Private Chain Access Control (#10267)

Data access control is a critical factor for businesses and organizations interested in using blockchain technologies. In response to this need, a working group was formed between block.one and several technology providers within the community to better identify specific needs and possible solutions. This feature is the first step toward addressing the use cases identified by this group, and allows blockchain administrators to form privacy groups in order to ensure that only authorized parties can join the network or access data. This feature requires that the SECURITY_GROUP protocol feature is activated.

Blockchain administrators are now able to add or revoke connection access simply by modifying a privileged smart contract. Additionally, all p2p connections within privacy group are using TLS to further ensure protection of sensitive data. For more details read Private Chain Access documentation.

Resource Payer (#10407)

Currently the resource costs for transactions on EOSIO-based public networks are paid by the end user of the application, which can make attracting and onboarding new users very difficult. There is a workaround available, but it’s not a straightforward process for either app developers or their end users. If configured per our reference, the additional transaction extension allows a third party to pay for a transactions net and cpu usage. The transaction must be signed by the payer. There is also the ability to limit the amount of cpu and net that the payer is willing to pay. The transaction_trace has been modified with the addition of a bill_to_accounts field, so that it is clear which account paid for cpu/net for the transaction. This feature requires that the RESOURCE_PAYER protocol feature is activated. For more details see Resource Payer Documentation.

A Sample Transaction with Resource Payer:

{
      expiration: '2021-07-09T20:14:13.000',
      ref_block_num: 201,
      ref_block_prefix: 312235882,
      resource_payer: {
        payer: 'alice',
        max_net_bytes: 4096,
        max_cpu_us: 400,
        max_memory_bytes: 0
      },
      actions: [
        {
          account: 'eosio.token',
          name: 'transfer',
          authorization: [
            { actor: 'bob', permission: 'active' },
            { actor: 'alice', permission: 'active' }
          ],
          data: {
            from: 'bob',
            to: 'alice',
            quantity: '0.0001 SYS',
            memo: 'resource payer'
          }
        }
      ],
      transaction_extensions: [ [ 1, '0000000000855C34001000000000000090010000000000000000000000000000' ] ],
      context_free_actions: []
}

Upgrading from previous versions of EOSIO

Upgrading From v2.1.x

Node operators running version v2.1.x or prior versions should be able to upgrade to v2.2.0-rc1 using a snapshot. Another option is to rebuild state in 2.2.x by replaying the 2.1.x blocks.log.

Deprecation and Removal Notices

This release will remove support of MacOS 10.14 (#10418) and Ubuntu16 (#10421).

Stability Updates

• (#9738) bios-boot-tutorial.py: nodeos needs more time on linux before it starts accepting p2p transactions
• (#9742) When starting a replay, the rocksdb database files should be deleted.
• (#9758) Consolidated Security Fixes from 2.0.8
• (#9761) Fix strict aliasing violations
• (#9810) Fix the truncate bug in Ship
• (#9815) Fix snapshot test_compatible_versions failure and reenable it - develop
• (#9821) Fix ship truncate problem with stride
• (#9830) Fix Ship backward compatibility issue
• (#9843) Fix packed transaction version conversion -- Develop
• (#9877) DeepMind logger holds const char* fields that it uses for some of its naming and indicators
• (#9865) fix incorrect transaction_extensions declaration
• (#9879) Fix ship big vector serialization
• (#9895) Fix state_history zlib_unpack bug
• (#9910) fix state_history::length_writer
• (#9923) get_producers unittest
• (#9898) fix build problem of non-root user using script
• (#9960) Explicit ABI conversion of signed_transaction
• (#10012) EPE-165: Improve logic for unlinkable blocks while sync'ing
• (#10006) use p2p address for duplicate connection resolution
• (#10061) fix restart without blocks.log but with retained blocks files
• (#10084) Huangminghuang/merge blocklog fix
• (#10184) Disable subjective tolerance when disable-subjective-billing - develop
• (#10192) Merge security fix PR#365 into develop
• (#10220) develop: make cleos unpack a packed transaction before signing and ad…
• (#10284) huangminghuang/fix-ship-empty-block
• (#10321) huangminghuang/fix-state-history
• (#10325) Large ship deltas - develop
• (#10349) net_plugin bugfix for privacy test corner case
• (#10381) fixing flakiness in voting and forked chain tests
• (#10390) net_plugin fix for privacy groups corner case

