Releases: lightninglabs/lightning-terminal
Lightning Terminal v0.9.1-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes updates to the versions of the integrated LND, Loop and Faraday daemons.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.16.1-beta, Loop v0.23.0-beta, Pool v0.6.2-beta, and Faraday v0.2.11-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.16.0-beta.
Installation and configuration instructions can be found in the README.
Breaking API changes
In previous versions of LiT, if run in integrated mode, LND's TLS certificate would be used by LiT meaning that users would need to use LND's TLS certificate when interacting with LiT's HTTP server. With this release of LiT, this behaviour has been changed. LiT will now always generate its own TLS certificate regardless of the mode it is running in. This means that users will need to point to LiT's TLS certificate when interacting with the HTTP server. More concretely, the remote.lit-tlscertpath and remote.lit-tlskeypath config options have been removed and replaced with tlscertpath and tlskeypath and when interacting with LiT through litcli, the lndtlscertpath and lndmode flags no longer need to be set.
Required changes when running in lnd remote mode (lnd-mode=remote)
When connecting to an existing lnd node, that node must enable the RPC middleware interceptor feature. You can enable that by specifying the --rpcmiddleware.enable command line flag or by adding rpcmiddleware.enable=true to your lnd.conf file. See the remote configuration docs for more information.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.9.1-alpha.sig and manifest-v0.9.1-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.9.1-alpha.sig manifest-v0.9.1-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Thu Mar 30 10:04:01 2023 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.9.1-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.9.1-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.9.1-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.9.1-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- Fix "no matching files found" compilation error when litd is used as a library by @guggero in #530
- build: update lnd version to v0.16.1 by @Roasbeef in #532
Full Changelog: v0.9.0-alpha...v0.9.1-alpha
Contributors
Assets 17
Lightning Terminal v0.9.0-alpha
guggero
Oliver Gugger
Release Notes
This release of Lightning Terminal (LiT) includes updates to the versions of the integrated LND, Pool, Loop and Faraday daemons. A few updates to LiT itself have also been included: LiT can now be started with the --disableui option meaning that the local UI will not be accessible and the uipassword would no longer need to be set. REST annotations are also added for all LiT services.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.16.0-beta, Loop v0.22.0-beta, Pool v0.6.2-beta, and Faraday v0.2.10-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.16.0-beta.
Installation and configuration instructions can be found in the README.
Breaking API changes
In previous versions of LiT, if run in integrated mode, LND's TLS certificate would be used by LiT meaning that users would need to use LND's TLS certificate when interacting with LiT's HTTP server. With this release of LiT, this behaviour has been changed. LiT will now always generate its own TLS certificate regardless of the mode it is running in. This means that users will need to point to LiT's TLS certificate when interacting with the HTTP server. More concretely, the remote.lit-tlscertpath and remote.lit-tlskeypath config options have been removed and replaced with tlscertpath and tlskeypath and when interacting with LiT through litcli, the lndtlscertpath and lndmode flags no longer need to be set.
Required changes when running in lnd remote mode (lnd-mode=remote)
When connecting to an existing lnd node, that node must enable the RPC middleware interceptor feature. You can enable that by specifying the --rpcmiddleware.enable command line flag or by adding rpcmiddleware.enable=true to your lnd.conf file. See the remote configuration docs for more information.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.9.0-alpha.sig and manifest-v0.9.0-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.9.0-alpha.sig manifest-v0.9.0-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Thu Mar 30 10:04:01 2023 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.9.0-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.9.0-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.9.0-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.9.0-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- Add rpcmiddleware config for remote lnd instance by @lukeroberts in #493
- autopilotserverrpc: bump golang.org/x/text version by @ellemouton in #502
- build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 in /tools by @dependabot in #503
- multi: always use Lit's TLS cert by @positiveblue in #499
- make: add darwin-arm64 to release build architectures by @guggero in #507
- build(deps): bump golang.org/x/net from 0.0.0-20201021035429-f5854403a974 to 0.7.0 in /autopilotserverrpc by @dependabot in #513
- build(deps): bump golang.org/x/crypto from 0.0.0-20211215153901-e495a2d5b3d3 to 0.1.0 by @dependabot in #515
- multi: update lnd dependency to
v0.16.0-beta.rc3by @positiveblue in #517 - multi: add DisableUI option by @ellemouton in #519
- terminal: fix macaroon DB directory by @ellemouton in #520
- litrpc: add REST annotations for Litd RPC services by @ellemouton in #522
- mod: fix linter, bump Pool version, prepare for lnd 0.16, prepare for v0.9.0-alpha release by @guggero in #518
New Contributors
- @lukeroberts made their first contribution in #493
Full Changelog: v0.8.6-alpha...v0.9.0-alpha
Contributors
Assets 17
Lightning Terminal v0.8.6-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes a variety of updates including support for off-chain accounts and the ability to customise the permissions of an LNC session through the UI. It also contains an implementation of a rule firewall and a privacy firewall. The rule firewall can be used to verify the parameters of certain calls (for example ensuring that calls only act on a specific set of channels) and the privacy firewall can be used to force privte info (such as pub keys, channel IDs etc) to be mapped out to random values for responses and mapped back to real values for requests. An Autopilot client is added which handles registration of LNC sessions with the Autopilot server. Autopilot calls will be forced to go through the new rule and privacy firewalls.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.5-beta, Loop v0.21.0-beta, Pool v0.6.1-beta, and Faraday v0.2.9-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.15.4-beta.
