Notice:

This is the old stable Nxt branch. New users are recommended to install the latest 1.6.2 release instead, as announced here:Existing users with applications that call the Nxt API directly, and those running public nodes with open API access, make sure to read the warning about incompatible API changes in 1.6 before upgrading. If those affect you, stay on this 1.5 branch until you have the time to transition to 1.6.-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512Release 1.5.15sha256:474694e08ff2d9495aceff73a4ed9e276f4311d81695fd7eeaf94caba58d4764 nxt-client-1.5.15.zipsha256:3ede181a73a365a54cd8341d0925d1ebe899382e0b9df808a83ab0e82feee5d2 nxt-client-1.5.15.jarThe exe and jar packages must have a digital signature by "Stichting NXT".Change log:Full offline transaction signing support.The purpose of this security feature is to allow users to sign transactionswithout ever entering their passphrase on a workstation connected to theinternet, thus avoiding the risk of having their passphrase stolen by locallyinstalled malware such as key loggers or copy/paste loggers, or maliciousplugins.As a prerequisite to using this feature, users should setup two workstations:(1) online with up to date blockchain, on which transactions will be prepared;(2) offline with Java and NXT installed, but without internet connection, andwithout needing to have up to date blockchain, on which transactions will besigned.The nxt.isOffline=true parameter can be used on the offline machine to makesure it doesn't even try to connect to peers or to listen on the peer port.In addition, users should prepare either a web camera to scan QR codes, or aUSB stick to copy data between the workstations.The following procedure should be followed:On the online workstation - users can create a transaction without enteringtheir passphrase. Click on the "advanced" link, check the "Do Not Broadcast"option, and then check the newly added "Do Not Sign" option that appears.When "Do Not Sign" is checked, the passphrase field is cleared and disabled.If the account submitting the transaction does not yet have its public keyannounced, a separate input field appears, to allow entering the public key.In response, the server returns the unsigned transaction JSON, and in casethere are no message attachments to be encrypted, also the unsignedtransaction bytes.The client now displays the "Raw Transaction Details" modal with the unsignedtransaction JSON, and the unsigned transaction bytes (including a QR coderepresenting them), if those exist.The unsigned transaction bytes do not include the prunable attachments,however they can still be used for signing the transaction, and also forbroadcasting the transaction in case no prunable attachments exist.Users can transfer the unsigned transaction bytes to the offline workstationby scanning the QR code, or download the unsigned transaction JSON to a fileby clicking the download icon, and transfer it using a USB stick to theoffline workstation.On the offline workstation - users should use the "Transaction Operations"modal, "Sign Transaction" tab, to sign the unsigned transaction JSON, whichcan be uploaded from a file.In response, a signature field is displayed, with a QR code, and also thesigned transaction JSON which users can save to a file for transferring backto the online workstation.Back on the online workstation, users can scan the signature QR code into the"Raw Transaction Details" modal signature field, and broadcast thetransaction. Alternatively, they can use the "Broadcast Transaction" tab ofthe "Transaction Operations" modal to broadcast the transaction JSON copiedfrom the offline workstation.A command line tool, sign.sh, has been provided, for signing transaction JSONwithout needing to even have an Nxt server or a browser running.Note that when the transaction to be signed includes a message to be encrypted,the encryption is also performed on the offline workstation. However, whengenerating the unsigned transaction JSON on the online workstation, if usinga remote node, the plain text content of the message must be sent to this nodein order for it to prepare the transaction JSON. Therefore, use a localinstallation when preparing encrypted messages for offline signing, if thecontent of the message is sensitive.All tabs in the "Transaction Operations" modal that have both bytes and jsoninput fields need to have only one of them filled. If in doubt, using the jsonis preferred, as it will work for all transactions. The bytes format is stillaccepted, when possible, for backwards compatibility, and for transferringusing QR codes (as the json cannot fit in a QR representation).Other changes:The signTransaction API now also returns the full signed transaction JSON.The calculateFullHash API now also accepts unsignedTransactionJSON parameter.Added getLastTrades and getLastExchanges API, accepting a multivalue asset,respectively currencies parameter, and returning an array containing the lasttrade or exchange for each of those assets or currencies.Added fullHashToId utility API.Display warning when trying to issue an asset or currency with less than 2or more than 6 decimals.Display total value of currencies owned on dashboard. Set default leasingperiod to the maximum allowed (32767) in the UI. Other UI improvements.Updated jetty to version 9.2.13. If unpacking on top of existing installation,delete the lib subdirectory first.-----BEGIN PGP SIGNATURE-----iQIcBAEBCgAGBQJVzbtBAAoJENqvaxkWiP4Z0foQAKfLOCOb7Hoem0sumRlWyvEXD7jA/PeEW4TwqslP8wKSbj245hzadGLtEvugUAdAtf2oHRqFIGIOE3hOXPS5iuSdOfb95e9IRB+dwS9Pm/EjOqLf+TURoS5iCQgy7qEX/MZobWeDdUXM2Rq1+TPaKulk4w8aYqNYD+jCyBTyOBp+lVbZPsiLTHmoHMmRlYjdERrv+ilQ1a2lRaqcMJTcFc3HGrD1kEw9rD0U8NXG7lKpCT+APEUj/1SKI0OWV+3IBzfv9wCoGV7qzzPuZaE7En9GUURi2lElVTAO21AkKPyycHtul7ZNUKh0zW41KMwMhuYZUiEJdhGjp0LSukHhWATgUEHkjWU+78QjPX/8El+tewr7/fUy+UxerekvfyIVLjwBf6s05x7G3t7OyL5YH9+1a9S/wQ+0rFCuUS5MB5dErJc6v9xuWSpj4aM7ELPSTX5PWpG+vs6DfrZkhcw6PzecmjP6lg6Z96PdbOfYsaQYma9JmdR+rr8j6xJwzI8XY0Du7nygLMpbRhiCUPyrwcw9fdAvsGptimXrh03fCbCX+t0s3W+SO2rZXu0pokZKoApXsDxlUEm1ZMxwFi/103SV+M1y/FRWWN5tB0YI3FXY8Dy+9enzocKUID77Xjkor/SnjF6uwJ5lnDNmjnpTEpk11TEKd68+ctKQ4HJtuzln=tTB+-----END PGP SIGNATURE-----