Welcome to the Corda 4.4 release notes. Please read these carefully to understand what’s new in this release and how the features can help you. Just as prior releases have brought with them commitments to wire and API stability, Corda 4.4 comes with those same guarantees. States and apps valid in Corda 3.0 are usable in Corda 4.4.
Corda 4.4 lays the foundation of a new open-core approach for the Corda codebase. This involved a refactoring of the main functional components of Corda. Please consult :doc:`cordapp-overview.rst` to get an overview of the practical impact on CorDapp development.
Furthermore, Corda 4.4 introduces improvements to the flow framework API, a new diagnostic ``ServiceHub`` call and includes a number of security enhancements.
Corda 4.4 introduces a new ``FlowLogic.await`` API that allows a CorDapp developer to suspend their flow when executing user-defined long-running operations (e.g. call-outs to external services). This prevents these long-running operations from blocking the flow thread, allowing other flows to progress in the interim. Previously, these operations had to be executed synchronously, blocking the flow thread.
The CorDapp developer can decide whether to run these asynchronous flow operations in a dedicated thread pool, or to handle the threading themselves directly.
Note that as before, the flow framework suspends automatically for certain operations (e.g. when waiting to receive a message from a counterparty). These suspensions do not have to be triggered explicitly.
Corda 4.4 also introduces a new ``HospitalizeFlowException`` exception type that, when thrown, causes a flow to halt execution and send itself to the flow hospital for observation. The flow will automatically be retried on the next node start.
This exception gives user code a way to retry a flow from its last checkpoint if a known intermittent failure occurred.
Corda 4.4 also provides a callback (``AppServiceHub.register``) to allow Corda services to register custom actions to be performed once the node is fully started-up. This pattern prevents issues caused by the service trying to immediately access a part of the node that hadn't yet been initialised .
The "out-of-process" nodes spawned through Driver DSL (see :doc:`tutorial-integration-testing`) will no longer accidentally contain your CorDapps on their application classpath. The list of items that will be automatically filtered out include:
* Directories (only regular files are allowed)
* Jars with Maven classifiers ``tests`` or ``test``
* Jars with any Cordapp attributes in their manifests (any of those listed in :doc:`cordapp-build-systems` or ``Target-Platform-Version`` and ``Min-Platform-Version`` if both are present)
* Jars with the ``Corda-Testing`` attribute in their manifests. The manifest of the following artifacts has been updated to include the ``Corda-Testing`` attribute:
*``corda-node-driver``
*``corda-test-utils``
*``corda-test-common``
*``corda-test-db``
*``corda-mock``
* Files whose names start with ``corda-mock``, ``junit``, ``testng`` or ``mockito``
Some of your existing integration tests might implicitly be relying on the presence of the above files, so please keep this in mind when upgrading your version of Corda.
Given the addition of new APIs, the platform version of Corda 4.4 has been bumped up from 5 to 6. This is to prevent CorDapps that use it being deployed onto nodes unable to host them. Note that the minimum platform version has not been changed - this means that older Corda nodes can still interoperate with Corda 4.4 nodes. Since the APIs added do not affect the wire protocol or have other zone-level implications, applications can take advantage of these new platform version 6 features even if the Corda 4.4 node is running on a network whose minimum platform version is 4.
For more information on platform version, please see :doc:`versioning`. For more details on upgrading a CorDapp to use platform version 5, please see :doc:`app-upgrade-notes`.
Changes introduced in Corda 4.4 to increase ledger integrity have highlighted limitations regarding database transactions. To prevent flows from continuing to process after a database transaction has failed to commit or suffered from a pre-commit persistence exception, extra database flushes have been added. These extra flushes can cause exceptions to be thrown where they were not before (or cause different exception types to be raised compared to Corda 4.3 or previous versions). In general, CorDapp developers should not expect to be able to catch exceptions thrown during a database transaction and then continue with further DB operations as part of the same flow. A safer pattern involves allowing the flow to fail and be retried
* A failure response from Doorman during initial registration causes a class cast exception [`CORDA-2744 <https://r3-cev.atlassian.net/browse/CORDA-2744>`_]
* Add an exception for Unrecoverable RPC errors [`CORDA-3192 <https://r3-cev.atlassian.net/browse/CORDA-3192>`_]
* Fix the misleading Flow has been waiting message [`CORDA-3197 <https://r3-cev.atlassian.net/browse/CORDA-3197>`_]
* Update Quasar agent so that we can exclude entire ClassLoaders from being instrumented [`CORDA-3228 <https://r3-cev.atlassian.net/browse/CORDA-3228>`_]
* Don't fail on liquibase errors when using H2 [`CORDA-3302 <https://r3-cev.atlassian.net/browse/CORDA-3302>`_]
* Exceptions thrown in raw vault observers can cause critical issues [`CORDA-3329 <https://r3-cev.atlassian.net/browse/CORDA-3329>`_]
* Migration from Corda 3.x to 4.x for PostgreSQL require a manual workaround [`CORDA-3348 <https://r3-cev.atlassian.net/browse/CORDA-3348>`_]
* Prepare DJVM library for 1.0 release [`CORDA-3377 <https://r3-cev.atlassian.net/browse/CORDA-3377>`_]
* Fix caching of local AMQPSerializer [`CORDA-3392 <https://r3-cev.atlassian.net/browse/CORDA-3392>`_]
* Fixed NPE in BlobInspector [`CORDA-3396 <https://r3-cev.atlassian.net/browse/CORDA-3396>`_]
* Update DemoBench so that using the DJVM is configurable [`CORDA-3406 <https://r3-cev.atlassian.net/browse/CORDA-3406>`_]
* Scanning for Custom Serializers in the context of transaction verification is broken [`CORDA-3464 <https://r3-cev.atlassian.net/browse/CORDA-3464>`_]
* Add timestamp column to NODE_TRANSACTIONS table [`CORDA-3479 <https://r3-cev.atlassian.net/browse/CORDA-3479>`_]