Other Changes

• (#9805) chain_plugin db intrinsic table RPC calls incorrectly handling --lower and --upper in certain scenarios
• (#9905) Add log path for unsupported block log version exception
• (#9916) EPE-482 Fix compiler warnings in build
• (#9967) updated to new docker hub repo EOSIO instead EOS
• (#9073) Deep Mind off-chain ABI serializer & FC encoded hex output
• (#9732) Fix unresolved set_kv_parameters_packed problem
• (#9723) Remove compiler warnings from test_kv_rocksdb.cpp
• (#9734) update bios to have 'temporary' setpparams action
• (#9739) Fixing blockvault test for macos 10.14
• (#9735) Adding enable-kv.sh script
• (#9747) Prune test diagnostics
• (#9750) Fix PostgreSQL transaction problem
• (#9749) Added a new application method for sync from blockvault
• (#9751) blockvault_client_plugin logger
• (#9743) fixed get_kv_table_rows issues
• (#9744) Fix backing store switching issues
• (#9740) improve EOS VM OC cache lookup performance via hashed index
• (#9752) sync from block vault during block production
• (#9714) Remove unused code
• (#9760) Optimizations
• (#9726) adjust validate-reflection-test to work with any directory layout
• (#9762) Added handling of duplicate reversible blocks.
• (#9706) Default to returning WASM as returning WAST has been deprecated.
• (#9766) update dependencies for deb and rpm packages
• (#9767) Fix compiler warnings
• (#9768) FIX libpqxx not found problem
• (#9769) Version number changes in README.md for enable-kv.sh script
• (#9770) Workaround the PowerTools name change
• (#9772) Saving and restoring undo stack at shutdown and startup
• (#9777) Add feature BLOCKCHAIN_PARAMETERS
• (#9782) Update supported operating systems in README.md
• (#9787) Fix build script problem with older version of cmake
• (#9776) Add CentOS 8 Package Builder Step
• (#9790) fix unstable nodeos_run_test.py
• (#9778) Reduce logging for failed http plugin calls
• (#9826) Add warning interval option for resource monitor plugin
• (#9771) Fix libpqxx warnings on Mac
• (#9724) Enable test test_state_history::test_deltas_contract_several_rows
• (#9814) Re-enable full multi_index_tests
• (#9837) fix populating some information for get account
• (#9846) Add easter egg for release 2.1-rc2
• (#9859) Fix problem when using ubuntu libpqxx package
• (#9831) Fix or inhibit various compiler warnings while building on clang.
• (#9874) Fix build problem on cmake 3.10
• (#9881) Removed some unnecessary cmake commands as they get inherited from the parent cmake.
• (#9883) Fix problem with libpqxx 7.3.0 upgrade
• (#9888) Egonz/auto 313 final
• (#9870) Consolidated Security Fixes for 2.0.9 - develop
• (#9917) Create a fix to support requested encoding type in next_key
• (#9918) Update abieos submodule - opaque type changes
• (#9927) trace history log messages should print nicely in syslog
• (#9935) Fix "cleos net peers" command error
• (#9936) Update abieos submodule
• (#9937) fix intermittent fork test failure in develop
• (#9955) PowerTools is now powertools in CentOS 8.3
• (#9962) Make get_kv_table_rows work without --lower and --upper and --index
• (#9899) use oob cmake if possible so as to save script building time
• (#9915) extra transaction data integration test
• (#9889) EOS VM OC: Support LLVM 11
• (#9885) replace old libsecp256k1 fork with upstream; boosts k1 recovery performance
• (#9973) update fc
• (#9940) Create eosio-debug-build Pipeline
• (#9964) refactor get_kv_table_rows
• (#9978) move fc::blob to/from_variant out of libchain to fc
• (#9974) develop -- Fix incorrect merge of range fix in fork test from Rel 2.1
• (#9984) EPE-389 Fix net_plugin stall during head cachup - merge develop
• (#9987) Develop: add a second account to exhausive_snapshot_test
• (#9919) Remove nonfunctional ENABLE_BLOCK_VAULT_CLIENT cmake option.
• (#9982) Add unit tests for new fields added for get account in PR#9838
• (#10013) [develop] Fix LRT triggers
• (#10032) [develop] Fix MacOS base image failures
• (#10044) Reduce Docker Hub Manifest Queries
• (#10036) Add cleos system activate subcommand (to activate system feature like kv_database)
• (#10041) [develop] Updated Mojave libpqxx dependency
• (#10038) Updating develop to latest eos-vm eosio hash.
• (#10039) Replacing db intrinsic uses of RocksDB lower_bound when direct read could be used
• (#10037) implement splitting/extracting block log for eosio_blocklog
• (#10053) [develop] Add Big Sur instances to CICD
• (#10055) [develop] Revert Anka plugin version
• (#10045) Fix multiversion test failure
• (#10064) [develop] Fix docker steps on tagged builds.
• (#10059) Cleos print error message from server when parse json failed
• (#10056) add docker-compose based multiversion test
• (#9966) add a dockerignore file ignoring .git directory
• (#10019) revert changes to empty string as present for lower_bound, upper_bound, or index_value
• (#10040) remove BOOST_ASIO_HAS_LOCAL_SOCKETS ifdefs
• (#10078) add merge blocklog feature
• (#10081) update fc
• (#10086) allow fix_irreversible_block to without index file
• (#9922) Remove reversible db
• (#10087) add first_block_num for get_info command
