Skip to main content

Releases

25.4.3

  • Add support for DUSK network
  • Aborting transactions (directly or indirectly) will also cancel their ongoing signatures.
  • Add support for open-pubkey credentials, under the open-pubkey feature flag.
  • Add immutable subject field to User resource (SSO subject identifier), which is mapped from the old sso-user label.
us-docker.pkg.dev/cordialsys/containers/treasury:25.4.3

25.4.2

  • Add support for Band chain
  • Add support for Zeta chain (native cosmos transactions)
us-docker.pkg.dev/cordialsys/containers/treasury:25.4.2

25.4.1

  • Add support for simulating requests to see how rules evaluate.
    • Example: curl -H 'dry-run: user=conor' -X POST -d "{\"variant\":\"internal\"}" localhost:8777/v1/accounts/new_account
    • Example: treasury --dry-run "user=root" users create human joe
  • Include traces of policy evaluation in the error response when a request is rejected by policy.
  • Add support for Solana inclusive fee spending.
us-docker.pkg.dev/cordialsys/containers/treasury:25.4.1

25.3.4

  • Fix issue where fee-limit values were not initializing on chain resource
  • Guard against transactions using conflicting information from stale RPC nodes
  • Fix edge case where deny rule variant did not use "any/user as default for initiate field
us-docker.pkg.dev/cordialsys/containers/treasury:25.3.4

25.3.3

  • Support inclusive fee spending for transfers for select chains. This is helpful for sending the full balance of an address and minimizing dust.
    • bitcoin chains, evm chains, cosmos chains, APTOS, SUI
  • Add Akash chain (AKT)
  • Add Astar chain (ASTR)
  • Enforce user verification for webauthn credentials more strictly
us-docker.pkg.dev/cordialsys/containers/treasury:25.3.3

25.3.1

  • Add Filecoin support
  • Add FeeLimit configuration to Chain resource. This is a sanity limit to protect from fee griefing.
  • Update TAO staking ABI to be compatible with latest Bittensor changes
us-docker.pkg.dev/cordialsys/containers/treasury:25.3.1

25.2.7

  • Speed up signer operations (key-generation, signature generation) by >50%
    • Previously multi-node clusters would take ~3s to complete a signer resource, now it's an average of 1s.
  • Fix rare transient bug where a periodic backup fails
  • Fix edge case where TREASURY_API_KEY was not propogated correctly to connector API
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.7

25.2.6

  • Fix false-positive warning
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.6

25.2.5

  • Some quality of life improvements with treasury CLI
  • Fix pagination edge case reading Chain and AccessRule resources
  • Add Monad (MON) chain
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.5

25.2.4

  • Reduce idle memory consumption by >70% when there is a lot of data stored
  • Add SeiEVM chain, which is the EVM compatibility layer to SEI
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.4

25.2.3

  • Support empty initiator filter in require/deny rules
  • Fix issue where an empty initiator led to dropped quorom filter in transfer-rules
  • Add support for Bitcoin taproot addresses
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.3

25.2.2

  • Fix regression not pruning old operations
  • Add retention settings to Treasury resource
    • E.g. Set retention of operations to 8 hours: treasury treasuries retention --set-retention-completed-operations 8h
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.2

25.2.1

  • Update no longer makes large jump in height, so resyncing stale nodes after updating cluster is supported
    • Once both Treasury nodes and cord are updated, this improvement will be active.
  • All loggers should respect TREASURY_LOG_FORMAT=json if set.
  • Add XLM chain support
us-docker.pkg.dev/cordialsys/containers/treasury:25.2.1

25.1.3

  • Bug fix memory leak in cord backup service.
  • Bug fix failure in cord backup restore.
us-docker.pkg.dev/cordialsys/containers/treasury:25.1.3

25.1.2

  • Fix regression leading to inaccurate version reported in API endpoint.
us-docker.pkg.dev/cordialsys/containers/treasury:25.1.2

25.1.1

warning

All participants must update their cord binary to be at least 25.1.1 or later. Otherwise the update process will not be reliable. Latest cord binary may safely be used to supervise older versions of treasury.