* Support adding new mandatory field and removal of optional [`CORDA-3489 <https://r3-cev.atlassian.net/browse/CORDA-3489>`_]
* Fix link to network builder [`CORDA-3495 <https://r3-cev.atlassian.net/browse/CORDA-3495>`_]
* Provide option for user to specify custom serializers without classpath scanning [`CORDA-3501 <https://r3-cev.atlassian.net/browse/CORDA-3501>`_]
* The CordaRPCClientConfiguration is not respected when GracefulReconnect is used [`CORDA-3507 <https://r3-cev.atlassian.net/browse/CORDA-3507>`_]
* Fix for Could not start flow as connection failed error on starting flow via ShellCli if user is not authorized to use this flow [`CORDA-3513 <https://r3-cev.atlassian.net/browse/CORDA-3513>`_]
* Support whitelists and custom serializers inside the DJVM [`CORDA-3523 <https://r3-cev.atlassian.net/browse/CORDA-3523>`_]
* Load DJVM serialization types more precisely to avoid runtime warnings [`CORDA-3536 <https://r3-cev.atlassian.net/browse/CORDA-3536>`_]
* Use the config values for reconnecting retry interval and max reconnect attempts [`CORDA-3542 <https://r3-cev.atlassian.net/browse/CORDA-3542>`_]
* SSH memory leak and security [`CORDA-3520 <https://r3-cev.atlassian.net/browse/CORDA-3520>`_]
* Remove support for outdated ciphers and algorithms from SSH [`CORDA-3550 <https://r3-cev.atlassian.net/browse/CORDA-3550>`_]
* Deserialization using the DJVM creates too many SerializerFactory objects [`CORDA-3552 <https://r3-cev.atlassian.net/browse/CORDA-3552>`_]
* Allow initial registration errors to propagate up so the node exits with a failure code [`CORDA-3558 <https://r3-cev.atlassian.net/browse/CORDA-3558>`_]
* Remove reference to man run [`CORDA-3559 <https://r3-cev.atlassian.net/browse/CORDA-3559>`_]
* Always add TestCordapps to the classpath when building _driverSerializationEnv [`CORDA-3566 <https://r3-cev.atlassian.net/browse/CORDA-3566>`_]
* Use the connectionMaxRetryInterval configuration when reconnection the RPC client [`CORDA-3576 <https://r3-cev.atlassian.net/browse/CORDA-3576>`_]
* Update docs for X500 name and SSH hostkey [`CORDA-3585 <https://r3-cev.atlassian.net/browse/CORDA-3585>`_]
* hashLookup command help misspelling [`CORDA-3587 <https://r3-cev.atlassian.net/browse/CORDA-3587>`_]
Corda 4.1 was released with a great suite of new features to build on top of the success of Corda 4. Now, Corda 4.3 extends upon that with some powerful new capabilities. Corda 4.3 contains over 400 fixes and documentation updates to bring additional stability and quality of life improvements to those developing on the Corda platform.
We recommend you upgrade from Corda 4.1 to Corda 4.3 as soon as possible.
Changes for developers in Corda 4.3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Introduction of Accounts
++++++++++++++++++++++++
With Corda 4.3 we are introducing the concept of “Accounts”. Vaults can be logically partitioned into subsets, each subset representing an account.
This is advantageous for several reasons:
* Node operators can reduce costs by hosting multiple entities, as accounts, on one node
* Node operators can partition the vault on a per entity basis
* In many cases, node owners or operators will be maintaining balances of cash, assets, or agreements on behalf of others
* Accounts allow network access to those who cannot (or do not want to) be first-class citizens on the network
This new functionality allows hosts to take a custodial role over their nodes, supporting a broader range of use-cases.
Please find more information on Accounts functionality in the `documentatation <https://github.com/corda/accounts/blob/master/docs.md>`_
Confidential Identities
+++++++++++++++++++++++
Confidential Identities have been revisited, and nodes no longer use or store X.500 certificates. Keys used for signing confidential transactions have been decoupled from the node's identity, and a nonce challenge is used to confirm a Confidential Identity belongs to the legal identity claiming it.
This removes the requirement to serialize and store the certificate chain for each new key that is registered.
In addition, confidential identities can now be shared without needing a transaction.
Improved RPC client connectivity
++++++++++++++++++++++++++++++++
The CordaRPCClient library has been improved in Corda 4.3 to address issues where the library does not automatically reconnect to the node if the RPC connection is broken.
The improved library provides the following enhancements:
* Reconnects to the node via RPC if the RPC connection to the node is broken
* Reconnects any observables that have been created
* Retries all operations on failure, except for flow start operations that die before receiving a valid `FlowHandle`, in which case a `CouldNotStartFlowException` is thrown
We're confident in the improvements made to RPC client connectivity but would remind you that applications should be developed with contingencies in the event of an RPC connection failure. See :doc:`clientrpc` for details.
Additional flexibility in recording transactions
++++++++++++++++++++++++++++++++++++++++++++++++
In Corda 4.3, nodes can choose to record a transaction with three different levels of visibility:
* Store only the relevant states in the transaction (the default)
* Store every state in the transaction (used when observing a transaction, for example)
* Store none of the states in the transaction (used during transaction resolution, for example)
Previously, there was a limitation in that if a node initially records a transaction with a specific level of visibility, they cannot later record it with a different level of visibility.
In Corda 4.3, an enhancement has been made to observer node functionality to allow observers to re-record transactions that have already been recorded at a lower visibility.
See :doc:`tutorial-observer-nodes` for details of how to work with observer nodes
Changes for operators in Corda 4.3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Additional flexibility for RPC permissioning
++++++++++++++++++++++++++++++++++++++++++++
RPC permissions can now contain wildcards; for example: com.example.* matches both com.example.foo.ExampleFlow and com.example.bar.BogusFlow
Security Upgrades
+++++++++++++++++
There have been several security upgrades, including changes to the Corda webserver, dependency changes, changes to X509 extended key usage, and whitelisting attachments.
