Tendermint KMS v0.6.0-rc0 is out. Update: the final release is out!

We are presently running it in production here at @iqlusion on both Cosmos Hub and Terra.

Expect a final release some time next week, however in the interim if you are feeling brave we’d love to get feedback about the upgrade before the final release.

This release includes a number of improvements, bugfixes, and new features. Here are some quick highlights:

Better logging : the previous release did not provide very useful logging in many respects - it was tricky to get it to log correctly at all, and even when it did, useful information was only visible at the “debug”/verbose loglevel, and even then the information you might care about was buried in debugging details. This release should provide log information you care about at the default loglevel.

: the previous release did not provide very useful logging in many respects - it was tricky to get it to log correctly at all, and even when it did, useful information was only visible at the “debug”/verbose loglevel, and even then the information you might care about was buried in debugging details. This release should provide log information you care about at the default loglevel. Better CLI usage/help : the previous release was arcane and did not provide good usage / help, especially compared to something like gaiad . The new CLI help should be much improved over the previous version.

: the previous release was arcane and did not provide good usage / help, especially compared to something like . The new CLI help should be much improved over the previous version. Multitenancy : this release supports concurrent operation on multiple Tendermint networks and concurrent connections to validators on the same network. We don’t (yet) recommend you use the latter feature in perpetuity as it has not been well-tested, but it should be useful to temporarily enable before failing over between validators on the same Tendermint network.

: this release supports concurrent operation on multiple Tendermint networks and concurrent connections to validators on the same network. We don’t (yet) recommend you use the latter feature in perpetuity as it has not been well-tested, but it should be useful to temporarily enable before failing over between validators on the same Tendermint network. yubihsm-connector compatibility: the YubiHSM backend now contains an optional yubihsm-server feature which allows the KMS to optionally export a local HTTP service which is compatible with Yubico’s yubihsm-connector service. This can be used in conjunction with either yubihsm-shell or tmkms yubihsm CLI commands to administer YubiHSMs while Tendermint KMS is running.

Please see CHANGES.md for detailed release notes

Upgrade Notes

Below are some items to pay attention to when upgrading from Tendermint KMS v0.5:

state_file syntax changes

The validator state files use an incompatible syntax from Tendermint KMS v0.5.

It has been changed to match the conventions used by the rest of Tendermint,

where integer values are stored in strings rather than JSON integers.

When upgrading, you will need to either delete existing state files

(they will be recreated automatically), or ensure the integer height and

round fields contained within these files are quoted in strings, e.g.

{"height":"123456","round":"0",...} .

Unknown fields now disallowed in tmkms.toml

The previous parser for tmkms.toml ignored unknown attributes in the

config file. This means it would often ignore syntax errors, spelling mistakes,

or attributes in the wrong location when parsing files.

This has been changed to explicitly reject such fields, however please be aware

if your config file contained invalid syntax, it will now be rejected by the

parser and the KMS will no longer boot.

We suggest validating the configuration in a staging or other noncritical

deployment of the KMS in order to ensure your configuration does not contain

accidental misconfigurations which were previously uncaught.

See #282 for more information.