v3.1.0

• Add a test case mimicking a real life bug ([WPB-15810]), demonstrating that in some cases it was possible to generate errors by swapping the ordering of two messages.
• Add a new layer of buffering to handle that situation.

Note

Decrypting a message can now potentially return a MlsError::Other variant with the message

Incoming message is a commit for which we have not yet received all the proposals.
Buffering until all proposals have arrived.

Clients do not need to take any action in response to this message.
This error simply indicates that the commit has been buffered, and will be automatically unbuffered when possible.

If the required proposal is never delivered, however, the client will eventually desync as the commit will never be processed. Clients should be on the lookout for this case and trigger their rejoin protocol in that event.

v4.1.0

Highlights

• Adds commit buffering, so that CoreCrypto is now tolerant to receiving a commit even if not all referenced proposals have yet been received.
• Adds a new public error variant, BufferedCommit, to indicate that a commit has been received but cannot yet be applied

⚠️ Versioning Note ⚠️

Due to the new public error variant, this may technically be a breaking change depending on how strict your language is about such things. This is of particular interest to Kotlin developers.

v4.0.1

This release was done mostly to allow clients to use artifacts that are consistent across all platforms.

Features

• support entity derive for tables with hex ids (0bd3676)

v4.0.0

⚠️ This release is deprecated. Do not use artifacts of this release. Upgrade to v4.0.1 instead. ⚠️

Highlights

• All errors crossing the FFI boundary are now logged.
• An iOS client has been added to internal interop tests, which means we now
  test the entire FFI stack on iOS.
• A new interface for MLS transport has been added, allowing for a much simpler
  and more robust CoreCrypto API.
• Removal of a number of deprecated and unnecessary functions and types.
• Completely reworked internal error handling, to allow for more precise
  errors.
• A number of improvements to Kotlin and Javascript bindings, making the
  bindings more consistent.
• The decode tool gained support for decoding MLS messages.

Breaking changes

• Deprecated functions on the CoreCrypto type that were automatically
  creating transactions have been removed.

  Affected platforms: Web, Android, iOS

  Migration: replace calls to functions on CoreCrypto with calls to
  corresponding functions on CoreCryptoContext, which is created when you
  explicitly create a transaction. Transactions have to be explicitly created
  now.

• The low-level uniffi-generated Kotlin bindings code is no longer publicly
  available. It should never have been used in application code directly.

  Affected platforms: Android

  Migration: make sure to use the Kotlin high-level API only.

• The Wasm bytecode generated by wasm-bindgen is now imported directly when
  importing the corecrypto module. This makes sure that the Wasm module is
  immediately initialised, without any additional steps. There is no need for
  the client app to know or handle the path to Wasm bytecode file.

  Additionally, it is now possible to use the same CoreCrypto module in both
  browser and non-browser contexts.

  Affected platforms: Web

  Migration: drop any references to core-crypto-ffi_bg.wasm and do not set
  the wasmFilePath argument to the CoreCrypto.init function -- it is no
  longer used. Additionally, make sure there is no special handling or separate
  hosting of the Wasm bytecode file. CoreCrypto release artifacts should be
  used without any changes.

• Validation callbacks, as well as related error variants, have been removed.

  Affected platforms: Web, Android, iOS

  Migration: remove all implementations of authorize, userAuthorize and
  clientIsExistingGroupUser, as well as calls to CoreCrypto.setCallbacks.

• The MlsTransport interface has been added. This is another milestone in
  the effort to simplify the public API and make it more robust.

  All client applications have to provide an implementation of the new
  interface, which comprises only two functions, sendMessage and
  sendCommitBundle.

  Affected platforms: Web, Android, iOS

  Migration: implement the MlsTransport interface and call
  CoreCrypto.provideTransport to make CoreCrypto use your implementation.

• Functions CoreCrypto.wipe and CoreCrypto.unload have been removed. They
  were not providing any value.

  Affected platforms: Web, Android, iOS

  Migration: drop calls to wipe and unload. Client applications wishing to
  make their keys and conversations inaccessible should remove the CoreCrypto
  database explicitly.

• The function CoreCrypto.proteusLastErrorCode has been removed. We now have
  Proteus error codes attached to errors that are emitted by CoreCrypto.

  Affected platforms: Web, Android, iOS

  Migration: drop calls to proteusLastErrorCode and instead check the returned
  error object.

• The functions CoreCrypto.buildMetadata and CoreCrypto.version have been
  moved to the module level. It is no longer required to create a CoreCrypto
  instance to call them.

  Affected platforms: Web

  Migration: use module-level buildMetadata and version functions.

• Several changes have been made to the E2EI API.

