v0.0.20

v0.0.20

v0.0.19

v0.0.19

v0.0.18

REST-attest — Update

• Token-based protection: endpoints now require an access token for restricted routes.
• Configurable mask: a single mask defines which routes are public vs token-protected.
• Unified coverage: the mask applies to both API endpoints and their HTML views.

v0.0.17

v0.0.17

v0.0.16

Cnanges

• Password support for KMS requests in both kms-query and the secret-vm-startup script (reads vm_password from secret-vm.json).
• Dev override: when running in dev mode (DEBUG=true), a custom KMS contract address from secret-vm.json (kms_contract_address) can be used.

If these fields are not present, behavior remains unchanged.

v0.0.15

Changelog

• Attest REST server: fallback to secret-vm.json config when system_info.json is missing.
• Attest REST server: endpoints now return a plain text message when running in private_mode.

v0.0.14

Changelog

Added

• New /services endpoint — returns list of available services (secretvm + all Docker containers).

Changed

• Improved /logs endpoint:

  • Unified output format (systemd + Docker logs sorted by timestamp).
  • Filtering of noisy “blob data” entries.
  • Support for selecting logs per specific container via query parameter ?service=.

Other

• SecretVM version is now printed into /logs at VM startup for easier diagnostics.

v0.0.13

Changelog

KMS-related changes

• Updated secrets fetching to support service-scoped env (by service_id).
• Updated kms-query tool.

Attest REST changes

• /status now includes an env field (dev / prod) depending on the machine type.
• Added private_mode feature: when enabled, logs and docker-compose endpoints are disabled.
• Added public keys endpoints:
  • /publickey_ed25519
  • /publickey_secp256k1
    (HTML views are also available at /*.html)

v0.0.12

v0.0.12

v0.0.11

v0.0.11