• (#10051) Add new loggers for dumping transaction trace
• (#10095) abieos with to/from_json fix for SHiP transaction_trace
• (#10103) plugin_http_api_test - fix timing issue
• (#10100) Standardize JSON formatting of action data (epe 151)
• (#10120) Adding test for nodeos --full-version check.
• (#10126) Update eosio-resume-from-state Documentation
• (#10125) fix compiling with boost 1.76; add include in chainbase
• (#10144) huangminghuang/kv-get-row-time-tracking
• (#10152) huangminghuang/docker-compose-debug
• (#10149) [develop] Update timeouts for Mac builds.
• (#10093) cache key values in iterator store in db_context_rocksdb
• (#10157) [develop] Improve timeouts occurring on Anka builds for remaining pipelines.
• (#10160) Updating nodeos parameter tests to use cmake locations.
• (#10168) Subjective bill trx - develop
• (#10181) Remove cerr - develop
• (#10173) develop: Exit nodeos if fork_db is corrupted and lib cannot advance
• (#10224) Add test case for decompress zlib funciton of transaction, see EPE70
• (#10231) Support Running Version Tests on Fresh OS Installs
• (#10236) disable appbase's automatic version discovery via git
• (#10237) fix db_modes_test pipeline fails, see epe889
• (#10262) Correct fix-irreversible-blocks option default value which was set in…
• (#10261) ship-v2
• (#10270) fix compile with gcc11
• (#10272) Consolidated Security Updates for 2.0.12 - develop
• (#10278) SHiP new unit test - delta generation using eosio.token actions
• (#10276) Ensure container.size() > 0 before initiating RocksDB writes/deletes
• (#10293) Merge back submodule chainbase pull 67 to eos develolp
• (#10279) Fix issue with account query db for develop
• (#10109) Change blockvault client plugin initialization log message
• (#10298) don't specify default values for reversible blocks db configs
• (#10306) remove reversible-blocks configs from db_modes_test
• (#10134) add --no-auto-keosd to cli_test
• (#10246) update boost tarball location
• (#10313) [develop] Add annotate in pipeline runs.
• (#10301) huangminghuang/update-abios
• (#10318) Removed transaction_hook additions from global_property_v2 in abieos.
• (#10297) EPE-412: use better error message when a port is taken
• (#10326) remove some left over "Intl" cmake variables
• (#10319) Update state_history_tests.cpp
• (#10320) Added Privacy Test Case #4
• (#10329) Initializing ssl_enabled.
• (#10331) EPE897:Wrong cleos version test in eos/tests/
• (#10333) As the wait return code is likely to be $NODEOS_PID (stopped child re…
• (#10335) huangminghuang/fix-ship-block
• (#10339) state-history-exit-on-write-failure
• (#10305) fix boost unit test linkage; fixes build on Fedora 34
• (#10310) remove old outdated MSVC bits in cmake files
• (#10328) scenario 3 test added to feature privacy tests
• (#10348) Removed delay on start with TLS connections
• (#10344) Fix incorrect prune state of a signed_block issue
• (#10356) flakiness fix for forked chain test
• (#10363) to_json: use letter escapes
• (#10376) Update EOS license year 2021 - develop
• (#10372) Sanitize Branch Names for Docker Containers
• (#10384) Copy RocksDB license into EOS repo
• (#10387) Update license of submodule eosio-wasm-spec-tests to year 2021 - develop
• (#10392) Addressing identified security vulnerability (node-fetch)
• (#10405) test for existence of "data" field when printing action result, introduced by PR #10100
• (#10413) Ro transactions remove account param
• (#10350) Keep all block logs in retained directory
• (#10377) Refactor block tracking to avoid re-sending to sender - develop
• (#10414) feature privacy enhancements
• (#10419) be explict about config.hpp location; fixes CMP0115 warning on latest cmake
• (#10427) feature privacy snapshot test
• (#10428) fix homebrew sha256 warning
• (#10450) fix bug in trace_api_plugin no params returned GH issue 10435 / EPE 1066 https://github.com/EOSIO/eos/issues/10435 #10449
• (#10451) Add full cleos return object to final test assertion
• (#10454) [develop] Update Anka nodes used for build script pipelines.
• (#10457) Actually wait for the setup transaction to be added to a block.
• (#10458) resolve flakiness in privacy scenario 3 test
• (#10434) Always attempt to resync when receiving a block less than LIB.
• (#10460) Support Stability Testing for Tests + CI Bug Fixes
• (#10465) Bug Fixes for the eosio-test-stability Pipeline
• (#10467) Another Bug Fix for the eosio-test-stability Pipeline
• (#10470) Revert "Refactor block tracking to avoid re-sending to sender - develop"
• (#10476) Add waits for token transfer block to improve reliability.
• (#10471) Add validation to ensure transaction level resource_payer info matches transaction_extensions
• (#10432) Update Zipkin connection retry - develop
• (#10462) simplify build & fix binaries via a forked & modified libpqxx compatible with libpq 9.2
• (#10481) multiversion test old version v2.0.9 -> release/2.1.x
• (#10431) Test packaged EOSIO Linux artifacts against standard dockers.
• (#10478) flakiness fix for eosio_blocklog_prune_test
• (#10483) fix MacOS 10.15 pinned build problem with clang10
• (#10485) Don't Always Push to DockerHub

