cardano-signer 1.23.0

Release Notes / Change-Logs

1.23.0

NEW FUNCTION - Sign/Verify Calidus Pool-Key registration metadata (CIP88v2)

• Generating of new Calidus Pool-Key registration metadata is now possible via the sign --cip88 method
  The data can be generated in human readable JSON format, or as a binary CBOR file. Both can directly be used in a transaction on the blockchain.
• Verification of Calidus Pool-Key registration metadata is now possible via the verify --cip88 method
  The data for verification can be provided as JSON-File, JSON-Plaintext or as a CBOR-HexString

Please checkout the new feature via the example in the README.md

Other Changes

• Cardano-Signer is now using the cardano-serialization-lib version 14.1.1

cardano-signer 1.22.0

Release Notes / Change-Logs

1.22.0

• Verification of signatures in --cip100 mode now also supports both the CIP-0030 & CIP-0008 author wittnessAlgorithm

• Signing a jsonld file in --cip100 mode with ed25519 author signatures now also rechecks existing CIP-0030/CIP-0008 signatures

• Verification of a --cip100 document now also returns the fileHash -> anchorHash of the document in the --json and --json-extended output format

  cardano-signer verify --cip100 --data-file CIP108-with-CIP0030-witness.jsonld --json

  {
  "result": true,
  "errorMsg": "",
  "authors": [
    {
      "name": "testauthor",
      "valid": true,
      "algorithm": "CIP-0030",
      "publicKey": "7ea09a34aebb13c9841c71397b1cabfec5ddf950405293dee496cac2f437480a",
      "signature": "84582aa201276761646472657373581d610fdc780023d8be7c9ff3a6bdc0d8d3b263bd0cc12448c40948efbf42a166686173686564f458204a7ecc544559df67ece3f7f90f76c4e3e7e329a274c79a06dcfbf28351db600e5840a5dc881ddabdec69e0e4dabdd43a922ef474f7be1029facdbb9106429e17ec61deda22f2778eda21005127f0c6d10f8a4b0210b8177d03d2ae4618d2423d0807"
    }
  ],
  "fileHash": "08cbc14c18a5dd47a7c25462f5c3dfb17e01262f5387bbef09d2a78cd88a1ff1"
  }

• Generating keys via the keygen and a set derivation path now also returns the rootKey in the --json-extended output-mode format

   cardano-signer keygen --path payment --json-extended

  {
  "workMode": "keygen",
  "derivationPath": "1852H/1815H/0H/0/0",
  "derivationType": "icarus",
  "mnemonics": "spice best play grocery weekend industry egg debate giraffe cute frozen sheriff deny bunker sauce assume coil sun various matter chase fortune leg match",
  "rootKey": "c8a101a984e3df7cb28b92c6ce5ea7672238141b72853669c3cdb9b51c7b945c40e3e21f00e6e1319348b902532370574b04a17efa867b860990d123622c18aaec0cc00616ff5dcca26c482b5fbfa0bb9277934b03cf323dec74fffbac7a93cd",
  "secretKey": "28e65c66cae0340ba140b3ca17059f453289974ce98a990e552ab193357b945c5407916525fd44580835289dce502f69e88ef509443357bb7ad734a903d794fed65ce9ec1bc63c4ec3ed1bbe5f864f44728ad1e7ce8ba1fc038a23cb8202e67e024ef14278dbb52de6bb6725ea078b67ac9a2771081760d93edb3c60becc9173",
  "publicKey": "d65ce9ec1bc63c4ec3ed1bbe5f864f44728ad1e7ce8ba1fc038a23cb8202e67e",
  "XpubKeyHex": "e926ffd5b5b2c2482a155d89cb2384141109e436950b237e88d2284e9ea7af2a99b9dda033625ac0bde0555b96626975afc35b51e532cbcb4741853daf89ced2",
  "XpubKeyBech": "xpub1ayn0l4d4ktpys2s4tkyukguyzsgsnepkj59jxl5g6g5ya8484u4fnwwa5qekykkqhhs92kukvf5htt7rtdg72vktedr5rpfa47yua5sxt5u2t",
  "output": {
    "skey": {
      "type": "PaymentExtendedSigningKeyShelley_ed25519_bip32",
      "description": "Payment Signing Key",
      "cborHex": "588028e65c66cae0340ba140b3ca17059f453289974ce98a990e552ab193357b945c5407916525fd44580835289dce502f69e88ef509443357bb7ad734a903d794fed65ce9ec1bc63c4ec3ed1bbe5f864f44728ad1e7ce8ba1fc038a23cb8202e67e024ef14278dbb52de6bb6725ea078b67ac9a2771081760d93edb3c60becc9173"
    },
    "vkey": {
      "type": "PaymentVerificationKeyShelley_ed25519",
      "description": "Payment Verification Key",
      "cborHex": "5820d65ce9ec1bc63c4ec3ed1bbe5f864f44728ad1e7ce8ba1fc038a23cb8202e67e"
    }
   }
  }

