Skip to content

Releases: Reiers/lantern

v1.9.0-rc1 — Three-tier node (Light / PDP / Full)

Choose a tag to compare

@github-actions github-actions released this 01 Jul 15:45
da8a88d

Pre-release / release candidate. This is the first cut of Lantern's three-tier node model. The Light and PDP tiers are production-shape; the Full tier is in active development. Feedback welcome before the stable v1.9.0.

Overview

Lantern is no longer just a light client. As of this release it installs as one of three tiers, chosen at install time, and it lays the foundation for a real, snapshot-free, pure-Go Filecoin full node you can run on a Mac mini.

Field Value
Tag v1.9.0-rc1
Type Release candidate (pre-release)
Networks mainnet + calibration
Build CGO_ENABLED=0, -trimpath, no filecoin-ffi, no Rust

Highlights

  • Three-tier install (Light / PDP / Full). Chosen at install time (not a runtime flag) so a Light node stays light — only the picked tier provisions the larger cache and footprint. Persisted per-network; lantern node-type inspects/sets it.
  • PDP / mid tier. Persistent, restart-warm block cache (2–5 GB) with pinned static-contract state, plus block-submit for a backup producer.
  • Full-node foundation (in development). Snapshot-free F3-anchored boot, tunable low-GB retention, and pure-Go per-block validation (signature / election + ticket VRF / miner eligibility / win-count) — the Lotus consensus checks minus the two ffi calls, which stay F3-trusted for now. Scaffold in place for a pure-Go WinningPoSt SNARK verify (no Rust).
  • Head-reliability hardening. Heaviest-ParentWeight fork choice + a head-adoption divergence gate (holds head when the running tip can't be corroborated by an independent-source quorum) + Kind-diverse periodic corroboration.

Also

  • README rewritten for the three-tier model + full-node roadmap.

📦 Compatibility

Consumer Status
Curio (FULLNODE_API, 71/71)
FoC eth_* clients
Embedded pkg/daemon (Curio Core)

Install (macOS / Linux)

curl -fsSL https://get.golantern.io | bash

The installer asks which tier you want (Light / PDP / Full), anchors the node via a multi-source trust quorum, and sets up the wallet.

What's Changed

Tracked under the Full Node epic (#87). This RC closes the head-reliability items (#79, #85) and ships the tier machinery; the full-node tiers land incrementally.

All binaries are CGO_ENABLED=0 with -trimpath; SHA-256 manifests are published alongside each. lantern-v1.9.0-rc1-source.tar.gz is the byte-deterministic source archive for reproducible-build verification.

v1.8.5

Choose a tag to compare

@github-actions github-actions released this 30 Jun 12:36
c364dce

Lantern v1.8.5

✨ Overview

v1.8.5 hardens the head path end to end. It fixes a bridge-off node that could
wedge its head behind the chain tip and then fail PDP proving, makes the
running-head trust model explicit (fork choice + an un-evictable trusted peer
floor), and closes the last bridge-off availability gaps so a node can run with
no upstream RPC on the path at all.

This is a recommended upgrade for any SP running PDP bridge-off (stock
Curio / maxboom) and a safe upgrade for everyone else. No manual operator
action is required; new behaviour is opt-in via config.

The big picture: the head/finality layer is where a light client's real trust
lives, not the block-availability layer. This release does everything a
light client can do there without becoming a full node (heaviest-weight fork
choice, multi-source anchor, un-evictable honest-peer floor) and keeps the
residual un-finalized-tip exposure honest in the trust model. Closing that
residual fully is F3's job, and Lantern is already the consuming/verifying side
of F3.

Field Value
Version v1.8.5
Type Stable
Compare v1.8.4...v1.8.5
Build Go 1.25+ required; CGO_ENABLED=0, no filecoin-ffi, no Rust
Network Mainnet + Calibration

Head catch-up + bridge-off proving (the headline)

A bridge-off node could pin its head ~10–20 epochs behind the tip and then fail
PDP proving with cannot draw randomness from future epoch. Root-caused to two
stacked bugs, both fixed:

  • Head catch-up no longer wedges behind the tip (#83).
    The gossip-fresh skip that suppresses redundant RPC polls is now lag-aware:
    it consults the gossip-observed tip and only skips the catch-up poll when the
    store head is actually at the tip, so a fresh-but-lagging node resumes
    catch-up instead of freezing. No extra RPC — the 429-protection at the tip is
    preserved.

