-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 = lokinet v0.9.9 (gluten free edition) Service node only release for hf 19, this release is manditory for all service nodes. = service node changes * bind section no longer allows 0.0.0.0 for inbound links, use your interface name and set public-ip and public-port in router section, boxes with multiple public addresses on one interface required this change be done. if 0.0.0.0 is used and lokinet can infer a public ip, it will be used, otherwise it will error and need to be reconfigured with the proper entries in router section. * bugfix in link layer state machine that should fix inbound sessions becoming in a permanently stuck state * systemd status line reports more useful info like block hieght and gossip times. * bugfixes regarding gossping and decommissions related to lokinet reachability * idempotent queue flushing, all path builds and transit traffic should be butter smooth as a result. = client side (non service node) changes == windows windows now has a new gui, dns leaks but ipv6 leak should be plugged. expect remaining fixes in 0.9.10 tag == config options network section * exit-node / exit-auth now allow multiple entries , exit nodes will be striped randomly for each range they are mapped to * autorouting , turn route poker on and off * blackhole-routes , turn off route poker's ipv4 / ipv6 route blackholing. useful for omitting non routable ranges like 200::/7 and fc00::/7 from route poker * auth-file / auth-file-type , enable endpoint auth using hashed or plaintext passwords (hashed by default) * auth-static , add static plaintext auth codes via config entry dns section * uptream will now default to 188.8.131.52 == cli * removed -b flag, it did not do anything anyways. * removed -v / --verbose flag, use config option in logging section, level = debug == docs * generate internal docs with doxygen * remove outdated content, replace with placeholders == build system * new helper script: contrib/cross.sh for cross compiling from linux. * macos build process redone in full, still not done yet. === new cmake options * -DBUILD_DAEMON for toggling building of lokinet daemon, used only on apple platforms. * -DWITH_BOOTSTRAP for toggling building of lokinet-bootstrap tool == internals * removed large amounts of dead code * use oxenc for serializion insted of oxenmq * split up cpack nsis commands into external files * split up android build process into configure and build to fully parallize builds. * embedded lokinet apis frozen. * embedded lokinet internals finished. * demacroize the code * disable usage of ipv6 upstream dns in libunbound * propagate link layer priority to link layer for proper resend prioritization = release binaries sha256 hashes for lokinet v0.9.9 signed by email@example.com key at https://lokinet.io/jeff.asc or http://lokinet.loki/jeff.asc 86f3624cc29ead3f5d0fb8281763315fd26ffe5b57a70876ce8700511908e45b lokinet-0.9.9-win64.exe 084a515103f32d8dcb519837054348b04e35157dd062e87bbee38b214973b72c lokinet-v0.9.9.tar.xz the current bitcoin top block is: best=00000000000000000005a372e7d48a080460d5249fbe5238e037314b9da4c8e2 height=738737 date='2022-05-31T14:24:36Z' -----BEGIN PGP SIGNATURE----- iIYEARYIAC4WIQQs5vJ0MTiCW3p+Uh0CXALuOgkvLQUCYpYqgBAcamVmZkBsb2tp bmV0LmlvAAoJEAJcAu46CS8tc2cA/368jR4l7bob+0FVtrQ6A17j/CA7xu45QCRl X3QkR6W5AQDp8jYrL9pB0HWWrE5xlWQG9WxYt7L7Sp+ow/78ArqmAQ== =joQh -----END PGP SIGNATURE-----
windows is broken in this tag this release is for linux only (both clients and service nodes)
- fix long uptime cpu usage leak on service nodes
- fix excessive network jitter
- fix issue with service node testing algorithm
- redo ci pipeline docker images
bugfix release for clients.
client side fixes:
- work around volatile network path build success rate, prevent clients from becoming stuck in an edge case state from which it used to not recover from.
- bundle bootstrap.signed by default instead of requiring it be fetched externally
- logging subsystem refactor to use source_location
- fix issue with older systemd-resolved not being able to set dns
- lokinet will now load config files in lexigraphical order
- remove json logger
ci pipeline updates:
- basically totally redo the ci pipeline docker stuff
b2sums: 54d8d33ab1599a9cd5d989379c8ba083d81a0e7e1da1834847c6d61ebc9671e9351ee700651c16f5969dfb3c70c06e2e0e2636ce14b8f6ac00d1b58b915c6509 lokinet-0.9.7-win64.exe
This update fixes a few things in lokinet found since 0.9.4, most notably making peer testing more reliable (0.9.4 had an issue where a temporarily failing node could get stuck in failed status), as well as many miscellaneous updates to the lokinetmon tool for (command-line) monitoring of a running lokinet.
