Versions

Database: 7.14.0
Node Communication: 36.2 (!)
Node Configuration: 28.2 (!)
Client API: 64.2 (!)
Client Communication: 33.1 (!)

Changelog

Database:
	- Remove obsolete tables and columns
Node Communication:
	- Added support for BLS
	- Added support for EC-KCDSA
	- Added support for Aleo (experimental)
	- Added MPCDirectServer. A new method for direct communication between nodes using TCP and WebSockets
	- Changes in the BIP32 hardened derivation methods for DKLs19 and DKLs23
	- Changes in protocol implementation of AES, HMAC, AN10922, RFC5649
	- Removed support for the WRK17 general MPC protocol
	- Removed WebSocket support from the MPCTCPServer
Node Configuration:
	- Added support for BLS
	- Added support for EC-KCDSA
	- Added support for ECDH
	- Added support for Aleo (experimental)
	- Added support for getting randomness from an external device.
	- Added MPCDirectServer to handle both TCP and WebSocket connections
	- The MRZ15 protocol now works with any number of two or more players and any threshold
	- Removed support for the WRK17 general MPC protocol
	- Removed MPCWebSocketServer and removed PacketCommunication from MPCTCPServer
Client API:
	- Added support for BLS
	- Added support for EC-KCDSA
	- Added support for ECDH
	- Added support for Aleo (experimental)
	- Added support for setting the address of a dynamic player
	- Added support for an external decryption function when recovering private keys (Go SDK)
	- Added support for MPC unwrap of RSA and secure (MPC) unwrapping of all keys in the PKCS #11 module
	- WASM: Added the possibility to use an embedded node, e. g. running a node in a browser, or other platforms that support WASM.
	- AES, HMAC: Key generation and import methods now require an additional parameter MinPlayers
	- AES, HMAC: Sensitive input such as plaintexts must now be input as secret shares using the SplitInput method in the SDK
	- BIP32 hardened derivation: Seed generation and import now requires an additional parameter MinPlayers (currently only MinPlayers=3 supported)
	- AN10922, RFC5649: Input sharings must now be computed using the SplitInput method in the SDK
	- Removed NewStaticSessionConfigWithTenant
Client Communication:
	- Added support for BLS
	- Added support for EC-KCDSA
	- Added support for ECDH
	- Added support for Aleo (experimental)
	- AES, HMAC, AN10922, RFC5649: Changes to several endpoints
	- DKLs19, DKLs23: Changes to endpoints for BIP32 hardened derivation
	- Management API: Added endpoints for counting, listing, and deleting keys, and applications.
	- Added support for setting the address of a dynamic player
Patch changes (no effect on compatibility):
	- Audit logging of count and list keys
	- No longer collects metrics when metrics are disabled
	- Update libmpc to fix DKLS23 presignature security issue
	- Upgrade debian bullseye to trixie
	- Allow a mix of message broker and TCP/WS communication in a session.

Details

N/A

Versions

Client API: 61.3
Client Communication: 30.3
Database: 7.12.0
Node Communication: 34.1
Node Configuration: 24.3

Changelog

Patch changes (no effect on compatibility):
- Fix audit logging of count and list keys

Details

N/A

Versions

Client API: 61.3
Client Communication: 30.3
Database: 7.12.0
Node Communication: 34.1
Node Configuration: 24.3

Changelog

Patch changes (no effect on compatibility):
- Fixed DKLs23 presignature generation issue
- Fixed race condition in TCP connection establishment

Details

N/A

Versions

Client API: 61.3
Client Communication: 30.3
Database: 7.12.0
Node Communication: 34.1
Node Configuration: 24.3

Changelog

Patch changes (no effect on compatibility):
- Disable code-based key share checks

Details

N/A

Versions

Client API: 51.6
Client Communication: 27.0
Database: 7.8.0
Node Communication: 31.1
Node Configuration: 18.2

Changelog

Patch changes (no effect on compatibility):
- Disable code-based key share checks

Details

N/A

Versions

Node Configuration: 26.6
Client API: 62.3
Client Communication: 32.5
Database: 7.13.0
Node Communication: 34.2

Changelog

Node Configuration:
	- Added support for running MPC operations in a secure enclave. This is configured via the [Enclave] section.
	- DKLS23 now supports NONE as the DeactivatedPlayersCache in addition to MEMORY and DATABASE.
Patch changes (no effect on compatibility):
	- Made it possible to control for how long dynamic API keys are cached. Also changed the default from 10 to 30 seconds
	- Make fewer calls to the database encryptor

Details

Secure Enclaves

We’ve added support for running MPC operations inside a secure enclave, providing stronger isolation and protection of key material.

