Voting is open for a new IC release - 0b2ce07

Hello there!

we are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 70375.

There are lots of exciting new features and bugfixes. Here is a more complete list of changes:

* Consensus: Include ecdsa payload in blocks when a replica upgrade is pending
* Consensus: Make genesis CUP with ECDSA summary if it is enabled
* Consensus: Move HTTP feature flag checking into pool manager
* Consensus: Start using ECDSA key transcript immediately
* Crypto: Add a wrapper type for the pairing curve BLS12_381 and use it for multi_sig and threshold_sig
* Crypto: Add metrics for keys in the SKS/registry
* Crypto: Remove the unused Crypto CLI
* Crypto: Update rand dependency family in several crates
* Crypto: Replace Randomness with Seed in crypto code wherever Zeroization is needed
* Execution: Use a single routing counter for all ic00 requests
* Financial Integrations: implement Cell stable structure
* Financial Integrations: implement Log stable structure
* Financial Integrations: query_blocks: fix archived range computation
* Financial Integrations: stable-structures: impl Default for Ic0 stable memory
* Message Routing: Metric for number of checkpoints on disk
* Message Routing: New time argument for apply_changes.
* Networking: Canister HTTP suite switch to internal HTTPS service.
* Networking: Improve readability on the control_plane mod
* Networking: Limit transformed response
* Networking: Make stop_connections infallible
* Networking: Merge init_client_socket and connect_to_server
* Networking: Remove http_basic from hourly; move http_fault_tolerance to staging
* Networking: Remove the FlowId type
* Networking: Require bitcoin adapter request timeout
* Networking: Restrict destination ports in adapter
* Networking: Robust node restoration inspection.
* Networking: Small refactoring in the control plane
* Networking: Update /etc/ssl/certs and ca-certificates.crt.
* Networking: Use a single metric with two labels for the tls handshake results in Transport
* Node: Ensure 'monitor-guestos.service' is started after 'guestos.service'
* Node: Fix notifications to HostOS
* Node: Fix races on slow(er) machines
* Node: Host- and SetupOS improvements
* Node: Improve 'config.ini' input handling
* Node: Parallel restorecon and separate service
* Node: Re-enable `host-os-upgrade-test`
* Node: Tag ipmi device and add dependency
* Node: Try building dev layer on top of prod
* Node: Update agents to unify dependencies
* Node: Upload Boundary Node SNP image to S3
* Node: Wait later in boot seq to check network
* Node: online expansion of ic data storage
* Orchestrator: Move ImageUpgrader into a separate crate
* Orchestrator: Simplify the NNS subnet recovery without failover nodes
* Runtime/Node: Use multithreading module's Pool for parallelizing install calls
* Runtime: Add a `RoundLimit` parameter to execution functions
* Runtime: Add compilation benchmarks
* Runtime: Extract `SubnetAvailableMemory` out of `ExecutionParameters`
* Runtime: Fix false routing error log
* Runtime: Fix workload generator canister arg
* Runtime: Make `SubnetAvailableMemory` a plain counter
* Runtime: More simplifications in call and response execution
* Runtime: Unify handling of`SubnetAvailableMemory` with other counters
* Runtime: Use `RoundContext` in install/upgrade execution
* Runtime: Use cache when creating execution state
* Runtime: Use compilation cache for execution
* Various tech-debt management: code refactoring, docs, bug fixes, test updates

And a complete list of changes can of course be found on GitHub.
Please reply to this message if you have any questions or comments.

1 Like

Hi everyone,
There is a proposal out to elect a new IC replica release. The only change with respect to the current release is to move the Crypto Service Provider of the replica into a dedicated process to better isolate the use of cryptographic keys and increase the security of the replicas. To make sure this change does not affect the availability of the IC or introduce any regressions, the plan would be to roll this out slowly to the subnets of IC and thus it could take a few release cycles.

The proposal can found here.
Please do reach out if you have any questions about it.

All the best,

1 Like