This release also uses jemalloc by default (and in the debian/ubuntu packages) to noticeably reduce memory usage, particularly after lokinet has been running for a few days.
Note that upgrading to this release is required for Service Nodes, along with oxen-core 9.2.0 and oxen-storage-server 2.2.0. Upgrade enforcement (i.e. decommissions and/or deregistrations) will begin at block 839009 (due 13 July, 23:00 UTC).
Note that we are no longer uploading static linux builds to github releases as these builds are generally a worse experience and harder to use (due to the permissions lokinet requires) compared to running lokinet as a proper system service as you get with the debian/ubuntu packages. If you still need static Linux builds you can get them from our CI build repository at https://oxen.rocks/oxen-io/lokinet, but we'd encourage you to use a proper package system or build lokinet yourself.
Signatures for release binaries
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Signed SHA256 hashes of release files. These are signed using Jason's GPG key available at: - the oxen-io/oxen-core repository, at /utils/gpg_keys/Jason.asc - OpenPGP key servers (Jason Rhinelander <firstname.lastname@example.org>, A88D4262) - https://imaginary.ca/public.gpg e4aa35ded81ddff0379343a171e165ce7dcd9921072e76efef1ce180e7646b5d lokinet-windows-64bit-v0.9.5.zip -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZjYdjjyW5Bxty3BRxJks56iNQmIFAmDlJJUACgkQxJks56iN QmKZ4Q//VhChtDvVLyYlDm4fi4eK7TogQu25M8mYt1tURxxuPUy7ZWZ2xAt8XYzM yTvC47DfuinXIaAEPsyjCNLPl0noUYv6h84+Pve3qLny3SuNWmDtv+ckimC5h+pY lnF4hi1Yh0vh6qmDKNz3gv3zsFNMcedbOuuFrxs60tXblABPQ1Ls8fX/nhAlGAYf E+c4wz/dPLNuOQ3DWO2hTBMLjEm7mUiKcbpTt5WqagWKwLpqA8kvgTbOdo3dGXwd kZAmktOVVi9TRYOP+oLxDIGTIrgpManM8Jqb7n68c45Fzj6ulVJD4ocW0rEUH48r CYYShmvGoCqFSqxcO05N4kSPiEdbYqyDh9C1oE7XS1UkGL2w78CZl1sZUaHwPgHU pLyf3lppNsccwMTAcVMt+fjT5EoqszicraU+GYrIi9Oao3o9d3KWvGIkmgczfYEF siNFxEWu3UmD7c2Noq6owjYjIScbRu0oIgJdDG6KR2ofqIbGaD2YfDyYsaf3+SHX URdn9PoMaAKDewr8YHYQS8l8qG458jCVr/C3Cg0nwQAz40AbuR7X2OLv2pE0sPgz G72iqoLg8ILhBzixRixRWJzoPZG2NTGTHs3V/VU93qK8fs/GlLWD8rfVDtbaHFEd JmN3CZ0kN9bIirMwFpHWRQPgxJ+6uEwy0j6Hypnpl/B5ii0UrOI= =UHa1 -----END PGP SIGNATURE-----
this release is a mandatory upgrade for service nodes, highly recommended for clients.
this release will have an accompanying release of storage server and oxend.
critical bug fixes (service nodes and clients)
- resolve inter node communication bug where multiple parallel outbound session attempts were being sent to the same remote udp endpoint causing a state race condition where establishing a new outbound session times out.
new client features
- new config option
[network]:persist-addrmap-fileto persist ephemeral ip mappings for inbound flows so that between restarts ip addresses dont remap for active flows, this allows tcp connections to stick between restarts.
- new config option
[dns]:add-hoststo add a dns hosts file by path for client side dns filtration, i.e. adblock and such.
- allow non-standard dns port in upstream dns
client side updates
- add upper bound on parallel ONS lookups per name
- refactor some outbound snapp flow code to make it functional, total rewrite of that layer will happen soon after tag (probably).