Enclaves can be configured via the [Enclave] section by specifying the address and port of the enclave server. When enabled:

• All MPC operations and key material usage are handled within the enclave, separate from the rest of the TSM.
• The enclave encrypts sensitive data, ensuring that the TSM never has access to key material in clear text.

Because the enclave server is stateless, there are scenarios where key material could be exposed (e.g., by reusing a presignature or exporting keys). To mitigate this, the enclave can be restricted to allow only specific operations.

As part of this, a new option NONE has been added to the DeactivatedPlayersCache setting under [DKLS23]. When enabled, it prevents the use of precomputed data for sining, to match the setting configured within the enclave.

Note: The enclave server is distributed separately and is not bundled with the TSM.

Deactivated players

In DKLS23, it is possible to reuse certain key material data when signing and generating presignatures. This significantly improves performance by reducing computation time and protocol rounds.

However, this optimization introduces a trade-off: if a player is detected cheating during the protocol, any precomputed data associated with that key material must be discarded and never reused.

When such an event occurs, the protocol automatically falls back to a slower but fully secure mode until the key material is reshared.

To manage this, the TSM tracks which players have been deactivated due to cheating. The way this information is stored and accessed is controlled by the DeactivatedPlayersCache setting under [DKLS23].

Available Modes for DeactivatedPlayersCache

• MEMORY The TSM keeps track of deactivated players in an in-memory data structure that is persisted to disk whenever updates occur.

  Fastest method. Reloaded into memory at startup. Not suitable for load-balanced deployments.

• DATABASE The TSM stores deactivated player information directly in the database.

  Compatible with load-balanced scenarios. Slightly slower, as it requires a database lookup for each signing and presignature generation operation.

New in This Release

• NONE The TSM does not reuse any precomputed data to speed up operations. Instead, it generates fresh data for each operation.

  Completely eliminates attacks related to precomputed data. Comes with a significant performance overhead.

The NONE option should generally only be used, if one of the players are using an enclave that has disabled the use of precomputed data.

Versions

Database: 7.13.0
Node Communication: 34.2
Node Configuration: 26.5
Client API: 62.3
Client Communication: 32.5

Changelog

Client Communication:
- Added new endpoints for RSA in the PKCS#11 module
- Added new endpoints for AES unwrap in the PKCS#11 module
- Management API: Added 1 minute, 5 minute, and 15 minute averages for operations to metrics
- Added Swagger (openAPI) UI for Management API at /management/docs and download at /management/openapi.yaml
Node Configuration:
- Added RSAImportKey, RSADecrypt to PKCS11
- Disable management server authentication for specific roles by specifying an empty API key
Client API:
- Added support for creation (load) of RSA keys and encryption/decryption operations in the PKCS#11 module
- Added support for Unwrapping of AES encrypted AES keys in the PKCS#11 module
Patch changes (no effect on compatibility):
- More debug logging for MPC operations, connection establishment, database use and external encryptor plugin

Details

Management API Swagger/OpenAPI UI and Download

When the management server is enabled, it now includes Swagger UI documentation, and a URL for downloading the OpenAPI yaml definitions, found under:

/management/docs /management/openapi.yaml

respectively.

Unauthenticated access to Management API

Specifying an empty API key under the management server API keys, grants unauthenticated access with the specified permissions. Previously you would need to enter a hash of the empty string to achieve the same result.

Debug information with duration

When running the TSM with a log level of DEBUG many operations are now logged together with a duration indicating how long time the operation took. If the operations fails, then no duration is logged.

Versions

Client API: 62.1  
Client Communication: 32.1 
Database: 7.13.0  
Node Communication: 34.2  
Node Configuration: 26.3  

Changelog

Database:  
- add deactivated players table  
Patch changes (no effect on compatibility):  
- Fixed an error when using TLS for Management Server

Details

N/A

Versions

Client API: 51.6  
Client Communication: 27.0
Database: 7.8.0  
Node Communication: 31.1  
Node Configuration: 18.2  

Changelog

Patch changes (no effect on compatibility):
- Upgraded Android NDK in BD_IMAGE from r22 to r28c to build for 16kB page size

Details

N/A

Versions

Client API: 61.3
Client Communication: 30.3
Database: 7.12.0
Node Communication: 34.1
Node Configuration: 24.3

Changelog

	Patch changes (no effect on compatibility):
	- Upgraded Android NDK in BD_IMAGE from r22 to r28c to build for 16kB page size

Details

N/A