3.7.0

MPC 3.7.0

This release adds support for voting on launcher digests, along with other improvements.

What's Changed

🚀 Features

• #2329(@anodar): Serve mpc-node configuration over debug endpoint (#2329)

• #2211(@barakeinav1): Add standalone attestation-cli for independent TEE verification (#2211)

• #2332(@DSharifi): Allow configuration files for full config of the mpc node (#2332)

• #2378(@DSharifi): [breaking] Remove derivation paths from foreign chain validation requests (#2378)

• #2344(@kevindeforth): Chain gateway state viewer (#2344)

• #2343(@barakeinav1): Vote on launcher image hash (#2343)

• #2392(@gilcu3): Ckd with public verifiability in ts crate (#2392)

• #2455(@DSharifi): (node) Start with config file option also initializes neard (#2455)

• #2460(@SimonRastikian): Viewing method for code hash votes and testings (#2460)

🐛 Bug Fixes

• #2346(@SimonRastikian): Using ct-eq ensures security (#2346)

• #2386(@gilcu3): Do not crash when vectors received are smaller than expected (#2386)

🚜 Refactor

• #2318(@anodar): Retry read calls in localnet script (#2318)

• #2410(@gilcu3): Feature gate mod testing in p2p.rs (#2410)

📚 Documentation

• #2214(@gilcu3): Added asset generation doc (#2214)

• #2371(@barakeinav1): Add attestation verification step to operator guide (#2371)

• #2397(@barakeinav1): Fix operator guide access key section (#2397)

• #2414(@barakeinav1): Update to latest dstack configuration (#2414)

• #2408(@gilcu3): Add cargo insta instructions to contributing guidelines (#2408)

• #2324(@pbeza): Restructure TEE lifecycle and extract TEE Context design doc (#2324)

⚙️ Miscellaneous Tasks

• #2325(@barakeinav1): Rename shadowed variable in verify_event_log_rtmr3 (#2325)

• #2319(@gilcu3): Added borsch schema snapshot test (#2319)

• #2338(@gilcu3): Replace ed25519_dalek::VerifyingKey with Ed25519PublicKey in node-types crate (#2338)

• #2352(@pbeza): Add security section to PR review prompt (#2352)

• #2384(@gilcu3): Update migrations after 3.6.0 release, remove infer domain purpose helpers (#2384)

• #2372(@dependabot[bot]): Bump the rust-minor-and-patch group with 3 updates (#2372)

• #2389(@gilcu3): Try all nearcore branches to have a better chance of getting the binary (#2389)

• #2394(@barakeinav1): Update TEE localnet deploy script and documentation (#2394)

• #2405(@gilcu3): Tiny follow up to contract cleanup in #2384 (#2405)

• #2412(@gilcu3): Add all features to rust tests in ci (#2412)

• #2406(@gilcu3): Remove usage of deprecated near_bindgen (#2406)

• #2421(@gilcu3): Ensure we do not block ci on external services tests (#2421)

• #2306(@DSharifi): Prepare workspace crates for publishing by setting version to 0.0.1 (#2306)

• #2429(@DSharifi): Add near-mpc- prefix for crates that will be published (#2429)

• #2432(@DSharifi): Add missing fields to publish all external crates (#2432)

• #2426(@DSharifi): Use cargo lint section for clippy lint rules (#2426)

• #2436(@DSharifi): Disallow allow attributes, and remove unexpected allows (#2436)

• #2438(@gilcu3): Remove EXTRA_HOST usage in launcher (#2438)

• #2425(@gilcu3): Upgrade to a patched nearcore 2.11.0-rc.1 (#2425)

• #2468(@DSharifi): Bump nearcore to 2.11.0-rc.2 (#2468)

• #2465(@dependabot[bot]): Bump the rust-minor-and-patch group with 3 updates (#2465)

Docker images

• nearone/mpc-node:3.7.0
  Manifest digest: sha256:a9a874255739ab610513a570e8af9daf4f0a774781a0e13120d9b09c4106ce65
  Image ID: sha256:e2ef71c220158f9ee19a265d583647eedb4e0cd7ca37021fbf0ab34e3d214ed0

• nearone/mpc-node-gcp:3.7.0
  Manifest digest: sha256:6486b7844a028fa7089aa463cb49f5c891b45a389cd03c7001b2877804c28f0c
  Image ID: sha256:13215e2399aa4b99abd2af4db9f44307b77e8033d94bace5656a971ec9d9edcc

• nearone/mpc-launcher:3.7.0
  Manifest digest: sha256:84c7537a2f84d3477eac2e5ef3ba0765b5d688f86096947eea4744ce25b27054
  Image ID: sha256:26fb9ae21dac7657b1c47ac44038b69399f0ec296176a65ce30f64e66442e86b

MPC contract

• digest: sha256:baef5cbbe2e52eaa3c171c8870edc88e7ed10dd68338d54abd714f626b121f02

3.6.0

MPC 3.6.0

This release adds support for starknet logs in foreign transaction verification requests, along with a few security improvements and bug fixes.

