Skip to main content

Downloads

Cordial Systems hosts a download server for binaries and container images: https://dl.cordial.systems.

Binaries are available for in .tar.gz format with builds for:

  • x86 (Linux/amd64)
  • arm (Linux/arm64)
  • mac (macOS/arm64)

Container images are available in .tar format with builds for x86 and arm (Linux only).

Once you have downloaded a binary, install it with tar xzf <binary>.tar.gz -C <target-directory>.

Once you have downloaded a container image, load it with docker load -i <image>.tar.

Treasury CLI

Unauthenticated users can only download the Treasury CLI treasury.

Using install script:

curl -Sfs https://dl.cordial.systems/install | to=/usr/local/bin bash

If ~/.local/bin is already in your PATH, can leave out the to= and install only for your user.

Note that the CLI is called treasury, while the downloaded file is of the form treasury-cli-*.tar.gz.

This is to avoid confusion with the treasury container image (file treasury-node-*.tar), and other downloads such as treasury-api and treasury-demo.

Authentication

All downloads except Treasury CLI require authentication. You need either a Cordial User Account that is a member of at least one Cordial Organization Account, or an API key to a specific organization account.

Download permissions are set by Cordial Systems on an organization level, and can be "basic" or "full" access. To set such a permission, reach out to support@cordialsystems.com.

Once you have downloaded and installed treasury CLI, you can obtain an access token (valid for one day) and follow the Downloads for Humans via Terminal approach below:

access_token=$(treasury token create | tail -1)

Alternatively, use the install script again, as per the next section.

Other Binaries

Assuming treasury is installed, and you have sufficient access, set binary to one of the available binary downloads below, and:

curl -Sfs https://dl.cordial.systems/install | binary=${binary} bash

The install script also understands version, which can by latest (default, latest release), preview (latest preview release), or a specific version (e.g. 24.4.9):

curl -Sfs https://dl.cordial.systems/install | binary=connector version=preview bash

Available Downloads

Binaries

  • connector
  • cord
  • engine
  • signer
  • treasury-api
  • treasury-cli (containing treasury)

Images

  • treasury-node (production image)
  • treasury-demo (demo image for testnet)

URL Structure

Latest

The download URL for the latest version of a binary or image is:

  • https://dl.cordial.systems/${build}/${binary-or-image}

For instance:

  • latest mac Treasury CLI has path /mac/treasury-cli
  • latest x86 demo image has path /x86/treasury-demo

These redirect to the canonical download URLs for a specific version:

  • binaries: https://dl.cordial.systems/bin/${version}/${binary}-${version}-${os}-${platform}.tar.gz
  • images: https://dl.cordial.systems/img/${version}/${image}-${version}-${platform}.tar

Here, ${os} is linux or macos, and ${platform}$ is amd64 or arm64.

These longform URLs determine the names of the files retrieved with redirect URLs (via Content-Disposition header).

Other versions

For convenience, there are also redirects for the latest, preview, and specific version releases:

  • https://dl.cordial.systems/${version-or-tag}/${build}/${binary-or-image}

For instance:

  • preview x86 cord CLI has path /preview/x86/cord
  • version 24.4.1 arm production image has path /24.4.1/arm/treasury-node

Downloads for Humans

via Browser

You can download latest versions by visiting the download server, ensuring you are logged in by pressing "login" if necessary.

info

Note that macOS will "taint" such downloads and not allow you to run binaries downloaded in this way.

via Terminal

build=...
access_token=$(treasury token create | tail -1)
curl -JLOf -H "Authorization: Bearer ${access_token}" https://dl.cordial.systems/${build}/treasury-cli

Downloads for Machines

Prefer to use the above access token approach for non-programmatic use cases, instead of creating an API key.

build=...
api_key=...
curl -JLOf -u ${api_key} https://dl.cordial.systems/${build}/treasury-cli

Versions

Treasury software releases are versioned as YY.F.P, where:

  • YY denotes the year of the release (e.g. 24 was released in 2024)
  • F (1, 2,... ) denotes the features release within the year, and
  • P (1, 2,... ) denotes the patch release

If either YY or F increment, this is a feature release, if P increments, this is a new patch release.

Preview versions are versioned as YY.F.P-pre.C, where C counts the number of commits on top of the previous non-preview release. In order to follow semantic versioning, the P component of a preview version is the P component of the previous non-preview release plus one.

To retrieve the latest release version:

curl https://dl.cordial.systems/latest

To retrieve the latest preview version:

curl https://dl.cordial.systems/preview

Verification

Verifying Key

All binary and image downloads are signed with the following P256 key:

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAmz48XmSfB8sn6h03RoERbdplk9K
fZj0k94OzoqMxwOaT8AvL/iZ7kumiH+IkO7X+ekl4lbbhhaSwkKZHR8wPA==
-----END PUBLIC KEY-----

It can be retrieved programmatically via curl https://dl.cordial.systems/dl.pub, but to remove trust in our download server, you should store this signature verification key out of band.

Signature Retrieval

To download a signature, append /sig to the URL you used for the download you wish to verify (no authentication needed).

Examples (follow redirects on redirect URLs with -L):

  • curl -L https://dl.cordial.systems/macos/treasury-cli/sig
  • curl -L https://dl.cordial.systems/preview/x86/treasury-node/sig
  • curl -L https://dl.cordial.systems/24.4.2/arm/connector/sig
  • curl https://dl.cordial.systems/img/24.4.2/treasury-node-24.4.2-amd64.tar/sig

Signature Verification

cosign verify-blob --key dl.pub --signature ${download}.sig ${download}