  • Bridge-off PDP prove randomness (#82).
    The randomness draw now measures against the live header head (not the
    frozen boot anchor) and, when the requested epoch is just above the head
    during normal sync catch-up, waits briefly for the header sync to reach it,
    then draws locally. No bridge needed; genuinely-future epochs still error
    promptly.

Head trust hardening

  • Heaviest-ParentWeight fork choice on the running head (#79).
    The head was advanced on height + parent-linkage only, so an eclipsed peer
    table could walk a node onto a valid-but-lighter fork. Lantern now applies
    Filecoin's fork-choice rule: adopt a candidate only when its ParentWeight
    strictly exceeds the current head's. Pure header arithmetic — no proof
    verification, no ffi. Raises the eclipse cost from "spin up N sybil peers" to
    "out-weight the real chain." (The un-finalized-tip split against a real-power
    adversary is finality's job — F3.)

  • Un-evictable trusted peer floor (#80).
    The trusted bootstrap/beacon/direct-peer set is now connmgr-protected, so a
    dial flood can't fully replace the peer table — the honest floor survives and
    the heavier canonical chain stays reachable. Complements the fork choice
    above.

Bridge-off availability

  • Prefetch-on-send (#50).
    When eth_sendRawTransaction publishes a tx locally, its message/receipt
    blocks are warmed into the Bitswap cache in the background so the follow-up
    receipt poll resolves locally instead of racing a cold cross-peer fetch.

  • Explicit bridge-off head source (#50).
    New FallbackRPC (point the upstream at your own Forest/Lotus) and
    NoFallbackRPC (remove the upstream RPC entirely — head from gossipsub, cold
    blocks from gateway + Bitswap). Previously a bridge-off node silently fell
    back to Glif when gossip stalled; now that's an explicit, observable choice.

Also in this release

  • TRUST-MODEL.md §2.1 corrected (#81).
    Now states precisely what every header is verified for (CID integrity,
    signature shape, parent linkage, heaviest-weight fork choice) vs what is not
    (election-proof VRF, winning-PoSt, message re-execution — by the no-ffi
    design), and what carries head trust instead (the multi-source boot anchor +
    the F3 finality-cert chain).

📦 Compatibility

Component Required Notes
Network Mainnet / Calibration No consensus change.
Curio stock / maxboom Bridge-off parity target; embedded daemon.
Go 1.25+ (to build from source) CGO_ENABLED=0, no filecoin-ffi, no Rust.
Config Opt-in FallbackRPC / NoFallbackRPC are new and default to prior behaviour.

Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

All binaries are built CGO_ENABLED=0 with -trimpath; SHA-256 manifests are
published alongside each binary. lantern-v1.8.5-source.tar.gz is the
byte-deterministic source archive (git archive at this tag) for
reproducible-build verification — see docs/REPRODUCIBLE-BUILDS.md.

What's Changed

Full Changelog: v1.8.4...v1.8.5

v1.8.4-m

Choose a tag to compare

@github-actions github-actions released this 29 Jun 19:51

Lantern v1.8.4-m

latest release. Bundles the v1.8.4 Bitswap fix plus a dashboard layout tweak.

Fixed (from v1.8.4)

  • Standalone lantern daemon can now fetch cold blocks over Bitswap. The
    standalone CLI was negotiating the boxo/IPFS default /ipfs/bitswap/...
    instead of Filecoin's /chain/ipfs/bitswap/..., so every mainnet/calibration
    peer rejected the stream ("protocols not supported"), Bitswap served zero
    blocks, and the HTTP gateway carried the entire cold-block tail. Now the
    prefix is set, and Bitswap serves cold state blocks from the swarm. Verified
    on mainnet under sustained load: 99.9% of fetches local, Bitswap carries
    the cold tail, Glif 0%, 0 misses. (#50)

Added

  • Dashboard: live Bitswap detail, moved to the top of the dev page. The
    "Block source counters" card now sits directly under Daemon and shows the
    per-source fetch split (cache / bitswap / gateway / glif) plus live Bitswap
    blocks served, bytes in, and want failures (5s auto-refresh). Lets you watch
    the swarm carry cold blocks at a glance.