What's Changed

🚀 Features

• #2199(@DSharifi): Add new collection type, BoundedVec, to the bounded collections crate (#2199)

• #2132(@barakeinav1): Allow passing mpc_ env variables (#2132)

• #2202(@DSharifi): Create near-mpc-sdk crate with types for sign requests (#2202)

• #2218(@DSharifi): (sdk) The SDK can build foreign chain requests for bitcoin (#2218)

• #2222(@DSharifi): (sdk) The SDK can build foreign chain requests for abstract (#2222)

• #2224(@DSharifi): (sdk) The SDK can build foreign chain requests for starknet (#2224)

• #2233(@DSharifi): (sdk) Add verification support of foreign transaction signatures (#2233)

• #2254(@DSharifi): (sdk) Chain-specific builder entry points for foreign chain request builder (#2254)

• #2258(@olga24912): Add StarkNet event log extraction support (#2258)

• #2266(@DSharifi): (sdk) Add borsh serialization derives to all contract interface types and SDK verifier (#2266)

• #2265(@DSharifi): (sdk) Verify foreign transaction payload signatures (#2265)

• #2281(@gilcu3): Added support for abi generation in mpc-sdk and signature-verifier crate (#2281)

🐛 Bug Fixes

• #2237(@gilcu3): Update wasmtime to avoid vulnerability in CVE-2026-27204 (#2237)

• #2257(@gilcu3): Bug in from_be_bytes_mod_order when not a multiple of 8 bytes (#2257)

• #2268(@gilcu3): Use bounded incoming message buffers for all protocols (#2268)

• #2308(@gilcu3): Reject foreign chain transaction if requested chain not in policy (#2308)

• #2310(@netrome): Don't log raw mpc protocol messages (#2310)

• #2309(@gilcu3): Reject wrong payload versions for foreign chain transaction (#2309)

• #2317(@netrome): Ensure resharing leaders wait for start events to prevent them from getting stuck forever (#2317)

💼 Other

• #2195(@gilcu3): Make sure nix includes all needed tools (#2195)

• #2200(@SimonRastikian): Automate MPC release process (#2200)

• #2291(@anodar): Clang version in Nix flake for Darwin (#2291)

🚜 Refactor

• #2279(@anodar): Use strong threshold types in signature provider layer (#2279)

• #2277(@gilcu3): Unify crypto conversions (#2277)

• #2294(@gilcu3): Create mpc-crypto-types crate (#2294)

• #2313(@anodar): Handle errors on conversions to usize (#2313)

• #2295(@gilcu3): Reduce code duplication in buffer limit tests (#2295)

📚 Documentation

• #2251(@gilcu3): Rework the mpc readme (#2251)

• #2270(@barakeinav1): CVM upgrade mechanism with launcher and OS measurement voting (#2270)

• #2204(@pbeza): Archive Signer design for legacy HOT key support (#2204)

⚡ Performance

• #2276(@SimonRastikian): Split eddsa benchmarks (#2276)

⚙️ Miscellaneous Tasks

• #2212(@pbeza): Rename docs and scripts to kebab-case, add file naming CI check (#2212)

• #2169(@pbeza): Add check-use-in-fn.py CI script (#2169)

• #2227(@gilcu3): Add ts crate to the workspace (#2227)

• #2229(@netrome): Make CLAUDE.md a symlink to AGENTS.md (#2229)

• #2172(@barakeinav1): Launcher update process guide and automation script (#2172)

• #2249(@gilcu3): Make dependabot separate minor bumps from major bumps (#2249)

• #2259(@DSharifi): Create standalone crate to verify signatures that are in dto format (#2259)

• #2278(@dependabot[bot]): Bump the rust-minor-and-patch group with 2 updates (#2278)

• #2304(@gilcu3): Allow concurrent execution of release image workflow (#2304)

• #2235(@gilcu3): Update migration code and contract history after 3.5.1 is deployed (#2235)

• #2312(@gilcu3): Build docker workflows cancelling each other (#2312)

• #2314(@gilcu3): Update nearcore to 2.10.7 (#2314)

New Contributors

• @dependabot[bot] made their first contribution in #2252
• @olga24912 made their first contribution in #2258
• @anodar made their first contribution in #2279

Docker images

• nearone/mpc-node:3.6.0
  Manifest digest: sha256:b455b7bc476b0c9cdcf3ab48201b83645b560d5f7644a2b5b3ca63acdf1cc4b0
  Image ID: sha256:9143bc98aaae3408c14cf4490d7b0e96a5a32d989ec865a0cf8dde391831a7a9

• nearone/mpc-node-gcp:3.6.0
  Manifest digest: sha256:dba747045c5b5eb651ed662d0ba304fcc7e0a390a28bd479075e29cf9e54430f
  Image ID: sha256:2af03f303da5eefa8b736f5502f9236bd31a13573ae3541d00b86547c8e77730

• nearone/mpc-launcher:3.6.0
  Manifest digest: sha256:e28cb0425db06255fe5fc7aadb79534ac63c94c7a721f75c1af1e934d2eb0701
  Image ID: sha256:ee41ad2278d14dff2e32e64adab393f727cc53f98b6e8e377ce5c9e386221a4c

MPC contract

• digest: sha256:ca9d355bc70c2f1ef5768aa3943031bd52614befd16a2c5623bdf2bd14f06282

3.5.1

MPC 3.5.1

This is a small patch on top of 3.5.0 fixing a compatibility bug for the upgrade.