- redo snapp flow handover logic
build system / ci
- static deps now are built in parallel
- removed old android cruft, replaced gradle build system with
- added flutter to android ci docker image, removed gradle from android docker ci image
- fixed typo in debian-stable ci docker image
- package jni libs in android ci pipeline
- package lokinet-bootstrap binary instead of the shell script in ci pipeline
DumpStatusnative method to
network.loki.lokinet.LokinetDaemonfor state introspection
misc / utils
contrib/bencode-dump.pyscript for printing out bencoded files
lokinetmonupdates to match changes in RPC (removal of
- updates to readme.md about building from source
- we will no longer provide static linux binaries in releases, users of oxen-rancher (the only users that should even care about these to begin with) should use CI builds from the stable branch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 lokinet v0.9.4 b2sum hashes, currently the windows installer is unsigned. this will be updated shortly. f795f59216ef28e6f1572be9e376646c3772c13ba8100e00c55f7c524b2d9a6dcbe1697e13d6beac6708f99d33953d45871e15c2b96009d1b6d3d095bf2e5b97 *lokinet-v0.9.4.tar.xz ae766e6ac9302c9d929fef6a66bd754410dbbdbeb7a5c417ad39abcaf35ca9386b05dac9913e3d51f16a2ae78772d73853cbf8304b5186c729459123fd085923 *lokinet-0.9.4-win64.exe -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQRn72umjnsLDW6099TzV7O0L2+bBQUCYNb9FgAKCRDzV7O0L2+b BceSAP4mup5SbTxlGB/3SYSMcxVKnnG1raVA0vwBmbziaUOb6gEAmONAFJeGII3G EDn0SsvcLd5/7yMvPZrri8q8SP8T2w8= =8QmR -----END PGP SIGNATURE-----
v0.9.3 contains regression fixes for relays and clients, upgrade is either required or highly recommended.
relay side changes
- properly update service node list periodically (fixes the network wide regression that makes lokinet "not work good")
- add lokinet reachability testing and reporting to be enforced some time in the possibly near future (pending on oxend release)
- track decommissioned service nodes as well as active service nodes, allow sessions to decommissioned service nodes but not paths, keep any existing paths open until they are dead
- mitigate race condition on handling LinkRelayStatus Message that would not properly propagate a failure to the previous hop
client side changes
- re-enable multithreading on clients (but not service nodes)
- better handling of premature failures from outbound lookups so that dns fails happen only when a total fail happen. partial fails do not propagate a fail right away
- better path handover logic
- lower jitter from lack of a client side flush when there is low packet rate
- path latency measurement FEC
- path latency now uses the mean of the last N samples instead of the last measurement
- made client side profiling super aggressive in order to prune bad/dead/stale/unreachable relays faster. will most likely result in a sharp decrease in known nodes as the dead ones are pruned
- client side profiling decays every 30 seconds instead of every 30 minutes to speed up profiling redemption (marking possibly bad routers as good again)
- introsets are published via near routers instead of just random ones
- clients will now only look up outbound snapp convotags, inbound snapp convotags no longer "lookup and connect back" on failure to get an active convotag
- reduce ONS endpoint diversity to accomidate low end devices that don't build paths as fast, this way looking up things like
- properly reset invalid/non-existent convotags in every failure case we can
- fix windows build so that it (probably) produces a proper dll
- export all functions properly on windows (probably)
- added new mode to lokinetmon for viewing information about introsets and flows for clients (introset inspector mode)
- lokinetmon now uses argparse and has 2 flags:
--urlto set the rpc url and
--introsetto enter introset inspector mode
- decrease event loop tick interval from 100ms to 250ms to reduce log spam
[insert hashes here when they are ready]
This is the latest version of Lokinet, with brand new support for tunneled connections and embedded application use. It is a required upgrade for service node operators along with the Oxen-core 9.1.x upgrade.
At the current time we are not recommending this update for client/snapp use: this release has all of the service node updates required, but a new release targeting clients will follow shortly after the Oxen hard fork.
Changes since 0.8.x
- header includes now have
- lokimq -> oxenmq
- replace usages of mersenne twister with
llarp::CSRNGthat wraps libsodium
lokinet-bootstrapso it can run on windows
- bump static dependencies versions in cmake, update hashpins.
- liblokinet stream api with C headers
- redundancy in ons lookups, query every endpoint router and check for consensus.
- make ipv6 ranges configurable
[network]section to turn on route poker but not shove stuff over an exit, for when you want to run stuff in lokinet only mode with no exit
- allow multiple
[network]section so you can pin multiple first hops by their snode address.
[network]section to advertise ranges (including bogons) as reachable when running as exit. used for vpn intranet setups.
