Skip to content
This repository has been archived by the owner on Jul 16, 2021. It is now read-only.

Latest commit

 

History

History
220 lines (175 loc) · 6.5 KB

CHANGELOG.md

File metadata and controls

220 lines (175 loc) · 6.5 KB

0.0.7 (October 6, 2020)

NEW FEATURES:

  • Backup / Restore scripts created for Vault Raft Data
  • Creation of the gen_overrides.sh script

REFACTOR:

  • updated VERSION file to 0.0.7
  • Regionalized SSD Persistent Data Volumes for Vault Raft Data
  • Vault Auditing is now enabled
  • Fix Vault Raft Peering
  • Replaced the Custom Vault Helm Chart with the officially supported Helm Chart from Hashicorp
  • Nonce refactored to be passed in
  • Only --build on test

0.0.6 (August 15, 2020)

NEW FEATURES:

  • GCP KMS-based Auto Unseal
  • Raft-based Vault Backend
  • Enable GCR and KMS in the Vault GCP project with service accounts
  • CircleCI config to push omgnetwork/vault images into GCR

REFACTOR:

  • updated VERSION file to 0.0.6
  • removal of the unsealer Vault server
  • clean Helm and Kubernetes from the infrastructure Terraform scripts
  • Helm and GCP are now separate deployments
  • cleaned firewall rules in the Vault infrastructure Terraform scripts
  • use golang 1.14 as the builder
  • stopped using -dev mode - use file backend to support snapshotting
    • unseal.json holds the keys
    • the Vault data is at /vault/config/data
  • Update to github.com/ethereum/go-ethereum v1.9.16
  • Removed redundant types from array, slice or map composite literals.
    • &framework.Path
    • &framework.FieldSchema
  • Remove activateChildChain
  • Wallet Smoke Test
    • Remove test of activateChildChain.
  • Re-generate Plasma bindings using v1.9.16 abigen
  • Update to hashicorp/vault v1.5.2
  • Use official hashicorp/vault helm chart
  • Removed the local copy of the helm chart
  • Standardize GCP resource names to be of the form omgnetwork-

BUG FIXES:

N/A

0.0.5 (January 18, 2020)

NEW FEATURES:

N/A

IMPROVEMENTS:

  • Wallet Smoke Test
    • Execute test of activateChildChain.
  • Re-generate Plasma bindings

BUG FIXES:

N/A

0.0.4 (November 17, 2019)

NEW FEATURES:

  • Remove Export JSON Keystore
  • Add k8s Example in examples/k8s Showing Integration of k8s Clients and Vault
    • Uses minikube
    • Integrates with existing testbed (make run)
    • Shows steps needed to enable k8s auth in Vault

IMPROVEMENTS:

  • Wallet Smoke Test
    • Remove test for Export JSON Keystore from Account
  • Document Networking Recommendations
  • Refine Plamsa Contract integration
    • Remove Set Authority

BUG FIXES:

  • Removed imports of gitlab.com/shearline-gateway

0.0.3 (November 10, 2019)

NEW FEATURES:

  • Implement Plamsa Contract integration
    • Submit Block
    • Set Authority
    • Submit Deposit Block
    • Activate Child Chain
  • Added Smoke Test for Plasma
    • Truffle docker container
    • Pull latest from OmiseGO plasma-contracts
    • Builds and Deploys
    • Integrates with Ganache and Vault in make run for full integration test
  • Added Docs
    • Uses Sphinx and sphinx rtd theme
    • Captured high level design Q & A
    • Described Vault cluster architecture

IMPROVEMENTS:

  • Separated Smoke Tests
  • Wallet Smoke Test
    • Configure Mount
    • Create Wallet (BIP44) Without Mnemonic
    • Create Wallet (BIP44) With Mnemonic
    • List Wallets
    • Create New Account
    • Check Account Balance
    • Transfer ETH
    • Sign Raw TX
    • Sign Raw TX (Encoded)
    • Export JSON Keystore from Account
  • Smoke Test for Whitelisting
    • Whitelist Address at an Account
    • Whitelist Address at a Wallet
    • Whitelist Address Globally
  • Smoke Test for Blacklisting
    • Blacklist Address at an Account
    • Blacklist Address at a Wallet
    • Blacklist Address Globally
  • Smoke Test for ERC20
    • Deploy Contract (FixedSupplyToken)
    • Total Token Supply
    • Token Balance
    • Transfer Token
  • Smoke Test for Plasma
    • Submit Block
    • Set Authority
    • Submit Deposit Block
    • Activate Child Chain

BUG FIXES:

  • N/A

0.0.2 (October 26, 2019)

NEW FEATURES:

  • Demonstrate Smart Contract integration model
    • Compile to ABI
    • Generate bindings
  • Added support for ERC20
    • Deployed ERC20 implementation - FixedSupplyToken
    • Implemented all methods in ERC20Interface

IMPROVEMENTS:

  • Verified CIS Docker Hardening 1.20 for images where applicable to Dockerfile
    • 4.1 Ensure that a user for the container has been created
    • 4.2 Ensure that containers use only trusted base images (HashiCorp Vault/Alpine)
    • 4.3 Ensure that unnecessary packages are not installed in the container
    • 4.4 Ensure images are scanned and rebuilt to include security patches (apk update && apk upgrade added to Dockerfile)
    • 4.5 - N/A - Ensure Content trust for Docker is Enabled
    • 4.6 Ensure that HEALTHCHECK instructions have been added to container images
    • 4.7 Ensure update instructions are not use alone in the Dockerfile - used epoch date for this in dockerfile/makefile
    • 4.8 Ensure setuid and setgid permissions are removed (vault user prevents this)
    • 4.9 Ensure that COPY is used instead of ADD in Dockerfiles
    • 4.10 Ensure secrets are not stored in Dockerfiles
    • 4.11 Ensure only verified packages are are installed (using Alpine package manager)
  • Smoke Test for transaction signing
  • Smoke Test for ERC20
    • Deploy Contract
    • Read Token Supply
    • Read Token Balance
    • Transfer Token
    • Approve Transfer

BUG FIXES:

  • N/A

0.0.1 (October 20, 2019)

NEW FEATURES:

  • BIP44 implementation: Wallets are constructed from supplied or generated mnemonic. Accounts are derived using index: "m/44'/60'/0'/0/%d"
  • Whitelists/Blacklists can be scoped at 3 levels: Global (config), Wallet and/or Account.
  • Export JSON keystore using supplied or generated passphrase.
  • Gas estimation for contract deployment.
  • Golang unit tests
  • Smoketest does integration testing against Ganache:
    • plugin config
    • wallet create/update/read/list
    • account create/update/read/list
    • account debits
    • whitelist/blacklist testing at all levels
  • Smoketest will print curl examples for all tests to aid with documentation
  • Dockerfile builds plugin and vault image with plugin pre-packaged.
    • multistage build reduces image size and attack surface
    • plugin built natively for Alpine using musl
    • Runs as non-root vault user (CIS Docker Benchmark 1.20 - 4.1 Ensure that a user for the container has been created).
  • makefile with docker-build, run, and all targets.
  • Use docker-compose to build ganache-based development environment for testing

IMPROVEMENTS:

  • N/A

BUG FIXES:

  • N/A