diff --git a/docs/source/release-notes.rst b/docs/source/release-notes.rst index 0251c6907f..6ea371d138 100644 --- a/docs/source/release-notes.rst +++ b/docs/source/release-notes.rst @@ -6,9 +6,48 @@ Here are release notes for each snapshot release from M9 onwards. Unreleased ---------- -Certificate checks have been enabled for much of the identity service, with additional checks coming targetted at M13. -These are part of the confidential identities work, and ensure that parties are actually who they claim to be by checking -their certificate path back to the network trust root (certificate authority). +Milestone 13 +------------ + +Following our first public beta in M12, this release continues the work on API stability and user friendliness. Apart +from bug fixes and code refactoring, there are also significant improvements in the Vault Query and the +Identity Service (for more detailed information about what has changed, see :doc:`changelog`). +More specifically: + +The long awaited new **Vault Query** service makes its debut in this release and provides advanced vault query +capabilities using criteria specifications (see ``QueryCriteria``), sorting, and pagination. Criteria specifications +enable selective filtering with and/or composition using multiple operator primitives on standard attributes stored in +Corda internal vault tables (eg. vault_states, vault_fungible_states, vault_linear_states), and also on custom contract +state schemas defined by CorDapp developers when modelling new contract types. Custom queries are specifiable using a +simple but sophisticated builder DSL (see ``QueryCriteriaUtils``). The new Vault Query service is usable by flows and by +RPC clients alike via two simple API functions: ``queryBy()`` and ``trackBy()``. The former provides point-in-time +snapshot queries whilst the later supplements the snapshot with dynamic streaming of updates. +See :doc:`vault-query` for full details. + +We have written a comprehensive Hello, World! tutorial, showing developers how to build a CorDapp from start +to finish. The tutorial shows how the core elements of a CorDapp - states, contracts and flows - fit together +to allow your node to handle new business processes. It also explains how you can use our contract and +flow testing frameworks to massively reduce CorDapp development time. + +Certificate checks have been enabled for much of the identity service. These are part of the confidential (anonymous) +identities work, and ensure that parties are actually who they claim to be by checking their certificate path back to +the network trust root (certificate authority). + +To deal with anonymized keys, we've also implemented a deterministic key derivation function that combines logic +from the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) protocol and the BIP32 hardened +parent-private-key -> child-private-key scheme. This function currently supports the following algorithms: +ECDSA secp256K1, ECDSA secpR1 (NIST P-256) and EdDSA ed25519. We are now very close to fully supporting anonymous +identities so as to increase privacy even against validating notaries. + +We have further tightened the set of objects which Corda will attempt to serialise from the stack during flow +checkpointing. As flows are arbitrary code in which it is convenient to do many things, we ended up pulling in a lot of +objects that didn't make sense to put in a checkpoint, such as ``Thread`` and ``Connection``. To minimize serialization +cost and increase security by not allowing certain classes to be serialized, we now support class blacklisting +that will return an ``IllegalStateException`` if such a class is encountered during a checkpoint. Blacklisting supports +superclass and superinterface inheritance and always precedes ``@CordaSerializable`` annotation checking. + +We've also started working on improving user experience when searching, by adding a new RPC to support fuzzy matching +of X.500 names. Milestone 12 - First Public Beta --------------------------------