CHANGELOG.md

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

2.5.31 - 2019-12-19

Fixed

• Handle disconnect packets (#3354)

2.5.30 - 2019-12-09

Fixed

• Stricter p2p msg check + ip blocking (#3331)
• Purge ipLastError every hour (#3331)

2.5.28 - 2019-11-05

Fixed

• Stricter WS/SC events/messages handling (#3208)
• Handle unwanted control frames (#3208)

Changed

• Prepare for upcoming 2.6 release (#3208)

2.5.26 - 2019-10-07

Changed

• Integrate hapi-pagination to replace fork (#3030)

2.5.25 - 2019-09-19

Fixed

• Terminate connection when not authorized (#2945)

2.5.24 - 2019-09-04

Fixed

• Cast params in webhook condition checks (#2887)
• Drop connections with malformed messages (#2907)
• Terminate blocked client connections (#2907)
• Use anyOf for transactions schema (#2894)
• Use compression on the p2p level (#2886)

2.5.17 - 2019-08-06

Fixed

• Differentiate between wallets and delegates (#2854)
• Clone webhook before mutating it (#2863)
• Delete existing db (#2864)

2.5.14 - 2019-07-30

Fixed

• Add content-type header for all requests (#2840)
• Return data directly if cache is disabled in core-api (#2831)
• Internal server error caused by invalid orderBy field in core-api (#2847)
• Peer discovery limit (#2850)

Changed

• Lookup delegates by key to improve performance (#2837)
• Add ntp and google servers for ntpd to docker image (#2823)
• Improve performance of transactions endpoint in core-p2p (#2848)

2.5.7 - 2019-07-16

Fixed

• Accepted versions (#2802)
• Fix the genesis block id during verification of snapshots (#2809)
• Average fee and wallet transaction retrieval in @arkecosystem/core-exchange-json-rpc (1.0.3)

Changed

• Export dist/index.js for cjs and umd in @arkecosystem/crypto (#2807)
• Update dependencies to their latest versions (#2808)
• Lookup wallets by keys for improved performance (#2810)

2.5.1 - 2019-07-11

Fixed

• SSL functionality of core-api (#2800)

2.5.0 - 2019-07-11

Added

• Allow retrieval of raw blocks and transactions via API (#2616)
• Search transactions by asset via API (#2618)
• Allow easy retrieval of first and last block (#2641)
• Make it configurable whether to use estimates for core-api (#2772)

Fixed

• Impose the same rate limit as the public API (#2717)
• Add option to configure request timeouts for webhooks(#2710)
• Use CORE_API_DISABLED variable in defaults (#2711)
• Always attempt to download blocks after start (#2746)
• Possible database corruption when writing and deleting blocks (#2707)
• Forget peer when socket is disconnected (#2720)
• Off-by-one error when fetching blocks from peer (#2733)
• Check for user confirmation in snapshot commands (#2734)
• Grant access if the whitelist is empty (#2748)
• Do not purge transactions when a block is not accepted (#2751)
• Previous round order calculation (#2754)
• Revert accepted blocks when saveBlocks fails (#2761)
• Do not restore genesis block with wrong id (#2759)
• Dvoid iterating on non-iterable peerBlocks (#2763)
• Correct estimate if less than limit rows (#2764)
• Try harder to return the requested number of transactions (#2765)
• Reject future and expired transaction timestamps (#2757)
• Delete last block if deserialization fails (#2770)
• Raise bignumber maximum (#2777)
• Allow future timestamps up to 3600 + blocktime seconds (#2787)
• Handle null url and malformed JSON payloads (#2797)

Changed

• BREAKING: Treat and return BigInt values as strings (affects core-api) (#2739)
• Download serialized blocks to improve performance (#2743)
• Better peer block header check to improve performance (#2719)
• Exit on unexpected database errors (#2744, [#2755])
• Block peers when the rate limit is exceeded (#2745)
• Delay peer discovery until after state initialization is done (#2727)
• Improved P2P rate limiting (#2729)
• Only fetch block headers when verifying peers (#2728)
• Only look for new peers when below minimum peers (#2714)
• Always keep the Wallet API enabled (#2715)
• Respect the whitelist of the public API (#2718)
• Add foreign key on transactions block id (#2671)
• Remove the id column from rounds (#2723)
• Discover new peers sooner (#2771)
• Enforce chained blocks at database level (#2753)
• Increase timeout, check time left in slot (#2788)
• Refresh peer ports (#2784)
• Remove blockSender (#2756)