What's Changed

🐛 Bug Fixes

• #2189(@netrome): Ensure nodes can read 3.4.1 state (#2189)

• #2190(@gilcu3): Add_domain_votes are preserver after resharing (#2190)

📚 Documentation

• #2103(@kevindeforth): Indexer proposal (#2103)

⚙️ Miscellaneous Tasks

• #2174(@gilcu3): Make logs -error reading config from chain- explicit (#2174)

• #2192(@gilcu3): Resolve rustdoc warnings and enforce warnings check in CI (#2192)

Docker images

• nearone/mpc-node:3.5.1
  Manifest digest: sha256:55f43e5e7f9b252eaf34b2607d39ce3aaec5f0b0b40537f68303162acd1d102e
  Image ID: sha256:b84085c77d37d814caaa5c8dd894de743976ba553acfa3a0d86a36538cf5e81a

• nearone/mpc-node-gcp:3.5.1
  Manifest digest: sha256:41a40716b164a9c1755e185031d0b99e4fb4949def473b7b30cc46ee778d4e74
  Image ID: sha256:8cb0f1466e3c00b4049b761b573a3b63a5a8c8603f722705bc5efcab72fd6b60

• nearone/mpc-launcher:3.5.1
  Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

MPC contract

• digest: sha256:512e6a9401e4e0d7057a413ecdb3edc5fd492a2ff1ccb6c2a0fafb2c4b3680d2

3.5.0

MPC 3.5.0

The main features of this release include:

• Foreign transaction validation
• Latest other features and fixes.

Node compatibility note

This release introduces a new storage column, which means that downgrading from 3.5.0 to 3.4.1 isn't possible. If there's a need to downgrade node, we'll make a patch release on top of 3.4.1 including the fix from #2065.

What's Changed

🚀 Features

• #1980(@DSharifi): Implement JSON rpc client and extractor for bitcoin (#1980)

• #1968(@netrome): Foreign chain config & parsing (#1968)

• #1998(@netrome): Canonical sign payload for foreign chain transactions (#1998)

• #2008(@gilcu3): Implement verify foreign key logic in the contract (#2008)

• #1997(@netrome): Automatic foreign chain policy voting (#1997)

• #2015(@DSharifi): Foreign chain inspector for abstract block chain (#2015)

• #2039(@andrei-near): Add claude reviewer (#2039)

• #2055(@gilcu3): Integrate foreign chain tx feature in the node (#2055)

• #2065(@netrome): Allow SecretDB to open unknown column families (#2065)

• #1990(@pbeza): (dtos) Add Participants JSON serialization types to contract-interface (#1990)

• #2070(@netrome): Remove observed_at_block special response field (#2070)

• #2075(@DSharifi): Add extractor for evm Logs (#2075)

• #2087(@gilcu3): Integrate Abstract in the node (#2087)

• #2084(@netrome): Starknet inspector (#2084)

• #2129(@pbeza): Update Claude model to use Opus 4.6 for code reviews (#2129)

• #2126(@DSharifi): Return payload hash instead of the payload for the sign foreign chain requests (#2126)

• #2158(@gilcu3): Adding consistent hashing to select RPC providers (#2158)

• #2163(@netrome): Domain separation (#2163)

• #2179(@DSharifi): Add on chain metrics for sign request payload version (#2179)

• #2180(@netrome): Add abstract rpc configuration in localnet guide + foreign policy serialization fix (#2180)

🐛 Bug Fixes

• #2014(@gilcu3): Broken reproducibility (#2014)

• #2043(@netrome): Three small post-merge fixes from #1997 (#2043)

• #2107(@netrome): Remove accidentally included prompt file (#2107)

• #2124(@gilcu3): Make run_receive_messages_loop infallible, log error on internal failures (#2124)

• #2133(@gilcu3): Ecdsa background tasks should be infallible (#2133)

• #2137(@SimonRastikian): Updating the documentation (#2137)

• #2149(@gilcu3): Boot nodes deduplication in docs (#2149)

💼 Other

• #2048(@DSharifi): Bump cargo resolver version to version 3 (#2048)

• #2092(@DSharifi): Use nixpkgss to install cargo-nextest (#2092)

