v0.13.3

What's Changed

• chore: backported addition of prss fix to backup by @jot2re in #435

Full Changelog: v0.13.2...v0.13.3

v0.13.2

What's Changed

• chore: update chart version 1.5.1 by @fegmorte in #428
• fix: don't fetch key policies if key policy attestation is disabled (… by @mkmks in #432

Full Changelog: v0.13.1...v0.13.2

v0.13.1

What's Changed

• fix: backward compatible context ID to support v0.12.7 by @kc1212 in #419
• chore: bump kms to v0.13.1 and chart to v1.5.0 by @dd23 in #422

Full Changelog: v0.13.0...v0.13.1

v0.13.0

New Features in v0.13

• KMS Context logic
• Resharing between between different parties
• KMS operator backup
• Added and improved metrics and logs
• tfhe-rs v1.5 support
• many internal fixes and improvements

Note: This release is functionally identical to v0.13.0-rc.2.

What's Changed

• refactor: signcryption by @jot2re in #182
• chore!: remove sns compression keygen by @kc1212 in #218
• chore: move slower tests to nightly by @dd23 in #217
• chore: Revert "fix: delay dkg start time (#223)" by @kc1212 in #225
• fix: make sure preproc bucket is not deleted too early by @kc1212 in #226
• fix(ci): test cosign for common-docker by @fegmorte in #215
• fix: use locked dependencies in Dockerfiles by @dd23 in #228
• fix: take the correct number of tickets when launching preproc by @titouantanguy in #229
• feat: tagged keys by @kc1212 in #221
• fix: rewrite peer address to localhost in kms-server only by @mkmks in #220
• fix: enable no delay on kms core servers by @jot2re in #237
• ci: improve performance kind testing by @fegmorte in #235
• chore: update core config documentation, improve error logs by @dd23 in #232
• fix(ci): avoid running helm wf in release branch by @fegmorte in #236
• chore: upgrade toolchain to 1.91.0 by @kc1212 in #255
• feat: handle context and epoch IDs in service by @kc1212 in #230
• fix(chart): set default values for tokio and rayon by @fegmorte in #257
• chore: add context as argument to tls keygen by @kc1212 in #256
• chore: restrict key usage of CA cert by @kc1212 in #258
• chore: backup signcryption integration by @jot2re in #219
• chore: bump version to v0.13.0-rc.0 by @dd23 in #260
• chore: Add core endpoint and logic for partial preproc by @titouantanguy in #239
• fix: add encryption algo info to asymm AWS KMS decryption by @jot2re in #262
• chore: use release tag as version for npm release in workflow by @dd23 in #261
• feat: enable regenerating CA certs from existing signing keys by @mkmks in #265
• chore: load context from disk on startup by @kc1212 in #263
• test: backup related backwards compatibility tests by @jot2re in #238
• chore(docs): runbook for MPC operators / infra / devops by @maksymsur in #233
• chore: validate peer list in threshold config by @dd23 in #267
• chore: Using a safer deserialization with limited memory allocation by @titouantanguy in #266
• feat: Adding option to force hamming weight of the sks by @titouantanguy in #98
• fix(ci): add wasm testing by @fegmorte in #269
• chore: upgrade tfhe-rs to 1.4.2 by @kc1212 in #273
• fix: use deserialize_safe in js-api by @dd23 in #275
• chore: remove custodian docker compose by @kc1212 in #272
• feat: Adding network with 2 sets of parties by @titouantanguy in #268
• feat: context switch with tls by @kc1212 in #259
• chore(docker): update go-builder, yq, and grpc-health-probe versions by @dd23 in #234
• chore: integration test for new context by @kc1212 in #278
• chore: Handle TODOs for backup by @jot2re in #264
• fix: fix docker build with buildkit version by @fegmorte in #280
• feat: Implement open to party in another set by @titouantanguy in #277
• chore: store PRSS in new location by @kc1212 in #279
• chore: better manage connection in p2p network by @titouantanguy in #281
• allow ignoring AWS CA chain by @mkmks in #284
• chore: add version metric with kms prefix by @titouantanguy in #290
• fix: update chart version 1.4.13 by @fegmorte in #291
• feat: Reshare between 2 sets of parties (MPC protocol) by @titouantanguy in #289
• chore: upgrade alloy versions by @eudelins-zama in #293
• chore: 6 party context switch integration test by @kc1212 in #286
• chore: attest root key policy by @mkmks in #271
• chore: update toolchain in .env by @kc1212 in #282
• chore: destroy custodian contexts by @jot2re in #295
• chore(core-client): refactor functions by @dd23 in #299
• fix: add runs-on runner for testing by @fegmorte in #297
• chore: Reshare secret keys 2 sets + trait revamp by @titouantanguy in #292
• Fix typos by @samdotola in #85
• chore: remove role from backup operator by @kc1212 in #296
• chore: update num-bigint-dig by @kc1212 in #302
• chore: adding missing backwards compatibility tests by @jot2re in #298
• chore: reenable backward compatibility tests for backup by @kc1212 in #304
• chore: more extensive testing of reshare protocol by @titouantanguy in #301
• fix: fix chart releaser by @fegmorte in #305
• chore: improve logs (#303) by @dd23 in #306
• fix(chart): add liveness probe to the chart by @fegmorte in #308
• feat: sync public material after reshare by @kc1212 in #307
• feat: added more health metrics by @jot2re in #315
• feat: TLS certificate autorefresh by @mkmks in #326
• chore: integration test for resharing by @kc1212 in #328
• chore: bump rust version to v1.92 and fix new clippy issues by @dd23 in #335
• fix: fix readme by @fegmorte in #311
• fix: add check for existing helm releases by @fegmorte in #330
• ci: use npm trusted publishers (#323) by @aquint-zama in #329
• fix: fix performance testing to use repo chart by @fegmorte in #333
• feat!: remove my_id from config by @kc1212 in #300
• docs: added bincode warning by @jot2re in #339
• fix: respect attest_private_vault_root_key in cert resolver by @mkmks in #340
• fix: increase socat timeout by @fegmorte in #341
• chore: reshare service -- update session manager by @titouantanguy in #334
• fix(chart): add probes in values by @fegmorte in #343
• chore: fix cargo audit by @kc1212 in #344
• chore: added bincode to deny by @jot2re in #349
• feat: additional operational metrics by @jot2re in #327
• feat: add public_storage_prefix to context by @kc1212 in #346
• chore: do not pin minor go version (allow v1.25.x) and update yq to v4.50.1 by @dd23 in #347
• chore: fix nightly failure due to reconstruction error by @kc1212 in #348
• chore: fix RUSTSEC-2025-0137 by @kc1212 in #352
• feat: store shares under epoch ID by @kc1212 in #336
• chore: fix key digest verification by @kc1212 in #342
• chore: fix nightly autobackup by @kc1212 in #355
• fix: performance regression for decryption by @kc1212 in #356
• chore(deps): bump rsa from 0.9.8 to 0.9.10 by @fegmorte in #361
• chore: replace toolchain.txt by rust-toolchain.toml by @eudelins-zama in #354
• chore: upgrade private share storage to support epoch by @kc1212 in #351
• chart: update chart for v13.x by @fegmorte in #367
• chore: update switch and squash benchmark to test more bit lengths by @dd23 in #360
• chore: enable context and ...