Removed

• Removed the ark-node legacy API known as v1 (#2577)

2.4.15 - 2019-07-09

• Backport various bug fixes from 2.5 (#2782)

2.4.14 - 2019-07-02

Fixed

• Try harder to return the requested number of transactions (#2766)

2.4.13 - 2019-06-26

Changed

• Do not purge transactions when a block is not accepted (#2751)

2.4.12 - 2019-06-14

Changed

• Cache genesis transaction ids for improved performance (#2699)

Fixed

• Take milestones into account when downloading blocks in parallel (#2700)

2.4.1 - 2019-06-13

Fixed

• Use SQL to calculate fee statistics (#2692)
• Increase rate limit to handle bigger networks (#2482)

2.4.0 - 2019-06-12

All changes listed in this section are things that either alter how certain data in core is treated and processed or changes to the public API of a package.

As we move towards 2.6 and the completion of AIP11, AIP18 and AIP29 there will be various breaking changes. The main concern of most developers will be breaking changes to @arkecosystem/crypto so go through the commits listed below and make sure you adjust everything in your application that is affected by a change.

Exchange JSON-RPC

The JSON-RPC we offer, formerly known as @arkecosystem/core-json-rpc, has received a rework to turn it into a real RPC that is easier to use and maintain.

Programmatic

The biggest change is that it now offers programmatic use to make integration into ARK Core easier while simultaneously allowing it to run as a standalone application detached from a relay.

Standalone https://github.com/ArkEcosystem/exchange-json-rpc

ARK Core Plugin https://github.com/ArkEcosystem/core/tree/develop/packages/core-exchange-json-rpc

The @arkecosystem/core-json-rpc plugin has been deprecated and replaced by @arkecosystem/core-exchange-json-rpc because of different those 2 plugins work under the hood and their dependencies.

Peers

A few smaller improvements to how peers and faulty responses are being handled have also been made which should smoothen the experience without having to manually retry requests.

Database

The Exchange JSON-RPC uses SQLite under the hood to store all data. In previous versions it was using https://github.com/mapbox/node-sqlite3 which was known to cause random build issues for ARK Core and sometimes needed a dozen retries before it finally compiled.

That dependency has been replaced with https://github.com/JoshuaWise/better-sqlite3 which is the same that ARK Core uses for its transaction pool. It provides better performance, receives updates and fixes when needed and build errors are a thing of the past.

Migration

If you've been using the JSON-RPC in the past together with ARK Core the migration to the Exchange JSON-RPC is as simple as following the steps at https://docs.ark.io/releases/v2.4/migrating_2.3_2.4.html#step-5-update-core-json-rpc-to-core-exchange-json-rpc.

Disclaimer

1. The Exchange JSON-RPC is only maintained for exchanges, as the name suggests. We do not offer any support or guidance unless you are an Exchange in which case you most likely will already be in touch with us.
2. Do not use the Exchange JSON-RPC unless you are forced too and have no other options. The Public API provides much greater capabilities of searching and filtering data.

Added

• Implement in @arkecosystem/core-state to manage the state of in-memory data (#2479)
• Implement a blockchain replay command (#2526)
• Save blocks in batches during sync (#2500)
• Implement v2/node/fees endpoint (#2393)
• Allow setting a vendor field for transactions created via @arkecosystem/core-json-rpc (#2425)
• Limit the number of accepted peers per subnet (#2507)
• BREAKING: Implement WebSockets with SocketCluster (#2273)
• Parallel block download (#2433)
• In-memory storage for last N blocks and transactions (#2492)
• BREAKING: Switch transaction expiration from seconds to chain height (#2461)
• Require the user to choose a snapshot if the blocks flag is missing in @arkecosystem/core commands (#2522)
• BREAKING: Implement Block.fromHex, Block.fromBytes and Block.fromData methods in @arkecosystem/crypto (#2377)
• BREAKING: Implement BlockFactory in @arkecosystem/crypto (#2429)
• BREAKING: Implement TransactionFactory in @arkecosystem/crypto (#2437)
• Integrate end-to-end tests (#2468)
• Initial Implementation of core-wallet-api (#2544)
• Accept block height to list block transactions in core-api (#2567)
• Functional test matchers for core-jest-matchers (#2562)
• Don't trust headers and verify config and plugin connectivity of peers (#2559, #2553, #2552)
• Proxy API calls to core-api until fully developed (#2558)
• Add database configuration command to CLI (#2557, #2563)
• Add command to generate network configuration CLI (#2582)
• Initial implementation of core-explorer (#2604)

