Voting is open for a new IC release - 97df774

Hello there!

we are happy to announce that voting is now open for a new IC release .
The NNS proposal is here: IC NNS Proposal 123474 .

Here is a summary of the changes since the last release:

  • [7daffc64b] Consensus: Canister Http Bytes Migration
  • [0d576a33f] Consensus: chore: Clean up old ECDSA backward compatibility patching
  • [ba5e8d712] Consensus: chore: Combine signature and version check during validation
  • [e0b0a6a56] Consensus: feat: Don’t relay consensus and certification shares
  • [73b44d975] Consensus: feat(orchestrator): Add a metric counting failed upgrade checks
  • [8cc9ee8bc] Consensus: fix(orchestrator): Do not terminate with reboot
  • [4a14e74e9] Crypto: feat: Return error instead of panicking in load_threshold_signing_key_internal
  • [467212797] Crypto: feat: add initial vetKD utils package
  • [960e9e289] Crypto: fix: limit number of paths and labels for read state requests
  • [f9d96724a] Crypto: perf: use mul2 in naive multi-exponentiation in BLS12_381
  • [7f516a3b0] Message Routing: Don’t increment critical error counter in message routing for registry not available yet error
  • [b852fccdb] Networking: feat: Improve state sync manager metrics
  • [9946c6b2e] Networking: feat: Support uni streams in quic transport
  • [fbfd2bc59] Networking: fix: Allow state sync manager chunk timeouts
  • [c61d65528] Networking: increased bitcoin adapter default timeout to 50 ms
  • [fd6ebce74] Node: Update IC join notification message
  • [b82cbb6b3] Node: Update setupOS error message to direct to matrix channel
  • [97df774f8] Node: Fix bug preventing config partition from populating
  • [100d13b91] Runtime: Adjust the error message for allocation errors
  • [46caa0f3b] Runtime: Check freezing threshold on memory grow
  • [90d474002] Runtime: Check the freezing threshold in install code
  • [276d9d785] Runtime: Check the freezing threshold on a change of canister allocation
  • Various tech-debt management: code refactoring, docs, bug fixes, test updates

IC-OS Verification

To build and verify the IC-OS disk image, run:

# From
# This process requires an x86-64 based machine, Ubuntu 20.04 or a newer version of the OS, Git, and Podman.
git clone
cd ic
git fetch origin
git checkout 97df774f8cb88ca1a00e26dc3daa19735ad3599a
if ./gitlab-ci/container/ -i ; then
    curl -LO
    shasum -a 256 artifacts/icos/guestos/update-img.tar.gz update-img.tar.gz
    echo "IC-OS build failed. Verification unsuccessful." >&2

The two SHA256 sums printed above from a) the downloaded CDN image and b) the locally built image, must be identical, and must match the SHA256 from the payload of the NNS proposal.

1 Like

While trying to verify this build I’ve experienced a weird issue: the build process doesn’t complete successfully but the hashes still match, so far I’m the only one who has run into this and other reviewers managed to verify the build as usual so it might be related to my specific setup, which is an Ubuntu 22.04 based VM used exclusively for this purpose, it is a clean install with only podman added as a dependency.
I’ve verified again last week’s build to make sure the error isn’t caused by something being screwed up in my environment and I’ve managed to build it successfully.

Going through the logs I’ve found 2 errors:

Here you can find the full dump: sudo podman run --pids-limit=-1 -it --rm --privileged --network=host --cgroupns= -


Thanks, Zane.

I was able to reproduce the build with my existing infrastructure Ubuntu 20.04 & voted to approve.

But definitely you should be able to build on Ubuntu 22.04 with a clean install, i think.

1 Like

Reviewers for the CodeGov project have completed our review of this replica update and our findings from the reviews can be viewed in this post for proposal 123474 in the CodeGov portal on DSCVR. The CodeGov neuron 2649066124191664356 has voted to ADOPT proposal 123474.

At the time of this comment on the forum, there are still 2 days left in the voting period. We encourage NNS voters to review the replica update proposal and vote manually. Of course, you always have the choice to follow another person or another organization who is voting independently. At this time, I am aware of (neuron ID 2649066124191664356) and Taggr Network (neuron ID 16737374299031693047) who are performing this work, both of which are registered known neurons. You can learn more about the CodeGov project at and you can learn more about Taggr Network in the NNS-GOV realm on

NOTE: The CodeGov project would like to find additional reviewers to help with this work. Since there is a 0.5 - 2 hour time commitment on the weekend for each proposal and our reviews require technical skills, we offer a bounty for every review that you perform that is competitive with typical developer contract work. You are not required to review every proposal, but we encourage as much participation as your time allows. Anyone who has the technical skill to perform the IC-OS verification and who is willing to perform a sanity check on the Release Notes is welcome to be a reviewer. If you are interested, then please Apply at The current bounty for this work can always be found in this post in the CodeGov portal.


@Zane this could have been a temporary network issue. Is it possible to try it again?

Any thoughts on this one ?

Thank you.

+ BASE_IMAGE=dfinity/ic-build-bazel@sha256:1978886cfda51b09057bffd60f2e5edb588c6c0b74de87696cd4e964335dba87
+ docker build --iidfile /tmp/build-image-EOQFpkFVSeSu/iidfile -
Resolving "dfinity/ic-build-bazel" using unqualified-search registries (/etc/containers/registries.conf)
Trying to pull
Trying to pull
Error: error creating build container: 2 errors occurred while pulling:
 * parsing image configuration: Get "": remote error: tls: handshake failure
 * initializing source docker:// reading manifest sha256:1978886cfda51b09057bffd60f2e5edb588c6c0b74de87696cd4e964335dba87 in unauthorized: access to the requested resource is not authorized

@ZackDS this looks like the same temporary networking issue (at Docker Hub).

Strange issue from different parts of the world at different times but anyways. 3rd time’s the charm.

Edit : baremetal not vm/wsl2 and wired connection.

1 Like

Thanks @ZackDS, great to see it working. Networking issues are indeed strange and tough at times.

Just tried, the build fails with the same errors.

1 Like