* Extended key usage: Corda certificates previously defined the X509 'Extended Key Usage' as 'anyExtendedKeyUsage' which was too broad. Only the necessary key uses are included now. For example, for Corda TLS certificates, the only required extended key usages are 'Client Authentication' and 'Server Authentication'.
* Corda webserver moved to testing module: The Corda webserver is deprecated and not suitable for production use. In Corda 4.3 it has been renamed test-server and moved to the testing module.
* Enhancements to attachment whitelisting: Transactions referencing contracts that are not installed on a node can still be accepted if the contract is signed by a trusted party.
* Updated vulnerable dependency: Jolokia 1.2 to 1.6.0 are vulnerable to system-wide cross-site-request-forgery attacks. Updated to Jolokia 1.6.1
Given the addition of a new API to support the Accounts feature, the platform version of Corda 4.3 has been bumped up from 4 to 5. This is to prevent CorDapps that use it being deployed onto nodes unable to host them. Note that the minimum platform version has not been changed - this means that older Corda nodes can still interoperate with Corda 4.3 nodes. Since the APIs added do not affect the wire protocol or have other zone-level implications, applications can take advantage of these new platform version 5 features even if the Corda 4.3 node is running on a network whose minimum platform version is 4.
For more information on platform version, please see :doc:`versioning`. For more details on upgrading a CorDapp to use platform version 5, please see :doc:`app-upgrade-notes`.
The Corda Finance library is now deprecated and has been superseded by the Corda Tokens SDK. While the finance library is not yet being removed, we are no longer improving or updating it. We strongly encourage users to transition from the Corda Finance library to the Corda Tokens SDK. Find more information and begin using the tokens SDK in the GitHub repository `here <https://github.com/corda/token-sdk>`_
Any confidential identities registered using the old API will not be reflected in the new tables after migration to Corda 4.3. However, the standard APIs work with both old and new confidential identities tables. For this reason, we do not recommend the use of both old and new confidential identities APIs in the same deployment. The old confidential identities API will be deprecated in a future release.
* Improve error handling for registering peer node [`CORDA-3263 <https://r3-cev.atlassian.net/browse/CORDA-3263>`_]
* JDK11, built and published artifacts to include classifier [`CORDA-3224 <https://r3-cev.atlassian.net/browse/CORDA-3224>`_]
* Missing logs on shutdown [`CORDA-3246 <https://r3-cev.atlassian.net/browse/CORDA-3246>`_]
* Improve CorDapp loading logic for duplicates [`CORDA-3243 <https://r3-cev.atlassian.net/browse/CORDA-3243>`_]
* Publish checkpoint agent jar and allow for inclusion of version id in jar upon run-time execution
* O/S version of fix for slow running in 4.3 [`CORDA-3235 <https://r3-cev.atlassian.net/browse/CORDA-3235>`_]
* Enhance backwards compatibility logic to include Inter… [`CORDA-3274 <https://r3-cev.atlassian.net/browse/CORDA-3274>`_]
* Prevent node startup failure upon cross-platform execution [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* Remove Gradle's evaluation dependency on node:capsule [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* New detekt rules based on feedback [`TM-44 <https://r3-cev.atlassian.net/browse/TM-44>`_]
* Remove Gradle's evaluation dependency on node:capsule [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* Fix dba migration for PostgreSQL following changes in CORDA-3009 [`CORDA-3226 <https://r3-cev.atlassian.net/browse/CORDA-3226>`_]
* Vault Query API enhancement, strict participants matching [`CORDA-3184 <https://r3-cev.atlassian.net/browse/CORDA-3184>`_]
* Move executor thread management into CordaRPCConnection [`CORDA-3091 <https://r3-cev.atlassian.net/browse/CORDA-3091>`_]
* Replace deprecated use of Class.newInstance() for sake of DJVM [`CORDA-3273 <https://r3-cev.atlassian.net/browse/CORDA-3273>`_]
* Support of multiple interfaces for RPC calls [`CORDA-3232 <https://r3-cev.atlassian.net/browse/CORDA-3232>`_]
* Rename the webserver [`CORDA-3024 <https://r3-cev.atlassian.net/browse/CORDA-3024>`_]
* optional node.conf property not recognized when overridden [`CORDA-3240 <https://r3-cev.atlassian.net/browse/CORDA-3240>`_]
* Add missing quasar classifier to web server capsule manifest [`CORDA-3266 <https://r3-cev.atlassian.net/browse/CORDA-3266>`_]
* Revert back to quasar 0.7.10 (Java 8) [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* Ensure that ArraySerializer.elementType is resolved for GenericArray [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* backporting detekt config changes to OS 4.1 and rebaselining [`TM-32 <https://r3-cev.atlassian.net/browse/TM-32>`_]
* Fix vault query for participants specified in common criteria [`CORDA-3209 <https://r3-cev.atlassian.net/browse/CORDA-3209>`_]
