Changed
- The `set_jwt_issuer` governance action has been updated, and no longer accepts `key_filter` or `key_policy` arguments (6450).
- Nodes started in `Join` mode will shut down if they receive an unrecoverable condition such as `StartupSeqnoIsOld` or `InvalidQuote` when attempting to join (6471, 6489).
- In configuration, `attestation.snp_endorsements_servers` can specify a `max_retries_count`. If the count has been exhausted without success for all configured servers, the node will shut down (6478).
- When deciding which nodes are allowed to join, only UVM roots of trust defined in `public:ccf.gov.nodes.snp.uvm_endorsements` are considered (6489).
Removed
- SGX Platform support.
Added
- Provided API for getting COSE signatures and Merkle proofs (6477).
- Exposed COSE signature in historical API via `TxReceiptImpl`.
- Introduced `ccf::describe_merkle_proof_v1(receipt)` for Merkle proof construction in CBOR format.
- Added COSE signatures over the Merkle root to the KV (6449).
- Signing is done with service key (different from raw signatures, which remain unchanged and are still signed by the node key).
- New signature reside in `public:ccf.internal.cose_signatures`.