Notes

  • No wire/protocol changes. pkg/daemon and wallet public APIs unchanged.
  • Recommended for anyone running the standalone lantern daemon — before
    this, all cold-block fetches fell to the gateway/Glif because the Bitswap
    path was silently mis-negotiated.

Install

latest resolves to this release. See the README install section.

v1.8.4

Choose a tag to compare

@github-actions github-actions released this 29 Jun 19:37

Lantern v1.8.4

Fix: the standalone lantern daemon could not fetch cold blocks over Bitswap.

The standalone CLI built its Bitswap client without the Filecoin protocol
prefix, so it negotiated the boxo/IPFS default /ipfs/bitswap/... instead of
Filecoin's /chain/ipfs/bitswap/.... Mainnet and calibration peers rejected
every stream (protocols not supported: /ipfs/bitswap/...), so Bitswap served
zero blocks and the HTTP gateway carried the entire cold-block tail. The
embedded daemon (pkg/daemon, used by Curio Core / maxboom) already set the
prefix, so only the standalone path was affected.

Fixed

  • Bitswap protocol prefix on the standalone daemon. cmd/lantern now sets
    ProtocolPrefix: network.BitswapProtocolPrefix() (/chain) on its Bitswap
    client, matching the embedded daemon. Verified on Filecoin mainnet:
    Bitswap now serves cold state blocks from the swarm (0 → tens of blocks under
    a ~300-read load), and Glif stays at zero. (#50)

Added

  • Dashboard: live Bitswap detail on the dev page. The "Block source
    counters" card now shows Bitswap blocks served, bytes in, and want failures
    (5s auto-refresh) next to the per-source hit table, so an operator can confirm
    the swarm is carrying cold blocks rather than the gateway doing all the work.

Notes

  • No wire/protocol changes. pkg/daemon and wallet public APIs unchanged.
  • Upgrade is recommended for anyone running the standalone lantern daemon:
    before this fix, all cold-block fetches fell to the gateway/Glif because the
    swarm path was silently mis-negotiated.

Install

See the install section of the README. latest resolves to this release.

v1.8.3

Choose a tag to compare

@github-actions github-actions released this 29 Jun 17:31
e8f3819

Pure-Go Filecoin light node. No CGo, no chain snapshot, no third-party trust.

Bridge-off RPC parity for stock Curio

This release closes the gap for the way Lantern is consumed by upstream's PDP-only Curio build ("maxboom" / "Easy PDP", filecoin-project/curio#1311), which embeds Lantern over plain JSON-RPC with no --vm-bridge-rpc. Several RPC methods still forwarded to the VM bridge and therefore hard-failed bridge-off. (Curio Core was never affected — it reads/writes through the embedded VMBridge seam.) v1.8.3 serves the remaining PDP read / event / write methods from local state, so a bridge-off node runs the PDP hot path with zero Glif.

No wire or protocol changes. The pkg/daemon and wallet public APIs are unchanged (frozen embedder contract). No new dependencies.

Added — local-first RPC (all with graceful bridge fallback)

  • eth_getLogs served locally (#73). Decodes per-receipt event AMTs into Ethereum logs (the t1..t4 / d recipe, matching Lotus), so PDP settlement + dataset watchers and FilecoinPay rail indexing run with no VM bridge. Bounded to a ~24h range.
  • eth_getCode served locally (#74). Contract bytecode from live-head EVM actor state (CID + hash verified); 0x for EOAs / non-contracts.
  • eth_getStorageAt + eth_getBlockByHash served locally (#75). Storage slots from the contract KAMT; recent blocks resolved by hash over a bounded window.

Operator quality-of-life

  • Colorized, level-coded logs. Running lantern daemon in a terminal now colorizes by severity (INFO / WARN / ERROR); piped output stays plaintext. Override with LANTERN_LOG_COLOR=0/1, GOLOG_LOG_FMT, or GOLOG_LOG_LEVEL.

Fixed

  • No more Glif rate-limiting under healthy gossipsub (#71). A node was polling Glif ChainHead every 6s even while gossipsub was delivering the head, triggering HTTP 429s. The polling sync now skips the upstream poll when gossip is fresh, and relaxes to a 30s catch-up cadence with libp2p enabled. Glif is a fallback again.
  • No more silently-stuck sends (#47). A gossiped-but-unmined message used to stall forever and block every later send from that account. Lantern now rebroadcasts a pending message (identical bytes, same nonce) past a short confidence window, drops it on inclusion, and surfaces it as failed after max retries. No re-signing, no fee-bump replacement.
  • Write-confirm message/receipt blocks resolve without Glif (#50). The receipt-search path uses the retrying block fetcher, and the rebroadcast loop warms each in-flight tx's message/receipt blocks on every head.

