Previous Releases

These releases are for prior versions of the Utility. They should no longer be installed on any node connected to DevNet, TestNet or MainNet, and are included only for posterity.

0.11.6

Backend

• Made endpoints that utilize caching more reliable.

0.11.5

Backend

• Implemented caching in the operator for some endpoints to improve performance.

0.11.3

UI

Remove support for 3-step actions (mints, burns, transfers, locks, and unlocks), standardizing on the 2-step approach.

Enhanced wallet integration with improvements to party switching and logging out.

Backend

Add the burn mint factory contract and instrument configuration to the set of disclosed contracts returned/used by the getBurnMintFactory endpoint.

0.11.2

UI

Added origin private file system (OPFS) as the ACS database; OPFS has better memory performance around large data sets, and is more resilient to memory pressure.

A bug seen when accepting a collateral obligation and choosing positions, where more than one position triggered an infinite re-rendering loop is fixed.

When Requesting Mints, UI feedback from wallet actions more properly waits for user approval before showing success or failure messages.

Fixed failing preferred-package-version requests due to the operator party not being provided.

Enhanced configuration parsing around missing environment variables to pick up default values from chart configuration when users omit such variables in a compose-based deployment.

Backend

API services: retries have now been added to the JSON API client to avoid errors observed when load is encountered.

0.11.1

• This patch release fixes a regression in the Helm chart where the ingress proxy’s VirtualService object gets deployed regardless of whether Istio support is enabled in the Helm chart’s values.yaml.

0.11.0

New Registry Utility features

Pre-Approvals for Direct Transfers

Registry Tokens now support direct transfers using pre-approval contracts, significantly improving the transfer experience.

Asset holders (for example, wallet users) can proactively grant transfer pre-approvals per asset administrator and optionally per instrument. Once in place, authorized transfers can be executed seamlessly without requiring additional receiver interaction for each transfer.

This design enables a smooth and controlled transfer experience while preserving privacy and user control. Unlike public-chain token models, asset holders cannot be spammed with unsolicited or dummy token transfers, as all incoming transfers must be explicitly pre-approved.

Impact

• Improves transfer UX for wallets and operational flows

• Reduces the overall traffic cost

• Prevents unsolicited token transfers at the protocol level

Detailed guidance on conducting direct transfers is available in the Transfer Workflow section of the documentation.

Managed Allowlists

The Registry Utility enforces compliance directly at the smart contract level by embedding credential checks into the minting, transfer, and burn authorization logic. For transactions with assets that have credential requirements, parties must hold valid credentials, preventing transfers to non-compliant or unauthorized parties without relying on off-chain controls.

This release introduces managed allowlists to simplify onboarding for regulated assets that require KYC. Asset administrators (or parties designated by them) can now maintain an allowlist unilaterally, without requiring the KYC-verified party to hold credentials or interact with the Credential Utility.

This change allows users who do not have access to the Credential Utility to hold regulated assets.

There is no action required from credential holders or issuers: the existing credential logic remains fully supported.

Impact

• Accelerates onboarding for regulated assets

• Reduces dependency on end-user credential setup during initial access

• Maintains consistent compliance enforcement

You can find information on using allowlists in the Credential Requirements section of the documentation.

New Registry Utility features

Flush Expired Deposits

The deposit on the Credential Billing and Commercial Agreement contract is locked for 30 days. If it is not used before that time, the deposit is automatically unlocked and returned to the user. This breaks the Credential Billing and Commercial Agreement contracts, because they contain a reference to an expired UTXO.

In this release a new choice FlushExpiredDeposit is added to these contracts. That will remove the expired deposit and reset it to 0, so that users can top up their deposits as usual again.

UX Improvements

When onboarding an instrument admin (registrar), the TransferRule and AllocationFactory are automatically instantiated. The user has the choice to opt out of this behaviour.

Utilities Helm Chart

• Added resource blocks to all containers in all workloads to allow you to specify CPU/memory requests/limits.

• New image values bock, for overriding repo and tag across all utilities containers.

• Deprecated: The imageRepository field is deprecated: use image.repo instead.

• Added Istio support. The chart will now deploy VirtualService objects if you use the istioGateway value. The hostname will be taken from the frontend.hostname value.

Other Changes

This release includes a number of security improvements on the Utility Daml models, as well as the Docker image for the UI.

Daml packages are now compiled with the latest 3.4 SDK and LF 2.2.

Deprecations and Supported Versions

This version of the Utility removes support for the 0.8.x release line. All users must at a minimum be running the Daml models shipped with the 0.9.x release line.

The legacy 3-step workflows for lock, unlock, and transfer are now deactivated.