* Do not add java.lang.Class fields and properties to local type cache [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* Fix Classgraph scanning lock type [`CORDA-3238 <https://r3-cev.atlassian.net/browse/CORDA-3238>`_]
* Added exception handling for missing files that displays appropriate messages rather than defaulting to file names [`CORDA-2368 <https://r3-cev.atlassian.net/browse/CORDA-2368>`_]
* new baseline for 4.3 since new debt has been added with the last few commits [`TM-29 <https://r3-cev.atlassian.net/browse/TM-29>`_]
* Upgrade Corda to Java 11 (compatibility mode) [`CORDA-2050 <https://r3-cev.atlassian.net/browse/CORDA-2050>`_]
* Add GracefulReconnect callbacks which allow logic to be performed when RPC disconnects unexpectedly [`CORDA-3141 <https://r3-cev.atlassian.net/browse/CORDA-3141>`_]
* Checkpoints which cannot be deserialised no longer prevent the nodestarting up [`CORDA-1836 <https://r3-cev.atlassian.net/browse/CORDA-1836>`_]
* Make set of serializer types considered suitable for object reference to be configurable [`CORDA-3218 <https://r3-cev.atlassian.net/browse/CORDA-3218>`_]
* Improve Notary loggingan operator/admins point of view [`CORDA-3060 <https://r3-cev.atlassian.net/browse/CORDA-3060>`_]
* Make set of serializer types considered suitable for object reference to be configurable [`CORDA-3218 <https://r3-cev.atlassian.net/browse/CORDA-3218>`_]
* Fixed bug where observable leaks on ctrl+c interrupt while waiting in stateMachinesFeed [`CORDA-3151 <https://r3-cev.atlassian.net/browse/CORDA-3151>`_]
* Fail build on compiler warnings [`TM-23 <https://r3-cev.atlassian.net/browse/TM-23>`_]
* Whitelisting attachments by public key, phase two tooling [`CORDA-3018 <https://r3-cev.atlassian.net/browse/CORDA-3018>`_]
* Use PersistentIdentityMigrationBuilder instead of schema a… [`CORDA-3200 <https://r3-cev.atlassian.net/browse/CORDA-3200>`_]
* Add -XX:+HeapDumpOnOutOfMemoryError -XX:+CrashOnOutOfMemoryError to default JVM args for node [`CORDA-3187 <https://r3-cev.atlassian.net/browse/CORDA-3187>`_]
* Ignore synthetic and static fields when searching for state pointers [`CORDA-3188 <https://r3-cev.atlassian.net/browse/CORDA-3188>`_]
* Additional Back Chain Resolution performance enhancements [`CORDA-3177 <https://r3-cev.atlassian.net/browse/CORDA-3177>`_]
* Close security manager after broker is shut down [`CORDA-2890 <https://r3-cev.atlassian.net/browse/CORDA-2890>`_]
* Added additional property on VaultQueryCriteria for querying by account [`CORDA-3182 <https://r3-cev.atlassian.net/browse/CORDA-3182>`_]
* Added ability to lookup the associated UUID for a public key to KeyManagementService [`CORDA-3180 <https://r3-cev.atlassian.net/browse/CORDA-3180>`_]
* Remove dependency on 3rd party javax.xml.bind library for simple hex parsing/printing [`CORDA-3175 <https://r3-cev.atlassian.net/browse/CORDA-3175>`_]
* FilterMyKeys now uses the key store as opposed to the cert store [`CORDA-3178 <https://r3-cev.atlassian.net/browse/CORDA-3178>`_]
* Refine documentation around rpc reconnection [`CORDA-3106 <https://r3-cev.atlassian.net/browse/CORDA-3106>`_]
* Rebase identity service changes onto 4.3 [`CORDA-2925 <https://r3-cev.atlassian.net/browse/CORDA-2925>`_]
* Close previous connection after reconnection [`CORDA-3098 <https://r3-cev.atlassian.net/browse/CORDA-3098>`_]
* Migrate identity service to use to string short [`CORDA-3009 <https://r3-cev.atlassian.net/browse/CORDA-3009>`_]
* Modify Corda's custom serialiser support for the DJVM [`CORDA-3157 <https://r3-cev.atlassian.net/browse/CORDA-3157>`_]
* JacksonSupport, for CordaSerializable classes, improved to only uses those properties that are part of Corda serialisation [`CORDA-2919 <https://r3-cev.atlassian.net/browse/CORDA-2919>`_]
* Update cache to check node identity keys in identity table [`CORDA-3149 <https://r3-cev.atlassian.net/browse/CORDA-3149>`_]
* Removed InMemoryTransactionsResolver as it's not needed and other resolution cleanup [`CORDA-3138 <https://r3-cev.atlassian.net/browse/CORDA-3138>`_]
* More information in log warning for Cordapps missing advised JAR manifest file entries [`CORDA-3012 <https://r3-cev.atlassian.net/browse/CORDA-3012>`_]
* Restore CompositeKey support to core-deterministic [`CORDA-2871 <https://r3-cev.atlassian.net/browse/CORDA-2871>`_]
* Restrict extended key usage of certificate types [`CORDA-2216 <https://r3-cev.atlassian.net/browse/CORDA-2216>`_]
* Hash to Signature Constraint automatic propagation [`CORDA-2920 <https://r3-cev.atlassian.net/browse/CORDA-2920>`_]
* Prevent connection threads leaking on reconnect [`CORDA-2923 <https://r3-cev.atlassian.net/browse/CORDA-2923>`_]
* Exception is logged if flow session message can't be deserialised [`CORDA-3092 <https://r3-cev.atlassian.net/browse/CORDA-3092>`_]
* Do not throw exception for missing fiber and log instead
* Make the RPC client reconnect with gracefulReconnect param [`CORDA-2923 <https://r3-cev.atlassian.net/browse/CORDA-2923>`_]
* Pass base directory when resolving relative paths [`CORDA-3068 <https://r3-cev.atlassian.net/browse/CORDA-3068>`_]
* min after normal operation [`CORDA-3034. Reconnecting Rpc will now not wait only for 60 <https://r3-cev.atlassian.net/browse/CORDA-3034. Reconnecting Rpc will now not wait only for 60>`_]
