Peatio 1.6.0 (April 3, 2018)

Overview

This release is focused on:

  1. Migrating market pairs to database layer.

  2. Implementation of Management API v1: server-to-server API with high privileges.

The release also includes various fixes and improvements.

Breaking changes

  • #412: Migrate markets.yaml to database.

The patch moves ActiveYaml::Base model Market to database layer. All market pairs are now fully stored in database instead of YAML file.

Migration steps:

  1. Copy config/markets.yml to config/markets.old.yml and to config/seed/markets.yml.

  2. Make the next edits in config/seed/markets.yml:

    2.1 Remove field code from all records.

    2.2 Rename sort_order to position.

    2.3 Rename base_unit to ask_unit.

    2.4 Rename quote_unit to bid_unit.

    2.5 Move ask.fee to ask_fee.

    2.6 Move bid.fee to bid_fee.

    2.7 Remove ask.currency.

    2.8 Remove bid.currency.

    2.9 Move ask.fixed to ask_precision.

    2.10 Move bid.fixed to bid_precision.

  3. Execute bundle exec rake db:seed.

New features

  • #740: Implement API for server-to-server communication called Management API.

The API is designed for server-to-server communication. You can use this API for extending Peatio functionality or integrating, for example, custom payment processing service. The API is quite easy to use and is friendly with enterprise standards like accounting and analytics.

The authentication is based on JWT token in complete format allowing to have multiple signatures.

We developed and published new Ruby Gem for working with nested signatures in JWT. The Gem jwt-multisig lives at GitHub repository. You should use it for signing requests for Peatio from your service.

You can use config/management_api_v1.yml (available only after bin/init_config) for customization of security rules for the API. You are free to choose what signatures any API action requires, configure JWT verification options and, of course, set public keys used for verification of signatures. The security documentation for API is embedded in the management_api_v1.yml file.

The patch includes the next API actions:

  • Ability to list deposits (including filters).
  • Ability to list withdraws (including filters).
  • Ability to get single deposit.
  • Ability to get single withdraw.
  • Ability to create deposit.
  • Ability to create withdraw.
  • Ability to accept deposit on Peatio and load money.
  • Ability to submit withdraw for processing by Peatio.
  • Ability to get server time.

The Swagger documentation for this API is available locally by visiting http://localhost:3000/swagger?url=/management_api/v1/swagger or by checking out docs/api/management_api_v1.md.

The deposit states were refactored:

  • State submitting was renamed to submitted.
  • State cancelled was renamed to canceled.
  • State checked was removed.
  • State warning was removed.

The withdraw states were refactored:

  • State submitting was renamed to prepared.
  • State cancelled was renamed to canceled.
  • State suspect was renamed to suspected.
  • State done was renamed to succeed.

The changes to Member API v2 include:

  • The changes to field state affect the next API endpoints: GET /api/v2/deposits, GET /api/v2/deposit, GET /api/v2/withdraws, POST /api/v2/withdraws.

  • POST /api/v2/withdraws is now deprecated and will be removed in further releases.

    • #701: Ability to retrieve solvency information through API.

The patch adds several endpoints designed to work with solvency information:

  • /api/v2/solvency/liability_proofs/latest
  • /api/v2/solvency/liability_proofs/partial_tree/mine

You can open Swagger documentation locally by visiting http://localhost:3000/swagger?url=/api/v2/swagger or by checking out docs/api/member_api_v2.md.

Enhancements

  • #727: Update loofah to 2.2.

The patch fixes reported security issues.

  • #648: Speed up Docker image build.

The patch is an experimental attempt to speed up Docker images build on TravisCI.

  • #721: Remove Currency#quick_withdraw_limit.

The patch removes unnecessary convertation of quick_withdraw_limit to BigDecimal.

  • #726: Remove translations not used by Peatio.

The patch removes leftovers from translation data after extraction of trading UI to separate application.

Fixes

  • #741: Stop «Exchange assets» tab from breaking without liability proof generated && remove redundant AssetsController#partial_tree.

The patch applies changes so page «Exchange assets» will now handle situation when solvency information is not available.

  • #737: Display Currency#code instead of Currency#to_s at /admin/proofs.

  • #776: Handle specific response for ETH wallet from BitGo when generating new address.

The BitGo API reference method for creation of new address for some reasons returns different response when used with ETH wallets. This doesn't work with Peatio will. We don't know why this happens so we pushed patch which can handle such response. We believe BitGo may have another undocumented incompatibilities.

The patch was also pusher to branch 1-5-stable.