1.4.4

Additions and Improvements

• Implemented priv_getLogs. #686
• Implemented private contract log filters including JSON-RPC methods to interact with private filters. #735
• Implemented EIP-2315: Simple Subroutines for the EVM #717
• Implemented Splunk logging. #725
• Implemented optional native library encryption. #675. To enable add --Xsecp256k1-native-enabled (for transaciton signatures) and/or --Xaltbn128-native-enabled (for altbn128 precomiled contracts) as command line options.

Bug Fixes

• Flag added to toggle eth/65 off by default. eth/65 will remain toggled off by default until
  a fix is completed for the eth/65 known issue. #741
• Resolve crashing NAT detectors on GKE. #731 fixes #507.
  Besu-Kubernetes Readme
  updated to reflect changes.
• Deal with quick service start failures #714 fixes #662

Known Issues

Known issues are open issues categorized as Very High or High impact.

New known issues

• Intrinsic gas exceeds gas limit returned when calling delete mapping[addr] or mapping[addr] = 0 #696

Calling delete and set to 0 Solidity mapping in Solidity fail.

Previously identified known issues

• Eth/65 not backwards compatible
• Error full syncing with pruning
• Fast sync when running Besu on cloud providers
• Bootnodes must be validators when using onchain permissioning
• Privacy users with private transactions created using v1.3.4 or earlier

1.4.3

Critical Issue for Privacy Users

A critical issue for privacy users with private transactions created using Hyperledger Besu v1.3.4
or earlier has been identified. If you have a network with private transaction created using v1.3.4
or earlier, please read the following and take the appropriate steps:
https://wiki.hyperledger.org/display/BESU/Critical+Issue+for+Privacy+Users

Additions and Improvements

• Added eth/65 support. #608
• Added block added and block reorg events. Added revert reason to block added transactions. #637

Deprecated

• Private Transaction hash field and getHash() method have been deprecated. They will be removed
  in 1.5.0 release. #639

Known Issues

Fast sync when running Besu on cloud providers

A known RocksDB issue causes fast sync to fail
when running Besu on certain cloud providers. The following errors is displayed repeatedly:

...
EthScheduler-Services-1 (importBlock) | ERROR | PipelineChainDownloader | Chain download failed. Restarting after short delay.
java.util.concurrent.CompletionException: org.hyperledger.besu.plugin.services.exception.StorageException: org.rocksdb.RocksDBException: block checksum mismatch:
....

This behaviour has been seen on AWS and Digital Ocean.

Workaround -> On AWS, a full restart of the AWS VM is required to restart the fast sync.

Fast sync is not currently supported on Digital Ocean. We are investigating options to
add support for fast sync on Digital Ocean.

Error full syncing with pruning

• Error syncing with mainnet on Besu 1.3.7 node - MerkleTrieException #580
  The associated error is Unable to load trie node value for hash and is caused by the combination of
  full sync and pruning.

Workarounds:

1. Explicitly disable pruning using --pruning-enabled=false when using fast sync.
2. If the MerkleTrieException occurs, delete the database and resync.

A fix for this issue is being actively worked on.

Fast sync reverting to full sync

In some cases of FastSyncException, fast sync reverts back to a full sync before having reached the
pivot block. #683

Workaround -> To re-attempt fast syncing rather than continue full syncing, stop Besu, delete your
database, and start again.

Bootnodes must be validators when using onchain permissioning

• Onchain permissioning nodes can't peer when using a non-validator bootnode #528

Workaround -> When using onchain permissioning, ensure bootnodes are also validators.

1.4.2

Additions and Improvements

• Added trace_block JSON RPC API #449
• Added pulledStates and knownStates to the EthQL syncing query and eth_syncing JSON-RPC api #565

Bug Fixes

• Fixed file parsing behaviour for privacy enclave keystore password file #554 (thanks to magooster)
• Fixed known issue with being unable to re-add members to onchain privacy groups #471

Updated Early Access Features

• Onchain privacy groups with add and remove members. Known issue resolved (see above).
• TRACE API now includes trace_block, trace_replayBlockTransactions, and trace_transaction.
  Fixed some issues on the trace replay block transactions API #522.

Known Issues

Fast sync defaulting to full sync

• When fast sync cannot find enough valid peers rapidly enough, Besu defaults to full sync.

Workarounds:

1. To re-attempt fast syncing rather than continue full syncing, stop Besu, delete your database,
   and start again.
2. When fast syncing, explicitly disable pruning using --pruning-enabled=false to reduce the likelihood
   of encountering the pruning bug.

A fix to remove the default to full sync is in progress
is being actively worked on.

Error full syncing with pruning

• Error syncing with mainnet on Besu 1.3.7 node - MerkleTrieException #BESU-160
  The associated error is Unable to load trie node value for hash and is caused by the combination of
  full sync and pruning.