• Verification of CIP-0008 structures was moved into its own subfunction, so it can be reused within other functions

• Upgraded to CSL v14.1.0

cardano-signer 1.20.1

Release Notes / Change-Logs

1.20.1

CIP100 Verification and Canonize

• Bugfix: Corrected a bug where doublequotes that are already escaped in the body content to form the canonized body array were escaped again. This only affected the --json-extended output, but not the verification itself.

cardano-signer 1.20.0

Release Notes / Change-Logs

1.20.0

NEW FUNCTION - Derive keys from Hardware-Wallet mnemonics

• Two new flags have been added to the keygen mode:
  • --ledger let you derive your keys in Ledger-Hardware-Wallet type format
  • --trezor let you derive your keys in Trezor-Hardware-Wallet type format

This new function allows to recover keys from a Hardware-Wallet as pure CLI-Keys.

UPDATE/CHANGES:

• The preset path --path pool has been added to the keygen mode, to directly derive Cardano-Pool Cold-Keys
• The path entry in the --json-extended output for the keygen mode was renamed into derivationPath (breaking!)
• A new entry was added in the --json-extended output for the keygen mode -> derivationType, which can be icarus, ledger or trezor
• If keys are derived for --path drep or --path pool, the output now also contains the corresponding DRep-ID/Pool-ID.

cardano-signer 1.19.0

Release Notes / Change-Logs

1.19.0

NEW FUNCTION - Adding authors signatures to CIP100/108/119 JSONLD governance metadata in one go

• A new function is now available via the 'sign --cip100' parameter. Its now possible to add authors entries (Name + Signature) with a single command using cardano-signer
  
  So if you input a JSONLD governance file (context part not shown) like

{
...
  "hashAlgorithm": "blake2b-256",
  "body": {
    "title": "Example CIP108(+CIP100) metadata",
    "abstract": "This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...",
    "motivation": "This must work, should be motivation enough.",
    "rationale": "Let's keep testing stuff",
    "references": [
      {
        "@type": "Other",
        "label": "SanchoNet",
        "uri": "https://sancho.network"
      }
    ],
    "comment": "This is an example CIP-108 metadata-file... testing SPO-Scripts, Koios and Co.",
    "externalUpdates": [
      {
        "title": "SPO Scripts",
        "uri": "https://github.com/gitmachtl/scripts"
      },
      {
        "title": "Koios",
        "uri": "https://koios.rest"
      }
    ]
  }
}

and after running

$ cardano-signer.js sign --cip100 --data-file CIP108-example.json --secret-key dummy.skey --author-name "The great Name"

you get out:

