Versions

Institutional Vault: v2.7.0
Policy Nodes: v8.27.2
NATS: v2.7.0
configmap-init: v0.1.0

Changelog

Asset and chain identification:
- Add Asset and address registration flows now identify assets with CAIP-19 values obtained from /api/supported-assets.
- The Add Asset dialog populates the blockchain dropdown dynamically from /api/supported-chains instead of a hardcoded list, displaying each chain with its protocol, network, and CAIP-2 identifier.
- Transfer, call-contract, and deploy-contract paths accept CAIP-19 wherever an asset must be specified.
- CAIP-19 columns added to addresses, address balances, assets, and transactions tables with a backfill script for existing data.
- Token balances and transactions are now supported on Canton for any CIP-56 HoldingV1 instrument, not just native Canton Coin.

Policy workflow:
- An Inflight Operations tab in the Policy V2 interface surfaces pending restriction updates that are awaiting approval.

Wallet UI:
- Token icons display native network badges in cold wallet transactions.
- Client-provided crypto icon overrides are supported with backend and default fallback behavior.
- Asset icons are cached in memory after first load, eliminating repeated network requests when scrolling transaction lists.
- Transfer fee rate input is temporarily hidden and FeeRate is optional in transfer requests.
- ETH Sepolia and Hoodi are grouped together on the exchange rate page.
- WalletConnect is deprecated.

Wallet and authentication:
- OIDC callback handling is hardened and auth-dependent requests are deferred until login completes.
- Native token transfers with zero amount to an external address are handled correctly.

Audit and operations:
- Audit logs include resolved wallet addresses, account names, and contract function names (mint, burn, freeze, unfreeze, pause, unpause, clawback) for transfer-family operations.
- Unknown Policy Nodes operations are now captured in audit logs.

Deployment and configuration:
- Azure init jobs are reworked into containers with Go binaries.
- The configurator supports a configurable log level and images are pushed to the blockdaemon/iv/ registry path.
- EVM trackers support a configurable env field.

Policy Nodes:
- Canton raw signing proceeds against applicable rules when a submission references a previously unseen package identifier instead of failing solely for that reason.
- Addresses are resolved to master keys and account names in transaction intents.
- Transaction intents can carry decoded raw transaction context for clearer approver and consumer visibility.
- Restriction function names for Freeze, Unfreeze, Pause, and Clawback are simplified by removing the DTC prefix.

Breaking changes and migrations

- POST /api/vaults/{id}/addAsset now accepts a single CAIP19 string. Replace the previous L1Protocol, Network, and Asset fields with the matching CAIP-19 from /api/supported-assets.
- POST /api/assets/addAddress requires the CAIP19 field on every request body.
- Update transfer and smart-contract clients to supply CAIP-19 wherever an asset is required. See the bundled CAIP-19 migration guide for common mappings and a checklist.

Versions

Institutional Vault: v2.6.4
Policy Nodes: v8.26.6
NATS: v2.6.4
configmap-init: v0.1.0

Changelog

Policy Nodes:
- Canton signing recognizes TransferInstruction Reject and Withdraw outcomes alongside ExecutedTransfer.
- The Canton gRPC client backs off keepalive intervals to comply with server policy.
- The Canton faucet driver propagates errors when an upstream call returns a non-200 response.

Versions

Institutional Vault: v2.6.3
Policy Nodes: v8.26.5
NATS: v2.6.3
configmap-init: v0.1.0

Changelog

Audit and operations:
- Audit logs export as CSV instead of ZIP.

Policy workflow:
- Policy v2 retrieves transaction restriction function filter options dynamically from the policy service rather than a fixed list.

Wallet UI:
- Pending export transactions can be cancelled directly from the wallet interface.

Wallet and authentication:
- The wallet remains operational when the Canton driver is unavailable instead of failing to start.

Asset and chain identification:
- Solana transaction synchronization is more reliable.

Deployment and configuration:
- Corrected secret naming during tfvars file generation.
- The deprecated WithNoApprovalsGroups option is removed from policy node configuration.

Policy Nodes:
- Solana batch signing supports multiple nonce accounts per authority and multiple SOL transactions per batch.
- Canton testnet support uses CAIP-2 identifiers in the signing gateway in place of a separate testnet flag.

Versions

Institutional Vault: v2.6.2
Policy Nodes: v8.24.9
NATS: v2.6.2
configmap-init: v0.1.0

Changelog

Asset and chain identification:
- The /api/assets/getExchangeRates response identifies Canton tokens with InstrumentID and RegistrarPartyID in place of ContractAddress.
- EVM blockchain drivers register using CAIP-2 identifiers, continuing the move toward CAIP-based chain identification.
- Asset lookups and balance recalculation use the supported-asset manager as the single source of truth.

Wallet and authentication:
- The legacy v1 retryAddAddress and stakingPlans endpoints are removed.

Azure confidential containers

Policy Nodes can now run in Azure ACI Confidential Containers with private DNS, internal NATS load balancing, and ARM template deployment, providing hardware-backed isolation for policy evaluation.

