Skip to content
Compare
Choose a tag to compare

v1.5.3

@ripcurlx ripcurlx released this
· 2234 commits to master since this release
v1.5.3
85d0d61
Compare
Choose a tag to compare

A newer version is already available! Please don’t use this version anymore.

This is a hotfix that introduces DoS protection.

Here are the release notes from v1.5.2:

Release notes

This release improves transaction handling in certain edge cases and contains multiple fixes making Bisq more reliable in general. There are also some notable UI updates for the payment accounts and offer book screens.

DAO

UI

Trading

Wallet

Reliability

Mediation/Arbitration

Performance

Network

API

Development

Assets

No new assets.

Verification

Url of the signing key (Christoph Atteneder): https://bisq.network/pubkey/29CDFD3B.asc
Full fingerprint: CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B

Import the key:
curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import
GPG prints a confusion warning: "This key is not certified with a trusted signature!" - See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.

How to verify signatures?
gpg --digest-algo SHA256 --verify BINARY{.asc*,}
Replace BINARY with the file you downloaded (e.g. Bisq-1.5.3.dmg)

Verify jar file inside binary:
You can verify on OSX the jar file with:
shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/Java/Bisq-1.5.3.jar
The output need to match the value from the Bisq-1.5.3.jar.txt file.

Known issues with installation

macOS Catalina:

Bisq can't be opened because Apple cannot check it for malicious software

This happens the first time Bisq is run on macOS Catalina. It is because a new security feature in Catalina has newer requirements of how apps are packaged. We are working on ways to address this (see #3402 and #4196 for details).

Workaround: Right click on the installed Bisq app > Click Open (warning popup shown again, but with new button available) > Click Open

Bisq would like to receive keystrokes from any application.

Discussed in issue #3373, you will see a permission request in the latest macOS version that Bisq wants to receive keystrokes from any application. Unfortunately that is an issue for all Java applications that are run on Catalina right now. We are investigating already how to solve this issue and will fix in one of our next updates.

Windows:

The binary of this version is not signed by a code signing certificate right now as it was in previous versions. This is because of an expired certificate that wasn't renewed in-time. It will be signed on 28th of Dec with the newly received certificate and this note will be removed afterwards. The Windows binary was signed on Dec 27th and uploaded together with an updated signature file.

There is a known issue with Anti Virus software. We got several reports from users running into different problems. Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1]) or cause such a long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix those issues.

If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.

[1] Application directory (contains application installation files):
C:\Users<username>\AppData\Local\Bisq

[2] Data directory (contains all Bisq data including wallet):
C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)

Linux:

Hint for Debian users:
If you have problems starting Bisq on Debian use: /opt/Bisq/Bisq

If your Linux distro does not support .deb files please follow this instruction:

cd ~/Downloads  
mkdir tmp  
cd tmp   
ar x ../Bisq-64bit-1.5.3.deb  
sudo tar Jxvf data.tar.xz  
sudo cp -rp opt/Bisq /opt/

That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue so we can improve it.

Cleanup tool for saved trades that failed market price check

With this release we are also shipping a cleanup tool (Bisq-cleanup-trades*). It will remove corrupt trade entries added due to bug #2924. Install and run once, it will shut down automatically, then install version 1.5.3 or later. You can verify the binary the same way as you do with the Bisq application.

Credits

Thanks to everyone who directly contributed to this release:

A special thanks to our first time contributors:

As well as to everyone that helped with translations on Transifex.