Skip to content

Releases: btcsuite/btcd

v0.24.2

25 Jun 20:44
cc26860
Compare
Choose a tag to compare

This release includes important bug fixes related to subtle interactions related to re-orgs and the UTXO set cache. These fixed are considered security critical.

This release also includes implementations of invalidateblock and reconsiderblock which can be useful in helping nodes that were afflicted by the aforementioned bugs to recover without needing to resync the entire chain.

WIth this release, btcd now also implements the testmempoolaccept RPC which can be useful to check a transaction candidate for validity from a policy and conflict perspective before broadcasting. Along the way, we've added some additional policy checks that exist in other Bitcoin full node implementations.

This release also contains fixes to some parsing issues discovered via fuzz testing.

Finally, as mentioned above release includes important security fixes, with full details to be disclosed in 90 days.

What's Changed

New Contributors

Full Changelog: v0.24.0...v0.24.2

v0.24.2-beta.rc1

18 Mar 22:02
8b2f43e
Compare
Choose a tag to compare
v0.24.2-beta.rc1 Pre-release
Pre-release

What's Changed

New Contributors

Full Changelog: v0.24.0...v0.24.2-beta.rc1

btcd v0.24.0

31 Dec 01:22
b1b9420
Compare
Choose a tag to compare

This release is a major release that includes several general bug fixes, security bug fixes (please update!), and also a series of performance improvements that dramatically reduce the time for initial block download from ~45 hours+ to around 6 hours! With this release,btcd now also supports BIP 155 and has gained support for pruning (--prune=MiB).

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.24.0.sig and manifest-v0.24.0.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.24.0.sig manifest-v0.24.0.txt

You should see the following if the verification was successful:

gpg: Signature made Sat Dec 30 17:11:22 2023 PST
gpg:                using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed

New Contributors

Read more

btcd v0.23.3

01 Nov 14:44
v0.23.3
1d767de
Compare
Choose a tag to compare

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/guggero.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-guggero-v0.23.3.sig and manifest-v0.23.3.txt are in the current directory) with:

gpg --verify manifest-guggero-v0.23.3.sig manifest-v0.23.3.txt

You should see the following if the verification was successful:

gpg: Signature made Di 01 Nov 2022 14:00:20 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed

New Contributors

Full Changelog: v0.23.2...v0.23.3

btcd v0.23.2

10 Oct 01:38
6b5418d
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.23.1...v0.23.2

btcd v0.22.2

10 Oct 22:07
2ca4f4c
Compare
Choose a tag to compare

What's Changed

  • [release-v0.22.1] multi: Switch to chaincfg/chainhash module. by @davecgh in #1851
  • release: create release branch for v0.22.2 to backport block parsing issue by @Roasbeef in #1901

Full Changelog: v0.22.1...v0.22.2

btcd v0.23.1-beta

30 Aug 23:01
04aac1e
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.22.0-beta...v0.23.1

btcd v0.22.0-beta

08 Jun 14:18
v0.22.0-beta
Compare
Choose a tag to compare

This release of btcd is primarily to act as a catchup for the various changes that have accumulated.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

Once you have the required PGP keys, you can verify the release (assuming manifest-v0.22.0-beta.txt and manifest-v0.22.0-beta.txt.sig are in the current directory) with:

gpg --verify manifest-v0.22.0-beta.txt.sig

You should see the following if the verification was successful:

gpg: assuming signed data in 'manifest-v0.22.0-beta.txt'
gpg: Signature made Tue 08 Jun 2021 10:07:53 AM EDT
gpg:                using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54
gpg: Good signature from "John C. Vernaleo <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Binaries

As of this release, our release binaries are fully reproducible thanks to go1.13! Third parties are now able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.16.5, which is required by verifiers to arrive at the same ones.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.22.0-beta

You should see something along the lines of this in the case of a valid tag:

gpg: Signature made Tue 08 Jun 2021 09:42:52 AM EDT
gpg:                using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54
gpg: Good signature from "John C. Vernaleo <[email protected]>" [ultimate]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and btcd-source-v0.22.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz
tar -xvzf btcd-source-v0.22.0.tar.gz
GO111MODULE=on go install -v -mod=vendor
GO111MODULE=on go install -v -mod=vendor ./cmd/btcctl

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's also possible to use the enclosed release.sh script to bundle a release for a specific system like so:

BTCBUILDSYS="linux-arm64 darwin-amd64" ./build/release/release.sh

Release Notes

Protocol and network-related changes:

  • Added support for witness tx and block in notfound msg. (#1625)

  • Added support for receiving sendaddrv2 messages from a peer. (#1670)

  • Fixed bug in peer package causing last block height to go backwards. (#1606)

  • Added chain parameters for connecting to the public Signet network. (#1692, #1718)

    Also added --signet command line flag to btcctl and btcd utilities.