For embedders: bump your Lantern pin to v1.8.3 for the behavior above. Tracking umbrella: #76.

Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

Binaries

All binaries are built CGO_ENABLED=0 with -trimpath. SHA-256 manifests are published alongside each binary; see docs/REPRODUCIBLE-BUILDS.md to reproduce these bytes from source. lantern-v1.8.3-source.tar.gz is the byte-deterministic git archive of this tag.

v1.8.2

Choose a tag to compare

@github-actions github-actions released this 29 Jun 12:40

Lantern v1.8.2 — bridge-off read-path coverage for stock Curio

Update if: you run upstream Curio (not curio-core) behind Lantern in a
zero/low-Glif configuration and see provider-lookup or settlement tasks fail
with FEVM method requires --vm-bridge-rpc. curio-core users were never
affected (see below). No protocol or wire changes, no new external dependencies.

The bug (#69)

A field report: a node running stock upstream Curio behind Lantern, bridge-off,
failed its Settle task on a loop:

ERROR harmonytask  Do() returned error  {"type": "Settle",
  "error": "failed to get provider: chain: FEVM method requires --vm-bridge-rpc pointing at a Forest/Lotus node"}

The Settle task makes two view eth_calls against ServiceProviderRegistry
(isRegisteredProvider, getProviderByAddress). Both local-missed in Lantern,
fell back to the VM bridge, and with no bridge configured returned the error
above. (This is unrelated to the v1.8.1 sync fixes #53/#68 — those were about a
node falling behind head; this is a read-path coverage gap that shows up even
on a fully-synced node.)

Why it worked under curio-core but not stock Curio

Lantern's FEVM state prefetcher warms a set of contract storage subtrees into
the local cache on every head advance, so subsequent eth_calls against those
contracts are served locally instead of falling back to the bridge. It only
warmed the addresses its consumer told it to
(Config.FEVMPrefetchAddrs).

  • curio-core injects that set itself (cmd/curio-core/fevm_prefetch.go):
    PDPVerifier, FWSS, ServiceProviderRegistry, and USDFC. That's why the
    zero-Glif read path — including the registry reads the Settle task needs —
    has always worked end-to-end under curio-core.
  • Stock upstream Curio has no such wiring and injects nothing. With an empty
    address list the prefetcher never even started, so every contract eth_call
    local-missed and fell to the bridge. Lantern had no built-in knowledge of the
    well-known contract addresses, so it couldn't self-warm to cover the gap.

The fix

Lantern now ships its own built-in per-network warm-set of the well-known
Filecoin PDP contract proxies — PDPVerifier, FilecoinWarmStorageService (FWSS),
ServiceProviderRegistry, and USDFC — for both mainnet and calibration. At
startup it:

  1. resolves the built-in set for the node's network,
  2. merges it with any addresses the consumer supplied (consumer entries win
    ordering; de-duped by canonical, case-insensitive form; unparseable consumer
    entries are kept verbatim, never silently dropped), and
  3. starts the prefetcher whenever the merged set is non-empty.

So the zero-Glif read path now works for any Lotus-API consumer behind
Lantern — including stock upstream Curio — with no extra wiring and no
--vm-bridge-rpc
. curio-core's injected set continues to work unchanged and
remains extensible. The built-in addresses are kept in sync with
filecoin-project/curio pdp/contract/addresses.go.

On --vm-bridge-rpc as a workaround

You can set --vm-bridge-rpc https://api.node.glif.io/rpc/v1 to mask this —
the failing reads would then route through Glif — but with v1.8.2 you shouldn't
need it. As with the v1.8.1 sync fixes, defaulting the bridge on would route
every node silently back through Glif and re-mask exactly the kind of bug this
release fixes. It stays optional by design.

Upgrade notes

  • No configuration changes required. Drop in the new binary and restart.
  • No new external dependencies.