Backwards Compatibility

The application strives to be backwards compatible with previous versions:

• If a user has set up a TransferPreapproval, but the sender or instrument admin are not on the latest packages, we will provide the standard “2-step” TransferFactory on requests for the transfer context.

However:

• Users onboarded via an allow-list mechanism cannot interact with older Utility versions, where these contracts are not supported.

Integration Guide

API Integrations

Users who interact with the Utility models over the API need to make sure they can support the direct transfers that result from the introduction of transfer pre-approvals (i.e. they should no longer assume that a TransferInstruction is created as a result of making a call to TransferFactory_Transfer).

Wallet Providers

Wallet providers that support Utility assets need to ensure they can successfully parse direct transfers for the purpose of showing transaction history.

Moreover, they can add support for the creation of the TransferPreapproval template.

Third-Party Applications

Third-party applications (such as exchanges composing with the Utility over the Token Standard Allocation workflow) should upload and vet the latest Daml packages, in order to support allow-list validations.

0.10.16

• Fixed UI bug of displaying wrong receiver

• Added Tx kind for self transfers

• Updated dockerfile group and securityContext for frontend

• Added CC as an asset for collateral margining

• ACS enhancements in UI

0.10.2

• This patch release contains no user-facing changes, and is primarily bug fixes for the operator.

0.10.1

• This patch release contains no user-facing changes, and is primarily bug fixes for the operator.

0.10.0

New Credential/Commercials Features

• Allow the credential issuer to specify a holderActivityWeight for reward sharing. This should be a number between 0 and 1. For example, if it is set to 0.2 it means that the holder receives 20% of the reward. The issuer receives the rest.

• Add new choice that allows the operator to cancel a credential billing where the locked deposit has expired

General Credential/Commercials Changes

• General cost reduction improvements (breaking change)

• Implement accrued fees to charge Commercial Agreement clients less frequently.

• Add support for Hard Domain Migrations

New Registry Features

• Preparatory change: introduce registrar-level opt-in/out for Executed/Rejected contract creation in 2-step flows.

Auto TopUp Application

• Calculate the currently remaining deposit (locked deposit minus accrued fees) when topping up a Commercial Agreement.

UI Changes

• Added support for specifying holder activity weight when creating a Paid Credential in the UI.

• Added a column for the Accrued Fees in the Commercial Agreement overview table in the UI.

• App Reward Configuration: New page introduced for configuring app rewards.

• App Reward Beneficiary: New input field added for defining the reward beneficiary.

• Instrument Configuration: Implemented the three-dot “more” icon to show available user actions.

• Filtering Enhancements: - Added additional filters to various columns. - Improved the instrument dropdown by adding filtering capabilities for offer, mint, and burn actions.

• Remove 3 step transfers, transfers using transfer instructions now

• Added execute before input field for users to specify deadline

• Removed unlock/lock pages

• Column clarity regarding instruments, removed “Batch” from columns.

• Bug fixes

  • Error Propagation Fix: Corrected an issue where errors were not properly displayed. For example, errors related to an invalid party ID for a transfer receiver are now correctly propagated and shown to the user.

0.9.3

• Improve instrument selection dialog in the UI (add search functionality)

• (Temporarily) add back button to request the HolderService in the UI

• Improve error messages returned from the operator backend

0.9.2

• Preserve the setting in the UI that determines whether to use WebSockets, even when local storage is cleared.

0.9.1

• Fixed a WebSocket bug in the UI.

• Corrected the instrument configuration endpoint path.

• Improved retry logic for handling contention errors in the automation fee trigger.

0.9.0

Breaking Changes

• If you have installed the Utilities using Helm Charts in 0.8.x:

  • ingressHosts.internal has been renamed to frontend.hostname to make the purpose of this field easier to understand.

  • ingressHosts.external has been removed.

• If you have installed the Utilities using Docker Compose in 0.8.0–0.8.2:

  NOTE: The darsyncer image has been renamed to utilities-darsyncer-client (it was formerly called utilities-darsyncer). If you are using docker-compose, you will need to update your installation. If you are using the Helm charts, this is handled transparently.

New Features

• Daml code update to handle CC fee removal as part of [CIP-0078](https://github.com/global-synchronizer-foundation/cips/blob/main/cip-0078/cip-0078.md)

• 2-step Mint and Burn workflows added to the Registry Utility.

• UI enhancements for querying contracts.

0.8.6

• Fixed a WebSocket bug in the UI.

• Corrected the instrument configuration endpoint path.

• Improved retry logic for handling contention errors in the automation fee trigger.

0.8.5

• Added support for creating app reward configurations in the Utility UI.

• Added WebSocket support for the JSON API in the UI. Users can enable it via the Settings page of the UI.