* Refactor NodeConfiguration out of NodeRegistrationHelper [`CORDA-2720 <https://r3-cev.atlassian.net/browse/CORDA-2720>`_]
* Introduce `SignOnlyCryptoService` and use it whenever possible [`CORDA-3021 <https://r3-cev.atlassian.net/browse/CORDA-3021>`_]
* Introducing Destination interface for initiating flows with [`CORDA-3033 <https://r3-cev.atlassian.net/browse/CORDA-3033>`_]
* Fine-tune compile vs runtime scopes of published deterministic jars [`CORDA-2871 <https://r3-cev.atlassian.net/browse/CORDA-2871>`_]
* Upgrade notes for C4 need to include required minimum previous Corda version () , (#5124) [`CORDA-2511 <https://r3-cev.atlassian.net/browse/CORDA-2511>`_]
* Align timeouts for CRL retrieval and TLS handshake [`CORDA-2935 <https://r3-cev.atlassian.net/browse/CORDA-2935>`_]
* Automatic propagation of whitelisted to Signature Constraints [`CORDA-2280 <https://r3-cev.atlassian.net/browse/CORDA-2280>`_]
* Docker build tasks will pull the corda jarartifactory [`CORDA-2884 <https://r3-cev.atlassian.net/browse/CORDA-2884>`_]
* Support for custom Jackson serializers [`CORDA-2773 <https://r3-cev.atlassian.net/browse/CORDA-2773>`_]
* Added ability to specify signature scheme when signing [`CORDA-2882 <https://r3-cev.atlassian.net/browse/CORDA-2882>`_]
* Drop the acknowledge window for RPC responses to 16KB1MB because the memory footprint is multipled by the number of RPC clients [`CORDA-2845 <https://r3-cev.atlassian.net/browse/CORDA-2845>`_]
* Handle exceptions when file does not exist [`CORDA-2632 <https://r3-cev.atlassian.net/browse/CORDA-2632>`_]
* Allow users to whitelist attachments by public key config [`CORDA-2575 <https://r3-cev.atlassian.net/browse/CORDA-2575>`_]
* Remove CORDA_VERSION_THAT_INTRODUCED_FLATTENED_COMMANDS as commands are not flattened anymore [`CORDA-2817 <https://r3-cev.atlassian.net/browse/CORDA-2817>`_]
* Fix issue with Quasar errors redirecting to useless page [` CORDA-2821 <https://r3-cev.atlassian.net/browse/ CORDA-2821>`_]
* Support custom serialisers when attaching missing attachments to txs [`CORDA-2847 <https://r3-cev.atlassian.net/browse/CORDA-2847>`_]
* Use `compileOnly` instead of `cordaCompile` in irs-demo to depend on `node` module
* Improvements to docker image , compatible with v3.3 [`CORDA-4954 <https://r3-cev.atlassian.net/browse/CORDA-4954>`_]
* Add peer information to stacktrace of received FlowException [`CORDA-2572 <https://r3-cev.atlassian.net/browse/CORDA-2572>`_]
* Fix to allow softlinks of logs directory [`CORDA-2862 <https://r3-cev.atlassian.net/browse/CORDA-2862>`_]
* Add dynamic port allocation [`CORDA-2743 <https://r3-cev.atlassian.net/browse/CORDA-2743>`_]
* relax property type checking [`CORDA-2860 <https://r3-cev.atlassian.net/browse/CORDA-2860>`_]
* give the message executor its own artemis session and producer [`CORDA-2861 <https://r3-cev.atlassian.net/browse/CORDA-2861>`_]
* Do not remove exception information in dev mode [`CORDA-2645 <https://r3-cev.atlassian.net/browse/CORDA-2645>`_]
`here <https://docs.corda.r3.com/releases/4.0/release-notes.html>`_. (It's worth noting that normally this document would have started with a comment
about whether or not you'd been recently domiciled under some solidified mineral material regarding the release of Corda Enterprise 4.0. Alas, we made
that joke when we shipped the first release of Corda after Enterprise 3.0 shipped, so the thunder has been stolen and repeating ourselves would be terribly gauche.)
Corda 4.1 brings the lessons and bug fixes discovered during the process of building and shipping Enterprise 4.0 back to the open source community. As mentioned above
there are over 150 fixes and tweaks here. With this release the core feature sets of both entities are far closer aligned than past major
releases of the Corda that should make testing your CorDapps in mixed type environments much easier.
As such, we recommend you upgrade from Corda 4.0 to Corda 4.1 as soon possible.
Issues Fixed
~~~~~~~~~~~~
* Docker images do not support passing a prepared config with initial registration [`CORDA-2888 <https://r3-cev.atlassian.net/browse/CORDA-2888>`_]
* Different hashes for container Corda and normal Corda jars [`CORDA-2884 <https://r3-cev.atlassian.net/browse/CORDA-2884>`_]
* Auto attachment of dependencies fails to find class [`CORDA-2863 <https://r3-cev.atlassian.net/browse/CORDA-2863>`_]
* Artemis session can't be used in more than one thread [`CORDA-2861 <https://r3-cev.atlassian.net/browse/CORDA-2861>`_]
* Property type checking is overly strict [`CORDA-2860 <https://r3-cev.atlassian.net/browse/CORDA-2860>`_]
* Serialisation bug (or not) when trying to run SWIFT Corda Settler tests [`CORDA-2848 <https://r3-cev.atlassian.net/browse/CORDA-2848>`_]
* Custom serialisers not found when running mock network tests [`CORDA-2847 <https://r3-cev.atlassian.net/browse/CORDA-2847>`_]
* Base directory error message where directory does not exist is slightly misleading [`CORDA-2834 <https://r3-cev.atlassian.net/browse/CORDA-2834>`_]
