What's Changed (comparing to 1.2.2)
Updates in Data Models and API (new optional fields)
- All Data Models:
- optional field
schemaVersion
field (default - 0)
- optional field
- Account:
- optional field
productIDs
(see PROPOSE_ADD_ACCOUNT and acount.proto)
- optional field
- Model:
- optional fields
enhancedSetupFlowOptions
,enhancedSetupFlowTCUrl
,enhancedSetupFlowTCRevision
,enhancedSetupFlowTCDigest
,enhancedSetupFlowTCFileSize
,maintenanceUrl
,discoveryCapabilitiesBitmask
,commissioningFallbackUrl
(see ADD_MODEL and model.proto)
- optional fields
- PKI
- optional field
crlSignerDelegator
(see ADD_REVOCATION_DISTRIBUTION_POINT, UPDATE_REVOCATION_DISTRIBUTION_POINT) - optional field
isNoc
(see certificate.proto and the new NOC-related commands below)
- optional field
New Data Models and API
- PKI
- REMOVE_PAI
- GET_CERTS_BY_SKID
- ADD_NOC_ROOT (RCAC)
- REVOKE_NOC_ROOT (RCAC)
- REMOVE_NOC_ROOT (RCAC)
- ADD_NOC_ICA (ICAC)
- REVOKE_NOC_ICA (ICAC)
- REMOVE_NOC_ICA (ICAC)
- GET_NOC_ROOT_BY_VID (RCACs)
- GET_NOC_BY_VID_AND_SKID (RCACs/ICACs)
- GET_NOC_ICA_BY_VID (ICACs)
- GET_REVOKED_NOC_ROOT (RCAC)
- GET_ALL_NOC_ROOT (RCACs)
- GET_ALL_NOC_ICA (ICACs)
- GET_ALL_REVOKED_NOC_ROOT (RCACs)
Updates in Query (Read) API
- The following query commands return both PAA/PAI and NOC (RCAC/ICAC): GET_CERT, GET_REVOKED_CERT, GET_ALL_CERTS, GET_ALL_REVOKED_CERTS, GET_CERTS_BY_SUBJECT, GET_CHILD_CERTS
- Either
isNoc
field should be analyzed to distinguish between the certificate type, or dedicated PAA-related commands should be used (see below)
- Either
- Please note, that the following query API calls still return only PAAs (they haven't been changed): GET_ALL_PAA, GET_ALL_REVOKED_PAA, GET_ALL_PROPOSED_PAA, GET_ALL_REJECTED_PAA, GET_ALL_PROPOSED_PAA_TO_REVOKE, GET_PROPOSED_PAA, GET_REJECTED_PAA, GET_PROPOSED_PAA_TO_REVOKE
Updates in Logic and API
- PKI
- Supported delegation of PAAs/PAIs
crlSignerDelegator
in Revocation Distribution Point: ADD_REVOCATION_DISTRIBUTION_POINT, UPDATE_REVOCATION_DISTRIBUTION_POINT - An option to revoke child certificates in the chain
revokeChild
(default - false): PROPOSE_REVOKE_PAA, REVOKE_PAI
- Supported delegation of PAAs/PAIs
- Auth/Model
- PID scoped Accounts: ADD_MODEL, PROPOSE_ADD_ACCOUNT
- Fixed static validation of URL fields (mostly in model.proto and model_version.proto)
Other
- Transaction broadcasting block mode has been removed from the updated cosmos-sdk. Starting from this version, dcl has only two modes:
sync
andasync
, with the default beingsync
. In this mode, to obtain the actual result of a transaction (txn), an additional query call with thetxHash
must be executed. For example:dcld query tx txHash
- where txHash represents the hash of the previously executed transaction. - Due to upgrading cosmovisor to v1.3.0 in Docker and shell files, the node starting command has changed from
cosmovisor start
tocosmovisor run start
Documentation Updates
- Ledger Nano Support (HSM for Account keys)
- Improved transactions.md
- Updates in Upgrade and troubleshooting guide Pool Upgrade How To
Full List of Issues
https://github.com/zigbee-alliance/distributed-compliance-ledger/milestone/6
Full Changelog
- Latest release binary version in upgrade tests increment by @DenisRybas in #511
- #523 PID scoped Accounts by @Abdulbois in #530
- Add NOC root certificate transactions design doc by @akarabashov in #529
- Update the NOC root certificate design based on discussion feedback by @akarabashov in #534
- Compliance module unit tests refactoring by @DenisRybas in #514
- #519 Query Certificates with subjectKeyId by @Abdulbois in #532
- Update the NOC root certificate design in accordance with the latest feedback by @akarabashov in #539
- #535 Enable providing serial number while revoking x509 certs by @Abdulbois in #541
