Voting is open for a new IC Release - 935b417

Hello there!

We are happy to announce that voting is now open for a new IC release.
The NNS proposal is here: IC NNS Proposal 106868.

Here is a summary of the changes since the last release:

  • [bf58b940f] Consensus: docs(consensus): Add explanation to priority change
  • [fe7f26f0d] Consensus: fix(consensus): Increase ingress message count limit
  • [3e02e9655] Crypto: docs(crypto): Threshold ECDSA and IDKG top level documentation
  • [20fa9e0ca] Crypto: perf(crypto) optimize IDkgProtocolCspVault::idkg_retain_active_keys
  • [7c9210aec] Crypto: perf(crypto): Use various strategies for BLS12-381 multi scalar multiply
  • [d27490fbf] Crypto: refactor(crypto): validate public keys before insertion in public key store
  • [0d925e2df] Execution: chore: do not error out when parsing the default BitcoinStateBits
  • [1ecec0b49] Execution: fix: add cleanup callback fee prepayment
  • [f9136d1cb] Financial Integrations/Message Routing: chore(icrc1): compress embedded archive canister Wasm
  • [8144a28b1] Financial Integrations/Message Routing: feat(): add basic rules for checking TLA+ specs
  • [6ae07b29c] Financial Integrations/Message Routing: feat(): make Approve amount signed
  • [d049d224f] Financial Integrations/Message Routing: fix(): decode ledger state unconditionally
  • [0d165ff1e] Financial Integrations/Message Routing: fix(ckbtc): update BTC costs for mainnet
  • [8f37c5bf1] Financial Integrations/Message Routing: chore: add warning to ckBTC dashboard
  • [e5a38e2c6] Message Routing: Display manifest version
  • [ec2e2daaf] Message Routing: Don’t create a zero height untracked CheckpointLayout in compute_manifest
  • [9cdb55643] Message Routing: No double panicking in StateLayout debug assert
  • [5c80ea7c8] Message Routing: feat: Bump current manifest version to STATE_SYNC_V2
  • [d91bfeac1] Message Routing: fix: Reintroduce import_canister_state
  • [44465f3ee] Message Routing: fix: Return an Err() instead of using expect()
  • [5453ebdf1] Message Routing: fix: fsync StateLayout at startup
  • [ee56f19fe] Networking/Node: Add script to mount a disk.img.
  • [81db98205] Networking/Node: Cargo build and consistency fixes.
  • [cda179842] Networking/Node: Use hard coded ARK PEM file AMD root of trust for verification.
  • [46fb651e5] Networking: Renaming ic monitoring canister → onchain observability for SELinux files
  • [789754d8f] Networking: [Monitoring Canister] Rename ic_monitoring_canister → onchain_observability
  • [0a5b83871] Networking: [Monitoring Canister] [2/N] Scrape Metrics Endpoint for Peer Metrics
  • [7b030592b] Networking: chore: Add a histogram metric for response body size
  • [422240b1e] Networking: chore: Don’t wrap the Threadpool of the validation_executor in Arc>
  • [81d4ba7d7] Networking: chore: mutate the recv_timeout in order to continue execution instead of having a feedback loop by sending elements
  • [78ee731d6] Networking: chore: rename the config fields to https_outcalls
  • [8885b2221] Networking: chore: update the ownership of rs/https_outcalls after the move
  • [565d40062] Networking: chore: use parking_lot::Mutex in p2p
  • [537b4d3f7] Networking: docs: Update file README.adoc
  • [7ba67ca19] Networking: docs: attach the ticket that is supposed the clean up the “Ready for interaction” log dependency
  • [5d5b7fc66] Networking: feat: Transport benchmark
  • [c7ebb574f] Networking: feat: abstract h2 over AsyncRead/AsyncWrite
  • [7cd15203c] Networking: fix: [FOLLOW] Stricter network message bounding in bitcoin adapter
  • [d74de1bf3] Networking: rename: subnet_query_workload → replica_query_workload to grasp the intent better
  • [f044ec4e3] Networking: rename: the client and service to https_outcalls prefix.
  • [51443d26e] Node: Cleanup handling of base image hashes in Bazel
  • [bef985c4c] Node: Fix baseimage auto building
  • [26bc8915d] Node: Stage changes from project root
  • [ab426de40] Node: Start to cleanup HostOS/SetupOS builds on CI
  • [994a5fcbc] Node: Update baseimage tags from repo root
  • [c37cba8bf] Node: Update icos readmes
  • [9ad5f9dd3] Orchestrator: docs(): Update Orchestrator Documentation
  • [7485ebebf] Orchestrator: feat(recovery): Download and count certification (shares) from all available nodes
  • [fba0943d9] Orchestrator: feat(recovery): Download certifications during NNS recovery
  • [1c2a5d4c1] Runtime: Bounds checks for stable memory
  • [b7abb4c9c] Runtime: Charge fixed and size costs for stable APIs
  • [e1bf03b34] Runtime: Charge for dirty stable memory pages
  • [ce3c2cfbf] Runtime: Dirty page counter for native stable writes
  • [1a3030c9b] Runtime: Expand stable structures benchmarks
  • [dbc8b3943] Runtime: Fix host memory limiting memory size for 64-bit memories
  • [a50f14114] Runtime: Implement Round Complexity
  • [31d748a37] Runtime: Implement query scheduler
  • [3664b267d] Runtime: Introduce complexity limit error
  • [e8241fdc9] Runtime: Stable btreemap benchmark
  • [8747d694e] Runtime: Unify execution of updates, heartbeats, and timers.
  • [6e3374bd6] Runtime: Upgrade wasmtime to version 4.0.0
  • [c4b89c012] Runtime: Write barrier cleanups
  • Various tech-debt management: code refactoring, docs, bug fixes, test updates
1 Like

Hi all!
We submitted proposal 107667 for a security update on top of 935b417d . The security update will be applied to all subnets and after that the changes from the security update will be shared publicly, in accordance with the Security Patch Policy and Procedure that was adopted in proposal 48792 .
The community will be able to retroactively verify the binaries that were rolled out. The instructions for doing this are in the proposal summary.

The repo mirroring has been re-enabled, and the verifiability of the above build is once again possible. Please let us know if you have issues with verifying the above security update.

1 Like