks in one of the upcoming releases.


Rollout started late but went well. NNS is following on Monday.
The teams were super productive. The next long change log is ready for next week.

1 Like