Releases: celestiaorg/op-alt-da
Releases · celestiaorg/op-alt-da
v0.13.0-mocha
Overview
Compatible with celestia-node v0.29.1-mocha and celestia-app v7.0.2-mocha.
What's Changed
Full Changelog: v0.12.0...v0.13.0
Contributors
jcstein
Assets 15
v0.12.0
v0.11.1
Release Notes: v0.11.0
Features
AWS KMS Keyring Backend Support (#54)
Added support for AWS KMS as a keyring backend, providing a secure alternative to local keystores for production deployments.
Key capabilities:
- Remote signing using AWS KMS for enhanced security
- Hardware-backed key storage in AWS KMS HSMs
- Auto-creation of keys on first use for simplified setup
- Support for importing existing Celestia keys into KMS
- LocalStack compatibility for local development and testing
- Configurable alias prefixes for multi-tenant deployments
Configuration:
New configuration section [celestia.awskms] with the following options:
region- AWS region for KMS service (default: "us-east-1")endpoint- Custom endpoint for AWS KMS, LocalStack or other KMS-compatible servicesalias_prefix- Prefix for KMS key aliases (default: "alias/op-alt-da/")auto_create- Automatically create keys if they don't exist (default: false)import_key_name- Name of key to import from local keyringimport_key_hex- Hex-encoded private key to import into KMS
Usage:
Enable AWS KMS backend by setting keyring_backend = "awskms" in the [celestia] section:
[celestia]
keyring_backend = "awskms"
default_key_name = "my_celes_key"
[celestia.awskms]
region = "us-east-1"
endpoint = ""
alias_prefix = "alias/op-alt-da/"
auto_create = trueFor production deployments, ensure IAM permissions include: kms:CreateKey, kms:CreateAlias, kms:GetPublicKey, kms:Sign, and kms:ListAliases.
Bug Fixes
- Fixed DefaultKeyName to use updated keyname variable in transaction client (#55)
- Ensures consistent key name usage after runtime configuration updates
Improvements
- Refactored keyring initialization for better modularity
- Updated documentation with comprehensive AWS KMS setup instructions
- Added LocalStack development workflow for testing KMS integration
- Improved keyring backend configuration validation
Dependencies
- Updated
celestia-awskmsto v0.2.0
Documentation
- Added AWS KMS backend setup guide with LocalStack examples
- Added instructions for importing existing Celestia keys into KMS
- Updated configuration reference with AWS KMS options
- Added key export instructions using
cel-keytool
Contributors
- @InoMurko (Ino Murko)
Contributors
InoMurko
Assets 2
Release Notes: v0.10.0
Highlights
v0.10.0 is a major release that introduces a fully stateless DA server architecture, TOML configuration support, server hardening, and repositions S3 as an optional fallback layer.
What's New at a Glance
- TOML configuration files - Clean, version-controllable config via
--config - Server hardening - HTTP timeouts, max blob size protection against attacks
- Local keyring signing - Direct CoreGRPC submission for reliable writes
- S3 as fallback - S3 is now a redundancy layer, not primary storage
- Prometheus metrics - Comprehensive observability for blob operations
- Parallel blob submissions - Scale throughput with multiple worker accounts
Prerequisites
Before upgrading, ensure your Celestia infrastructure meets these minimum versions:
| Component | Minimum Version | Required For |
|---|---|---|
| celestia-node | v0.28.4 | Reliable blob reads |
| celestia-app | v6.4.0 | Parallel transaction support, sequence locking |
Warning: Parallel workers will not function correctly with older versions.
New Features
TOML Configuration File Support
Run the server with a simple, readable config file:
./bin/da-server --config=config.tomlSee config.toml.example for a complete template with all options documented.
Server Hardening
New HTTP server protections for production deployments:
read_timeout = "30s" # Protection against Slowloris attacks
write_timeout = "120s" # Max time to write response
idle_timeout = "60s" # Max idle keep-alive time
[submission]
max_blob_size = "2MB" # Protection against memory exhaustionParallel Blob Submissions
Scale throughput with multiple worker accounts:
[celestia]
tx_worker_accounts = 4 # Use 4 worker accounts for parallel submissionsPrometheus Metrics
Comprehensive observability when enabled (--metrics.enabled=true):
| Metric | Type | Description |
|---|---|---|
op_altda_request_duration_seconds |
Histogram | HTTP request duration by method |
op_altda_blob_size_bytes |
Histogram | Size of submitted/retrieved blobs |
celestia_submission_duration_seconds |
Histogram | Time to submit blob to Celestia |
celestia_submissions_total |
Counter | Total blob submissions |
celestia_retrieval_duration_seconds |
Histogram | Time to retrieve blob from Celestia |
S3 Credential Support
S3 credentials support three modes:
static— Explicit access key and secretenvironment— AWS environment variables (AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY)iam— IAM role (EC2, ECS, Lambda)
Enhanced Fallback Behavior
When fallback is enabled:
- Write-through: Blobs are written to S3 asynchronously after Celestia submission
- Read-fallback: If Celestia retrieval fails, attempt S3