  The function CoreCrypto.e2eiRotateAll has been removed. Client applications
  should instead go over each conversation individually and call
  CoreCrypto.e2eiRotate.

  Two new functions have been added, CoreCrypto.saveX509Credential and
  CoreCrypto.deleteStaleKeyPackages. The former should be used after getting
  a new X509 credential, while the latter should be called after generating
  keypackages for the new credential and replacing the stale ones in the
  backend.

  Affected platforms: Web, Android, iOS

  Migration: replace calls to e2eiRotateAll with iterations over
  conversations, calling e2eiRotate on every conversation and checking for
  errors. Use saveX509Credential and deleteStaleKeyPackages as appropriate
  (more details in API documentation).

• The proposal API has been removed, simplifying the public API a great deal.
  This includes functions like newProposal, newExternalProposal,
  clearPendingProposal, joinConversation etc.

  Affected platforms: Web, Android, iOS

  Migration: drop all calls to removed functions as they are no longer
  necessary with the new MLS transport interface.

Features

• add support for decoding MLS messages (c921210)
• integrate iOS interop client into interop tests (3b19886)
• iOS interop client (e2568dd)
• log all errors returned across ffi boundary [WPB-14355] (6f1d1c3)
• implement basic derive macro for entity trait [WPB-14952] (797ff75)
• [breaking] APIs that produce commits send them over MLS transport [WPB-12121] (daa3a6e)
• [breaking] crypto-ffi: move buildMetadata to the module level [WPB-14827] (0cfbe4f)
• run instrumented android test on CI (44f74a6)
• [breaking] add mls transport api in wrappers (a80c042)
• [breaking] add transport api [WPB-12119], remove validation callbacks [WPB-14463] (dea76f9)

Bug Fixes

• publishing android artifact by disabling javadoc generation (68af2b3)
• emit output when bailing out (821de8e)
• chrome webdriver crashing when running on macos-latest runner (54f9a86)
• broken error type mapping in try/catch patterns. (9d0dc59)
• fix TS wrapper according to mls transport API changes [WPB-15407] (286f114)
• mls transport retry implementation as designed (7c9f2b0)
• crypto-ffi: fix Typescript documentation generation (4b8498e)
• fix decryption of pending messages when receiving own commit (705dfd7)
• error mapping for LeafError type (e03e030)
• manually implement std::error::Error for RecursiveError (6886fe0)
• keystore: remove debug_assert! calls in the memory keystore impl [WPB-14558] (6fb5a56)
• innermost_source_matches can handle dereferencing boxed errors (045b3cc)
• cause kotlin to build again (7ba1bbc)
• ensure everything still builds in arbitray feature combinations (0365192)
• cause doctests to build/pass (3d56953)
• make leaf node validation tests pass (d65a69e)
• fix check ci action (a8aa178)
• fix remaining failing test cases (2f8aec4)
• make core-crypto compile again for wasm32-unknown-unknown (3120040)
• expose OrphanWelcome to clients [WPB-14954] (14742ad)
• silence verbose logs when performing a transaction [WPB-14953] (b248ff0)
• don't swallow transaction errors if they don't originate from the closure [WPB-14895] (082b8bc)
• wait for current transaction to finish when creating a new one [WPB-14895] (991d5fd)
• instrumented android tests not compiling (309d374)
• start deleting/wiping the clients in the interop tests (d9e39d0)
• [breaking] stop exposing wipe() and unload() since they are broken in Kotlin [WPB-14514] (f0bec13)

Documentation

• add a correct safety comment for CoreCryptoWasmLogger (67e9f27)
• update CHANGELOG for 4.0.0 (a961df7)
• some minor docs cleanup (1fd0f46)
• add MLS decoding example (910ae58)
• fix github pages deployment (0aac074)
• refine kotlin wrapper docs (923496d)
• crypto-ffi: fix some of the warnings [WPB-15318] (4f1a82c)
• README: fix Wasm instructions and a couple of typos [WPB-14827] (ed5bd09)

Testing

• add test for retrieving the CC version (9fd4c5a)
• ensure that errors raised in core-crypto produce logs [WPB-14355] (d5b496e)
• update error type mapping test (7bfa905)
• remove proposal API tests in Kotlin/TS wrappers (ef2844b)
• retry with or without intermediate commits should work (2ba486c)
• support intermediate commits on retry (f5ca4f3)
• remove duplicate test (0488a1c)
• remove tests about "leaking entities" (8b36320)
• add tests for error type mappings (9bd3515)
• crypto-ffi: remove tsc-import-test.ts (1b41df4)
• crypto-ffi: change wdio log level to warn [WPB-14558] (39b830f)
• crypto-ffi: use the module level function buildMetadata [WPB-14827] (2a35392)
• parallel transactions are performed serially (20d47c1)

v3.0.2

• Fix a bug which could cause certain errors to generate spurious log lines of the form

  Cannot build CoreCryptoError, falling back to standard Error! ctx: Incoming message is from an epoch too far in the future to buffer.

v3.0.1

Highlights

• Emit info log with context when buffering, restoring, or clearing buffered messages

v3.0.0

Highlights

• Fix the 'transaction in progress' error when there was an attempt to perform multiple transactions
  in parallel. This will no longer throw an error, instead the transactions will be queued and performed
  serially one after another.

