v2.30.0

Release date: November 04, 2025

New features

Circles management for signers/members page

Similar to the existing feature for managing members added to a circle from the circles page, now all circles of a member or signer can be managed from it's detailed view. This means, when clicking on a signer or member, you will be able to view, assign and remove circles to it. This allows to review and manage roles of a signer in a centralized view.

Improvements

Access policy filter is now evaluated

Ledger evaluates filter from the root of access policies from now on. Filter from values are merged with root filter, taking precedence on conflicts. Check this example of a policy that defines constraints to read and query wallets.

  {
    "handle": "wallet-policy",
    "record": "wallet",
    "filter": {
      "custom.bic": "123"
      "schema": "bank-wallet"
    },
    "values": [{
      "action": "read",
      "filter": {
        "custom.type": "acc",
        "schema": {
          "$in": ["bank-wallet", "exchange-wallet"] 
        }
      },
      "signer": {
        "handle": "my-signer"
      }
    }, {
      "action": "query",
      "signer": {
        "handle": "my-signer"
      }
    }]
  }

The resulting filter for "read" is

  {
    "custom.type": "acc",
    "custom.bic": "123",
    "schema": {
      "$in": ["bank-wallet", "exchange-wallet"] 
    }
  }

while for "query" we have

  {
    "custom.bic": "123",
    "schema": "bank-wallet"
  }

Error reference

• Introduced new error classes:
  • CoreThreadSizeExceeded
  • CoreUnsupportedOperation
• Fixed Error Reference to include missing errors:
  • api.service-unavailable
  • record.labels-policy-violation
  • record.status-policy-violation
  • record.status-quorum-not-met
  • record.update-rejected

Asserting intent consistency before processing

Ledger now asserts intent entity proofs and hash consistency before processing it. This ensures that corrupted intents are not processed.

Studio UX

• Updated account navigation text truncation in Studio to dynamically adjust text length based on media query, improving readability across different screen sizes.

Ledger general

• Fixed anchor endpoints PUT v2/anchors/:id(update), DELETE v2/anchors/:id(drop) and POST v2/anchors/:id/proofs(sign) not to fail when anchor forwarding is enabled, forward strategy is proxy and anchor doesn't exist locally.
• Allow updating an anchor's target. Now it's possible to change the target of anchors in ledger. This change is applicable also to updates with proxy (anchor forwarding enabled).
• Deprecated bridge generic security rule.

Studio

• Improved security of the /studio/forgot endpoint to prevent DDoS attacks and user enumeration.

Fixes

• [studio] Fixed HTTP 500 error by migrating CSRF token storage from multi-layer cache to session-based approach, ensuring consistent token validation across Studio instances in STG and PRD environments.