Workarounds:

1. Explicitly disable pruning using --pruning-enabled=false when using fast sync.
2. If the MerkleTrieException occurs, delete the database and resync.

A fix for this issue is being actively worked on.

Bootnodes must be validators when using onchain permissioning

• Onchain permissioning nodes can't peer when using a non-validator bootnode #BESU-181

Workaround -> When using onchain permissioning, ensure bootnodes are also validators.

1.4.1

Additions and Improvements

• Added priv_getCode #250. Gets the bytecode associated with a private address.
• Added trace_transaction JSON RPC API #441
• Removed -X unstable prefix for pruning options (--pruning-blocks-retained, --pruning-block-confirmations) #440
• Implemented ECIP-1088: Phoenix EVM and Protocol upgrades. #434

Bug Fixes

• BESU-25 Use v5 Devp2p when pinging #392
• Fixed a bug to manage concurrent access to cache files #438
• Fixed configuration file bug: pruning-blocks-retained now accepts an integer in the config #440
• Specifying RPC credentials file should not force RPC Authentication to be enabled #454
• Enhanced estimateGas messages #436. When a estimateGas request fails a validation check, an improved error message is returned in the response.

Early Access Features

Early access features are available features that are not recommended for production networks and may
have unstable interfaces.

• Onchain privacy groups with add and remove members.
  Not being able to to re-add a member to an onchain privacy group is a known issue
  with the add and remove functionality.

Known Issues

Fast sync defaulting to full sync

• When fast sync cannot find enough valid peers rapidly enough, Besu defaults to full sync.

Workarounds:

1. To re-attempt fast syncing rather than continue full syncing, stop Besu, delete your database,
   and start again.
2. When fast syncing, explicitly disable pruning using --pruning-enabled=false to reduce the likelihood
   of encountering the pruning bug.

A fix to remove the default to full sync is in progress
and is planned for inclusion in v1.4.1.

Error full syncing with pruning

• Error syncing with mainnet on Besu 1.3.7 node - MerkleTrieException #BESU-160
  The associated error is Unable to load trie node value for hash and is caused by the combination of
  full sync and pruning.

Workarounds:

1. Explicitly disable pruning using --pruning-enabled=false when using fast sync.
2. If the MerkleTrieException occurs, delete the database and resync.

Investigation of this issue is in progress and a fix is targeted for v1.4.1.

Bootnodes must be validators when using onchain permissioning

• Onchain permissioning nodes can't peer when using a non-validator bootnode #BESU-181

Workaround -> When using onchain permissioning, ensure bootnodes are also validators.

1.4.0

Changelog

1.4.0

Private State Migration

Hyperledger Besu v1.4 implements a new data structure for private state storage that is not backwards compatible.
A migration will be performed when starting v1.4 for the first time to reprocess existing private transactions
and re-create the private state data in the v1.4 format.

If you have existing private transactions, see migration details.

Additions and Improvements

• TLS support to secure client and server communication.

• Multi-tenancy to enable multiple participants to use the same Besu and Orion node.

• Plugin APIs to enable building of Java plugins to extend Hyperledger Besu.

• Support for additional NAT methods.

• Added priv_call which invokes
  a private contract function locally and does not change the private state.

• Besu has moved from an internal Bytes library to the Apache Tuweni Bytes library.
  This includes using the library in the Plugins API interfaces. #295 and #215

Early Access Features

Early access features are available features that are not recommended for production networks and may
have unstable interfaces.

• Reorg compatible privacy
  to enable private transactions on networks using consensus mechanisms that fork.

• Tracing API to obtain detailed information about transaction processing.

Bug Fixes

See RC and Beta sections below.

Known Issues

Fast sync defaulting to full sync

• When fast sync cannot find enough valid peers rapidly enough, Besu defaults to full sync.

Workarounds:

1. To re-attempt fast syncing rather than continue full syncing, stop Besu, delete your database,
   and start again.
2. When fast syncing, explicitly disable pruning using --pruning-enabled=false to reduce the likelihood
   of encountering the pruning bug.

A fix to remove the default to full sync is in progress
and is planned for inclusion in v1.4.1.

Error full syncing with pruning

• Error syncing with mainnet on Besu 1.3.7 node - MerkleTrieException #BESU-160
  The associated error is Unable to load trie node value for hash and is caused by the combination of
  full sync and pruning.

Workarounds:

1. Explicitly disable pruning using --pruning-enabled=false when using fast sync.
2. If the MerkleTrieException occurs, delete the database and resync.

Investigation of this issue is in progress and a fix is targeted for v1.4.1.