Verification

CGO-free build, go vet, gofmt, and the hermetic test suite (-short,
LANTERN_OFFLINE=1) are green across the module. New unit tests cover
per-network warm-set resolution, calibration name aliases, fresh-copy
isolation, and the built-in/consumer merge + de-dup (case-insensitive overlap,
empty inputs, unparseable-verbatim). The live mainnet node was not touched
during development.

v1.8.1

Choose a tag to compare

@github-actions github-actions released this 29 Jun 10:43

Lantern v1.8.1 — sync resilience + chain-watcher fixes

Update if: you run a Lantern node behind Curio (or any Lotus-API consumer
that watches the chain), especially in a zero/low-Glif configuration. This
release fixes two distinct bugs that, together, made a node fall behind live
head and then stall its consumer's chain watcher. Both were reported from the
field. No protocol or wire changes.

Highlights

Header backfill off the Glif critical path (#53)

Live blocks arrive over gossipsub fine, but when a block lands at head+N
(N>1) the parent backfill was served by Glif FetchBlock calls with an 8s
timeout, in both the polling sync agent and the gossip ingestor. When Glif was
slow or rate-limited, those calls timed out, backfillFail climbed, the head
could not advance contiguously, and the node desynced — surfacing downstream as,
for example:

cannot draw randomness from future epoch <E> (head <E-thousands>)

(The PDP prover asks for randomness at an epoch the stalled node hasn't reached
yet, so the request is correctly refused — a symptom of the desync, not a
proving bug.)

Backfill is now served from the combined bitswap + gateway fetcher (the same
content-addressed, CID-verified fetcher already running for state reads), with
Glif demoted to last resort. HeadEpoch / TipsetCIDsByHeight stay RPC-shaped
(gossipsub already supplies live heads), so during normal operation Glif is off
the head-advancement path entirely. The fetcher is resolved lazily so the
sync/gossip paths see the bitswap-enabled fetcher (rebuilt after libp2p comes
up), not a stale snapshot.

ChainGetTipSet served from the header store (#68)

ChainGetTipSet(key) only ever resolved the synthetic current head and returned
ErrTipSetNotFound for any other key — even with a populated header store
wired
. Its siblings (ChainGetTipSetByHeight, ChainGetBlock, the randomness
path) all already fell through to the header store; only the by-key lookup was
left stubbed.

Curio's message/watch.go and deps/apiinfo.go request specific recent
(non-head) tipset keys. Before this fix they were refused, producing a tight
error loop:

lantern: tipset not in local store (only current head is cached in V1)
failed to get tipset: chain: lantern: tipset not in local store ...
no new tipset in CurioChainSched.update

ChainGetTipSet now falls through to a new Store.GetTipSet(key) that
reassembles any persisted tipset directly from its block headers (returning
ErrNotFound only when a constituent block is genuinely missing). This is
distinct from #53: #53 is the node falling behind; #68 surfaces even on a
healthy, synced node.

On --vm-bridge-rpc as a default

A tester asked whether --vm-bridge-rpc https://api.node.glif.io/rpc/v1 should
be added by default to dodge these failures. It is a legitimate fallback and
fine to set today if you need resilience right now — but it is not the
default, by design. Defaulting it on would route every node silently back
through Glif and mask exactly the bugs above. The fixes here address the root
causes so the bridge stays optional.

Upgrade notes

  • No configuration changes required. Drop in the new binary and restart.
  • No new external dependencies.

Verification

CGO-free build, go vet, gofmt, and the hermetic test suite
(-short, LANTERN_OFFLINE=1) are green across the module. New unit tests
cover the #68 by-key lookup (head, non-head historical, empty-key, and
missing-block cases); the #53 adapter is covered by its existing suite. The live
mainnet node was not touched during development.


Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

Binaries

All binaries are built CGO_ENABLED=0 with -trimpath. SHA-256 manifests are
published alongside each binary; see docs/REPRODUCIBLE-BUILDS.md for how to
reproduce these bytes from source. The lantern-v1.8.1-source.tar.gz is the
byte-deterministic source archive produced by git archive at this tag.

v1.8.0

Choose a tag to compare

@github-actions github-actions released this 26 Jun 15:47

Lantern v1.8.0

Pure-Go Filecoin light node. No CGo, no snapshot, no third-party trust.

Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

Binaries

All binaries are built CGO_ENABLED=0 with -trimpath. SHA-256
manifests are published alongside each binary; see also
docs/REPRODUCIBLE-BUILDS.md for how to reproduce these bytes
from source.

