-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Release 1.10.0e

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.zip

sha256:

16c4b5cb78d56b2aa881e7807c9f0b1e43028db51c4230fc915352810424b112  nxt-client-1.10.0e.zip

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.sh

sha256:

8e2ef269321964b93d591e49537d226076203383fc53041b8ad4fe65fd3373a9  nxt-client-1.10.0e.sh

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-client-1.10.0e.exe

https://bitbucket.org/JeanLucPicard/nxt/downloads/nxt-installer-1.10.0e.dmg

The exe, dmg, and sh packages must have a digital signature by "Stichting NXT".


Change log:

This is an experimental release introducing the new light client and roaming
client features.

The roaming client feature, enabled by default, makes the client immediately
usable by forwarding API requests that need the full blockchain to a randomly
chosen peer (remote node), selected to provide the openAPI service. As all html
and javascript files are still served locally and not from the remote host,
this is considerably safer than just using a remote node. Outgoing transactions
are also signed locally, never sending the secret phrase to the remote peer.

This roaming client (API Proxy) mode is used automatically while the blockchain
is still downloading, with a switch to full client mode once the download is
complete.
It can be disabled by setting nxt.enableAPIProxy=false in nxt.properties.
For openAPI nodes, the API proxy remains disabled, ignoring this setting. For
light clients, the API proxy is always enabled.

The light client feature, disabled by default, makes the node run in roaming
mode permanently, without downloading the blockchain at all. It can be enabled
by setting nxt.isLightClient=true.
Light clients are not advertised as providing openAPI service even if they do
have their API publicly accessible.

The remote node to use when in roaming and light client modes is selected
randomly, but can be changed manually in the UI, or using the new
setAPIProxyPeer API, or forced to a specific peer using the
nxt.forceAPIProxyServerURL property.

Remote nodes can be blacklisted from the UI, or using the blacklistAPIProxyPeer
API. This blacklisting is independent from peer blacklisting. The API proxy
blacklisting period can be set using the nxt.apiProxyBlacklistingPeriod
property (default 1800000 milliseconds).

API requests that require sending the secret phrase, shared key, or admin
password to the server, for features like forging, shuffling, or running a
funding monitor, are disabled when in roaming or light client mode.

While a remote node cannot steal your secret phrase, and data returned by such
nodes is escaped to prevent javascript injection attacks, users must be aware
that the validity of such data cannot be verified. For example, a rogue remote
node can still return fake asset exchange recent trades or open orders prices,
or modified voting system poll options and descriptions.

To force using a remote node for testing APIs, the /test-proxy URL can be used
instead of /test for the API test page, i.e. http://localhost:7876/test-proxy.

A new sendTransaction API has been added, similar to broadcastTransaction but
without validating the transaction, without re-broadcasting the transaction and
without adding it locally as unconfirmed transaction. This API is mostly useful
for light or roaming clients that cannot validate or accept locally unconfirmed
transactions, but must nevertheless be able to send such to peers.

A new getNextBlockGenerators API has been added, returning the next block
generators ordered by hit time. The list of currently active forgers is first
initialized using the block generators with at least 2 blocks generated within
the previous 10,000 blocks, excluding accounts without a public key. The list
is updated as new blocks are processed. The results are not 100% correct since
previously active generators may no longer be running and new generators won't
be known until they generate a block.

Added a peer info modal. Minor other UI improvements and bugfixes.


-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXnaMzAAoJENqvaxkWiP4Z+vAQANLINMttlv0KjkyEn0bKJoAl
nHqBIT2D56zCmVZNLZQwjzQyAFbZeOesCuYobOJl2IKySAI0bBA6rqjNrVXjonEh
DyYCzMXNY5Bm0FKnGqddhC+5tmCAXhYhW4Z/f15boLmflPeUUoPuHtepPrYUMVdy
iQM2pNArPLhBVi0Uq4/D9WdkNNg1+pMdMXVRpB7jGMYHqmA8e3IvHkgKriDqIeas
drnzHfZ5K04/jYkMmNHK7AsVDrBOLm4yX5qrdzwL7bBgd5ajMllWq6KK5YquqtdI
oKWY2dbYLsTG4lrCc1oBYgKy8uYtesbMgWzlH1d37BDt/EdHHcvHIySB1h7leviY
DFhBnirPeB3tNPrNmLKBFHzD104jlN05d4F6ZFO6szkkgVFHnkPQGexiwAIOs3IQ
rPqxUCSbnPpOISMdkJc4Ng1DmE3brbQk82PueoeMHU3PA6SoA+EB/F943cj8Q7zx
GzdktPsstJRheXNIypAVp8M68pjJ1UaSG1m1s5/5nrQVg7pyJOgTFQJqi3MO2yCD
LEgdA5cLgpYyASVYQtSoT6ld+Id1BDEs9nmxC3t1fhRa4kW4dx7wYdAWLNdpF+6n
u1OBkGWuoGtVaMk400Ji2emjMRIrZ3egfAMrOm2RPuFJEJloZi1CRd6PNIdPkheh
7rB9ajKqt/faEzyFGNE4
=sfZT
-----END PGP SIGNATURE-----