- Read-through: Blobs read from Celestia are cached to S3
Breaking Changes
Local Keyring Required for Blob Submission
Auth tokens are no longer supported for blob.Submit. All submissions now use CoreGRPC with a local keyring:
[celestia]
core_grpc_addr = "consensus-full-mocha-4.celestia-mocha.com:9090"
keyring_path = "~/.celestia-light-mocha-4/keys"
default_key_name = "my_celes_key"
p2p_network = "mocha-4"S3 Flags Renamed to Fallback
S3 is now a fallback provider. All --s3.* flags have moved to --fallback.s3.*:
| v0.9.x | v0.10.0 |
|---|---|
--s3.credential-type |
--fallback.s3.credential-type |
--s3.bucket |
--fallback.s3.bucket |
--s3.path |
--fallback.s3.prefix |
--s3.endpoint |
--fallback.s3.endpoint |
--s3.access-key-id |
--fallback.s3.access-key-id |
--s3.access-key-secret |
--fallback.s3.access-key-secret |
--s3.timeout |
--fallback.s3.timeout |
--routing.fallback |
--fallback.enabled |
--routing.cache |
(removed) |
Default Value Changes
| Setting | v0.9.x | v0.10.0 |
|---|---|---|
--celestia.tls-enabled |
true |
false |
| S3 timeout | 5s |
30s |
| CoreGRPC address | http://localhost:9090 |
(required when enabled) |
Migration
Recommended: Use TOML Configuration
./bin/da-server --config=config.tomlconfig.toml:
[celestia]
namespace = "00000000000000000000000000000000000000000000000000000000acfe"
bridge_addr = "http://localhost:26658"
bridge_auth_token = ""
core_grpc_addr = "consensus-full-mocha-4.celestia-mocha.com:9090"
core_grpc_tls_enabled = true
keyring_path = "~/.celestia-light-mocha-4/keys"
default_key_name = "my_celes_key"
p2p_network = "mocha-4"
[fallback]
enabled = true
provider = "s3"
[fallback.s3]
bucket = "my-bucket"
region = "us-east-1"
credential_type = "environment"See config.toml.example for the complete template with all options.
Removed
--routing.cacheflag
Documentation
- See config.toml.example for all configuration options
- See README.md for complete documentation
- See API.md for API reference
Full Changelog: v0.9.0...v0.10.0
v0.9.0
Celestia V6 upgrade compatible DA Server for OP Stack
What's Changed
- Update .goreleaser.yaml by @sysrex in #28
- feat(server): add prometheus metrics by @tuxcanfly in #30
- Add ca-certificates installation in Dockerfile by @InoMurko in #32
- build(deps): bump the go_modules group across 1 directory with 4 updates by @dependabot[bot] in #31
- bump celestia version and fix imports by @sysrex in #33
- fix: fix cache and fallback by @InoMurko in #34
- fixes by @InoMurko in #36
- Add ca-certificates package to the docker image by @nktaushanov in #40
- update celestia-node by @Ferret-san in #38
New Contributors
- @sysrex made their first contribution in #28
- @dependabot[bot] made their first contribution in #31
- @nktaushanov made their first contribution in #40
Full Changelog: v0.7.0...v0.9.0
Contributors
tuxcanfly, sysrex, and 4 other contributors
Assets 15
v0.9.0-mocha
Changelog
- a31a41d bump celestia version and fix imports
- de9cc7a Merge pull request #31 from celestiaorg/dependabot/go_modules/go_modules-c79a46c7f6
- e8d2a5e Merge pull request #32 from InoMurko/patch-1
- fdd028d Merge pull request #1 from InoMurko/InoMurko-patch-1
- abac2a0 Add ca-certificates to Dockerfile build process
- 0d3772c Add ca-certificates installation in Dockerfile
- a767c60 build(deps): bump the go_modules group across 1 directory with 4 updates
- 1242e6b Merge pull request #30 from celestiaorg/tux/prometheus-metrics
- bac581a feat(server): review
- ed96208 feat(server): add prometheus metrics
- 429b6d5 Merge pull request #28 from sysrex/sysrex/change_the_name_of_the_image
- 2c8727e Update .goreleaser.yaml
v0.8.0-mocha
Contributors
sysrex
Assets 2
v0.7.0
What's Changed
- Restored backward compatibility with v0.4.0: renamed
--celestia.addrto--celestia.server - Renamed configuration environment variables prefix:
OP_PLASMAtoOP_ALTDA - Updated S3 endpoint flag to optional:
--s3.endpoint - Updated celestia rpc auth token flag to optional:
--celestia.auth-token
Changelog
- 2c25048 Merge pull request #24 from celestiaorg/tux/readme-kurtosis
- bf60800 doc(readme): update docker image
- 8bd88fa doc(readme): use op-alt-da localestia image
- 51c9f6d doc(readme): update testing guide
- 61793cc Merge pull request #26 from celestiaorg/tux/compat
- 6a0ac34 fix(docker): bump golang
- 0a62031 fix(server): typo
- eddbb6b fix(server): reorder flags
- 11daff0 fix(server): rename CELESTIA_ADDR -> CELESTIA_SERVER
- 4ca0a59 docs(readme): add tx client section
- 6d4d260 fix(server): refactor required, optional flags
- e4c3300 fix(server): rename celestia.addr -> celestia.server
- f263f8a fix(server): revert breaking changes
- a56b3ec Merge pull request #10 from celestiaorg/tux/rm-generic-comm-flag
- 9116a85 fix(daserver): rm unused flag; fmt
- 6bf9b7d Merge pull request #21 from celestiaorg/tux/commitment-index-length
- 906483d fix(server): compact blobid flag
- e05b8b6 fix(server): test legacy
- 2d2651f fix(server): rename vars
- 9db63b3 fix(server): fix test
- fa9d807 fix(server): rebase
- 9deeda4 fix(server): support previous version
- c7e541b fix(server): refactor blob id
- 9bb493e fix(server): add share index, length to id