  • Update cometbft + cosmos-sdk, update engine database backend

  • Add infinite_invites feature for demo scenarios to prevent invite credential expiration

  • Add custom/load operation create Keys from manually imported signer.db keys

  • Support creating an Address for a given Key

  • Add support for manually resharing key-shares using signer CLI

  • Addresses can be atomically added to Accounts by setting .account field

  • Feature disable_account_addresses_field to disable Account.addresses field

  • Creating Addresses now triggers an additional policy check against creating a Key resource

    • You may need to update your policy to permit users to create internal variant keys.
    create allow access-rule internal-key { action = "create", resource = { type = "Key", variant = "internal" }, initiate = "any/user" }

  • Fix flakiness issue in cord supervise leading to failed updates

  • Add .state to Signer resource to reflect if a signer node is recently active/online or not.

us-docker.pkg.dev/cordialsys/containers/treasury:25.1.1

24.6.3

  • Fix host network mode support for cord supervise
  • Support more_than, less_than fields in notional limits
us-docker.pkg.dev/cordialsys/containers/treasury:24.6.3

24.6.2

  • Change custom/cancel to custom/abort for Transaction and Transfer
  • Add dynamic blueprints
  • Implement piping to stdin of treasury script
us-docker.pkg.dev/cordialsys/containers/treasury:24.6.2

24.6.1

  • Simplified update mechanism of cord supervise which removes many failure states.
    • To take advantage of this, both cord and the container image must both be at least 24.6.1
  • Add cord supervise revert command, which will revert failed updates, allowing them to be retried.
warning

A changes made to cord supervise requires all participants to update. You must be sure that all nodes are updated.

us-docker.pkg.dev/cordialsys/containers/treasury:24.6.1

24.5.4

  • Introduce allowed/user constant, which makes rules with approvers agnostic of who initiated.
  • Add Enjin chain support.
us-docker.pkg.dev/cordialsys/containers/treasury:24.5.4

24.5.3

  • Add support for TAO staking
us-docker.pkg.dev/cordialsys/containers/treasury:24.5.3

24.5.2

  • Fix regression preventing webauthn credentials from registering
us-docker.pkg.dev/cordialsys/containers/treasury:24.5.2

24.5.1

  • Remove all legacy APIs
  • Add --no-default-blueprint and --extra-blueprint in treasury demo start
us-docker.pkg.dev/cordialsys/containers/treasury:24.5.1

24.4.10

  • Permit arrays in access-rule data filter
  • Treasury API can respond to ?output={ccl,csv,pdf} with full reports
  • Treasury API re-exports Oracle API movement endpoint
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.10

24.4.9

  • Add support for AWS secret manager
  • Fix spammy log in backup service
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.9

24.4.8

  • API keys can now create Treasury entries in the Admin API
  • Add rich support for encryption at rest.
  • Add persistent rotating event logs.
  • Fix race condition in first backup of periodic backup
  • Treasury will associate the treasury ID with automatic address subscriptions.
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.8

24.4.7

  • add /healthy endpoint
  • fix minor issue when using multiple backup keys
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.7

24.4.6

  • prevent approvers from getting 'informally' recorded when their approval is not allowed
  • stop deleting invite credentials immediately when there is a policy rejection
  • add support for exporting backups for multiple backup keys (bak)
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.6

24.4.5

  • updated connector to associate addresses on oracle API with treasury ID
  • fixed bug in signer backup recover-key overwriting the last encrypted share file.
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.5

24.4.4

Snapshot files (now "snapshot.tar" instead of "snapshot.zip") have had their format changed to be more usable and understandable. While snapping will work the same way, this release is not compatible with older snapshots.

  • refactored snapshot layout from cord backup snapshot
  • added cord genesis init-api to more easily create API nodes
  • added args --api-node --connector for cord supervise run to make it easier to run API nodes
  • add slack alert options for cord supervise run
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.4

24.4.3

  • fix bug with authorizing operations affected by transfer rules not getting persisted
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.3

24.4.2

  • Fix encoding issues with raw signing API
  • Migrate connector credential to keying
  • Include $TREASURY_HOME/keyring in snapshot & restore
  • Add approve and := operator to CSL

Connector should migrate on it's own, but in case it fails, you can manually run it with:

cord migrate connector-credential --home $TREASURY_HOME
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.2

24.4.1

Warning: Treasury must be in 24.2.x or later before you can safely upgrade to 24.4.y.

  • Simplify behavior of notional limits in transfer rules
  • Make transfer rules fully independent of any access-rules
  • CSL scripting improvements
us-docker.pkg.dev/cordialsys/containers/treasury:24.4.1

24.3.2

  • Add initial support for XRP
  • Bugfixes for cord; fix race condition gossiping triples
us-docker.pkg.dev/cordialsys/containers/treasury:24.3.2

24.3.1

Warning: Treasury must be in 24.2.x before you can safely upgrade to 24.3.y.