Breaking changes

• Added the missing MLS error case OrphanWelcome.

Bug Fixes

• expose OrphanWelcome to clients [WPB-14954] (530b2e4)
• silence verbose logs when performing a transaction [WPB-14953] (b13553d)
• don't swallow transaction errors if they don't originate from the closure [WPB-14895] (124b8a7)
• wait for current transaction to finish when creating a new one [WPB-14895] (73b9d52)

Testing

• parallel transactions are performed serially (ccc0b32)

v2.0.0

Highlights

• The number of public errors has been reduced and simplified. It's no longer necessary to use the
  proteus_last_error_code function, since thrown error should contain all the information.
• The logger callback now includes an additional context parameter which contains additional context
  for a log event in the form of a JSON Object string.
• It's now possible to change the logger and log level at runtime (see setLogLevel and setLogger).

Breaking changes

• Dropped support for i686-linux-android target.
• CoreCryptoLogger takes an additional context parameter.
• CoreCryptoError and its child errors have been refactored to reduce the amount of error we expose and provide explicit
  errors for Proteus errors. The errors we have removed will appear under the Other case.

  enum ProteusError {
      SessionNotFound,
      DuplicateMessage,
      RemoteIdentityChanged,
      Other(Int),
  }
  
  pub enum MlsError {
      ConversationAlreadyExists,
      DuplicateMessage,
      BufferedFutureMessage,
      WrongEpoch,
      MessageEpochTooOld,
      SelfCommitIgnored,
      UnmergedPendingGroup,
      StaleProposal,
      StaleCommit,
      Other(String)
  }
  

Features

• include the message of the source error when bundling errors together [WPB-14614] (16bc6e6)
• refactor non-WASM error types (9d41c11)
• proteus error codes are Option<u16> not u32 outside wasm also (52547a0)
• refactor WASM error types (31c860a)
• proteus error codes are Option<u16> not u32 (838c1ce)
• add logging for following the changes in mls groups WPB-11544 (8cc0e7f)
• support logs with a context of key/value pairs (b6ef534)
• disambiguate WrongEpoch [WPB-14351] (e6a5e01)
• support changing the logger and log level at runtime WPB-11541 (cd071f0)
• add helper to extract data from within a transaction (c852363)
• relax Debug trait bound on CoreCryptoCommand and add Rust helper [WPB-12132] (e952a0f)

Bug Fixes

• bump ios deployment target to 15.0 to fix linker issue (1327b1b)
• improve errors when hitting an idb error during IndexedDB migration (0c0c954)
• don't obfuscate rexie error in keystore v1.0.0 (6ed43e6)
• improve errors when hitting a indexdb error during cryptobox migration (682bd9a)
• build without error without default features (97e2d24)

Documentation

• improve platform-specific test instructions (a08a3b2)
• improve naming and documentation for TransactionHelper (e8b4756)

Testing

• cause jvm kotlin tests to pass (3b8d930)
• fixup tests broken by recent changes (59db9ed)
• change test for build metadata to achieve closer parity with the kotlin test (ffd4e02)
• use wdio where bun test was used previously (9c67569)
• use util functions, migrate tests from puppeteer to wdio [WPB-12176] (fbff47a)
• add test util functions [WPB-12176] (196c877)
• crypto: use world.com instead of wire.com [WPB-14356] (6edcef7)
• crypto: use explicit functions to create certificate bundles [WPB-14356] (c52b9b6)
• crypto: remove From impls for CertificateBundle [WPB-14356] (2f59009)
• add js test for for logs with context data (600ba7c)
• add test that build metadata is available in kotlin via uniffi (87c3ab9)
• add test that build metadata is available in ts (4aa18e6)
• add js binding test verifying that we can replace a logger (30d9db7)
• update js tests after renaming initLogger to setLogger (1c1c949)

v1.1.2

Bug Fixes

• improve errors when hitting an idb error during IndexedDB migration (8512391)
• don't obfuscate rexie error in keystore v1.0.0 (3896bab)

v1.1.1

Bug Fixes

• Improve errors when hitting an indexdb error during cryptobox migration (3266550)