Fixed

• Insert the genesis block as soon as the database is ready (#2376)
• BREAKING: Purge invalid transactions after a milestone change (#2499)
• Use public API to auto-configure @arkecosystem/core-tester-cli (#2517)
• Parse only the last line of pm2 stdout to avoid parsing faulty input (#2484)
• Delete bad rounds after unclean shutdown (#2581)
• Divide blocks into smaller chunks for batch processing (#2586)
• Remove forged transactions from pool before discarding block (#2555)
• BREAKING: Make transaction amount required (#2574)
• Various sync issues with devnet and mainnet (#2565)
• Do not suspend peer for AppNotReady (#2590)
• Allow use of old and new block IDs via core-json-rpc (#2593)
• Assign calculated delegate ranks from temp wallets to prevent wrong ranks on boot (#2611)
• Camelize block keys before bignum transformation for snapshots (#2615)
• Deserialize transactions before they leave the pool to remove bad ones (#2622)
• Require all properties in schema and handle 404 resources for core-webhooks (#2634)
• Check if transactions can still be applied before forging (#2635)
• Off by one error in transaction confirmations via API (#2645)
• Set the correct channel if core was directly installed with @next (#2646)
• Invalid orderBy causes Internal Server Error via API ([#2653)
• Avoid trying to INSERT duplicates in rounds via core-snapshots (#2651)
• Handle failing optional plugins gracefully (#2657)
• Correctly purge invalid transactions from disk on start (#2665)
• Don't append duplicate rounds rows to a snapshot (#2662)
• Use temporary wallets for transaction validation (#2666)
• Correctly display second signature if available via core-api (#2670)
• Missing block confirmations on v2 API endpoints (#2674)
• Delay transaction purge on start until after StateBuilder finished (#2685)
• Check claimed state of peer (#2686)
• Ignore overheight blocks and keep forging (#2687)

Changed

• BREAKING: Always use crypto identities to work with keys and addresses (#2443)
• BREAKING: Enforce BigNumber for satoshi based values (#2391)
• BREAKING: Move in-memory wallet logic to core-state (#2489)
• BREAKING: Replace bignumify with Utils.BigNumber.make (#2416)
• Replace Joi with AJV for internal validation (#2426)
• BREAKING: Bind plugin options before registering the plugin (#2375)
• BREAKING: Extend the node.js event emitter (#2440)
• BREAKING: Move the wallet interfaces to @arkecosystem/core-state (#2515)
• Remove height difference ban for peers (#2360)
• BREAKING: Simplify the transaction pool by not using insertion order (#2495)
• BREAKING: Drop no longer needed pagination from @arkecosystem/core-webhooks (#2424)
• BREAKING: Extract transaction signing and utils out of the model in @arkecosystem/crypto (#2514)
• BREAKING: Extract transaction verification out of the model in @arkecosystem/crypto (#2506)
• BREAKING: Make all Slots.* methods static in @arkecosystem/crypto (#2473)
• BREAKING: Move interfaces, types and models in @arkecosystem/crypto (#2379)
• Move mainnet exceptions to config in @arkecosystem/crypto (#2529)
• BREAKING: Remove extraneous Client class in @arkecosystem/crypto (#2417)
• BREAKING: Split the Crypto class into Hash and Transaction in @arkecosystem/crypto (#2444)
• Invalidate blocks with expired transactions (#2528)
• Transaction type agnostic wallet bootstrap to support AIP29 (#2539)
• Return all schema errors in hapi-ajv (#2571)
• Remove timeout banning (#2597)
• Use dayjs as it now has official UTC support (#2592)
• Require a minimum of 0 as pubKeyHash (#2628)
• BREAKING: Replaced @arkecosystem/core-json-rpc with @arkecosystem/core-exchange-json-rpc (Use @arkecosystem/core-exchange-json-rpc programmatically) (#2643)
• Expire transactions that don't have an expiration (#2672)

