🚧 Batch insert support for Solana withdrawal intents
Refactored StoreSolanaWithdrawalIntent to support batch insertion of large numbers of withdrawal intents. Intents are now grouped (e.g., 1,000 per batch) and inserted in bulk to improve performance and efficiency.
🚀 Improvement on Staking Endpoint
signed-voluntary-exit endpoint now accepts both lowercase and uppercase validator addresses for ownership validation.
Added comprehensive support for regulated security token standards including ERC-1404 and ERC-3643. This enables compliant handling of real-world asset (RWA) tokens with built-in transfer restriction evaluation to ensure all token movements adhere to regulatory requirements and issuer-defined rules.
Integrated WalletConnect v2 protocol to enable seamless connectivity with decentralized applications (DApps). This implementation includes full session management capabilities, allowing users to securely interact with the Web3 ecosystem while maintaining institutional-grade security controls.
Implemented real-time blockchain event streaming infrastructure for continuous transaction monitoring and notifications. This system provides instant updates on blockchain activities, enabling proactive monitoring and rapid response to on-chain events.
Deployed an integrated compliance and risk assessment framework that evaluates transactions before execution. This system analyzes multiple risk factors and compliance requirements to provide automated transaction screening and decision support.
Node Configuration:
- Add support for AWS Secrets Manager and dynamic IAM RDS authentication
- Make OCSP hash algorithm configurable
Client API:
- SDKv2(Go, C, Java): Added method to count number of pre-signatures
- SDKv2(Go, C, Java): Added utility method to sign with a raw Schnorr private key
- SDKv2(C, Java, Node.js): Added hash algorithm to OCSP methods
- Make OCSP hash algorithm configurable
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20250106192035-c31d5b91ecc3Client API: 59.0 (!)
Client Communication: 29.1
Database: 7.12.0
Node Communication: 32.1
Node Configuration: 21.4It is now possible to use the aws tag anywhere in the node config file, like this:
[Database]
EncryptorMasterPassword = "{{ aws prod/encryptor-master-password eu-central-1 }}"The node will then replace this with secret named prod/encryptor-master-password from AWS SecretsManager.
The replacement happens once, at startup. The config file can contain multiple secrets like this, but they must all fetch from the same AWS region. To work, the TSM node must be allowed to perform the IAM action secretsmanager:GetSecretValue on each secret, e.g., by running the TSM node on an EC2 instance that is assigned an IAM role with this permission.
It's also possible to connect to AWS RDS using IAM authentication via the iam tag, as follows:
[Database]
DataSourceName = "{{ iam mariadb dbuser my-rds.cf4m8zm7yt0e.eu-central-1.rds.amazonaws.com:3306 db eu-central-1 }}"This will be replaced by an RDS IAM token for the given RDS database. Here dbuser is the user for the RDS database, and db is the database name. For this to work, the TSM node must be allowed to perform the IAM action rds-db:connect for the given database user and database, e.g., by running the TSM node on an EC2 instance that is assigned an IAM role with this permission. The iam tag works for mariadb, mysql and postgres databases.
Unlike the aws tag which gets replaced once, when the node starts up, the iam tag gets expanded each time a new database connection is created. Combined with ConnectionMaxLifetime as in the following example, this
ensures that the TSM node will refresh its RDS IAM tokens at least every 10th minute.
[Database]
DriverName = "postgres"
DataSourceName = "{{ iam postgres my_db_user my_rds.cf4m8zm7yt0e.eu-central-1.rds.amazonaws.com:5432 my_db eu-central-1 }}"
ConnMaxLifetime = "10m"WithPublicKeyPinning is now an option on the client configuration, whereas it was part of the mTLS configuration before. This means that public key pinning is now also possible for API key and OIDC authentication.
When using mTLS you can now choose to OCSP staple the client certificate. If this is not used, just pass nil as the ocspStapling value when configuring mTLS authentication.
Finally, all the builder steps in the configuration can no longer return an error. The error will instead be reported when instantiating the client.
✅ Staking POL via the BD app
Improved handling of Solana withdrawal intents to ensure accurate status updates for stake accounts, including better validation and processing of pending and executed intents.
Login to the Blockdaemon app to try it out and refer to the doc here.
✅ Staking POL via the BD app
Resolved an issue where users withdrawing Polygon via the BD app received MATIC tokens instead of POL.
Client API:
- Node.js SDKv2: Removed duplicate sign method, added TypeScript type definitions
Database:
- use encryptor for pkcs11 table
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20241108191957-fa514ef75a0fClient API: 58.0 (!)
Client Communication: 29.1
Database: 7.12.0
Node Communication: 32.1
Node Configuration: 21.2Client API:
- New PKCS11 implementation with improved security
Client Communication:
- Added PKCS11 endpoints
Database:
- Add table for PKCS11 protocol
Node Communication:
- Added PKCS11 protocol
Node Configuration:
- Added PKCS11 protocol configuration
Patch changes (no effect on compatibility):
- Fixed errors in the OCSP configuration
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20241016134751-7ff83004ec2cClient API: 57.0 (!)
Client Communication: 29.1
Database: 7.11.0
Node Communication: 32.1
Node Configuration: 21.2