v0.13.0-rc.2

What's Changed

• chore: v0.13.0-rc.2 version bump by @dd23 in #379
• feat(core/service): centralized isolated tests (PR-3) by @maksymsur in #376
• chore: add processed based and meta store metrics by @kc1212 in #380
• chore: follow up PR on metrics by @jot2re in #353
• fix: deadlock by @titouantanguy in #385
• chore: bump rust version to v1.93 by @dd23 in #384
• chore: add version endpoint by @dd23 in #382
• chore: add prometheus/jaeger docker compose and core-client periodic decryptions by @dd23 in #387
• chore: add logs when we wait too long for some sender by @titouantanguy in #331
• fix: handle eager evaluation issues by @jot2re in #389
• feat(core/service): threshold isolated tests (PR-4) by @maksymsur in #381

Full Changelog: v0.13.0-rc.1...v0.13.0-rc.2

v0.12.8

New Features

• fixed a potential deadlock in the networking logic that could cause the kms-core freezing indefinitely
• added more metrics regarding system utilization and removed the redundant default name tags from metrics
• minor improvements and version upgrades

What's Changed

• chore: upgrade alloy versions by @eudelins-zama in #332
• chore: bump rust version to v1.92 and fix new clippy issues (#335) by @dd23 in #338
• chore: remove default name tag in TaggedMetric (#369) by @dd23 in #372
• chart: fix backup config from value file by @fegmorte in #373
• chart: get backup config from value by @fegmorte in #374
• chore: metrics to uncover memory usage issue by @kc1212 in #371
• fix: deadlock v.0.12.x by @titouantanguy in #386
• chore: add prometheus/jaeger docker compose and core-client periodic decryptions v0.12.x by @dd23 in #383