• #2184(@DSharifi): Set Cargo linker for aarch64-darwin to resolve -lSystem (#2184)

🚜 Refactor

• #2044(@pbeza): Improve gas benchmark tests by optimizing account handling (#2044)

• #2141(@SimonRastikian): Const string contract methods (#2141)

📚 Documentation

• #2013(@barakeinav1): Add node migration guide for operators (#2013)

🧪 Testing

• #1993(@gilcu3): Check if 100s is enough to avoid flaky tests (#1993)

• #2023(@netrome): System test for foreign chain policy voting (#2023)

• #2072(@netrome): System test for foreign transaction validation (#2072)

• #2125(@gilcu3): Added system test for starknet (#2125)

⚙️ Miscellaneous Tasks

• #1985(@barakeinav1): Correct error codes (#1985)

• #1995(@DSharifi): (nix) Bump cargo-near version to 0.19.1 (#1995)

• #2000(@gilcu3): Make cargo-deny and license checks optional in CI (#2000)

• #1991(@gilcu3): Add missing verify foreign chain functions to the contract (#1991)

• #1967(@gilcu3): Bump gcloud-sdk to fix jsonwebsocket vuln (#1967)

• #2019(@DSharifi): Move rustfmt.toml file to workspace root (#2019)

• #2010(@DSharifi): Use jsonrpsee to support JSON-RPC v2 instead of manual implementation (#2010)

• #2028(@DSharifi): (cargo-deny) Remove unnecessary skip for prost (#2028)

• #2034(@gilcu3): Update ts reference (#2034)

• #2026(@gilcu3): Update contract history to 3.4.1 (#2026)

• #2041(@DSharifi): Remove cargo-about third-party licenses check from CI (#2041)

• #2046(@DSharifi): Update near cli version in nix shell (#2046)

• #2049(@DSharifi): Run cargo-update on lock file (#2049)

• #2027(@DSharifi): Remove usage of near_o11 for metrics and test logger (#2027)

• #2052(@gilcu3): Upgrade and organize workspace deps (#2052)

• #2059(@gilcu3): Disable flaky robust-ecdsa test (#2059)

• #2035(@DSharifi): Revert the revert of using socket addresses (#2035)

• #2079(@DSharifi): Make API types specific per chain (#2079)

• #2082(@DSharifi): Make nix and ci version of tools in sync (#2082)

• #2097(@gilcu3): Update keccak to 0.1.6 (#2097)

• #2098(@gilcu3): Enable all steps in cargo deny except advisories in fast CI (#2098)

• #2100(@SimonRastikian): Dependabot with exceptions (#2100)

• #2104(@DSharifi): Add From and TryFrom conversions between dto and foreign chain inspector types (#2104)

• #2117(@gilcu3): Add exceptions to dependabot that are known to fail because of devnet (#2117)

• #2115(@pbeza): Extract Claude review prompt into standalone file (#2115)

• #2131(@DSharifi): Validate local RPC provider config with on chain config (#2131)

• #2146(@gilcu3): Bump buildkit and runner images versions to overcome build failure (#2146)

• #2153(@gilcu3): Disable rust cache temporarily, as warpbuilds is providing different runners for the same label (#2153)

• #2144(@DSharifi): (nix) Add jq and ruff to dev shell packages (#2144)

• #2155(@pbeza): Add CI workflow to validate PR title type against changed files (#2155)

• #2139(@DSharifi): Use non empty colletion types for foreign chain types (#2139)

• #2162(@gilcu3): Enable back rust-cache (#2162)

• #2148(@pbeza): Add lychee CI check for markdown link validation (#2148)

• #2152(@pbeza): Update format_pr_comments script to read JSON from file argument (#2152)

• #2168(@gilcu3): Fix flaky claude review permissions (#2168)

• #2176(@DSharifi): Exclude .direnv from lychee link checker (#2176)

• #2181(@gilcu3): Fix lychee not respecting gitignore (#2181)

MPC contract

• nearone/mpc-node:3.5.0
  Manifest digest: sha256:186fc21906b55e753e867e11812b4df0c6f1164701d1234303ba2091b353bceb
  Image ID: sha256:e9b0be88d1cddafffe1854bf460f0d905796425c410f2703dfed619ba5f892c6

• nearone/mpc-node-gcp:3.5.0
  Manifest digest: sha256:c3d377dbe1c025ce3413e8a5da7624061ab37ac22f647487e60f12d9ee8ce2bb
  Image ID: sha256:c3d377dbe1c025ce3413e8a5da7624061ab37ac22f647487e60f12d9ee8ce2bb

• nearone/mpc-launcher:3.5.0
  Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd...