Removed

• BREAKING: Remove unused methods to get/set/reset height from Slots (#2467)
• Remove peer caching (#2606)
• Remove peer banning (#2612)
• Remove coldstart period (#2619)
• Remove whitelist access log (#2655)

2.3.23 - 2019-05-21

Fixed

• Allow the use of old and new block IDs via core-json-rpc (#2593)

2.3.22 - 2019-05-02

Changed

• Return transaction timestamp instead of block timestamp for /v2/* endpoints in core-api (#2513)
  • Note that the transaction timestamp can be misleading as a transaction can be signed hours or days before it gets forged which is why you should rely on the block timestamp because that is the point in time when the blockchain becomes aware of a transaction.

2.3.21 - 2019-04-30

Fixed

• Avoid getting stuck on a peer by picking a random one each time (JSON-RPC) (#2491)
• Fix the asset import and include rounds in the snapshot to avoid issues with the peer verifier (#2502)
• Accept requests to /transactions regardless of suspension (only caused issues for nodes that are completely locked down behind a firewall with no incoming connections) (#2503)

2.3.18 - 2019-04-26

Fixed

• Reset unfinished round after importing a snapshot (#2486)
• Update the height of the crypto config manager for milestones in the forger (only caused an issue for split setups) (#2487)

2.3.16 - 2019-04-25

Fixed

• Initialise the crypto config manager with the latest height on boot (#2482)

2.3.15 - 2019-04-25

Fix release of 2.3.14 due to npm connectivity issues.

2.3.14 - 2019-04-25

Fixed

• Added missing mainnet exceptions for transactions with invalid recipients (#2471)
• Remove support for old release channels from the 2.2 development period (#2476)

2.3.12 - 2019-04-24

Fixed

• Use correct genesis block instead to verify snapshots (#2462)
• Don't pass suffix flag to bip38 and bip39 commands (#2464)

2.3.1 - 2019-04-23

Fixed

• Deserialize type > 0 with vendor field instead of skipping it (#2459)

2.3.0 - 2019-04-23

Breaking Changes

• Removed the wallets table from the database (#2209)
  • Core 2.0 has been fully reliant on in-memory wallets since the 2.0 release. This only removes the dumping of wallets into the database as it is wasted space and doesn't serve any purpose.
  • If you have applications that rely on the database you should migrate them as soon as possible to using the API as only that data is provided in real-time.
• Replace SQLite3 with lowdb in core-webhooks (#2124)
  • This significantly reduces the size of the package and it's dependencies.
  • This requires you to recreate your webhooks as the storage method changed.
• Replaced core-logger-winston with core-logger-pino (#2134)
  • This significantly improves performance of logging when it occurs a lot in situations like syncing or rollbacks.
• Rewrote core-tester-cli from scratch (#2133)
• Merged core-debugger-cli into core-tester-cli and deprecated it (#2133)
• Use the node.js EventEmitter from events instead of eventemitter3 (#2329)

Added

• Implement AIP29 (#2122)
• Search delegates by their username in core-api (#2143)
• Implemented the ark reinstall command in core (#2192)
• Added the --force flag to the ark update command in core (#2190)
• Added more parameters for delegate searches in core-api (#2184)
• Added restart flags to the ark update command in core (#2218)
• Added the make:block command to core-tester-cli to create blocks (#2221)
• Added the core-error-tracker-rollbar package (#2287)
• Added the core-error-tracker-raygun package (#2288)
• Added the core-error-tracker-airbrake package (#2289)
• Added the core-logger-signale package (#2343)
• Added more events for blocks and the transaction pool (#2321)
• Return slip44 and wif via v2/node/configuration (#2388)
• Added an asset column to the transactions table (#2236)