Source tarball

lantern-v1.8.0-source.tar.gz is the
byte-deterministic source archive produced by git archive at
this tag, suitable for reproducible-build verification.

What's Changed

  • security(#54): verify boot trusted-root via multi-source agreement + F3 finality cross-check by @Reiers in #61
  • security(#56): gate eth_* write path + refuse non-loopback RPC bind by @Reiers in #62
  • security(#58): fail-loud on empty keystore passphrase when keys exist by @Reiers in #63
  • security(#55): refuse plain-http gateway URL unless --insecure-gateway by @Reiers in #64
  • security(#57): dashboard auth + non-loopback bind guard by @Reiers in #65
  • security(#59): trusted beacon floor + cap DHT-discovered cert-exchange peers by @Reiers in #66

Full Changelog: v1.7.24...v1.8.0

v1.7.24

Choose a tag to compare

@github-actions github-actions released this 24 Jun 18:00

Lantern v1.7.24

Pure-Go Filecoin light node. No CGo, no snapshot, no third-party trust.

Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

Binaries

All binaries are built CGO_ENABLED=0 with -trimpath. SHA-256
manifests are published alongside each binary; see also
docs/REPRODUCIBLE-BUILDS.md for how to reproduce these bytes
from source.

Source tarball

lantern-v1.7.24-source.tar.gz is the
byte-deterministic source archive produced by git archive at
this tag, suitable for reproducible-build verification.

Full Changelog: v1.7.22...v1.7.24

v1.7.23

Choose a tag to compare

@github-actions github-actions released this 22 Jun 17:47

Lantern v1.7.23 — keystore & service-start fix

Update if: Lantern asks you for a passphrase every time it starts, or it
fails to start as a background service (systemd / launchd) and only works
when you run it by hand (e.g. in screen/tmux). This release fixes both.
If neither bites you, this update is optional.

What changed

Passphrase no longer re-prompts on every start. Lantern holds no signing
keys of its own (signing lives in your Curio / curio-core wallet), so its
keystore is empty. The old build read an empty keystore as "brand-new node"
on every boot and re-asked you to set a passphrase each time. It now
records your choice once and stays quiet on subsequent starts. (#3)

Background-service install now starts cleanly on a fresh node. Same root
cause: a first boot with no terminal attached (a systemd/launchd unit) hit the
"no passphrase, no TTY" path and the daemon exited before it could remember
anything — so the service died and only a hand-run in screen worked. A node
with no keys has nothing to encrypt, so a keyless keystore + no terminal now
defaults to an unencrypted keystore, records it, and starts. (#1)

Behavior details

  • Empty keystore + no LANTERN_PASS + no terminal → starts unencrypted,
    prints one notice, and writes a .unencrypted marker so it never re-prompts.
  • Want encryption? Set LANTERN_PASS (or, for systemd, an
    EnvironmentFile=/etc/lantern/passphrase, chmod 600) before first boot.
  • Safety unchanged: if a keystore actually holds keys and there's no
    passphrase and no terminal, Lantern still refuses to start rather than run
    with an empty passphrase against real keys.

To switch an already-unencrypted node to encrypted later: delete
<data-dir>/<network>/secrets/keystore/.unencrypted and set LANTERN_PASS.

Linux note

For a systemd user service, run loginctl enable-linger <user> so the
service survives logout.

Not in this release (in progress)

If your node periodically falls behind the chain head with
api.node.glif.io ... context deadline exceeded in the logs, that's a known,
separate issue (#53): header backfill still falls back to Glif, so a slow Glif
makes the head lag. Live blocks over libp2p are unaffected; 0–2 epochs behind
is normal. A fix to move backfill onto the p2p path is being worked next.

Verification

Built CGO_ENABLED=0, full keystore/wallet/header-store test suites green
(incl. the keys-present-no-TTY-must-fail-loud invariant), and verified
end-to-end with the real binary: a fresh no-terminal start exits 0 and writes
the marker; the second start is silent.


Install (macOS / Linux)

curl -fsSL https://get.lantern.reiers.io | bash

Binaries

All binaries are built CGO_ENABLED=0 with -trimpath. SHA-256 manifests are published alongside each binary; see docs/REPRODUCIBLE-BUILDS.md to reproduce these bytes from source.

Source tarball

lantern-v1.7.23-source.tar.gz is the byte-deterministic source archive produced by git archive at this tag.