3.4.1

MPC 3.4.1

The main features of this release include:

• Update nearcore to 2.10.6
• Fixing the network TCP Listener task that used to silently die

What's Changed

Full Changelog: 3.3.1...3.4.1

🚀 Features

• #1923(@DSharifi): (contract) Define contract API for verification of foreign transactions (#1923)

• #1948(@gilcu3): Added indexer types for verify foreign tx (#1948)

• #1961(@netrome): Add foreign chain policy types and voting method (#1961)

🐛 Bug Fixes

• #1939(@gilcu3): Ensure test_verify_tee_expired_attestation_triggers_resharing is not flaky (#1939)

• #1831(@kevindeforth): Properly fix network race condition (#1831)

• #1983(@kevindeforth): (network) TCP Listener task must not die (#1983)

📚 Documentation

• #1920(@netrome): Foreign chain transaction design doc (#1920)

• #1928(@barakeinav1): Update release guide (#1928)

• #1925(@netrome): Post-discussion updates for foreign chain transaction design doc (#1925)

• #1931(@netrome): Extractor-based foreign chain transaction validation design update (#1931)

• #1938(@netrome): Derive separate tweak for foreign transaction validation (#1938)

• #1953(@DSharifi): Include set of reommended extensions for VSCode (#1953)

• #1964(@DSharifi): Add note on branch being pushed to github pre git-cliff instructions (#1964)

🧪 Testing

• #1945(@gilcu3): Add timeout/retry mechanism to try to fix flaky test creating many accounts (#1945)

• #1951(@gilcu3): Enable test_embedded abi test (#1951)

• #1937(@barakeinav1): Add localnet TEE automation scripts and templates (#1937)

⚙️ Miscellaneous Tasks

• #1894(@gilcu3): Bump near crates, remove AccountId conversions (#1894)

• #1916(@netrome): Add CLAUDE.md and AGENTS.md to make coding agents more effective (#1916)

• #1914(@gilcu3): Update 3.3.2 mainnet contract history, clean-up previous contract migrations (#1914)

• #1935(@gilcu3): Remove the use of jemalloc (#1935)

• #1879(@barakeinav1): TEE testnet automation scripts and launcher (#1879)

• #1933(@DSharifi): (clippy) Enable warning on assertions_on_result_states clippy lint (#1933)

• #1947(@gilcu3): Update nearcore to 2.10.6 (#1947)

• #1950(@DSharifi): RPC requests to EVM chains should have separate struct per chain (#1950)

• #1973(@gilcu3): Remove extra license file (#1973)

• #1982(@DSharifi): Add git-cliff to nix dev environment (#1982)

Docker images

• nearone/mpc-node:3.4.1
  Manifest digest: sha256:446075ba3a9b064b1e0d54a00395491560a92c65312f507b23bab8d59f7a0793
  Image ID: sha256:07bba7c60565750f6d5fe6800cd73513dd2d0d02e6893184064e209ff37c25a2

• nearone/mpc-node-gcp:3.4.1
  Manifest digest: sha256:17e2f5791874c9e00c0470e6d8aa31271874076ca0c1621f33fa5d7e0ad63652
  Image ID: sha256:49f95ba86dbb8a10367ca6218ee0d1b1b6e766084fc09c17ad377815e13256c7

• nearone/mpc-launcher:3.4.1
  Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

MPC contract

• mpc-contract-v3.4.1.wasm:
  digest: sha256:8b9fd9a39abe8dc3aa3f72864b02f06d96beb82dab345c58305222c1bdfb81dc

3.4.0

MPC 3.4.0

The main features of this release include:

1. Removal of storage deposit requirement from contract
2. Additional metrics
3. bug fixes

What's Changed

Full Changelog: 3.3.2...3.4.0

🚀 Features

• #1887(@netrome): Remove storage deposit requirement from contract (#1887)

🐛 Bug Fixes

• #1801(@andrei-near): TCP user keepalive (#1801)

• #1830(@gilcu3): Cargo-make check-all using wrong profile parameter (#1830)

• #1854(@gilcu3): Update deps dcap-qvl and oneshot to avoid known vulnerabilities (#1854)

• #1865(@gilcu3): Hot loop bug in running state when no keyshares are found (#1865)

• #1876(@gilcu3): Bump wasmtime version due to RUSTSEC-2026-0006 (#1876)

💼 Other

• #1808(@DSharifi): (nix) Include apple-sdk_14 package to build neard on MacOs (#1808)

• #1812(@DSharifi): (nix) Include neard as a nix flake (#1812)

• #1845(@DSharifi): (nix) Remove neard as a tool in dev shell (#1845)

📚 Documentation

• #1850(@barakeinav1): Add port 80 configuration support (#1850)

⚡ Performance

• #1859(@DSharifi): Avoid fragmented header writes on TCP connections (#1859)

🧪 Testing

• #1804(@gilcu3): Added automated localnet setup (#1804)

• #1813(@pbeza): Add benchmark regression tests for Participants struct (#1813)

• #1886(@gilcu3): Make account creation much faster using async transactions (#1886)

• #1885(@gilcu3): Add CI test for mpc-node through non-tee launcher (#1885)