Fixed

• Properly sort peers by their version (#2229)
• Memory leak in the monitoring process of core-forger (#2341)
• Handle dynamic round sizes with milestones (#2370)
• Validate that a transaction recipient is on the same network (#2394)
• Handle empty rows in mapBlocksToTransactions (#2404)
• Prevent indexing/creating of ghost wallets (#2405)
• Refuse transactions from senders with pending second signature registrations and do not rollback when refusing a block (#2458)

Changed

• Increased the vendor field length to 255 bytes (#2159)
• Replaced micromatch with nanomatch to improve performance (#2165)
• Replaced axios with got to resolve known timeout issues with axios (#2203)
• Switch block id to full SHA256 (#2156)

Removed

• Removed dead fast rebuild code that hasn't been used since 2.0 release (#2210)

2.2.2 - 2019-03-19

Removed

• Remove /api/v2/delegates/{id}/voters/balances endpoint ([#2265])

2.2.0 - 2019-03-11

Added

• Implement a CLI with @oclif to replace commander (#2100)
• Add sorting to voters endpoint (#2103)
• Validate GET replies from other peers (#2102)
• Pass query to findAllByVote method (#2142)
• Fetch list of peers from at least a few others (#2152)

Fixed

• Pass the base flags for programmatic calls in core-tester-cli (#2108)
• Reduce complexity and fix wrong offset handling in core-elasticsearch (#2108)
• Stuck at not ready to accept new block (#2139)
• Properly sort BigNumber values (#2144)
• Properly update wallet balances if a vote transaction is reverted (#2207)
• Invalid transactions after a rollback because block timestamps were used as transaction timestamp (#2217)

Changed

• Replaced lodash.sortBy/orderBy with faster implementations (#2106)
• Improve fork handling in updatePeersOnMissingBlocks (#2125)
• Throw an error if the peers or plugins file are missing (#2135)
• Improve selection of peer for downloading blocks (#2137)
• Merge core-snapshot-cli commands into core (#2149)

Removed

• Remove unnecessary ping call in (#2123)
• Remove broken getRandomDownloadBlocksPeer (#2121)

2.1.2 - 2019-02-13

Fixed

• Fix quorum related issues
• Limit payload size
• Remove signatures from transaction payload

2.1.1 - 2019-02-12

Fixed

• Configuration endpoint does not show dynamic fees (#2082)
• Return the correct supply for the legacy API (#2083)

2.1.0 - 2019-02-11

Added

• Added a milestoneHash identifier to use for peer banning (#1837)
• Added TypeScript declarations for core-logger (#1833)
• Added TypeScript declarations for core-logger-winston (#1887)
• Added TypeScript declarations for core-container (#1891)
• Added TypeScript declarations for core-database (#1901, #1905)
• Added TypeScript declarations for core-transaction-pool (#1906)
• Added TypeScript declarations for core-blockchain (#1943)
• Added TypeScript declarations for core-snapshots (#1947)
• Added TypeScript declarations for core-api (#1948)
• Added TypeScript declarations for crypto (#1917)
• Added the core-jest-matchers package (#1926)
• Added the core-interfaces package (#1924)
• Return the transaction expiration time via API (#1927)
• Added the ability to disable the public API cache (#1930)
• Return the vote of a wallet via public API (#2009)
• Upgrade script for 2.1 (#1999)
• Installation script for deb/rpm distros (#2016)
• Case specific errors for crypto (#2038)

Changed

• Migrated from JavaScript to TypeScript (#1625)
• Moved the peers.json configuration into core-p2p (#1625)
• Merged core-transaction-pool-mem into core-transaction-pool (#1625)
• Use a faster alternative to derive an estimate (#1655)
• Reworked crypto configuration to make it simpler (#1733)
• Moved the dynamic fees configuration into core-transaction-pool (#1733)
• Periodically check for new peers instead of retrying until finding some (#1738)
• Adjusted some banning times for peers to make network recovery smoother (#1730)
• Simplified configuration by further separating network and core (#1733)
• Take the minFeeBroadcast value into account for fee statistics (#1873)
• Only allow vendor fields for type 0 and 6 transactions (#1931)
• Improved the network quorum details and feedback (#1898)
• Only return errors when broadcast and pool fees are too low (#1940)
• Improved performance of BIP38 (#1941)
• Cleaned up the logic of block processing (#1953)
• Cleaned up the logic of serialise/deserialise in crypto (#1969)
• Replaced all ARK naming with CORE (#1970)
• Use system paths for data and configuration (#1987)
• Increased the maximum transaction age to 6 hours (#1996)
• Replaced progress bars with logging to reduce noise (#2044)
• Replaced commander.js with @oclif in core-debugger-cli (#2049)
• Replaced commander.js with @oclif in core-snapshots-cli (#2050)
• Replaced commander.js with @oclif in core-tester-cli (#2051)
• Moved docker files from docker/* to docker/development/* (#2053)
• Moved the genesis blocks from the core configuration to the network configuration in crypto (#2052)
• Separate business-logic from data-layer logic (#2055)

