Confidential Consortium Framework
ccf::AllOfAuthnPolicy
takes a collection of other policies, all of which must be true for this auth policy to pass. In JS, this can be configured in the app.json
as "authn_policies": [{ "all_of": ["policy_a", "policy_b"] }]
.proposalId
is now passed to resolve(proposal, proposerId, votes, proposalId)
, allowing proposals to consider other pending proposals in their resolution process. (#5995)apply(proposal, proposalId)
function (#6114).MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
ccfapp.checkedJson
converter to the CCF TypeScript package, which will raise errors when given objects which cannot be roundtrip-converted through JSON (currently Map
and Date
). There is a slight cost to checking this on each instance during encode
, so the behaviour is opt-in (not directly replacing ccfapp.json
), but it is recommended that most tables update to use this converter.scurl.sh
script has been removed. With #5137 removing support for HTTP signed requests, it is no longer needed.MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
[rollback]
tag.[rollback] ... Dropping conflicting branch
may be emitted after network partitions, and indicates that some Pending
(non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.[rollback] ... Ignoring conflicting AppendEntries
could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).[rollback]
tag.[rollback] ... Dropping conflicting branch
may be emitted after network partitions, and indicates that some Pending
(non-committed) transactions have been lost. This is expected, but worth investigating if it occurs regularly - it is a sign of elections impacting service availability.[rollback] ... Ignoring conflicting AppendEntries
could also be emitted after a network partition, but should be reported to the CCF development team. It is a sign of an unexpected execution path, which could lead to loss of liveness (inability to advance commit).MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
contains_globally_committed(k)
method on kv::Set<K>
, with the same semantics as get_globally_committed(k)
on kv::Map<K, V>
(#5928)."mode": "readonly"
are prevented from writing to the KV. Attempting to call map.set(k, v)
, map.delete(k)
, or map.clear()
on any KV table in such an endpoint will now result in an error being thrown (#5921).MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
ccf.crypto.digest
and ccf.crypto.isValidX509CertBundle
are accessible again through ccf.digest
and ccf.isValidX509CertBundle
, to faciliate migration of CCF 3.x-era constitutions. The constitution sample under samples/constitutions/default/actions.js
has been updated to show how migration is possible without relying on aliasing in 4.x.ccf::historical::adapter_v2
is removed, replaced by ccf::historical::adapter_v3
first introduced in 2.0.0.ccf::EnclaveAttestationProvider
has been removed. It is replaced by ccf::AttestationProvider
attestation.environment.security_context_directory
configuration entry and --snp-security-context-dir-var
CLI option have been removed. SNP collateral must now be provided through the snp_security_policy_file
, snp_uvm_endorsements_file
and snp_endorsement_servers
configuration values. See documentation for details and platform-specific configuration samples.MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
url
field in snp_endorsements_servers
can now contain environment variables that will be resolved at startup, such as "$Fabric_NodeIPOrFQDN:2377" (#5862).snp_security_policy_file
configuration value under attestation
, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR
. The value can contain environment variables, for example: "snp_security_policy_file": "$UVM_SECURITY_CONTEXT_DIR/security-policy-base64"
.snp_uvm_endorsements_file
configuration value under attestation
, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR
. The value can contain environment variables, for example: "snp_uvm_endorsements_file": "$UVM_SECURITY_CONTEXT_DIR/reference-info-base64"
. This value can come from an untrusted location, like snp_security_policy_file
and AMD endorsements (fetched from snp_endorsements_servers
), because the CCF code contains pre-defined roots of trust.MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime
snp_endorsements_servers
now supports a THIM
type, which is the recommended value when running in Confidential AKS preview.MCR Docker Images: App Development, C++ Runtime, TypeScript/JavaScript Runtime