• #1896(@gilcu3): Add 3.3.2 contract to contract-history (#1896)

• #1899(@gilcu3): Add fixture tests for key derivation path (#1899)

⚙️ Miscellaneous Tasks

• #1816(@DSharifi): Make pprof web server endpoint queriable (#1816)

• #1818(@netrome): Bump nearcore to 2.10.5 (#1818)

• #1819(@gilcu3): Update ts repo ref (#1819)

• #1823(@gilcu3): Fix cargo-deny warnings, adapt to changes in dcap-qvl (#1823)

• #1838(@gilcu3): Make launcher-script more user friendly (#1838)

• #1837(@DSharifi): (metrics) Track tokio runtime and task metrics and export it to prometheus (#1837)

• #1840(@gilcu3): Remove outdated research file (#1840)

• #1843(@gilcu3): [breaking] Use hex for attestation dto types (#1843)

• #1849(@DSharifi): Check licenses is up to date on CI (#1849)

• #1862(@DSharifi): Use --force flag for cargo-binstall installations (#1862)

• #1855(@DSharifi): Create histogram for bytes written on p2p TCP streams (#1855)

• #1871(@gilcu3): Optimize rust cache in CI (#1871)

• #1873(@DSharifi): Bump axum to 0.8.8 (#1873)

• #1878(@gilcu3): Enable ignored tests (#1878)

• #1881(@DSharifi): Bump flume to version 0.12.0 (#1881)

• #1903(@barakeinav1): Bump crate versions to 3.4.0 and update changelog (#1903)

Docker images

• nearone/mpc-node:3.4.0

  • Manifest digest: sha256:df1c8c56fd7e48190e73d8386b1b0ee75fb6c70e682a7e9cba916452002cad9a
  • Image ID: sha256:3079a17e10d23d8ee518f0fe49069dd7b3eeea8aea503e69415c38f6f05bf23c

• nearone/mpc-node-gcp:3.4.0

  • Manifest digest: sha256:dce45ffd6ffbf7bb6708ce3a688d02a76654151e2ad63c3210eb60dfe6b9892e
  • Image ID: sha256:2da728c4cf968548baec80ab31173e8c3073fbe80e70d29d9227e905929ee802

• nearone/mpc-launcher:3.4.0

  • Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  • Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

  MPC contract

• mpc-contract-v3.4.0.wasm:

  • digest: sha256:09f343394892ff59afac0be7e16e05b0ff3754be6d36c3b88a6efd4eeb83c10c

3.3.2

MPC 3.3.2

This is a small patch on top of 3.3.1 (which is a small patch on top of 3.3.0), fixing a backwards compatibility issue.

What's changed

• fix: include default value for pprof address by @DSharifi in #1802
• chore: Bump crate versions to 3.3.2 and update changelog by @kevindeforth in #1806

Full Changelog: 3.3.1...3.3.2

Docker Images

• nearone/mpc-node/3.3.2

  • Manifest digest: sha256:d90621be5609dcb8f83c1b75f796398963e4b24eba459021f1cd1105fd1559cd
  • Image ID sha256:ab8501e10e208eeb713c6dc8618ef8ec5d4cfe5111285eedbbc459ab18ad4122

• nearone/mpc-node-gcp/3.3.2

  • Manifest digest: sha256:d1b8a162f62b06ce4ce0ad52b515580ae513c75f38f8d06af091083663f6b52f
  • Image ID: sha256:6139beaca3a0dfb9fd5fb3ffe2cd102c5e340c83e10f59ef309463b871ec4b53

• mpc-launcher/3.3.2

  • Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  • Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

Contract

• mpc-contract-v3.3.2.wasm: with embedded ABI (file included in the release attachments)

digest: sha256:b2437a10ef3906bbd12de3c16b99ef9b398950402680f5bebe61047aedae6a32

3.3.1

MPC 3.3.1

This is a small patch on top of 3.3.0 fixing a backwards compatibility issue.

What's Changed

🐛 Bug Fixes

• #1795(@netrome): Revert #1707 (use SocketAddr instead of custom struct) (#1795)

Docker images

• nearone/mpc-node:3.3.1

  • Manifest digest: sha256:b0d0d5ad09f7b22d906e5e08a34895d042940d9a9756087f1db770c1453cab0a
  • Image ID sha256:ee6ea128381216500f1bd2fca7fbc57cd35e626f1aa19975434af46efc806210

• nearone/mpc-node-gcp:3.3.1

  • Manifest digest: sha256:cf92bf00d3cf6e393392783b5ade44d69119d7557ab44b4001f59a57c35c0f4c
  • Image ID: sha256:233b915bec8f8416f3a06aa65e394e1433f01a06f34b3767c94093d02c16f8a3

• nearone/mpc-launcher:3.3.1

  • Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  • Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

  MPC contract

• mpc-contract-v3.3.1.wasm: now with embedded ABI (file included in the release attachments)

  • digest: `sha256:c890a90a3c2feb8f58c4a4d391ec2cffc9d18228852d6ed56685d3ddb7462acc

3.3.0

MPC 3.3.0

This is our first release for 2026!