{
...
"hashAlgorithm": "blake2b-256",
"body": {
 "title": "Example CIP108(+CIP100) metadata",
 "abstract": "This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...",
 "motivation": "This must work, should be motivation enough.",
 "rationale": "Let's keep testing stuff",
 "references": [
   {
     "@type": "Other",
     "label": "SanchoNet",
     "uri": "https://sancho.network"
   }
 ],
 "comment": "This is an example CIP-108 metadata-file... testing SPO-Scripts, Koios and Co.",
 "externalUpdates": [
   {
     "title": "SPO Scripts",
     "uri": "https://github.com/gitmachtl/scripts"
   },
   {
     "title": "Koios",
     "uri": "https://koios.rest"
   }
 ]
},
"authors": [
 {
   "name": "The great Name",
   "witness": {
     "witnessAlgorithm": "ed25519",
     "publicKey": "755b017578b701dc9ddd4eaee67015b4ca8baf66293b7b1d204df426c0ceccb9",
     "signature": "8b579ba2cb9bcb2355e550a67865d56017d4696a4a48f8db5218a92a7f85bb3ddcde13500b89531c68a3f52deb83ca45f1987ea048500e11feee26847cb6b900"
   }
 }
]
}

So cardano-signer does a sanity check about the governance JSONLD file, it checks all existing author signatures, it checks if there are any duplicates, it does the canonization of the body, hashes it and then adds a new author entry by signing the document via the provided secret-key and author-name. more authors can be added by running it multiple times!

Also, if you write out the new file directly via the --out-file parameter, the output of cardano-signer becomes a json with the basic infos of the new file, including the anchorHash. Ready do be used with governance on Cardano.

{
  "workMode": "sign-cip100",
  "outFile": "CIP108-example-signed.json",
  "anchorHash": "8723898521770d095f522a3976f8318128f97ae10b8cd97da0f66dd29f849f80"
}

UPDATE/CHANGES:

General:

• cardano-signer is now compatible with CIP129 standard for drep, committee-cold and committee-hot bech strings. this works now for all functions that allow an --address parameter.

CIP 8/30 DataSign:

• you can now directly also use governance bech-ids for the --address parameter like drep1... when signing in CIP8/30 mode.

CIP 100 - Governance:

• the canonize&hash command hash introduced in version 1.17 was renamed to canonize. the change was made to avoid confusion, because this command is to output the hash of the canonized body, not the file-hash. there is also now a red note as info:
  

• output fields of the canonize and verify function changed: hash is now canonizedHash, and canonized is now canonizedBody.

• in addition to the existing checks in the verify function, cardano-signer now also checks for duplicated public-key entries in the authors array of the input jsonld file.

cardano-signer 1.18.0

Release Notes / Change-Logs

• 1.18.0

  New Verification mode for Governance Metadata

  • verify and analyze governance metadata following CIP-100, CIP-108, CIP-119 standard via the new verify --cip100 option
    

Example:

./cardano-signer verify --cip100 --data-file CIP119-example-fail.json --json-extended