Full Changelog: v0.12.7...v0.12.8

v0.13.0-rc.1

What's Changed

• feat: foundational isolated tests infrastructure (PR-1) by @maksymsur in #363
• feat: test material generator tool (PR-2) by @maksymsur in #364
• fix: add pr-preview for testing env by @fegmorte in #350
• feat: destroy context in core-client by @kc1212 in #358
• chore: fix non_local_effect_before_error_return dylint by @kc1212 in #377
• chore: check context ID in centralized by @kc1212 in #362
• chore!: Update to tfhe-rs v1.5 by @titouantanguy in #378

Full Changelog: v0.13.0-rc.0...v0.13.0-rc.1

v0.13.0-rc.0

What's Changed

• refactor: signcryption by @jot2re in #182
• chore!: remove sns compression keygen by @kc1212 in #218
• chore: move slower tests to nightly by @dd23 in #217
• chore: Revert "fix: delay dkg start time (#223)" by @kc1212 in #225
• fix: make sure preproc bucket is not deleted too early by @kc1212 in #226
• fix(ci): test cosign for common-docker by @fegmorte in #215
• fix: use locked dependencies in Dockerfiles by @dd23 in #228
• fix: take the correct number of tickets when launching preproc by @titouantanguy in #229
• feat: tagged keys by @kc1212 in #221
• fix: rewrite peer address to localhost in kms-server only by @mkmks in #220
• fix: enable no delay on kms core servers by @jot2re in #237
• ci: improve performance kind testing by @fegmorte in #235
• chore: update core config documentation, improve error logs by @dd23 in #232
• fix(ci): avoid running helm wf in release branch by @fegmorte in #236
• chore: upgrade toolchain to 1.91.0 by @kc1212 in #255
• feat: handle context and epoch IDs in service by @kc1212 in #230
• fix(chart): set default values for tokio and rayon by @fegmorte in #257
• chore: add context as argument to tls keygen by @kc1212 in #256
• chore: restrict key usage of CA cert by @kc1212 in #258
• chore: backup signcryption integration by @jot2re in #219
• chore: bump version to v0.13.0-rc.0 by @dd23 in #260
• chore: Add core endpoint and logic for partial preproc by @titouantanguy in #239
• fix: add encryption algo info to asymm AWS KMS decryption by @jot2re in #262
• chore: use release tag as version for npm release in workflow by @dd23 in #261
• feat: enable regenerating CA certs from existing signing keys by @mkmks in #265
• chore: load context from disk on startup by @kc1212 in #263
• test: backup related backwards compatibility tests by @jot2re in #238
• chore(docs): runbook for MPC operators / infra / devops by @maksymsur in #233
• chore: validate peer list in threshold config by @dd23 in #267
• chore: Using a safer deserialization with limited memory allocation by @titouantanguy in #266
• feat: Adding option to force hamming weight of the sks by @titouantanguy in #98
• fix(ci): add wasm testing by @fegmorte in #269
• chore: upgrade tfhe-rs to 1.4.2 by @kc1212 in #273
• fix: use deserialize_safe in js-api by @dd23 in #275
• chore: remove custodian docker compose by @kc1212 in #272
• feat: Adding network with 2 sets of parties by @titouantanguy in #268
• feat: context switch with tls by @kc1212 in #259
• chore(docker): update go-builder, yq, and grpc-health-probe versions by @dd23 in #234
• chore: integration test for new context by @kc1212 in #278
• chore: Handle TODOs for backup by @jot2re in #264
• fix: fix docker build with buildkit version by @fegmorte in #280
• feat: Implement open to party in another set by @titouantanguy in #277
• chore: store PRSS in new location by @kc1212 in #279
• chore: better manage connection in p2p network by @titouantanguy in #281
• allow ignoring AWS CA chain by @mkmks in #284
• chore: add version metric with kms prefix by @titouantanguy in #290
• fix: update chart version 1.4.13 by @fegmorte in #291
• feat: Reshare between 2 sets of parties (MPC protocol) by @titouantanguy in #289
• chore: upgrade alloy versions by @eudelins-zama in #293
• chore: 6 party context switch integration test by @kc1212 in #286
• chore: attest root key policy by @mkmks in #271
• chore: update toolchain in .env by @kc1212 in #282
• chore: destroy custodian contexts by @jot2re in #295
• chore(core-client): refactor functions by @dd23 in #299
• fix: add runs-on runner for testing by @fegmorte in #297
• chore: Reshare secret keys 2 sets + trait revamp by @titouantanguy in #292
• Fix typos by @samdotola in #85
• chore: remove role from backup operator by @kc1212 in #296
• chore: update num-bigint-dig by @kc1212 in #302
• chore: adding missing backwards compatibility tests by @jot2re in #298
• chore: reenable backward compatibility tests for backup by @kc1212 in #304
• chore: more extensive testing of reshare protocol by @titouantanguy in #301
• fix: fix chart releaser by @fegmorte in #305
• chore: improve logs (#303) by @dd23 in #306
• fix(chart): add liveness probe to the chart by @fegmorte in #308
• feat: sync public material after reshare by @kc1212 in #307
• feat: added more health metrics by @jot2re in #315
• feat: TLS certificate autorefresh by @mkmks in #326
• chore: integration test for resharing by @kc1212 in #328
• chore: bump rust version to v1.92 and fix new clippy issues by @dd23 in #335
• fix: fix readme by @fegmorte in #311
• fix: add check for existing helm releases by @fegmorte in #330
• ci: use npm trusted publishers (#323) by @aquint-zama in #329
• fix: fix performance testing to use repo chart by @fegmorte in #333
• feat!: remove my_id from config by @kc1212 in #300
• docs: added bincode warning by @jot2re in #339
• fix: respect attest_private_vault_root_key in cert resolver by @mkmks in #340
• fix: increase socat timeout by @fegmorte in #341
• chore: reshare service -- update session manager by @titouantanguy in #334
• fix(chart): add probes in values by @fegmorte in #343
• chore: fix cargo audit by @kc1212 in #344
• chore: added bincode to deny by @jot2re in #349
• feat: additional operational metrics by @jot2re in #327
• feat: add public_storage_prefix to context by @kc1212 in #346
• chore: do not pin minor go version (allow v1.25.x) and update yq to v4.50.1 by @dd23 in #347
• chore: fix nightly failure due to reconstruction error by @kc1212 in #348
• chore: fix RUSTSEC-2025-0137 by @kc1212 in #352
• feat: store shares under epoch ID by @kc1212 in #336
• chore: fix key digest verification by @kc1212 in #342
• chore: fix nightly autobackup by @kc1212 in #355
• fix: performance regression for decryption by @kc1212 in #356
• chore(deps): bump rsa from 0.9.8 to 0.9.10 by @fegmorte in #361
• chore: replace toolchain.txt by rust-toolchain.toml by @eudelins-zama in #354
• chore: upgrade private share storage to support epoch by @kc1212 in #351
• chart: update chart for v13.x by @fegmorte in #367
• chore: update switch and squash benchmark to test more bit lengths by @dd23 in #360
• chore: enable context and node info backward compatibility tests by @kc1212 in #357
• fix: remove duplicate metrics by @dd23 in #369

