Skip to content

cardano-signer 1.19.0

Compare
Choose a tag to compare
@gitmachtl gitmachtl released this 09 Sep 17:23
· 8 commits to main since this release

Release Notes / Change-Logs

1.19.0

NEW FUNCTION - Adding authors signatures to CIP100/108/119 JSONLD governance metadata in one go

  • A new function is now available via the 'sign --cip100' parameter. Its now possible to add authors entries (Name + Signature) with a single command using cardano-signer
    image
    So if you input a JSONLD governance file (context part not shown) like
{
...
  "hashAlgorithm": "blake2b-256",
  "body": {
    "title": "Example CIP108(+CIP100) metadata",
    "abstract": "This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...",
    "motivation": "This must work, should be motivation enough.",
    "rationale": "Let's keep testing stuff",
    "references": [
      {
        "@type": "Other",
        "label": "SanchoNet",
        "uri": "https://sancho.network"
      }
    ],
    "comment": "This is an example CIP-108 metadata-file... testing SPO-Scripts, Koios and Co.",
    "externalUpdates": [
      {
        "title": "SPO Scripts",
        "uri": "https://github.com/gitmachtl/scripts"
      },
      {
        "title": "Koios",
        "uri": "https://koios.rest"
      }
    ]
  }
}

and after running

$ cardano-signer.js sign --cip100 --data-file CIP108-example.json --secret-key dummy.skey --author-name "The great Name"

you get out:

{
...
"hashAlgorithm": "blake2b-256",
"body": {
 "title": "Example CIP108(+CIP100) metadata",
 "abstract": "This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...",
 "motivation": "This must work, should be motivation enough.",
 "rationale": "Let's keep testing stuff",
 "references": [
   {
     "@type": "Other",
     "label": "SanchoNet",
     "uri": "https://sancho.network"
   }
 ],
 "comment": "This is an example CIP-108 metadata-file... testing SPO-Scripts, Koios and Co.",
 "externalUpdates": [
   {
     "title": "SPO Scripts",
     "uri": "https://github.com/gitmachtl/scripts"
   },
   {
     "title": "Koios",
     "uri": "https://koios.rest"
   }
 ]
},
"authors": [
 {
   "name": "The great Name",
   "witness": {
     "witnessAlgorithm": "ed25519",
     "publicKey": "755b017578b701dc9ddd4eaee67015b4ca8baf66293b7b1d204df426c0ceccb9",
     "signature": "8b579ba2cb9bcb2355e550a67865d56017d4696a4a48f8db5218a92a7f85bb3ddcde13500b89531c68a3f52deb83ca45f1987ea048500e11feee26847cb6b900"
   }
 }
]
}

So cardano-signer does a sanity check about the governance JSONLD file, it checks all existing author signatures, it checks if there are any duplicates, it does the canonization of the body, hashes it and then adds a new author entry by signing the document via the provided secret-key and author-name. more authors can be added by running it multiple times!

Also, if you write out the new file directly via the --out-file parameter, the output of cardano-signer becomes a json with the basic infos of the new file, including the anchorHash. Ready do be used with governance on Cardano.

{
  "workMode": "sign-cip100",
  "outFile": "CIP108-example-signed.json",
  "anchorHash": "8723898521770d095f522a3976f8318128f97ae10b8cd97da0f66dd29f849f80"
}

UPDATE/CHANGES:

General:

  • cardano-signer is now compatible with CIP129 standard for drep, committee-cold and committee-hot bech strings. this works now for all functions that allow an --address parameter.

CIP 8/30 DataSign:

  • you can now directly also use governance bech-ids for the --address parameter like drep1... when signing in CIP8/30 mode.

CIP 100 - Governance:

  • the canonize&hash command hash introduced in version 1.17 was renamed to canonize. the change was made to avoid confusion, because this command is to output the hash of the canonized body, not the file-hash. there is also now a red note as info:
    image

  • output fields of the canonize and verify function changed: hash is now canonizedHash, and canonized is now canonizedBody.

  • in addition to the existing checks in the verify function, cardano-signer now also checks for duplicated public-key entries in the authors array of the input jsonld file.