  • release cord backup suite of commands
  • remove legacy cosmwasm endpoints.
  • disable maintenance routines after an update is active
  • bug fix price in worker
  • use 'cancelled' instead of 'canceled'
us-docker.pkg.dev/cordialsys/containers/treasury:24.3.1

24.2.10

  • disable maintenance routines after an update is active
  • bug fix price in worker
  • use 'cancelled' instead of 'canceled'

24.2.9

  • minor improvements to cord genesis setup
  • add signer backup commands to help test backups

24.2.8

  • Fix connector event for subscribing to addresses quickly

24.2.7

  • Fix missing filter for /access-rules query endpoint

24.2.6

  • Fix bug where account was dropped on destination
  • add unprice custom action to remove prices

24.2.5

  • return operations, transfers, and transactions in descending order
  • complete notional limits for transfer rules
  • bugfix asset update/import missing price error

24.2.4

  • fix bug where operation gets stuck in creating state when generating addresses
  • make oracle_url configurable for connector

24.2.3

  • drop invalid references on Account resource

24.2.2

  • fix bug connector subscribing to oracle api with initial 0 subscription
  • bugfix case leading to invalid transfer rule
  • on update, drop resources with invalid blank ID

24.2.1

  • release initial support for native staking (solana, ethereum, and cosmos chains)
  • update policy engine to filter based on resource name(s) and state(s)
  • add connector API server to connector CLI

24.2.0

us-docker.pkg.dev/cordialsys/containers/treasury:24.2.0

Changes

  • Change Transaction resource name to not use parent

24.1.27

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.27

Changes

  • Add new chains:
    • Bittensor (TAO)
    • Polkadot (DOT)
    • Kusama (KSM)
    • Telegram Open Network (TON)
    • Berachain testnet (BERA)
  • Add feature to disable all legacy endpoints.
  • Websocket 'audit' events are now more consistent and reflect all changes.
  • Support filtering resources in access-rules based on data attributes.

24.1.26

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.26

Changes

  • automatically migrate key names in signer.sb
  • add some optimization to connector
  • no longer create transfer-rule as side effect of creating internal account
  • add blockbook client driver for bitcoin chains
  • remodel crosschain tx-info model
  • bugfix invalid fields on migrated resources
  • add cord genesis install-triples cmd
  • add treasury admin commands to manage organization permissions

24.1.23

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.23

Changes

  • automatically subscribe addresses in treasury to oracle API
  • fix rejection approval of registering credential
  • subscribe connector to event stream to make fast transaction + address updates
  • fix migration of legacy transfers to add placeholder for parent
  • add .network field to Treasury
  • fix regression in creating new users via legacy api
  • fix condition resulting in long startup time for engine

24.1.20

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.20

Changes

  • support solana token2022 SPL tokens
  • patch error migrating legacy feature structure

24.1.18

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.18

Changes

  • add missing CRUD in API server and treasury CLI
  • /activate and /disable for Feature and TransferRule
  • shared addresses (and corresponding shared keys)
  • add legacy migrate to help create new treasury.toml

24.1.16

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.16

Changes

  • add treasury CLI for importing external client-keys
  • fix bug querying transfers created by legacy endpoint
  • make metadata updates more consistent in legacy endpoints
  • fix issue where user variants in roles were not exported
  • update policy engine to reject useless approvers
  • bugfix addresses never generating on legacy endpoint

24.1.13

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.13

Changes

  • minor bugfixes for new connector process
  • add gas fee priority customization to Transfer and Chain resources
  • add transfer pause and unpause custom endpoints

24.1.12

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.12

Changes

  • new connector process, feature gated under new_connector
  • new chain abstraction to enable detection of conflictions between transaction inputs
  • fast dequeuing of queued transaction (or no use of queuing for some chains like Solana or Tron)
  • Safe retry mechanism (POST /transfers/:transfer/retry) that protects from double-sending
  • Bug fix normalization of Sui/Aptos contract values, Sui gas estimation optimization
  • Fix issue where operations could not be canceled if the resource already exists
  • support adding chain RPC overrides to treasury.toml file

24.1.11

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.11

Changes

  • add feature to auto-generate policy doc after api changes (maintain a legacy behavior)
  • fix small issues with generating legacy policy doc
  • permit creating 'custom' variant chains
  • setup various metrics for engine and signer

24.1.10

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.10

Changes

  • remove git-lfs dependency

24.1.9

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.9

Changes

  • frontend cleanup variable handling and state/clerk management
  • fix uniqueness issue with transction ID's
  • fix token transaction issue
  • fix delayed polling cycle on withdrawals

24.1.8

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.8

Changes

  • remove invite restriction where you couldn't register an invite to yourself
  • change transfer to return last-transaction as a name

24.1.7

us-docker.pkg.dev/cordialsys/containers/treasury:24.1.7