Installation and configuration instructions can be found in the README.
Required changes when running in lnd remote mode (lnd-mode=remote)
When connecting to an existing lnd node, that node must enable the RPC middleware interceptor feature. You can enable that by specifying the --rpcmiddleware.enable command line flag or by adding rpcmiddleware.enable=true to your lnd.conf file. See the remote configuration docs for more information.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.6-alpha.sig and manifest-v0.8.6-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.6-alpha.sig manifest-v0.8.6-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Wed Feb 15 17:45:36 2023 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.6-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.6-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.6-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.6-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- Add support for custodial off-chain accounts by @guggero in #363
- build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 in /app by @dependabot in #459
- multi: replay updates for release v0.8.5-alpha by @ellemouton in #462
- multi: change account session type and reserve type 4 by @ellemouton in #464
- tools: fix lint VSC permission error by @guggero in #473
- build(deps): bump json5 from 1.0.1 to 1.0.2 in /app by @dependabot in #474
- proto: add generated types for lit-accounts by @jamaljsr in #472
- multi: add RevokedAt field to Session by @ellemouton in #475
- session+litrpc: change RevokedAt tlv and proto number by @ellemouton in #477
- multi: add some litd client helpers by @ellemouton in #476
- Custom user permissions UI by @itsrachelfish in #451
- multi: autopilot firewall and privacy map interceptors by @ellemouton in #487
- build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.11.1 by @dependabot in #489
- multi: prep for v0.8.6-beta release by @ellemouton in #490
Full Changelog: v0.8.4-alpha...v0.8.6-alpha
Contributors
Assets 16
Lightning Terminal v0.8.5-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes updates to the versions of the integrated LND, Pool, Loop and Faraday daemons.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.5-beta, Loop v0.20.2-beta, Pool v0.6.1-beta, and Faraday v0.2.9-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.15.4-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.5-alpha.sig and manifest-v0.8.5-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.5-alpha.sig manifest-v0.8.5-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Mon Dec 5 08:55:34 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.5-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.5-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.5-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.5-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- multi: updates for release v0.8.5-alpha by @ellemouton in #460
Full Changelog: v0.8.4-alpha...v0.8.5-alpha
Contributors
Assets 16
Lightning Terminal v0.8.4-alpha
Release Notes
This release of Lightning Terminal (LiT) includes an update of the packaged LND version to v0.15.5-beta along with an update to the packaged Faraday version to v0.2.9-alpha. It also contains various Litd improvements related to creating LNC sessions with a custom set of permissions (see the change-log for the full list!).
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.5-beta, Loop v0.20.1-beta, Pool v0.5.8-alpha, and Faraday v0.2.9-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.15.1-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.4-alpha.sig and manifest-v0.8.4-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.4-alpha.sig manifest-v0.8.4-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Fri Dec 2 11:20:23 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.4-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.4-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.4-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.4-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
What's Changed
- github+scripts: check commits compile by @ellemouton in #447
- build(deps): bump loader-utils from 1.4.0 to 1.4.2 in /app by @dependabot in #453
- multi: protos and commit check by @ellemouton in #449
- multi: support using a regex when specifying custom perms by @ellemouton in #450
- session_rpcserver+litrpc: allow custom session with all read-only perms by @ellemouton in #457
- build: bump to lnd v0.15.5, bump version to v0.8.4 by @Roasbeef in #458
Full Changelog: v0.8.3-alpha...v0.8.4-alpha
Contributors
Assets 16
Lightning Terminal v0.8.3-alpha
ellemouton
Elle
Release Notes
This release updates the bundled LND to packaged lnd v0.15.4, a hot fix released that fixed a transaction parsing bug.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.4-beta, Loop v0.20.1-beta, Pool v0.5.8-alpha, and Faraday v0.2.8-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.15.1-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.3-alpha.sig and manifest-v0.8.3-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.3-alpha.sig manifest-v0.8.3-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Tue Nov 1 16:24:34 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.3-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.3-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.3-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.3-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- multi: custom URI sessions by @ellemouton in #438
- multi: lit-v0.8.3-alpha by @ellemouton in #445
Full Changelog: v0.8.2-alpha...v0.8.3-alpha
Contributors
Assets 16
Lightning Terminal v0.8.2-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes an update to the version of LND to include the latest bug fixes. It also contains various Litd improvements (see the change-log for the full list!).