* Progress tracker not reloadable in checkpoints written in Java [`CORDA-2825 <https://r3-cev.atlassian.net/browse/CORDA-2825>`_]
* Missing quasar error points to non-existent page [`CORDA-2821 <https://r3-cev.atlassian.net/browse/CORDA-2821>`_]
*``TransactionBuilder`` can build unverifiable transactions in V5 if more than one CorDapp loaded [`CORDA-2817 <https://r3-cev.atlassian.net/browse/CORDA-2817>`_]
* The node hangs when there is a dis-connection of Oracle database [`CORDA-2813 <https://r3-cev.atlassian.net/browse/CORDA-2813>`_]
* Docs: fix the latex warnings in the build [`CORDA-2809 <https://r3-cev.atlassian.net/browse/CORDA-2809>`_]
* Docs: build the docs page needs updating [`CORDA-2808 <https://r3-cev.atlassian.net/browse/CORDA-2808>`_]
* Improve test reliability by eliminating fixed-duration Thread.sleeps [`CORDA-2802 <https://r3-cev.atlassian.net/browse/CORDA-2802>`_]
* Not handled exception when certificates directory is missing [`CORDA-2786 <https://r3-cev.atlassian.net/browse/CORDA-2786>`_]
* Unable to run FinalityFlow if the initiating app has ``targetPlatformVersion=4`` and the recipient is using the old version [`CORDA-2784 <https://r3-cev.atlassian.net/browse/CORDA-2784>`_]
* Performing a registration with an incorrect Config gives error without appropriate info [`CORDA-2783 <https://r3-cev.atlassian.net/browse/CORDA-2783>`_]
* Regression: ``java.lang.Comparable`` is not on the default whitelist but never has been [`CORDA-2782 <https://r3-cev.atlassian.net/browse/CORDA-2782>`_]
* Docs: replace version string with things that get substituted [`CORDA-2781 <https://r3-cev.atlassian.net/browse/CORDA-2781>`_]
* Inconsistent docs between internal and external website [`CORDA-2779 <https://r3-cev.atlassian.net/browse/CORDA-2779>`_]
* Change the doc substitution so that it works in code blocks as well as in other places [`CORDA-2777 <https://r3-cev.atlassian.net/browse/CORDA-2777>`_]
*``net.corda.core.internal.LazyStickyPool#toIndex`` can create a negative index [`CORDA-2772 <https://r3-cev.atlassian.net/browse/CORDA-2772>`_]
*``NetworkMapUpdater#fileWatcherSubscription`` is never assigned and hence the subscription is never cleaned up [`CORDA-2770 <https://r3-cev.atlassian.net/browse/CORDA-2770>`_]
* Infinite recursive call in ``NetworkParameters.copy`` [`CORDA-2769 <https://r3-cev.atlassian.net/browse/CORDA-2769>`_]
* Unexpected exception de-serializing throwable for ``OverlappingAttachmentsException`` [`CORDA-2765 <https://r3-cev.atlassian.net/browse/CORDA-2765>`_]
* Always log config to log file [`CORDA-2763 <https://r3-cev.atlassian.net/browse/CORDA-2763>`_]
*``ReceiveTransactionFlow`` states to record flag gets quietly ignored if ``checkSufficientSignatures = false`` [`CORDA-2762 <https://r3-cev.atlassian.net/browse/CORDA-2762>`_]
* Fix Driver's ``PortAllocation`` class, and then use it for Node's integration tests. [`CORDA-2759 <https://r3-cev.atlassian.net/browse/CORDA-2759>`_]
* State machine logs an error prior to deciding to escalate to an error [`CORDA-2757 <https://r3-cev.atlassian.net/browse/CORDA-2757>`_]
* Migrate DJVM into a separate module [`CORDA-2750 <https://r3-cev.atlassian.net/browse/CORDA-2750>`_]
* Error in ``HikariPool`` in the performance cluster [`CORDA-2748 <https://r3-cev.atlassian.net/browse/CORDA-2748>`_]
* Package DJVM CLI for standalone distribution [`CORDA-2747 <https://r3-cev.atlassian.net/browse/CORDA-2747>`_]
* Unable to insert state into vault if notary not on network map [`CORDA-2745 <https://r3-cev.atlassian.net/browse/CORDA-2745>`_]
* Create sample code and integration tests to showcase rpc operations that support reconnection [`CORDA-2743 <https://r3-cev.atlassian.net/browse/CORDA-2743>`_]
* RPC v4 client unable to subscribe to progress tracker events from Corda 3.3 node [`CORDA-2742 <https://r3-cev.atlassian.net/browse/CORDA-2742>`_]
* Doc Fix: Rpc client connection management section not fully working in Corda 4 [`CORDA-2741 <https://r3-cev.atlassian.net/browse/CORDA-2741>`_]
*``AnsiProgressRenderer`` may start reporting incorrect progress if tree contains identical steps [`CORDA-2738 <https://r3-cev.atlassian.net/browse/CORDA-2738>`_]
* The ``FlowProgressHandle`` does not always return expected results [`CORDA-2737 <https://r3-cev.atlassian.net/browse/CORDA-2737>`_]
* Doc fix: integration testing tutorial could do with some gradle instructions [`CORDA-2729 <https://r3-cev.atlassian.net/browse/CORDA-2729>`_]
* Release upgrade to Corda 4 notes: include upgrading quasar.jar explicitly in the Corda Kotlin template [`CORDA-2728 <https://r3-cev.atlassian.net/browse/CORDA-2728>`_]
* DJVM CLI log file is always empty [`CORDA-2725 <https://r3-cev.atlassian.net/browse/CORDA-2725>`_]
* DJVM documentation incorrect around `djvm check` [`CORDA-2721 <https://r3-cev.atlassian.net/browse/CORDA-2721>`_]
* Doc fix: reflect the CorDapp template doc changes re quasar/test running the official docs [`CORDA-2715 <https://r3-cev.atlassian.net/browse/CORDA-2715>`_]
* Upgrade to Corda 4 test docs only have Kotlin examples [`CORDA-2710 <https://r3-cev.atlassian.net/browse/CORDA-2710>`_]
* Log message "Cannot find flow corresponding to session" should not be a warning [`CORDA-2706 <https://r3-cev.atlassian.net/browse/CORDA-2706>`_]
