Corda M9.1 Released

The following two tabs change content below.

Clinton Alexander

Software Engineer at R3
Clinton is a Software Engineer at R3, working on Corda. His main area of focus has been the Corda platform and CorDapp ecosystem.

Latest posts by Clinton Alexander (see all)

We are pleased to announce the latest monthly Corda milestone release, M9.1. This release focuses on improvements to resiliency of the core infrastructure, with highlights including a prototype Byzantine fault tolerant (BFT) decentralised notary, based on the BFT-SMaRT protocol and isolating the web server from the Corda node.

Upgrading is recommended, especially if your project involves running a network of 3+ nodes locally. There have been some API changes but upgrading most CorDapps should only take a few minutes.


R3 have launched a global training programme, with two days of classes from the R3 team being hosted in London, New York and Singapore. R3 members get 5 free places and seats are going fast, so sign up today at

Release Notes

  • With thanks to open source contributor Thomas Schroeter for providing the BFT notary prototype, Corda can now resist malicious attacks by members of a distributed notary service. If your notary service cluster has seven members, two can become hacked or malicious simultaneously and the system continues unaffected! This work is still in development stage, and more features are coming in the next snapshot!
  •  The web server has been split out of the Corda node as part of our ongoing hardening of the node. We now provide a Jetty servlet container pre-configured to contact a Corda node as a backend service out of the box, which means individual webapps can have their REST APIs configured for the specific security environment of that app without affecting the others, and without exposing the sensitive core of the node to malicious Javascript.
  • We’ve started on support for confidential identities, based on the key randomisation techniques pioneered by the Bitcoin and Ethereum communities. Identities may be either anonymous when a transaction is a part of a chain of custody, or fully legally verified when a transaction is with a counterparty. Type safety is used to ensure the verification level of a party is always clear and avoid mistakes. Future work will add support for generating new identity keys and providing a certificate path to show ownership by the well known identity.
  • There are even more privacy improvements when a non-validating notary is used; the Merkle tree algorithm is used to hide parts of the transaction that a non-validating notary doesn’t need to see, whilst still allowing the decentralised notary service to sign the entire transaction.
  • The serialisation API has been simplified and improved. Developers now only need to tag types that will be placed in smart contracts or sent between parties with a single annotation… and sometimes even that isn’t necessary!
  • Better permissioning in the cash CorDapp, to allow node users to be granted different permissions depending on whether they manage the issuance, movement or ledger exit of cash tokens.
  • We’ve continued to improve error handling in flows, with information about errors being fed through to observing RPC clients.
  • There have also been dozens of bug fixes, performance improvements and usability tweaks.

Upgrading is definitely worthwhile and will only take a few minutes for most apps.
For a full list of changes please see .


  1. xyz says:

    How many more years do you think it is needed for it to be ready for production?

  2. Great question - the only milestone that we are trying to hit right now is the Corda v1.0 API compatibility milestone which we believe we will hit around Sep / Oct this year. At this point, any CordApps you’ve written for Corda should* be forward compatible with updated APIs that we publish ( * = we will make best efforts, but we obviously can’t guarantee upon pain of death!). Also… dare I say it but “ready for production” is quite a subjective term… You don’t have to have a production ready DLT in order to start the software engineering process to write against it.

  3. production ready is very subjective , I guess it would really only matter if R3 started offering service contracts under SLA, IOTWs if it seems to work live on the edge , it that’s your thing of course :slight_smile:

Continue the discussion at