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.3-beta, Loop v0.20.1-beta, Pool v0.5.8-alpha, and Faraday v0.2.8-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote is v0.15.1-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.2-alpha.sig and manifest-v0.8.2-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.2-alpha.sig manifest-v0.8.2-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Mon Oct 24 10:46:42 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.2-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.2-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.2-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.2-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
What's Changed
- multi: rpcmiddleware package by @ellemouton in #419
- Makefile+github: run unit tests by @ellemouton in #422
- build: update to lnd v0.15.2 by @Roasbeef in #427
- README: update version matrix for v0.8.1-alpha by @guggero in #428
- multi: use filepath instead of path to work on Windows by @guggero in #430
- litd: maintenance, code cleanup, middleware fixes by @guggero in #432
- multi: bump lnd version to v0.15.3-beta by @guggero in #436
Full Changelog: v0.8.0-alpha...v0.8.2-alpha
Contributors
Assets 16
Lightning Terminal v0.8.1-alpha
Release Notes
This release updates the bundled lnd to packaged lnd v0.15.2, a hot fix released that fixed a wire/block parsing bug.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.0-alpha.sig and manifest-v0.8.0-alpha.txt are in the current directory) with:
gpg --verify manifest-roasbeef-v0.8.1-alpha.sig manifest-v0.8.1-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Sun Oct 9 22:06:52 2022 PDT
gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.1-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.1-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.0-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.1-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Full Changelog: v0.8.0-alpha...v0.8.1-alpha
Lightning Terminal v0.8.0-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes updates to the versions of the packaged subsystems including LND, Loop and Pool.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.1-beta, Loop v0.20.1-beta, Pool v0.5.8-alpha, and Faraday v0.2.8-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote was bumped to v0.15.1-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.8.0-alpha.sig and manifest-v0.8.0-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.8.0-alpha.sig manifest-v0.8.0-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Fri Sep 16 09:35:53 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.8.0-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.8.0-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.8.0-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.8.0-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- subserver_perms: add Lnd's registered subserver perms by @ellemouton in #413
- Lit v0.8.0 alpha release by @ellemouton in #418
Full Changelog: v0.7.1-alpha...v0.8.0-alpha
Contributors
Assets 16
Lightning Terminal v0.7.1-alpha
ellemouton
Elle
Release Notes
This release of Lightning Terminal (LiT) includes a number of Litd UI updates along with a version bump of LNC. Notably, the UX for creating an LNC session has been made very smooth with the use of magic links.
We'll be continuously working to improve the user experience based on feedback from the community.
This release packages LND v0.15.0-beta, Loop v0.19.1-beta, Pool v0.5.7-alpha, and Faraday v0.2.8-alpha.
NOTE that the minimum version of lnd that can be used in --lnd-mode=remote was bumped to v0.14.3-beta.
Installation and configuration instructions can be found in the README.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import ellemouton's key from the ubuntu key server:
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 26984CB69EB8C4A26196F7A4D7D916376026F177
Once you have his PGP key you can verify the release (assuming manifest-v0.7.1-alpha.sig and manifest-v0.7.1-alpha.txt are in the current directory) with:
gpg --verify manifest-v0.7.1-alpha.sig manifest-v0.7.1-alpha.txt
You should see the following if the verification was successful:
gpg: Signature made Thu Aug 25 15:43:09 2022 SAST
gpg: using RSA key 26984CB69EB8C4A26196F7A4D7D916376026F177
gpg: Good signature from "Elle Mouton <[email protected]>" [ultimate]
That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:
cat manifest-v0.7.1-alpha.txt
One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
Finally, you can also verify the tag itself with the following command:
git verify-tag v0.7.1-alpha
Verifying the Release Timestamp
We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.7.1-alpha.sig.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:
ots verify manifest-v0.7.1-alpha.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Changelog (auto-generated)
What's Changed
- build(deps): bump ejs from 3.1.6 to 3.1.8 in /app by @dependabot in #383
- tour: update documentation link in the welcome step by @jamaljsr in #387
- chore: update npm dependencies by @jamaljsr in #396
- chore: exclude dependabot version updates by @jamaljsr in #402
- ui+connect: minor connect view styling updates by @dstrukt in #403
- ui+settings: update theme colors + border colors by @dstrukt in #404
- ui+theme: patch theme color by @dstrukt in #405
- multi: add deadline for first connection of new LNC conn by @ellemouton in #408
- ui: add home screen and update sessions list by @jamaljsr in #401
- New release: v0.7.1-alpha by @ellemouton in #410
New Contributors
Full Changelog: v0.7.0-alpha...v0.7.1-alpha