0.8.4

This release was skipped.

0.8.3

NOTE: The darsyncer image has been renamed to utilities-darsyncer-client (it was formerly called utilities-darsyncer). If you are using docker-compose, you will need to update your installation. If you are using the Helm charts, this is handled transparently.

• Improved token-standard endpoints to ensure forward compatibility with future Daml models.

• Add support for using the utilities helm chart as a subchart.

• The DAR uploading process in the helm charts is more efficient about which DARs it chooses to upload.

0.8.2

• Improved registry daml models for reducing transaction cost and workaround external signing limitation.

• Added Helm chart values for configuring the json api query limit in UI.

• Added Helm chart values for configuring audience to darsyncer.

• Fixed UI to remove unlock button on locked holdings.

0.8.1

• Fixed credential metric for billing overdue time and deposit amount.

• Fixed UI to correctly display holder service contracts.

• Added registry metric for number of dead tasks.

• Added UI for managing unresponsive parties.

• Fixed a problem where the automatic DAR-uploading process assumed an auth audience of https://canton.network.global.

The DAR files are unchanged from the previous version.

0.8.0

This release introduces

• full token standard support in the Registry module

• support for activity markers in the Registry module

• a number of improvements to the usability of the UI

• Helm Charts for a smoother installation experience

• the first version of the Collateral module

Setup instructions

Installation instructions into a Kubernetes cluster have been simplified, and you can now install the Utilities using Helm. Helm charts are now the recommended way to install the Utilities.

Utility UI

Asset holders no longer need to establish a HolderService contract with a provider in order to be onboarded to the Registry module.

In addition to that, we modified the rendering of large tables for a better user experience.

This version of the UI requires connectivity to the Utility operator backend, which should be configured upon deployment.

Registry module

This release introduces full token standard support for Utility tokens managed through the Registry module.

Moreover, featured providers can create activity markers upon the execution of token-standard asset transfers / allocations.

Finally, we are going to deprecate the standalone Lock and Unlock workflows in an upcoming release. These are currently unused and should be ported to the token standard.

Credential module and commercial agreement

New Daml packages are introduced to update the dependency on splice-amulet to version 0.1.13.

Collateral module

The collateral module lets users transfer Utility tokens for collateral management purposes, keeping an on-ledger record of collateral posted to a counterparty.

While it currently supports Utility tokens only, it builds on the Token Standard, which makes it easily extensible to other token-standard-compliant tokens.

Package versions

The following additional DARs should be installed on your validator node.

For users of the credential module:

• utility-commercials-v0-0.2.1.dar

• utility-credential-app-v0-0.2.3.dar

Additionally, for users of the registry module

• utility-registry-app-v0-0.3.0.dar

Finally, for those who wish to use the Collateral App

• utility-collateral-app-v1-1.0.0.dar

Note

When using the Helm Charts to install the Utility, all Utility DARs will be automatically installed. You no longer need to upload DARs manually.

0.7.8

UI change to filter all contracts based on the Utility Operator.

The DAR files are unchanged from the previous version.

0.7.6

This is a technical release which allows the Utility operator to take control of the billing frequency by setting a minimum billing period for all credentials.

The DAR files and Utility UI are unchanged from the previous version.

0.7.5

This version includes fixes to the UI and the Top Up app. The DAR files are unchanged from the previous version.

UI:

• expose button to withdraw an Allocation

• fix rendering of credential billings and commercial agreements in case of long-running queries

Top Up app:

• make it auth provider agnostic

0.7.4

This is a technical release required as part of the work on Helm Charts for the Utilities.

The DAR files and the UI are unchanged from the previous version.

0.7.3

This version fixes a UI bug where certain operations cannot be performed if the counterparty did not vet the utility-commercials-v0 package.

Moreover, the UI does not poll for the utility-collateral-app package, which logged a noisy error in the previous UI version.

0.7.2

This is a technical release required as part of the work on Helm Charts for the Utilities.

The DAR files and the UI are unchanged from the previous version.

0.7.1

This version fixes a bug that was surfaced on the 0.7.0 UI and Top Up app.

The DAR files are unchanged.