The main feature of this release is the ability to use the launcher for non-TEE setups. This enables better local experimentation of TEE-like setups and troubleshooting.

Beyond that, this release features mainly bug fixes, network resiliency improvement and paves the way for more significant non-breaking upgrades of the network layer by allowing MPC nodes to connect to other nodes with higher protocol version numbers.

What's Changed

🚀 Features

• #1723(@DSharifi): (node) Add web endpoint to collect CPU profiles with pprof-rs (#1723)

• #1735(@barakeinav1): (launcher) Add ability to use the launcher also for non tee setups. (#1735)

🐛 Bug Fixes

• #1729(@gilcu3): Ruint unsoundness issue RUSTSEC-2025-0137 (#1729)

• #1752(@gilcu3): Enable TCP_KEEPALIVE for network connections (#1752)

• #1764(@kevindeforth): (network) Do not accept incoming connection if previous one is still active (#1764)

• #1772(@DSharifi): Don't crash MPC node on startup for failed attestation submission (#1772)

💼 Other

• #1738(@DSharifi): (rust) Add support for Nix build environment (#1738)

• #1767(@DSharifi): (nix) Add instructions to enable direnv with Nix flake (#1767)

• #1771(@DSharifi): (nix) Resolve openssl-sys compilation errors in devShell (#1771)

🚜 Refactor

• #1697(@DSharifi): Return Result type in is_caller_an_attested_participant (#1697)

📚 Documentation

• #1733(@kevindeforth): Update readme to reflect correct test terminology (#1733)

• #1661(@barakeinav1): Support running two MPC CVMs (Frodo + Sam) on the same physical machine (#1661)

⚡ Performance

• #1713(@DSharifi): Enable TCP_NODELAY for nodes' P2P TCP connections (#1713)

• #1663(@DSharifi): (contract) Contract should not store full attestation submission (#1663)

🧪 Testing

• #1708(@gilcu3): Improve pytest handling of crate builds (#1708)

• #1709(@gilcu3): Refactor wait_for_state to avoid self.contract_state() in tight loop (#1709)

• #1725(@pbeza): Fix contract integration tests (#1725)

• #1769(@gilcu3): Handle transaction nonces locally (#1769)

⚙️ Miscellaneous Tasks

• #1699(@netrome): Initial contribution guidelines (#1699)

• #1705(@gilcu3): Add cargo-deny support (#1705)

• #1707(@gilcu3): Update testnet contract (#1707)

• #1715(@DSharifi): Ignore RUSTSEC-2025-0137 in cargo-deny check (#1715)

• #1717(@DSharifi): Use SocketAddr instead of custom struct for addresses in configs (#1717)

• #1718(@barakeinav1): Update tee testnet guide (#1718)

• #1722(@DSharifi): Update rkyv version to fix RUSTSEC-2026-0001 (#1722)

• #1720(@pbeza): Fix typo (#1720)

• #1726(@DSharifi): Ignore RUSTSEC-2026-0002 in cargo-deny check (#1726)

• #1739(@kevindeforth): Unify ckd and sign sandbox tests (#1739)

• #1744(@gilcu3): Use attestation crate types (#1744)

• #1749(@gilcu3): Update to nearcore 2.10.4 (#1749)

• #1742(@pbeza): CI check to enforce TODO comment format (#1742)

• #1756(@gilcu3): Improve log messages for tokio tasks (#1756)

• #1761(@pbeza): Remove dead Python code (#1761)

• #1774(@gilcu3): Update mainnet history contract to 3.2.0 (#1774)

• #1776(@gilcu3): Add missing metrics in eddsa (#1776)

• #1778(@kevindeforth): Nodes accept peer with same or higher protocol version (#1778)

• #1780(@gilcu3): Refactor CI tests to group fast tests in a single run (#1780)

• #1790(@pbeza): Skip TODO format checks for CHANGELOG.md (#1790)

Docker images

• nearone/mpc-node:3.3.0
  • Manifest digest: sha256:794e9699657d1e0ca287d2c015caa9041d314e0abb218f7d73facb5f2c4d1f05
  • Image ID: sha256:6e5b08f91752fd7cb10349de45f74272f340fe42a172d2cbc237f3f1d5527a45
• nearone/mpc-node-gcp:3.3.0
  • Manifest digest: sha256:cbded928069c716e96aa3f82fabd4ba934325f36146cf70ac33f48ecb9d7c39b
  • Image ID: sha256:0153c197a686541e5a95efa987379f24ffffa3b1bad50fad9df050c363f50715
• nearone/mpc-launcher:3.3.0
  • Manifest digest: sha256:17243e65f47c69a4735c507ea91aefa0bdd761d9a267e28221232d748518bad3
  • Image ID: sha256:0aa010444e4e54f8f2f430f0cb9d784db937f8179cb129c952cae2052792122c

MPC contract

• mpc-contract-v3.3.0.wasm: now with embedded ABI (file included in the release attachments)
  • digest: sha256:fde328d56a5afa73e8cf56db1e3fed260eca287d784fc1022fbffe9ba3570e76

3.2.0

MPC 3.2.0

This is our last release for 2025! Its main features are derivation path support for CKD and initial support for Robust ECDSA. The release also includes several fixes and optimizations related to gas usage, and bumps the underlying nearcore version to 2.10.3.