- decrease path build attempt interval from 1000ms to 100ms, lokinet will try building paths if it needs to every 100ms (10x faster)
- add sequence numbers to all routing messages
- add ethertypes to transfer traffic routing message for snode to snode and client to snode traffic.
Signatures for release binaries
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Signed SHA256 hashes of release files. These are signed using Jason's GPG key available at: - the oxen-io/oxen-core repository, at /utils/gpg_keys/Jason.asc - OpenPGP key servers (Jason Rhinelander <email@example.com>, A88D4262) - https://imaginary.ca/public.gpg 5e65425afac6325252e068a1f45c52fc73cf2eabefa5a6a50fe1b44f9451c536 lokinet-linux-amd64-v0.9.0.tar.xz 5ee5b635872cd8fc5328dd097d91cccb7c34fdb7c15e340398c74b8cd38f10e1 lokinet-macos-v0.9.0.tar.xz 21d2f79420c379802bffb9019773e4f558127c5c7b3c3678dae8911621d09a67 lokinet-windows-64bit-v0.9.0.zip -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZjYdjjyW5Bxty3BRxJks56iNQmIFAmCEhsIACgkQxJks56iN QmIQXw//aMk0l9ANpEA18egp/w5oV1h1BwRiwk9nN1Kyho1CEN8Y0fTGugu8Zegc mpCzbhm8aUji7Ywu4l0cn/EHYVlLvwjbc3bfFxBjD5N4IQVw6YOO2fXp//HOxaGP KYNyhHyjBXkpQgmdyFuD0Byqzmurb8aZ4w6QS3/D3yXBCEp4GmF+F4OTXDRZRSoN g7eIgP0uOewuwvE+SSxRf5bONitx57xBW7A3uoTNSoro+ltsrNnwPBjqpsPUwxZi rYnQ2DHxxpfv83lxQU/VPkcaSEzxAQA12e5qbS9oirScaO7UDwU/CmY8SEFvaZ45 pkgrnCuwvOq7H2PAmzfgsX8sjQPEqP4faDeSUPeeXzXMLq2KAa/4/CgFZkeXDkem 0bRWbskSu08FlPBzD4RnrT7aN/n3FOwPaa/25k2u5AR7HB5Ejdj0/MKaaY8vSm2D WNcMaSF720XVlqqZ3uWKADF0ekYZvlRyH5xrqXhFv4cgUoe9fmpxNx125830ynTX I96BsoOVkKR2/n8972Bchcl4mEk2iZjH+z7785eCfzug8Xtx3yVYSAtyqVa5kamd g9qSjDFg93MvwoO7zVPotg/QmIb5XlcwHoIuXyYUve8TBadR6EZQy5+0GjaMekVV 6BrFC7k9re6RWTyuU1d2FUl0944HFyq0raFApbahZS/Ju/NlqGA= =cykV -----END PGP SIGNATURE-----
lokinet rebranding release
- new logos
- stability fixes for windows
- rewrite lokinet-bootstrap utility so it can work on windows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 The following hashes have been signed for verification using keejef's GPG keys located in the oxen core repository at https://github.com/oxen-io/loki-core/blob/master/utils/gpg_keys/KeeJef.asc. SHA256 Hashes lokinet-0.8.5-win64.exe 60f1745b2d304dc35f9d5f2226a7824ca75b1f2875a43aab26ea9d249f981690 lokinet-v0.8.5.tar.xz 7be3097b1479b02853426ac0e1390769c521307fadefc8957b850b9fee53e3a7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCgAGBQJgfNQvAAoJEKyXFIlc5F1Vd8UH/0Ls7oSUEox93ffQpbP6YKf1 V9F8vw9YPV0uSrvJiV3h6nPQrpc/y6TEp8b1nmdXFQTVaY7gODFEvZg6Ci3EoX9F HpU6cvoZgKDTGOsoyHfeEi/tUhAWJC+BCQulhJbEbSGVRDGSg0BQJirGgmCvSqhJ Gy7gUH5c95NRBoiHkQ07xjhZucPWo7ccREQFfHhvTneJV79Rjo7zgI7nhBVtvRiG /SmLQNHmGfJxwS8ZOc9DpnZ7kJ+yvyCMAMLPgINCZ1xVZfUKDIfGDb8QKpVDappk eAiiNvfwACN492Sz55HcjV3hvckTJkWp8ZzYEPHCyKpYXX83dzEs+1tRFAjtTxQ= =57ua -----END PGP SIGNATURE-----