Skip to main content

3 posts tagged with "Cardano database"

View All Tags

Switching to Cardano database incremental certification

· 2 min read
Mithril Team

Switching to Cardano database incremental certification

A new incremental certification process has been introduced for the Cardano node internal database. This enhancement is part of ongoing efforts to improve the Mithril protocol and optimize Cardano node bootstrapping.

More information about the Cardano database certification is available at:

The Cardano node database v2 certification offers incremental verification and greater efficiency compared to the original method. It will progressively replace the current certification process for the Cardano node internal database.

To facilitate this transition, updates have been made to both the Mithril client CLI and the Mithril client library. These changes are designed to support the new incremental certification process and ensure a smooth user experience.

In particular, the cardano-db command in the Mithril client CLI has been updated to support the new incremental certification process and eventually a seamless switch to the new backend. A new --backend option has been added to the command, allowing users to specify the certification version:

  • --backend v1 uses the original Cardano node database certification (this remains the default)
  • --backend v2 enables the new incremental Cardano node database certification.

To support this transition, both certification versions will remain available during the migration period, allowing users to adapt at their own pace.

  • Distribution 2524:

    • Introduced the --backend parameter in the cardano-db command
    • The default backend is v1; the v2 backend is still considered unstable
    • No breaking changes in the client CLI
    • The v2 backend is accessible via the cardano_database_v2 function in the client library.
  • Distribution +1:

    • The v2 backend will be promoted to stable status but will remain optional
    • The v1 backend will continue to be the default.
  • Distribution +2:

    • The v2 backend will become the default
    • The v1 backend will be deprecated.
  • Distribution +3:

    • The v1 backend will be decommissioned and removed from the client CLI and library.
  • Distribution +4:

    • The v1 backend will be fully removed from the signer and aggregator.

If you have any questions or need assistance, contact the team on the Discord channel.

Mithril Cardano database snapshots security advisory

· One min read
Mithril Team

Mithril snapshots for Cardano database could be compromised by an adversary

The Mithril team has published a security advisory for users running the Mithril client on the mainnet infrastructure:

  • Identifier: GHSA-qv97-5qr8-2266
  • Title: Mithril snapshots for Cardano database could be compromised by an adversary
  • Location: GHSA-qv97-5qr8-2266
  • Severity: Moderate (4.9/10).
danger

We strongly encourage all mainnet users running a client library or client CLI to update to the latest versions to prevent the issue:

  • The Mithril client library has been fixed with version 0.12.2 and is available here
  • The Mithril client CLI has been fixed with version 0.12.1 and can be downloaded with the following command:
curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/input-output-hk/mithril/refs/heads/main/mithril-install.sh | sh -s -- -c mithril-client -d 2517.1 -p $(pwd)

Note that all the previous versions must not be used anymore.

For any inquiries or assistance, contact the team on the Discord channel.

Breaking changes in client library and CLI

· 3 min read
Mithril Team

Breaking changes in client library and CLI

The 2517 release introduces breaking changes to the Mithril client CLI and library.

Client CLI

The command for downloading a certified Cardano database using the Mithril client CLI has been updated starting from version 0.12.1:

  • The existing command remains functional but no longer downloads ancillary files (ledger state snapshot and last immutable file) by default. As a result, the fast bootstrap feature is disabled, requiring the Cardano node to compute the ledger state from the genesis block during startup:
mithril-client cardano-database download latest
  • To include ancillary files and enable fast bootstrap, use the new command with the --include-ancillary option:
mithril-client cardano-database download latest --include-ancillary --ancillary-verification-key <ANCILLARY_VERIFICATION_KEY>
info

The new command requires an ancillary verification key. This key can be provided via the --ancillary-verification-key option or the ANCILLARY_VERIFICATION_KEY environment variable. Details are available on the Networks configuration page.

To update the Mithril client CLI, use the following one-line command. By default, it downloads to the current directory. To specify a custom folder, use the -p option:

curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/input-output-hk/mithril/refs/heads/main/mithril-install.sh | sh -s -- -c mithril-client -d 2517.1 -p $(pwd)

For more details, refer to the Mithril client node documentation.

Client Library

The Mithril client library has also been updated. By default, it no longer downloads ancillary files (ledger state snapshot and last immutable file), which disables the fast bootstrap feature. Consequently, the Cardano node must compute the ledger state from the genesis block during startup.

To enable fast bootstrap, use the download_unpack_full function instead of download_unpack and provide the set_ancillary_verification_key parameter:

  • Set the ancillary verification key using the set_ancillary_verification_key method when building the client:
let client = ClientBuilder::aggregator(AGGREGATOR_ENDPOINT, GENESIS_VERIFICATION_KEY)
.set_ancillary_verification_key(ANCILLARY_VERIFICATION_KEY.to_string()) // Added line
.with_origin_tag(Some("EXAMPLE".to_string()))
.build()?;
info

The ancillary verification key for the Mithril networks are available on the Networks configuration page.

  • Use the download_unpack_full function to download ancillary files:
client
.cardano_database()
.download_unpack_full(&snapshot, target_directory)
.await?;

For more information and a complete example, refer to the Mithril client library documentation.

If you have any questions or need assistance, contact the team on the Discord channel.