{
  "workMode": "verify-cip100",
  "result": false,
  "errorMsg": "at least one invalid signature found",
  "authors": [
    {
      "name": "Martin Lang",
      "publicKey": "b18eacea2003b68e39137545e9d42ce5bca133ca0334d6a75aa9cb1fd02be7ec",
      "signature": "6aae4ed31604601062c14d58c7f5f561daaec5a0716c03665a432a08bc73c09280edbe5b7f4716374340034f4a608d43b56bbea7e32e9bc68d7382b80324a804",
      "valid": true
    },
    {
      "name": "Pi Lanningham",
      "publicKey": "7ea09a34aebb13c9841c71397b1cabfec5ddf950405293dee496cac2f437480a",
      "signature": "340c2ef8d6abda96769844ab9dca2634ae21ef97ddbfad1f8843bea1058e40d656455a2962143adc603d063bbbe27b54b88d002d23d1dff1cd0e05017cd4f506",
      "valid": false
    }
  ],
  "hash": "8e5086456795294e40203884dc380a6c70203754be0e2d02927d619cce995ee9",
  "body": {
    "title": "Example CIP100(+CIP108+CIP119) metadata",
    "abstract": "This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...",
    "motivations": "This must work, should be motivation enough.",
    "rationale": "Let's keep testing stuff",
    "paymentAddress": "addr_test1qrlvt2gzuvrhq7m2k00rsyzfrrqwx085cdqgum7w5nc2rxwpxkp2ajdyflxxmxztuqpu2pvvvc8p6tl3xu8a3dym5uls50mr97",
    "givenName": "Martin Lang",
    "image": {
      "@type": "ImageObject",
      "contentUrl": "https://www.stakepool.at/pics/stakepool_operator_scripts.png",
      "sha256": "e98afb3651b5c3808201890e24eff5811bb855fe7b5e8dab0a8ec086ed0a9131"
    },
    "objectives": "This is an Testobjectives entry.",
    "qualifications": "Don't ask me... just doing it.",
    "references": [
      {
        "@type": "Other",
        "label": "SanchoNet",
        "uri": "https://sancho.network"
      }
    ],
    "comment": "This is an example CIP-119 metadata-file... testing SPO-Scripts, Koios and Co.",
    "externalUpdates": [
      {
        "title": "SPO Scripts",
        "uri": "https://github.com/gitmachtl/scripts"
      },
      {
        "title": "Koios",
        "uri": "https://koios.rest"
      }
    ]
  },
  "canonized": [
    "_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://schema.org/ImageObject> .",
    "_:c14n1 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#update-title> \"SPO Scripts\"@en-us .",
    "_:c14n1 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#update-uri> \"https://github.com/gitmachtl/scripts\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#comment> \"This is an example CIP-119 metadata-file... testing SPO-Scripts, Koios and Co.\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#externalUpdates> _:c14n1 .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#externalUpdates> _:c14n3 .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0108/README.md#abstract> \"This metadata was generated to test out db-sync, SPO-Scripts, Koios and other tools...\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0108/README.md#rationale> \"Let's keep testing stuff\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0108/README.md#title> \"Example CIP100(+CIP108+CIP119) metadata\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#givenName> \"Martin Lang\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#image> _:c14n0 .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#motivations> \"This must work, should be motivation enough.\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#objectives> \"This is an Testobjectives entry.\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#paymentAddress> \"addr_test1qrlvt2gzuvrhq7m2k00rsyzfrrqwx085cdqgum7w5nc2rxwpxkp2ajdyflxxmxztuqpu2pvvvc8p6tl3xu8a3dym5uls50mr97\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#qualifications> \"Don't ask me... just doing it.\"@en-us .",
    "_:c14n2 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#references> _:c14n5 .",
    "_:c14n3 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#update-title> \"Koios\"@en-us .",
    "_:c14n3 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#update-uri> \"https://koios.rest\"@en-us .",
    "_:c14n4 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0119/README.md#body> _:c14n2 .",
    "_:c14n5 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#OtherReference> .",
    "_:c14n5 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#reference-label> \"SanchoNet\"@en-us .",
    "_:c14n5 <https://github.com/cardano-foundation/CIPs/blob/master/CIP-0100/README.md#reference-uri> \"https://sancho.network\"@en-us ."
  ]
}

cardano-signer 1.17.0

Release Notes / Change-Logs

• 1.17.0

  General

  • Now using NODE.JS v18
  • Updated all dependencies to the latest versions

  New Hash mode to Canonize & Hash Governance Metadata

  • hash governance metadata following CIP-100, CIP-108, CIP-119 standard via the new hash --cip100 option

  

cardano-signer 1.16.1

Release Notes / Change-Logs

• 1.16.1

  Catalyst Vote Key Generation CIP36

  • Bugfix: The description field of the generated *.vkey file was corrected to be 'Catalyst Vote Verification Key'

cardano-signer 1.16.0

Release Notes / Change-Logs

• 1.16.0

  Signing & Verification in CIP-030/008 mode

  • Added a new flag --nohashcheck for the signing and verification in CIP030/008 format. Using this flag will tell cardano-signer to not perform a check of the hash in the address-field against the public-key during the verification process. And additionally it can disable the address/hash check in the signing process too.

cardano-signer 1.15.2

Release Notes / Change-Logs

• 1.15.2

  General

  • small bugfix, parameter mainnet throwing an "unknown" error for the sign --cip36 command
  • added an arm64 build