Add support for arbitrary off-chain identifiers in the @celo-org/identity sdk. Previously, the sdk was written to be phone number specific and identifiers were prefixed with tel:// after returning from ODIS. This update adds new prefixes for twitter + email and refactors the code to be identifier agnostic.
Please ensure that your key shares are named correctly in your keyvault prior to upgrading your signer.
If you are using Azure or AWS , the original bls share should be named phoneNumberPrivacy-1 and the more recent version of that key share (generated during the resharing ceremony on 10/22/21) should be labeled phoneNumberPrivacy-2. The CIP40 key share generated during the DKG ceremony on 10/22/21 should be named domains-1.
If you are using Google Cloud, you should create two keys named phoneNumberPrivacy (with versions 1 and 2) and domains (with only version 1). The KEYSTORE_GOOGLE_SECRET_NAME env variable isn't used anymore.
Please do not delete or rename any existing shares, but rather add the shares to your vault as duplicates under these new names. If you are unsure for any reason about how to label your key shares please reach out on Discord. If you would like to setup time to go through the update synchronously, don't hesitate to reach out.
Please ensure that you have set the following environment variables to true in order to enable all APIs (See Signer README for more info)
LEGACY_PHONE_NUMBER_PRIVACY_API_ENABLEDPHONE_NUMBER_PRIVACY_API_ENABLEDDOMAINS_API_ENABLED
NOTE / UPDATE : This upgrade is currently incompatible with MySQL. If you're using MySQL for your signer DB, please let us know and hold off on upgrading.
NOTE: You will not be able to roll back the upgrade because the database will be updated in a non-backwards compatible way. If your signer is having trouble starting up, it is almost certainly an issue with how your keys are labeled. Please double check your key configuration prior to upgrading, and if an issue does occur there's no need to worry. The system is able to handle limited downtime from 1 or 2 signers at a time and we will be readily available on discord to help troubleshoot.
After upgrading
Please checkout celo-monorepo on master, run yarn && yarn build from the root directory (might take 10-15 mins), and follow the Validating before going live instructions in the Signer README to test that your service is configured properly. If you encounter difficulties or would like further guidance, don't hesitate to reach out on Discord.
Please post in the Discord channel once your upgraded service is live and passing the configuration tests.
Support for ODIS 2.0.0, including new types, enums, error messages, and more. From now on, request and response types should be imported directly from this package instead of the identity SDK when directly querying ODIS, or else using the convenience query methods in the identity SDK.
Fixes
Removes blind-threshold-bls dependency to allow for browser compatibility.
Removes btoa dependency.
Breaking Changes
This is a major release and is not backwards compatible for use with ODIS v1.
The previous quota logic is still (initially) available in ODIS 2.0 and is referred to as the "legacy PNP" (LEGACY_PNP) throughout the code base and SDKs. We encourage folks to upgrade to the new and improved PNP endpoint, as the legacy endpoint will eventually be deprecated.
Upgrades
(devDependency) @celo/poprf from ^0.1.6 to ^0.1.9
celo SDK dependencies and ContractKit from 2.2.1 to 3.0.0
This version was pushed to npm by alecps, a new releaser for @celo/contractkit since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/andyle83/marketplace/network/alerts).
Removes flat. It's no longer used after updating ancestor dependency @celo/contractkit. These dependencies need to be updated together.
Removes
flatUpdates
@celo/contractkitfrom 1.1.0 to 3.0.1Release notes
Sourced from
@celo/contractkit's releases.... (truncated)
Commits
86c1aa9Alecps/release3.0.1 (#10062)e81462bAdded an additional recaptcha secret (#10061)80dddd3Mark successful governance proposals with no transactions as executed (#9798)4041432Update ODIS SDK to accept any type of identifier (#9985)80a7390Fix minInstances setting in combiner deployment (#10059)566f71bBlockscout: Enable Epoch Rewards UI (#10053)14708caAdding epoch dash url (#10026)7380432ODIS monitor updates (#10049)e96aadbBlockscout: negate blockRewards enabled flag (#10054)b25742bBlockscout: Disable block rewards fetcher (#10052)Maintainer changes
This version was pushed to npm by alecps, a new releaser for
@celo/contractkitsince your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/andyle83/marketplace/network/alerts).