Crypto changes:

  • Fixed bug causing panic due to bad R and S signature components in btcec.RecoverCompact. (#1691)
  • Set the name (secp256k1) in the CurveParams of the S256 curve. (#1565)

Notable developer-related package changes:

  • Improve gc for txscript.IsUnspendable method. (#1615)

    Significantly reduced allocations, which should bring a performance gain during sync.

  • Used RLock/RUnlock when possible in the addrmgr package. (#1697)

  • Removed unknown block version warning in the blockchain package, due to false positives triggered by AsicBoost. (#1463)

  • Added proper types for flag field and improve docs, for msgtx in the wire package. (#1632)

  • Added chaincfg.RegisterHDKeyID function to populate HD key ID pairs. (#1617)

  • Fixed flaky hash cache test due to resetting RNG. (#1689)

  • Added new method mining.AddWitnessCommitment to add the witness commitment as an OP_RETURN output within the coinbase transaction. (#1716)

RPC changes:

  • Implemented Batch JSON-RPC in rpcclient and server. (#1583)

    Please refer to rpcclient/examples/bitcoincorehttpbulk/README.md for examples.

  • Implemented rpcclient method to invoke getdescriptorinfo JSON-RPC command. (#1578)

  • Updated the rpcserver handler for validateaddress JSON-RPC command to have parity with the bitcoind 0.20.0 interface. (#1613)

  • Implemented rpcclient method to invoke getblockfilter JSON-RPC command. (#1579)

  • Implemented signmessagewithprivkey JSON-RPC command in rpcserver. (#1585)

  • Implemented rpcclient method to invoke importmulti JSON-RPC command. (#1579)

  • Implemented watchOnly argument in rpcclient method to invoke listtransactions JSON-RPC command. (#1628)

  • Updated btcjson.ListTransactionsResult for compatibility with Bitcoin Core 0.20.0. (#1626)

    Two new fields BlockHeight and Label were added as optional, to keep backwards compatibility.

  • Implemented nullable optional JSON-RPC parameters. (#1594)

    Fixed command marshalling dropping params that follow params with nil value.

  • Implemented rpcclient and server method to invoke getnodeaddresses JSON-RPC command. (#1590)

  • Implemented rpcclient methods to invoke PSBT JSON-RPC commands. (#1596)

    The walletcreatefundedpsbt and walletprocesspsbt commands were implemented.

  • Implemented rpcclient method to invoke listsinceblock with the include_watchonly parameter enabled. (#1451)

  • Implemented rpcclient method to invoke deriveaddresses JSON-RPC command. (#1631)

  • Implemented rpcclient method to invoke getblocktemplate JSON-RPC command. (#1629)

    The corresponding btcjson structs were also updated to reflect changes in Bitcoin Core.

  • Implemented rpcclient method to invoke getaddressinfo JSON-RPC command. (#1633)

  • Implemented rpcclient method to invoke getwalletinfo JSON-RPC command. (#1638)

  • Fixed error message in rpcserver when an unknown RPC command is encountered. (#1695)

  • Fixed error message returned by estimatefee when the number of blocks exceeds the max depth. (#1678)

  • Updated btcjson.GetBlockChainInfoResult to include new fields in Bitcoin Core. (#1676)

    Two new fields InitialBlockDownload and SizeOnDisk were added.

  • Added ExtraHeaders in rpcclient.ConnConfig struct. (#1669)

    It's useful when the RPC provider needs customized headers, for example, the X-Auth-Token header.

  • Fixed bitcoind compatibility issue with the sendrawtransaction JSON-RPC command. (#1659)

  • Added new JSON-RPC errors to btcjson package, and documented them. (#1648)

  • Implemented rpcclient method to invoke createwallet JSON-RPC command. (#1650)

    This is also the first rpcclient method that uses the functional options pattern, which will be used more and more in future.