Bootnodes must be validators when using onchain permissioning

• Onchain permissioning nodes can't peer when using a non-validator bootnode #BESU-181

Workaround -> When using onchain permissioning, ensure bootnodes are also validators.

1.4.0-RC2

Private State Migration

Hyperledger Besu v1.4 implements a new data structure for private state storage that is not backwards compatible.
A migration will be performed when starting v1.4 for the first time to reprocess existing private transactions
and re-create the private state data in the v1.4 format.
If you have existing private transactions, see migration details.

Additions and Improvements

• Automatic Transaction Log Bloom Filter Caching

Add a new option --auto-logs-bloom-indexing-enabled which defaults to true. This performs the equivalent of the operator generate-log-bloom-cache CLI task or admin_generateLogBloomCache RPC call for each block as it arrives, in addition to caching older logs on first startup.

1.4.0-RC1

1.4.0 RC-1

Additions and Improvements

• Newtrace_replayBlockTransactions JSON-RPC API

This can be enabled using the --rpc-http-api TRACE CLI flag. There are some philosophical differences between Besu and other implementations that are outlined in trace_rpc_apis.

• Ability to automatically detect Docker NAT settings from inside the conainter.

The default NAT method (AUTO) can detect this so no user intervention is required to enable this.

• Added Multi-tenancy support which allows multiple participants to use the same Besu node for private transactions.

• Added TLS support for communication with privacy enclave

Bug Fixes

• Private transactions are now validated before sent to the enclave #356

Known Bugs

• Error syncing with mainnet on Besu 1.3.7 node - MerkleTrieException #BESU-160

Workaround -> Don't enable pruning when syncing to mainnet.

• Onchain permissioning nodes can't peer when using a non-validator bootnode #BESU-181

Workaround -> When using onchain permissioning, ensure bootnodes are also validators.

1.3.9 - ETC Aztlan Support

Technical Improvements

• ETC Aztlan fork support 366 and 371

1.4.0-beta3

Additions and Improvements

• CLI option to enable TLS client auth for JSON-RPC HTTP #340

Added CLI options to enable TLS client authentication and trusting client certificates:

--rpc-http-tls-client-auth-enabled - Enable TLS client authentication for the JSON-RPC HTTP service (default: false)
--rpc-http-tls-known-clients-file - Path to file containing client's certificate common name and fingerprint for client authentication.
--rpc-http-tls-ca-clients-enabled - Enable to accept clients certificate signed by a valid CA for client authentication (default: false)

If client-auth is enabled, user must either enable CA signed clients OR provide a known-clients file. An error is reported
if both CA signed clients is disabled and known-clients file is not specified.

• Stable Plugins APIs #346

The BesuEvents service and related data package have been marked as a stable plugin API.

Bug Fixes

• Return missing signers from getSignerMetrics #343

Experimental Features

• Experimental support for trace_replayBlockTransactions (many PRs)

We have added support for the trace_replayBlockTransactions JSON-RPC call. To enable this API add
TRACE to your rpc-http-api options (such as --rpc-http-api TRACE at the command line).

This is not a production ready API. There are still bugs relating to traced memory from calls and
returns, and the gas calculation reported in the flat traces does not always match up with the
correct gas calculated for consensus.

1.4.0-beta2

Additions and Improvements

• Enable TLS for JSON-RPC HTTP Service #253

Exposes new command line parameters to enable TLS on Ethereum JSON-RPC HTTP interface to allow clients like EthSigner to connect via TLS:
--rpc-http-tls-enabled=true
(Optional - Only required if --rpc-http-enabled is set to true) Set to true to enable TLS. False by default.
--rpc-http-tls-keystore-file="/path/to/cert.pfx"
(Must be specified if TLS is enabled) Path to PKCS12 format key store which contains server's certificate and it's private key
--rpc-http-tls-keystore-password-file="/path/to/cert.passwd"
(Must be specified if TLS is enabled) Path to the text file containing password for unlocking key store.
--rpc-http-tls-known-clients-file="/path/to/rpc_tls_clients.txt"
(Optional) Path to a plain text file containing space separated client’s certificate’s common name and its sha-256 fingerprints when
they are not signed by a known CA. The presence of this file (even empty) enables TLS client authentication. That is, the client
presents the certificate to server on TLS handshake and server establishes that the client certificate is either signed by a
proper/known CA. Otherwise, server trusts client certificate by reading the sha-256 fingerprint from known clients file specified above.

The format of the file is (as an example):
localhost DF:65:B8:02:08:5E:91:82:0F:91:F5:1C:96:56:92:C4:1A:F6:C6:27:FD:6C:FC:31:F2:BB:90:17:22:59:5B:50

Bug Fixes

• TotalDifficulty is a BigInteger #253.
  Don't try and cast total difficulty down to a long because it will overflow long in a reasonable timeframe.