Corda M13 Released

Posted on Posted in Announcements
The following two tabs change content below.

Clinton Alexander

Software Engineer at R3
Clinton is a Software Engineer at R3, working on Corda. His main area of focus has been the Corda platform and CorDapp ecosystem.

Latest posts by Clinton Alexander (see all)

We are pleased to announce the Corda M13 release. This release contains two major new features, the Vault Query and the Identity Service, as well as significant progress towards API stability and user friendliness.

Release Notes

The long awaited new Vault Query service makes its debut in this release and provides advanced vault query capabilities using criteria specifications (see QueryCriteria), sorting, and pagination. Criteria specifications enable selective filtering with and/or composition using multiple operator primitives on standard attributes stored in Corda internal vault tables (eg. vault_states, vault_fungible_states, vault_linear_states), and also on custom contract state schemas defined by CorDapp developers when modelling new contract types. Custom queries are specifiable using a simple but sophisticated builder DSL (see QueryCriteriaUtils). The new Vault Query service is usable by flows and by RPC clients alike via two simple API functions: queryBy() and trackBy(). The former provides point-in-time snapshot queries whilst the later supplements the snapshot with dynamic streaming of updates. See vault-query for full details.

We have written a comprehensive “Hello, World!” tutorial, showing developers how to build a CorDapp from start to finish. The tutorial shows how the core elements of a CorDapp – states, contracts and flows – fit together to allow your node to handle new business processes. It also explains how you can use our contract and flow testing frameworks to massively reduce CorDapp development time.

Certificate checks have been enabled for much of the identity service. These are part of the confidential (anonymous) identities work, and ensure that parties are actually who they claim to be by checking their certificate path back to the network trust root (certificate authority).

To deal with anonymized keys, we’ve also implemented a deterministic key derivation function that combines logic from the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) protocol and the BIP32 hardened parent-private-key -> child-private-key scheme. This function currently supports the following algorithms: ECDSA secp256K1, ECDSA secpR1 (NIST P-256) and EdDSA ed25519. We are now very close to fully supporting anonymous identities so as to increase privacy even against validating notaries.

We have further tightened the set of objects which Corda will attempt to serialise from the stack during flow checkpointing. As flows are arbitrary code in which it is convenient to do many things, we ended up pulling in a lot of objects that didn’t make sense to put in a checkpoint, such as Thread and Connection. To minimize serialization cost and increase security by not allowing certain classes to be serialized, we now support class blacklisting that will return an IllegalStateException if such a class is encountered during a checkpoint. Blacklisting supports superclass and superinterface inheritance and always precedes @CordaSerializable annotation checking.

We’ve also started working on improving user experience when searching, by adding a new RPC to support fuzzy matching of X.500 names.

You can download the latest DemoBench from here.

For a full list of changes please see the changelog.

Start the discussion at