Reliability

An in-memory LRU cache prevents duplicate processing of the same transaction event, reducing redundant work during high-throughput periods.

Deployment

Azure customer deployments support customizable Terraform variable overrides. Container image population uses the linux/amd64 platform explicitly, ensuring consistent builds across host architectures.

Canton CIP-56 tokens

Canton CIP-56 utility tokens can now be registered, expanding the supported Canton asset types beyond standard Amulet holdings.

Observability and reliability

Wallet and Policy Node log levels are configurable through the deployment configuration file. Policy Node software is upgraded to v8.24.9.

Solana

Solana SPL token amounts display correctly in the Cold Wallet interface.

Policy Engine V2 restrictions

Transaction and configuration restriction management is available through new dedicated tabs in the policy UI (behind a feature flag). Operators can add, edit, and delete restrictions for both transaction and configuration policies, with column layout selection and browser-persisted preferences.

Canton on Azure

Canton is now configurable for Azure customer environments, enabling Canton-based workflows on Azure infrastructure alongside existing AWS deployments.

Polkadot chain migration

Westend and Polkadot mainnet chain references migrate to Asset Hub variants (assethub-westend, assethub-polkadot), aligning with the Polkadot ecosystem's relay-to-parachain transition.

Solana improvements

SPL token activity is polled independently from main address history, improving indexing reliability. Fixes address SPL token registration, cold-wallet batch signing for multiple Solana transactions from a single account, and correct SPL filtering behavior. Staking and unstaking operations use CAIP-19 asset identifiers.

Icons and UI

Asset icons use CAIP-19 identifiers across the application for consistent display. Accounts page load time is improved, and transfer-fund dialogs render icons correctly from all entry points.

Policy Nodes and transfer policies

Policy Node software is upgraded to v8.24.0. Transfer requests include the protocol field. A fix prevents transactions from remaining stuck when a policy blocks them, and the v1 transfer policy destination-type selector renders internal and external inputs correctly.

Security and infrastructure

gRPC and DeepDiff dependencies are patched to address reported vulnerabilities. The configurator supports raw key/value secret storage for AWS Secrets Manager and Azure Key Vault, and ECS configuration generation works with multi-account deployments.

WalletConnect and custodial endpoints

The wallet frontend uses dedicated custodial wallet provider endpoints for WalletConnect pairing, disconnect, and session listing, aligning browser traffic with the supported API surface.

Solana indexing

SPL token activity is indexed by polling associated token accounts on a regular cycle, improving visibility of token movements for Solana wallets.

Canton and audit

Audit log entries carry richer context, including fee rate on transaction detail where applicable and the set of users who approved or rejected an operation.

Policy Nodes and reliability

Policy Node software is upgraded to v8.23.5. The Policy Node listener surfaces errors to callers instead of failing silently, improving diagnosability of integration issues.

Canton and assets

Canton utility tokens can be activated using only the instrument identifier. ERC-20 “check transfer” style restrictions are deprecated in favor of updated policy flows. Solana cold-account asset selection hides SPL tokens until backend support is available, and Solana transaction indexing covers additional operation types.

Audit log

Audit logging moves onto shared domain models with a refactored list experience, improving consistency and query behavior for compliance and operations teams.

Self-hosted AWS

Flat configuration file parsing is available for AWS on-premises installs, alongside existing configuration patterns.

Chains and staking

Unstaking is blocked when a validator has not been active long enough, and Solana transfers respect minimum lamport retention after potential fees.

Batches, APIs, and settings

Transaction batch creation runs asynchronously for better responsiveness. Raw transfer flows map to the correct operation type for Policy Node callbacks. Unused fields are removed from legacy transfer APIs.

Operations and wallet API

Operations are modeled with clearer domain objects, subject-based tracking, and a dedicated cancel path so long-running flows can be revoked from the wallet. Related APIs and UI now surface operation types and status more consistently, including user-initiated cancellation where policies allow.

Solana: nonce accounts and cold workflows

The platform indexes Solana create_account flows used for durable nonce setup, and the wallet UI supports adding Solana to cold accounts with nonce accounts, payer selection, and policy-aware confirmation. Fee and nonce handling improvements reduce edge-case failures when creating nonce accounts or adjusting fees interactively.

AWS self-hosted deployment

Load balancer and certificate concerns move into long-lived infrastructure, and more of that stack is importable for repeatable Terraform-based installs. Flat configuration file parsing is supported for AWS on-premises deployments alongside existing patterns.

Access, groups, and governance

Users can belong to multiple groups, with validation aligned between the UI and Policy Nodes for names and identifiers. Administrative authorization for selected custodial wallet provider endpoints is tightened, and staking reporting uses an updated API revision.

Reliability, streaming, and Policy Nodes

Event streaming includes a liveness check; WalletConnect idle-aware health behavior from recent maintenance releases is included. Policy Node software is upgraded (v8.23.2) with logging adjustments so notification delivery issues do not fail underlying operations.