guardiand v2.8.2

Bugfixes

• Stats page null data fix
• Fix a public rpc server handler bug - #1069
• Restart watcher if Guardian Set update fails - #1010

Improvements

• Explorer updates to add Fantom
• Promote Aurora to mainnet - #947, #1063 💪
• bridge_ui: show terra estimated fees in UST
• performance improvements for the cloud functions and explorer #1019, #1020
• Updates to the spy relayer and add support for the Acala relayer to the bridge_ui - #1015, #1043
• Developer improvements
  • Framework for testing terra contracts #1050
  • Automation to verify and deploy contracts - #836
  • Great start on unit tests for the guardian node (shoutout to @claudijd)
• New blockchains supported in testnet:
  • Klaytn - #1038 🎉
  • Karura & Acala - #937 🥳

guardiand v2.8.1

Bugfixes:

• Fantom readiness checks and CLI status were fixed (#928).
• Outdated guardian state set entries are now correctly pruned, fixing display and metrics issues with guardians running multiple nodes for redundancy (3e51512).

Improvements:

• The found new message publication transaction log entry now contains a blockhash field, which makes it easier to query specific logs (2e75d3b).

guardiand v2.8.0

New features

• Fantom support (#830, #920)
• Add utility to fill in missing messages on EVM chains and Terra (#861, #863, #871)

[v1] guardiand v1.3.0

A rare sight - a Wormhole v1 release!

This is a major release which backports two v2 features to v1 (#869):

• Signed networks and network state aggregation, including support for admin list-nodes and network metrics.
• Re-observation requests for Ethereum.

No backwords-incompatible changes. guardiand-solana-agent wasn't touched and doesn't have to be updated. Remember that v1 uses make bridge rather than make node to compile the binary.

Behind the scenes, this required backporting much of v2's gossip infrastructure to v1 - the two code bases are now much closer together!

guardiand v2.7.3

New features:

• Add re-observation support for Ethereum and Terra (#839, #835, #834).

Improvements:

• Polygon now requires a minimum of 512 confirmations, up from 256 (#829). This is done as a precautionary measure in response to a recent series of very large rollbacks on Polygon (polygonscan.com/blocks_forked).
• Fix a slow memory leak (#782).
• Fix VAA injection for core bridge governance messages (#814).
• We now bail on on failed transactions earlier, lowering RPC request rate (#821).

guardiand v2.7.2

New features:

• guardiand can now ask other guardians to re-observe specific messages using a signed SendObservationRequest gossip message. For now, this is only supported for Solana, but will be extended to every chain we support. This supersedes the old hardcoded recovery.cfg mechanism and enables manual retry of messages that were failed to be observed during network outages (#776, #777).

Improvements:

• guardiand will check whether a given message has already achieved consensus before attempting to send an observation. This avoids spamming the network with stale observations when a node is behind and catching up (#744).

• Log level for logs sent to Google Cloud reduced to INFO. In an ironic twist, it turns out that they're really bad at doing full text search on large amounts of logs (yep, Google failing at search). We plan to move to a different solution based on the open source ClickHouse database, this will make the amount of logs more manageable in the meantime (#775).

guardiand v2.7.1

Scheduled recovery:

This release contains a scheduled retry for January 14 11:00 UTC. Make sure your node is upgraded by then!

Breaking changes:

• The Wormhole node now supports sending logs to a telemetry server to help network operators with network-wide visibility. The new release either requires a --telemetryKey <key> or a --disableTelemetry flag. We recommend enabling telemetry.

Improvements:

• Eth watcher logging verbosity has increased - logging for Eth observations is now much more fine-grained. If you have previously been using processing new header or similar logs for monitoring, you might have to update your config (note that we do not consider changes to log messages breaking changes and do them all the time - there is no stability guarantee for logs, they're meant for human debugging. We recommend using the metrics endpoint, which has a stability guarantee!).

Bugfixes:

• Refactored the Terra handler to support multiple messages inside a single transaction. This got a couple of transactions unstuck (this was a coordinated hotfix - mainnet is running this already).
• Eth watcher reliability improvements for Polygon.

guardiand v2.7.0

Breaking changes:

• Oasis support was added via --oasisRPC and --oasisContract flags! 🎉

New features:

• The admin find-missing-messages command now supports a --backfill parameter, which will ask the node to backfill missing messages in the local database by querying a list of public Wormhole RPC node.
• admin list-nodes now supports filtering columns by specifying a comma-separated list of networks using --only.

Improvements:

• The number of retries for Solana transactions and message account fetches were doubled, improving behavior when RPC is slow.

Scheduled recovery:

This release contains a scheduled recovery for 2021-12-23 11:00 UTC, retrying about a dozen transactions which timed out over the past days while RPC performance was degraded due to heavy load.

guardiand v2.5.1

No backwards incompatible changes (unless you're using Infura, which nobody should do anyway).

New features:

• Batched governance message submission.
  A governance prototxt file can now include multiple messages. This significantly improves the workflow when multiple governance votes are submitted at the same time.

• The guardiand template command has been revamped to support generating full governance VAAs. This makes it easier and less error-prone to produce governance proposals.

• Complain about Infura on mainnet.
  As it turns out, Infura has a bug where it would sometimes incorrectly round block timestamps, which causes consensus issues - the timestamp is part of the VAA and nodes using Infura would sometimes derive an incorrect VAA, accidentally attacking the network by signing a conflicting VAA.

  Node operators do not usually rely on Infura in the first place - doing so is less secure than using your own nodes, since nodes blindly trust the connected nodes to verify on-chain message proofs. Node operators sometimes used Infura as a workaround during migrations where their primary node was offline, causing the aforementioned consensus oddities which were eventually found to be Infura-related. This is generally to the detriment of network security and a judgement call made by individual operators. In the case of Infura, we know it's actively dangerous so we add a warning to make sure that future operators know about the issue before considering to use Infura.

Bugfixes:

• The /readyz endpoint on the status server now correctly reports a failure of BSC or Polygon.

guardiand v2.5.0

New features:

• A Polygon connection is now supported/required using the --polygonRPC and --polygonContract command line options.

Improvements:

• The schema for injected ContractUpgrade governance VAAs now uses hex-encoded addresses for consistency.
• Harmless received observation by unknown guardian messages were demoted to DEBUG level to avoid confusion.