New Contributors

• @samdotola made their first contribution in #85

Full Changelog: https://github.com/zama-ai/kms/compare/v0...

v0.12.7

What's Changed

• chore: delete prss-init session also in error-case by @dd23 in #294
• chore: improve logs by @dd23 in #303
• fix(chart): add liveness probe to the chart for v0.12 by @fegmorte in #309
• fix(chart): add socat /dev/vsock by @fegmorte in #310
• chart: add chart release to release branch by @fegmorte in #312
• Fred/fix/enable chart release on release by @fegmorte in #313
• feat: system metrics by @jot2re in #317
• chore: bump version cargo by @fegmorte in #320
• chore: bump version cargo.lock v0.12.7 by @fegmorte in #321
• chore: cargo update for v0.12.7 by @dd23 in #322
• ci: use npm trusted publishers by @aquint-zama in #323
• chore: bump npm-publish action to 4.1.1 by @dd23 in #324
• ci: update npm version for trusted publishing by @aquint-zama in #325

Full Changelog: v0.12.6...v0.12.7

v0.12.6

What's Changed

• chore: delete prss-init session also in error-case by @dd23 in #294
• chore: improve logs by @dd23 in #303
• fix(chart): add liveness probe to the chart for v0.12 by @fegmorte in #309
• fix(chart): add socat /dev/vsock by @fegmorte in #310
• chart: add chart release to release branch by @fegmorte in #312
• Fred/fix/enable chart release on release by @fegmorte in #313
• feat: system metrics by @jot2re in #317

Full Changelog: v0.12.5...v0.12.6