Tendermint KMS v0.6.0-rc0 is out. Update: the final release is out!
We are presently running it in production here at @iqlusion on both Cosmos Hub and Terra.
Expect a final release some time next week, however in the interim if you are feeling brave we’d love to get feedback about the upgrade before the final release.
This release includes a number of improvements, bugfixes, and new features. Here are some quick highlights:
- Better logging: the previous release did not provide very useful logging in many respects - it was tricky to get it to log correctly at all, and even when it did, useful information was only visible at the “debug”/verbose loglevel, and even then the information you might care about was buried in debugging details. This release should provide log information you care about at the default loglevel.
Better CLI usage/help: the previous release was arcane and did not provide good usage / help, especially compared to something like
gaiad. The new CLI help should be much improved over the previous version.
- Multitenancy: this release supports concurrent operation on multiple Tendermint networks and concurrent connections to validators on the same network. We don’t (yet) recommend you use the latter feature in perpetuity as it has not been well-tested, but it should be useful to temporarily enable before failing over between validators on the same Tendermint network.
yubihsm-connectorcompatibility: the YubiHSM backend now contains an optional
yubihsm-serverfeature which allows the KMS to optionally export a local HTTP service which is compatible with Yubico’s
yubihsm-connectorservice. This can be used in conjunction with either
tmkms yubihsmCLI commands to administer YubiHSMs while Tendermint KMS is running.
Below are some items to pay attention to when upgrading from Tendermint KMS v0.5:
state_file syntax changes
The validator state files use an incompatible syntax from Tendermint KMS v0.5.
It has been changed to match the conventions used by the rest of Tendermint,
where integer values are stored in strings rather than JSON integers.
When upgrading, you will need to either delete existing state files
(they will be recreated automatically), or ensure the integer
round fields contained within these files are quoted in strings, e.g.
Unknown fields now disallowed in
The previous parser for
tmkms.toml ignored unknown attributes in the
config file. This means it would often ignore syntax errors, spelling mistakes,
or attributes in the wrong location when parsing files.
This has been changed to explicitly reject such fields, however please be aware
if your config file contained invalid syntax, it will now be rejected by the
parser and the KMS will no longer boot.
We suggest validating the configuration in a staging or other noncritical
deployment of the KMS in order to ensure your configuration does not contain
accidental misconfigurations which were previously uncaught.
See #282 for more information.