Documentation

• (#9695) [docs] update docs to reflect updated code using 128MiB
• (#9728) [docs] Update URL in net_api_plugin description
• (#9729) [docs] Update some chain_api_plugin descriptions
• (#9755) [docs] Remove sudo command from install/uninstall script instructions
• (#9757) [docs] Add BlockVault client logger to nodeos reference
• (#9737) Update how-to-replay-from-a-blocks.log.md
• (#9765) added next_key_bytes
• (#9774) [docs] Add new fields to producer_api_plugin create_snapshot endpoint
• (#9797) [docs] Correct link to the chain plugin
• (#9780) [docs] Fix schemata version and update nodeos plugins
• (#9788) [docs] Corrections to nodeos storage and read modes
• (#9807) [docs] update link to chain plugin to be relative
• (#9817) [docs] Fix blockvault plugin explainer and C++ reference links
• (#9873) chain api plugin / get_activated_protocol_features modifications
• (#9907) Add MacOS 10.15 (Catalina) to list of supported OSs in README
• (#9904) [docs] dev branch: add how to local testnet with consensus
• (#9951) [docs] dev - improve annotation for db_update_i64
• (#9946) [docs] cleos doc-a-thon feedback
• (#9948) [docs] cleos doc-a-thon feedback-3
• (#9947) [docs] cleos doc-a-thon feedback-2
• (#9949) [docs] cleos doc-a-thon feedback-4
• (#10007) [docs] Update various cleos how-tos and fix index
• (#10022) [docs] develop: improve cleos how to
• (#10025) Documentation - correct description for the return value of the kv_get_data intrinsic
• (#10110) Fixed get_kv_table_rows documentation to match the current code behavior.
• (#10183) [docs] Update Create key pairs How-to
• (#10230) Add comment why include_delta of code_object just returns false
• (#10241) huangminghuang/ship-max-retained-files
• (#10291) [docs][Develop] Update to how to and command ref
• (#10308) [doc][develop] Add resource_monitor_plugin documentation
• (#10346) [docs][develop] - match new template for "how to link permissions" and "set action permission"
• (#10362) [docs]command ref docs fix - fix broken link, replace Set, fix callout
• (#10360) [docs] Update cleos net commands and net plugin description
• (#10069) [docs] Update List Keypairs cleos How-to
• (#10072) [docs] Update Import keys cleos How-to
• (#10198) [docs] Update Query account info How-to - 2.0
• (#10075) [docs] Update Query Transaction Info cleos How-to
• (#10399) [docs] Delisted Ubuntu 16.04 from installation instructions
• (#10178) [docs] Update Create an account How-to
• (#10422) [docs] Add usage and split/extract/merge options to eosio-blocklog
• (#10443) [docs] documentation for 2.2 - read-only queries - cleos updates
• (#10395) [docs] add transaction sponsorship cleos how to
• (#10492) [docs] Add privacy access feature documentation

Thanks!

Special thanks to the community contributors that submitted patches for this release:

• @conr2d
• @ndcgundlach
• @maoueh
• @georgipopivanov
• @killshot13

Disclaimer: All repositories and other materials are provided subject to this IMPORTANT notice and you must familiarize yourself with its terms. The notice contains important information, limitations and restrictions relating to our software, publications, trademarks, third-party resources, and forward-looking statements. By accessing any of our repositories and other materials, you accept and agree to the terms of the notice.