0.7.0

This version includes the following improvements to the Utilities:

• Make the Utilities compatible with splice-0.1.9

• Enable cross-provider compatibility, meaning that tokens can be transferred between owners onboarded by different providers

• Integrating the token standard to enable the settlement of Delivery-versus-Payment workflows (DvPs)

The following additional DARs should be installed on your validator node:

• utility-commercials-v0-0.2.0.dar

• utility-credential-app-v0-0.2.2.dar

• utility-registry-app-v0-0.2.0

We now offer two mechanisms for configuring your operator party:

• Refer to Digital Asset’s operator backend. Configure the environment variable UTILITY_APP_UTILITY_BACKEND_URL as follows:

  • DevNet: https://api.utilities.digitalasset-dev.com

  • TestNet: https://api.utilities.digitalasset-staging.com

  • MainNet: https://api.utilities.digitalasset.com

• Specify the party literal as before, using the UTILITY_APP_OPERATOR_PARTY_ID environment variable. The current values can be obtained from these URLs:

  • DevNet: https://api.utilities.digitalasset-dev.com/api/utilities/v0/operator

  • TestNet: https://api.utilities.digitalasset-staging.com/api/utilities/v0/operator

  • MainNet: https://api.utilities.digitalasset.com/api/utilities/v0/operator

0.6.1

This version introduces two improvements to the Utility UI:

• Optimize polling frequency: refresh active contract queries only when the ledger end has advanced

• Fixing a bug which removed the ability to accept commercial agreements if CurrentVersion was not set

Users can deploy this release of the Utility directly together with the update to Canton 3.3. There is no need to apply 0.6.0 before upgrading to 0.6.1.

0.6.0

This version updates the Utility UI for compatibility with the latest Canton/Daml 3.3.

0.6.0 can be applied to Test Net from June, 11th 2025, and then to Main Net from June, 25th 2025 in line with the Canton/Daml 3.3 rollout schedule listed here

The UI is available here

The Utility Daml models are unchanged from the previous version.

The Utility UI requires Canton/Daml version 3.3 or later.

0.5.3

This release introduces a new application that automatically tops up either CredentialBilling or CommercialAgreement contracts when their locked deposits fall below a configurable threshold. The application can be deployed as a native Kubernetes cron job or as a long-running container, depending on your infrastructure needs.

• Setup documentation: here

• Application image: here

The UI has been updated - UI image: here

This version includes a bugfix to remove refetch interval for ledger offset.

This version is fully compatible with existing versions of the application.

0.5.1

This version introduces a new feature to the “Commercial Agreement” component, facilitating base fee payments. The following additional DARs should be installed on your Participant:

• utility-commercials-v0-0.1.0.dar

The bundle files containing the DAR packages for the Utility are available in JFrog. Download version 0.5.1 of the bundle. The UI is available here

The release is compatible with existing versions of the application.

0.4.1

This version introduces a new component called “Commercial Agreement” and includes an update to the Credential Utility.

The billing processing for paid credentials incurs a service fee. To use this service provided by Digital Asset, a Commercial Agreement must be established. This agreement, issued by Digital Asset, can be accepted via the user interface and outlines the service fee terms.

Additionally, the credential billing process includes an on-ledger accounting feature for rewards that can be used in combination with a Reward Share component (not released yet). In order to support external signing, the CredentialOffer_AcceptFree and CredentialOffer_AcceptPaid will now set validFrom = None.

The new functionality is exposed through the User Interface. In addition, the User Interface includes numerous improvements to enhance usability and user experience.

The following additional DARs should be installed on your Participant Node:

• utility-credential-app-v0-0.2.1

• utility-commercials-v0-0.0.1

The bundle files containing the DAR packages for the Utility are available in JFrog. Download version 0.4.1 of the bundle. The UI is available here

The release is compatible with existing versions of the application.

0.3.5

This version introduces a fix to the Utility UI to ensure compatibility with the latest Daml models for Splice (specifically splice-amulet-0.1.6).

The Utility Daml models are unchanged from the previous version.

This version can be deployed by users who are on 0.3.4 at any time, as it does not require synchronisation.

0.3.4

This version introduces an update to the Utility Daml models for the Registry component.

An EnforcementService contract is introduced which, when setup between a holder and a registrar, allows the registrar to transfer the holder’s assets to another receiver under certain conditions.

A RegistrarConfiguration contract is introduced to define the required credentials in order to enter into an EnforcementService.

The Utility UI exposes these new features to users.

The following DARs must be installed in order to proceed with the release:

• utility-credential-app-v0-0.1.0

• utility-registry-app-v0-0.0.1

• utility-registry-app-v0-0.1.0

• utility-version-v0-0.0.1

The bundle files containing the DAR packages for the Utility are available in JFrog. Download version 0.3.4 of the bundle.

Rollout Schedule

The following schedule outlines the planned updates for each environment:

Environment	Rollout Date
Dev Net	15th Nov
Test Net	28th Nov
Main Net	9th Dec

All client nodes must be updated within this time frame to ensure compatibility and minimize disruptions.

Package Versions

After the rollout, all environments will be running on:

	Credential App	Registry App	Frontend Image
Version	0.1.0	0.1.0	0.3.3