* Flow failing due to "Flow sessions were not provided" for its own identity [`CORDA-2705 <https://r3-cev.atlassian.net/browse/CORDA-2705>`_]
* RPC user security using ``Shiro`` docs have errant commas in example config [`CORDA-2703 <https://r3-cev.atlassian.net/browse/CORDA-2703>`_]
* The ``crlCheckSoftFail`` option is not respected, allowing transactions even if strict checking is enabled [`CORDA-2701 <https://r3-cev.atlassian.net/browse/CORDA-2701>`_]
* Vault paging fails if setting max page size to `Int.MAX_VALUE` [`CORDA-2698 <https://r3-cev.atlassian.net/browse/CORDA-2698>`_]
* Upgrade to Corda Gradle Plugins 4.0.41 [`CORDA-2697 <https://r3-cev.atlassian.net/browse/CORDA-2697>`_]
* Corda complaining of duplicate classes upon start-up when it doesn't need to [`CORDA-2696 <https://r3-cev.atlassian.net/browse/CORDA-2696>`_]
* Launching node explorer for node creates error and explorer closes [`CORDA-2694 <https://r3-cev.atlassian.net/browse/CORDA-2694>`_]
* Transactions created in V3 cannot be verified in V4 if any of the state types were included in "depended upon" CorDapps which were not attached to the transaction [`CORDA-2692 <https://r3-cev.atlassian.net/browse/CORDA-2692>`_]
* Clean up verbose warning: `ProgressTracker has not been started` [`CORDA-2689 <https://r3-cev.atlassian.net/browse/CORDA-2689>`_]
* Add a no-carpenter context [`CORDA-2688 <https://r3-cev.atlassian.net/browse/CORDA-2688>`_]
* Improve CorDapp upgrade guidelines for migrating existing states on ledger (pre-V4) [`CORDA-2684 <https://r3-cev.atlassian.net/browse/CORDA-2684>`_]
*``SessionRejectException.UnknownClass`` trapped by flow hospital but no way to call dropSessionInit() [`CORDA-2683 <https://r3-cev.atlassian.net/browse/CORDA-2683>`_]
* Repeated ``CordFormations`` can fail with ClassLoader exception. [`CORDA-2676 <https://r3-cev.atlassian.net/browse/CORDA-2676>`_]
* Backwards compatibility break in serialisation engine when deserialising nullable fields [`CORDA-2674 <https://r3-cev.atlassian.net/browse/CORDA-2674>`_]
* Remove ``ExplorerSimulator`` from Node Explorer [`CORDA-2671 <https://r3-cev.atlassian.net/browse/CORDA-2671>`_]
* Reintroduce ``pendingFlowsCount`` to the public API [`CORDA-2669 <https://r3-cev.atlassian.net/browse/CORDA-2669>`_]
* Trader demo integration tests fails with jar not found exception [`CORDA-2668 <https://r3-cev.atlassian.net/browse/CORDA-2668>`_]
* Fix Source ClassLoader for DJVM [`CORDA-2667 <https://r3-cev.atlassian.net/browse/CORDA-2667>`_]
* Issue with simple transfer of ownable asset [`CORDA-2665 <https://r3-cev.atlassian.net/browse/CORDA-2665>`_]
* Fix references to Docker images in docs [`CORDA-2664 <https://r3-cev.atlassian.net/browse/CORDA-2664>`_]
* Add something to docsite the need for a common contracts Jar between OS/ENT and how it should be compiled against OS [`CORDA-2656 <https://r3-cev.atlassian.net/browse/CORDA-2656>`_]
* Corda Service needs Thread Context ClassLoader [`CORDA-2653 <https://r3-cev.atlassian.net/browse/CORDA-2653>`_]
* Useless migration error when finance workflow jar is not installed [`CORDA-2651 <https://r3-cev.atlassian.net/browse/CORDA-2651>`_]
* Database connection pools leaking memory on every checkpoint [`CORDA-2646 <https://r3-cev.atlassian.net/browse/CORDA-2646>`_]
* Exception swallowed when querying vault via RPC with bad page spec [`CORDA-2645 <https://r3-cev.atlassian.net/browse/CORDA-2645>`_]
* Applying CordFormation and Cordapp Gradle plugins together includes Jolokia into the Cordapp. [`CORDA-2642 <https://r3-cev.atlassian.net/browse/CORDA-2642>`_]
* Wrong folder ownership while trying to connect to Testnet using RC* docker image [`CORDA-2641 <https://r3-cev.atlassian.net/browse/CORDA-2641>`_]
* Provide a better error message on an incompatible implicit contract upgrade [`CORDA-2633 <https://r3-cev.atlassian.net/browse/CORDA-2633>`_]
*``uploadAttachment`` via shell can fail with unhelpful message if the result of the command is unsuccessful [`CORDA-2632 <https://r3-cev.atlassian.net/browse/CORDA-2632>`_]
* Provide a better error msg when the notary type is misconfigured on the net params [`CORDA-2629 <https://r3-cev.atlassian.net/browse/CORDA-2629>`_]
* Maybe tone down the level of panic when somebody types their SSH password in incorrectly... [`CORDA-2621 <https://r3-cev.atlassian.net/browse/CORDA-2621>`_]
* Cannot complete transaction that has unknown states in the transaction history [`CORDA-2615 <https://r3-cev.atlassian.net/browse/CORDA-2615>`_]
* Switch off the codepaths that disable the FinalityHandler [`CORDA-2613 <https://r3-cev.atlassian.net/browse/CORDA-2613>`_]
* is our API documentation (what is stable and what isn't) correct? [`CORDA-2610 <https://r3-cev.atlassian.net/browse/CORDA-2610>`_]
* Getting set up guide needs to be updated to reflect Java 8 fun and games [`CORDA-2602 <https://r3-cev.atlassian.net/browse/CORDA-2602>`_]
* Not handle exception when Explorer tries to connect to inaccessible server [`CORDA-2586 <https://r3-cev.atlassian.net/browse/CORDA-2586>`_]