  • Implemented rpcclient methods to invoke backupwallet, dumpwallet, loadwallet and unloadwallet JSON-RPC commands. (#1645)

  • Fixed unmarshalling error in getmininginfo JSON-RPC command, for valid integers in scientific notation. (#1644)

  • Implemented rpcclient method to invoke gettxoutsetinfo JSON-RPC command. (#1641)

  • Implemented rpcclient method to invoke signrawtransactionwithwallet JSON-RPC command. (#1642)

  • Added txid to getblocktemplate response of rpcserver. (#1639)

  • Fixed monetary unit used in createrawtransaction JSON-RPC command in rpcserver. (#1614)

  • Added rawtx field to btcjson.GetBlockVerboseTxResult to provide backwards compatibility with older versions of Bitcoin Core. (#1677)

Misc changes:

Changelog

The full list of changes since v0.21.0-beta can be found here:

Contributors (Alphabetical Order)

10gic
Andrew Tugarinov
Anirudha Bose
Appelberg-s
Armando Ochoa
Aurèle Oulès
Calvin Kim
Christian Lehmann
Conner Fromknecht
Dan Cline
David Mazary
Elliott Minns
Federico Bond
Friedger Müffke
Gustavo Chain
Hanjun Kim
Henry Fisher
Iskander Sharipov
Jake Sylvestre
Johan T. Halseth
John C. Vernaleo
Liran Sharir
Mikael Lindlof
Olaoluwa Osuntokun
Oliver Gugger
Rjected
Steven Kreuzer
Torkel Rogstad
Tristyn
Victor Lavaud
Vinayak Borkar
Wilmer Paulino
Yaacov Akiba Slama
ebiiim
ipriver
wakiyamap
yyforyongyu

btcd v0.21.0-beta

28 Aug 20:40
v0.21.0-beta
Compare
Choose a tag to compare

This release of btcd is primarily to act as a catchup for the various changes that have accumulated and to help move back to a more regular schedule.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

Once you have the required PGP keys, you can verify the release (assuming manifest-v0.21.0-beta.txt and manifest-v0.21.0-beta.txt.sig are in the current directory) with:

gpg --verify manifest-v0.21.0-beta.txt.sig

You should see the following if the verification was successful:

gpg: assuming signed data in 'manifest-v0.21.0-beta.txt'
gpg: Signature made Fri 28 Aug 2020 12:40:24 PM EDT
gpg:                using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54
gpg: Good signature from "John C. Vernaleo <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Binaries

As of this release, our release binaries are fully reproducible thanks to go1.13! Third parties are now able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14, which is required by verifiers to arrive at the same ones.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.21.0-beta

You should see something along the lines of this in the case of a valid tag:

gpg: Signature made Fri 28 Aug 2020 09:58:10 AM EDT
gpg:                using DSA key 0DB39EAF526568682088EEDFB15210D35378BD54
gpg: Good signature from "John C. Vernaleo <[email protected]>" [ultimate]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and btcd-source-v0.21.0-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz
tar -xvzf btcd-source-v0.21.0.tar.gz
GO111MODULE=on go install -v -mod=vendor
GO111MODULE=on go install -v -mod=vendor ./cmd/btcctl

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's also possible to use the enclosed release.sh script to bundle a release for a specific system like so:

BTCBUILDSYS="linux-arm64 darwin-amd64" ./build/release/release.sh

Release Notes

Network-related changes:

  • Handle notfound messages from peers in netsync package. (#1603)

RPC changes:

  • The Verbose and VerboseTx boolean fields in btcjson.GetBlockCmd have been replaced with a single integer field called Verbosity, to reflect the new getblock RPC call parameters introduced in Bitcoin Core 0.15.0. (#1529)

    The getblock RPC server command in btcd has also been updated with this change.
    Backwards compatibility has been maintained in rpcclient. (#1577)

  • Added an optional Params field to rpcclient.ConnConfig, to represent the network that the server is running. (#1467)

  • Added a new error code ErrRPCInWarmup in btcjson. (#1541)

  • Updated btcjson.GetMempoolEntryResult to reflect the new getmempoolentry response in Bitcoin Core 0.19.0. (#1524)