What's Changed

🚀 Features

• #1627(@gilcu3): Add derivation path support for ckd (#1627)

• #1670(@gilcu3): Add robust ecdsa SignatureScheme variant (#1670)

• #1658(@kevindeforth): Add new signature scheme variant to contract (#1658)

• #1679(@gilcu3): Robust_ecdsa provider implementation (#1679)

🐛 Bug Fixes

• #1614(@DSharifi): Use gas value in the new config for the update promise (#1614)

• #1620(@DSharifi): Code hashes can now be be voted for in all code protocol states (#1620)

• #1635(@barakeinav1): Correct error reporting of invalid TEE participants (#1635)

• #1636(@pbeza): Remove votes from UpdateEntry (#1636)

• #1665(@pbeza): Bump ProposedUpdatesEntries to V3 and clean up V2 (#1665)

• #1673(@gilcu3): Fix derivation_path params in ckd-example-cli (#1673)

🚜 Refactor

• #1626(@pbeza): Remove ReportData::new() (#1626)

• #1642(@DSharifi): Remove stale comment and improve if condition for charging of attestation storage (#1642)

• #1668(@pbeza): Move gas constants for voting from test to common module (#1668)

• #1695(@DSharifi): Clarify that tee_state contains attestations for not just active participants (#1695)

📚 Documentation

• #1456(@barakeinav1): Create a guide for localnet + MPC node running in TEE setup (#1456)

• #1604(@barakeinav1): Testnet with tee support guide (#1604)

⚡ Performance

• #1659(@netrome): Use procedural macro to include expected measurements at compile time (#1659)

🧪 Testing

• #1623(@DSharifi): (pytest) Run all pytests with 1 validator (#1623)

• #1637(@kevindeforth): Migration system test (#1637)

• #1671(@gilcu3): Refactor pytests, several improvements preparing for robust ecdsa integration (#1671)

• #1672(@gilcu3): Refactor integration test in the node, improve PortSeed struct (#1672)

• #1678(@kevindeforth): Fix sign sandbox tests (#1678)

• #1682(@gilcu3): Add tests for robust ecdsa (#1682)

⚙️ Miscellaneous Tasks

• #1613(@DSharifi): Remove latest_code_hash method from contract (#1613)

• #1612(@pbeza): Introduce a gas constant for vote_update (#1612)

• #1618(@barakeinav1): Update config files (#1618)

• #1633(@gilcu3): Update reference to ts repo (#1633)

• #1648(@gilcu3): Enforce kebab-case for crate names (#1648)

• #1651(@gilcu3): Broken contract verification (#1651)

• #1653(@netrome): Bump nearcore to 2.10.2 (#1653)

• #1676(@DSharifi): Run test profile on cargo nextest invocation (#1676)

• #1681(@DSharifi): Enable debug-asserttions on CI test profile (#1681)

• #1692(@gilcu3): Update version and changelog for 3.2.0 release (#1692)

• #1683(@kevindeforth): (contract) Sandbox code organization (#1683)

• #1698(@gilcu3): bump nearcore to 2.10.3 (#1698)

Docker images

• nearone/mpc-node:3.2.0
  • Manifest digest: sha256:b97b15387ed32ac6ada5d4445bd4ddf35004064577ae2a1c550400071830ae83
  • Image ID: sha256:00006c1059cc0219005b21956a4df8238b0cc33ad559a578a63169de4e28c81e
• nearone/mpc-node-gcp:3.2.0
  • Manifest digest: sha256:70a9a77e9da1f6ed76b5ff6dba1a956573c7693a22311a32e6a4866ba2a9bc93
  • Image ID: sha256:758cd5c68a065cc1e206a698b98ee1a1b0acfdabd623997c87692197d039cee8
• nearone/mpc-launcher:3.2.0
  • Manifest digest: sha256:4065f2fce41415962be92471a4e793ff5147b00b2784617c7e8098be2761a875
  • Image ID: sha256:bad670e1ec573c3d242f83abcf95f5b6beb8811a16ed2822b0d492252a67ec39

MPC contract

• mpc-contract-v3.2.0.wasm: now with embedded ABI (file included in the release attachments)
  • digest: sha256:64ad42f303275d0a0b8e1c7eef6c3347355d08b7f831df5f9b3ff3fb1ae3ba09