- #535 Add transaction command to remove non-root certificates by @Abdulbois in #542
- #524 Implement adding and requesting root NOC certificates by @akarabashov in #543
- Support for forward and backward compatibility in DCL schemes by @akarabashov in #540
- #535 Make the revocation of child certificates optional by @Abdulbois in #544
- #535 Enable checking VID matchings while adding x509 certificate by @Abdulbois in #545
- #535 Enable adding non-root NOC(ICA) certificates by @Abdulbois in #546
- #535 Enhancements to Adding, Revoking, and Removing Non-Root Certificates by @akarabashov in #548
- #524 Enable revocation of NOC root certificates by @Abdulbois in #550
- #524 Enable revocation of NOC non-root certificates by @Abdulbois in #551
- #502 Add SchemaVersion field into PKI, Compliance, Model and VendorInfo schemas by @Abdulbois in #552
- #538 Add commissioner remote UI flow url field into model schema by @Abdulbois in #555
- Update transactions.md document by @akarabashov in #553
- Rename non-root NOC to NOC_ICA (in doc, code, state, CLI command) by @akarabashov in #559
- #531 Publish pai certificates for crl signer certificate verification by @Abdulbois in #557
- Refactor update tests for sequential version upgrades starting from initial version by @akarabashov in #561
- Set CommissioningModeInitialStepsHint to 1 by default for standard flow by @akarabashov in #562
- Query NOC Root certificates by VID and SKID by @akarabashov in #564
- #303 Upgrade Cosmos SDK by @Abdulbois in #536
- #560 Enable removing NOC ICA certificates by @Abdulbois in #567
- #524 Enable removing NOC root certificates by @Abdulbois in #568
- Add instructions on how to use the Ledger Nano with DCL by @akarabashov in #569
- Improve error message texts by @Abdulbois in #571
- improvements #566 #570 by @Abdulbois in #572
- Fix error message texts by @Abdulbois in #574
- Add schemaVersion field into NOC/ICA and auxiliary models by @Abdulbois in #573
- Bumped spellcheck action to latest version, since 0.24.0 is EOL by @jonasbn in #526
- #575 Rename CommissionerRemoteUiFlowUrl to ManagedAclExtensionRequestFlowUrl by @Abdulbois in #576
- #547 Add new fields into Model entity by @Abdulbois in #577
- Correct transactions documentation by @akarabashov in #578
- Query NOC Intermediate by VID+SKID by @DenisRybas in #584
- Removed managedAclExtensionRequestFlowUrl from model by @DenisRybas in #586
- vid for PAIs by @DenisRybas in #585
- Docs clarification for NOC certs by @DenisRybas in #587
- Improve clarity on how to fetch account number by @smides-nest in #579
- Model fields fixes by @DenisRybas in #588
- Upgrade test 1.4.1 by @DenisRybas in #590
- Update docs troubleshooting by @ashcherbakov in #591
- Fix macos version/runner by @ashcherbakov in #592
- Add validation for making Schema Version zero value by @Toktar in #594
- Update Upgrade Test for 1.4.2 Release by @ashcherbakov in #595
- Fix delete model version by @DenisRybas in #599
- Certificate comparison improvement by @DenisRybas in #600
- Url validations update by @DenisRybas in #604
- Model DiscoveryCapabilitiesBitmask field by @DenisRybas in #589
- Updated openapi by @ashcherbakov in #605
- Upgrade upgrade test to v1.4.3-pre1 by @DenisRybas in #606
Upgrade procedure
- The release must be applied via cosmovisor and Upgrade Proposal transactions, see pool-upgrade-how-to.md.
- The upgrade name must be equal to
v1.4
. - The release must be applied to all nodes (Validators, Observers, Sentries, etc.)
- All upgraded nodes must be at 1.2.2 with cosmovisor enabled.
- It's recommended to enable the auto-download for cosmovisor on all nodes, see pool-upgrade-how-to.md.
- Adding new nodes to the running pool (Test Net in particular) must be done via one of the ways described in running-node-in-existing-network.md.