  • Implemented rpcclient methods to invoke estimatesmartfee and generatetoaddress JSON-RPC commands. (#1500)

  • Implemented rpcclient method to invoke getblockstats JSON-RPC command. (#1500)

  • Parse serialized transaction from createrawtransaction JSON-RPC command using both segwit, and legacy format. (#1502)

  • Support cookie-based authentication using a new CookiePath field in rpcclient.ConnConfig. (#1460)

  • Implemented rpcclient method to invoke getchaintxstats JSON-RPC command. (#1571)

  • Implemented rpcclient method to invoke fundrawtransaction JSON-RPC command. (#1553)

  • Implemented rpcclient method to invoke getbalances JSON-RPC command. (#1595)

  • Added a new method rpcclient.GetTransactionWatchOnly to support passing the include_watchonly argument to gettransaction JSON-RPC command. (#1592)

Crypto changes:

  • Fixed panic in fieldVal.SetByteSlice when called with a value larger than 32 bytes. The improved version is approximately 35% faster. (#1602)

btcctl changes:

  • Added -regtest mode to btcctl. (#1556)

Misc changes:

  • Fixed a bug due to a deadlock in connmgr's dynamic ban scoring. (#1509)
  • Replaced TravisCI with GitHub Actions. (#1575)
  • Improved chain state init efficiency. (#1580)
  • Added blockchain.NewUtxoEntry() to directly create entries for UtxoViewpoint. (#1588)
  • Switch to a generic LRU implementation in the peer package, from decred/dcrd. (#1599)

Changelog

The full list of changes since v0.21.0-beta can be found here:

Contributors (Alphabetical Order)

Anirudha Bose
Antonin Hildebrand
Dan Cline
Daniel McNally
David Hill
Federico Bond
George Tankersley
Henry
Henry Harder
Iskander Sharipov
Ivan Kuznetsov
Jake Sylvestre
Javed Khan
JeremyRand
Jin
John C. Vernaleo
Kulpreet Singh
Mikael Lindlof
Murray Nesbitt
Nisen
Olaoluwa Osuntokun
Oliver Gugger
Steven Roose
Torkel Rogstad
Tyler Chambers
Wilmer Paulino
Yash Bhutwala
adiabat
jalavosus
mohanson
qqjettkgjzhxmwj
qshuai
shuai.qi
tpkeeper

btcd v0.20.1-beta

13 Nov 03:29
Compare
Choose a tag to compare

This is a minor release of btcd that fixes some bugs in the p2p sub-system, and also updates relevant parts of btcjson to be compatible with bitciond 0.19.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-v0.20.1-beta.txt and manifest-v0.20.1-beta.txt.sig are in the current directory) with:

gpg --verify manifest-v0.20.1-beta.txt.sig

You should see the following if the verification was successful:

gpg: assuming signed data in 'manifest-v0.20.1-beta.txt'
gpg: Signature made Tue Nov 12 19:08:07 2019 PST
gpg:                using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Binaries

As of this release, our release binaries are fully reproducible thanks to go1.13! Third parties are now able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.13.1, which is required by verifiers to arrive at the same ones.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.20.1-beta

You should see something along the lines of this in the case of a valid tag:

gpg: Signature made Tue Nov 12 18:29:03 2019 PST
gpg:                using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

Building the Contained Release

Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and btcd-source-v0.20.1-beta.tar.gz are in the current directory, follow these steps:

tar -xvzf vendor.tar.gz
tar -xvzf btcd-source-v0.20.1.tar.gz
GO111MODULE=on go install -v -mod=vendor 
GO111MODULE=on go install -v -mod=vendor ./cmd/btcctl

The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.

Additionally, it's also possible to use the enclosed release.sh script to bundle a release for a specific system like so:

BTCBUILDSYS="linux-arm64 darwin-amd64" ./build/release/release.sh

Release Notes

The btcjson package as been updated to be compatible with bitcoind v0.19.0 as required by the lnd project.

A race condition in the server related to the set of known addresses for a peer has been eliminated.

We've cleaned up some logic that previously caused log spam due to the stricter version handshake we now enforce.

Changelog

The full list of changes since v0.20.0-beta can be found here:

Contributors (Alphabetical Order)

Olaoluwa Osuntokun
Wilmer Paulino
Eugene Zeigel