Fixed

• Resolved an issue with the resolveOptions method that would result in options being resolved for plugins that are not registered in the container (#1625)
• Malformed condition for filtering peers (#1689)
• Use the correct pagination schema for the v2 public API (#1717)
• Ensure that delegate searches can handle undefined values (#1831)
• Mark semantically invalid versions as invalid overall (#1836)
• Ordering of delegates via public API (#1731)
• Handle webhooks that have no conditions (#1869)
• Validate the network byte on transactions (#1853)
• Use correct schemas for address, public key and username validation in the public API (#1954)
• Populate the last block of all delegates (#1919)
• Return the transaction forging timestamp instead of signing timestamp (#1957)
• Mark cold wallets as not found in the legacy API (#1955)
• A malformed condition that resulted in wrong peer lists (#1939)
• Properly verify block slot timestamps (#1985)
• Return fixed peer states for v1 and v2 API responses ([#2027])
• Validate IP ranges to detect loopbacks (#2045)
• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-010.md (#2046)
• Check if the blockchain state storage is available before performing fork checks (#2047)
• Gracefully handle a corrupted cached peers.json file (#2061)
• Always sort transactions by sequence and the requested field to make API sorting deterministic (#2058)
• Disallow multiple registrations for same delegate (#2080)
• Remove already forged transactions from the pool (#2659)

Removed

• Removed the transactionsFromIds P2P endpoint (#1911)
• Removed the validator and rules fron @arkecosystem/crypto (#2021)
• Ended support for the legacy multisignatures from the previous LISK fork (#2057)

2.0.19 - 2019-01-31

Fixed

• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-009.md
• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-010.md

2.0.18 - 2019-01-28

Fixed

• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-011.md

2.0.17 - 2019-01-15

Fixed

• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-008.md
• https://github.com/ARKEcosystem/security-vulnerabilities/blob/master/core/core-sv-007.md

2.0.16 - 2018-12-17

Fixed

• Prevent the list of peers to become too short. This is related to the nodes running behind a firewall.

Closed security vulnerabilities:

• CORE-SV-004
• CORE-SV-003
• CORE-SV-002
• CORE-SV-001

2.0.15 - 2018-12-11

Fixed

• Ensure no local peers are enlisted and that the IP of the TCP connection is used (#1695)

2.0.14 - 2018-12-10

Fixed

• Reset last downloaded block when block is discarded (#1692)

2.0.13 - 2018-12-07

Fixed

• Ensure safe integer range for block height lookups via API (#1673)

2.0.12 - 2018-12-06

Fixed

• Perform second-signature checks in the canApply logic of multi-signatures (#1658)
• return the encoded WIF for BIP38 wallets instead of the encrypted WIF (#1653)

2.0.11 - 2018-12-05

Added

• Store executed migrations in the database (#1648)

Changed

• Increase cache generation timeout and make it configurable (#1645, #1646)

2.0.1 - 2018-12-05

Added

• Retrieve blocks via height or ID per public API (#1626)

Changed

• Improved performance for block and transaction queries by adding more indices on critical columns (#1636, #1638, #1634)

Fixed

• Take milestones into account for supply calculations (#1640)
• Use the raw transaction data in acceptChainedBlock to avoid timestamp mismatches and second signature double spend errors (#1564)
• Return the correct peer count for the v2 public API (#1563)

2.0.0 - 2018-12-03

• Initial Release