Tendermint KMS v0.7.0 is out! You can read the full changelog here.
We are presently running it in production here at @iqlusion on both the cosmoshub-3
and Terra columbus-3
networks. It should largely be a “drop-in” release with no actionable system administration tasks involved in deploying it.
Here are the notable highlights of this release:
- Network timeouts: this release supports long-awaited configurable timeouts on network I/O, with a default of 10 seconds. See tendermint/kms#310 for more information.
-
Genesis bugfixes: in the previous release the double signing protection code was too strict and would prevent signing the genesis block of new networks, which caused some startup troubles on
cosmoshub-3
andcolumbus-3
. This was addressed by relaxing the logic around signing the first block.
Beyond that, this release includes various bugfixes and dependency upgrades, including an upgrade to tendermint-rs
v0.11. You can find release notes for that here:
Next up for the KMS: moving it to an asynchronous architecture and support for application-specific access to keys for the purposes of e.g. signing price oracles. We hope to post a design announcement about these sorts of things soon.