* Errors received from peers can't be distinguished from local errors [`CORDA-2572 <https://r3-cev.atlassian.net/browse/CORDA-2572>`_]
* Hash to signature constraints migration: add a config option that makes hash constraints breakable. [`CORDA-2568 <https://r3-cev.atlassian.net/browse/CORDA-2568>`_]
* Deadlock between database and AppendOnlyPersistentMap [`CORDA-2566 <https://r3-cev.atlassian.net/browse/CORDA-2566>`_]
* Unclear error message when receiving state from node on higher version of signed cordapp [`CORDA-2522 <https://r3-cev.atlassian.net/browse/CORDA-2522>`_]
* Terminating ssh connection to node results in stack trace being thrown to the console [`CORDA-2519 <https://r3-cev.atlassian.net/browse/CORDA-2519>`_]
* Error propagating hash to signature constraints [`CORDA-2515 <https://r3-cev.atlassian.net/browse/CORDA-2515>`_]
* Unable to import trusted attachment [`CORDA-2512 <https://r3-cev.atlassian.net/browse/CORDA-2512>`_]
* Invalid node command line options not always gracefully handled [`CORDA-2506 <https://r3-cev.atlassian.net/browse/CORDA-2506>`_]
* node.conf with rogue line results non-comprehensive error [`CORDA-2505 <https://r3-cev.atlassian.net/browse/CORDA-2505>`_]
* Fix v4's inability to migrate V3 vault data [`CORDA-2487 <https://r3-cev.atlassian.net/browse/CORDA-2487>`_]
* Vault Query fails to process states upon CorDapp Contract upgrade [`CORDA-2486 <https://r3-cev.atlassian.net/browse/CORDA-2486>`_]
* Signature Constraints end-user documentation is limited [`CORDA-2477 <https://r3-cev.atlassian.net/browse/CORDA-2477>`_]
* Docs update: document transition from the whitelist constraint to the sig constraint [`CORDA-2465 <https://r3-cev.atlassian.net/browse/CORDA-2465>`_]
* The ``ContractUpgradeWireTransaction`` does not support the Signature Constraint [`CORDA-2456 <https://r3-cev.atlassian.net/browse/CORDA-2456>`_]
* Intermittent `relation "hibernate_sequence" does not exist` error when using Postgres [`CORDA-2393 <https://r3-cev.atlassian.net/browse/CORDA-2393>`_]
* Show explicit error message when new version of OS CorDapp contains schema changes [`CORDA-1596 <https://r3-cev.atlassian.net/browse/CORDA-1596>`_]
* Dockerfile improvements and image size reduction [`CORDA-2929 <https://r3-cev.atlassian.net/browse/CORDA-2929>`_]
* Update QPID Proton-J library to latest [`CORDA-2856 <https://r3-cev.atlassian.net/browse/CORDA-2856>`_]
* Not handled excpetion when certificates directory is missing [`CORDA-2786 <https://r3-cev.atlassian.net/browse/CORDA-2786>`_]
* The DJVM cannot sandbox instances of Contract.verify(LedgerTransaction) when testing CorDapps. [`CORDA-2775 <https://r3-cev.atlassian.net/browse/CORDA-2775>`_]
* State machine logs an error prior to deciding to escalate to an error [`CORDA-2757 <https://r3-cev.atlassian.net/browse/CORDA-2757>`_]
* Should Jolokia be included in the built jar files? [`CORDA-2699 <https://r3-cev.atlassian.net/browse/CORDA-2699>`_]
* Transactions created in V3 cannot be verified in V4 if any of the state types were included in "depended upon" CorDapps which were not attached to the transaction [`CORDA-2692 <https://r3-cev.atlassian.net/browse/CORDA-2692>`_]
* Prevent a node re-registering with the doorman if it did already and the node "state" has not been erased [`CORDA-2647 <https://r3-cev.atlassian.net/browse/CORDA-2647>`_]
* The cert hierarchy diagram for C4 is the same as C3.0 but I thought we changed it between C3.1 and 3.2? [`CORDA-2604 <https://r3-cev.atlassian.net/browse/CORDA-2604>`_]
* Windows build fails with `FileSystemException` in `TwoPartyTradeFlowTests` [`CORDA-2363 <https://r3-cev.atlassian.net/browse/CORDA-2363>`_]
*`Cash.generateSpend` cannot be used twice to generate two cash moves in the same tx [`CORDA-2162 <https://r3-cev.atlassian.net/browse/CORDA-2162>`_]
* FlowException thrown by session.receive is not propagated back to a counterparty
* invalid command line args for corda result in 0 exit code
* Windows build fails on TwoPartyTradeFlowTests
* C4 performance below C3, bring it back into parity
* Deserialisation of ContractVerificationException blows up trying to put null into non-null field
* Reference state test (R3T-1918) failing probably due to unconsumed linear state that was referenced.
* Signature constraint: Jarsigner verification allows removal of files from the archive.
* Node explorer bug revealed from within Demobench: serialisation failed error is shown
* Security: Fix vulnerability where an attacker can use CustomSerializers to alter the meaning of serialized data
* Node/RPC is broken after CorDapp upgrade
* RPC client disconnects shouldn't be a warning
* Hibernate logs warning and errors for some conditions we handle
[ERROR] 2018-12-19T17:18:39,199Z [main] internal.NodeStartupLogging.invoke - Exception during node startup: The name 'O=Wawrzek Test C4, L=London, C=GB' for identity doesn't match what's in the key store: O=Wawrzek Test C4, L=Ely, C=GB [errorCode=wuxa6f, moreInformationAt=https://errors.corda.net/OS/4.0/wuxa6f]
..important:: If you're upgrading a node from Corda 3 to Corda 4 and there is old data in the vault, this upgrade may take some time, depending on the number of unconsumed states in the vault.
