33 releases 33 tags

RSS feed

• v1.0.0-beta.33 ebac7d2d84

  Compare

  Morphit v1.0.0-beta.33 Stable

  agorise released this 2026-06-26 21:42:50 +00:00 | 0 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release fixes a balance display that could get stuck showing an old number,
  adds an at-a-glance fiat value next to your BLURT, greets you by name on the
  welcome-back screen and lets you sign out from there, smooths out signing in and
  getting set up, and gives operators a proper menu for managing payment methods.

  Nothing here changes how trading works or what anything costs, and Morphit still
  keeps no data about you. If you're already signed in, your account, keys, and
  balances carry over untouched.

  Your wallet

  • Fixed: your balance no longer gets stuck on an old number. The balance card
    is meant to update on its own every few seconds, but a caching rule could keep
    serving a stale value — especially when the network was flaky — so a deposit or
    transfer might not show up for a long time. Balances are now treated as live data:
    the card refetches instead of coasting on a cached number.

  • The refresh button now forces a real, live update. Tapping refresh used to be
    answerable from that same short-lived cache, and a tap that landed during the
    automatic refresh could be swallowed entirely (the icon spun but nothing
    refetched). It now does a hard refresh that bypasses every cache and reads your
    balance straight from the chain, every time.

  • An approximate fiat value next to your BLURT. When your operator runs a price
    feed, your liquid BLURT balance now shows a rough value beside it, e.g. (~$10.00 usd). If the price feed isn't available, the line is simply left off rather than
    showing anything misleading.

  Signing in

  • The welcome-back screen greets you by name. When you return to a device that
    remembers you, the heading now reads "Welcome back @yourname" so it's clear which
    account you're about to unlock.

  • Sign out right from the welcome-back screen. There's now a Sign out button next
    to Unlock — the same one, with the same confirmation, that you'd use from the
    account menu — so you can switch away from a remembered account without unlocking
    it first.

  • Importing from a seed phrase finds your account name for you. A seed phrase
    carries your keys but not your account name. Morphit now looks the name up for you
    from any key you import — seed phrase, key file, or posting key — and signs you in
    when it matches exactly one account, falling back to asking only if the lookup is
    ambiguous or unavailable. As before, that lookup goes through your operator's own
    node and never reaches a third party directly.

  • You land where you were going. If you're sent to the unlock screen because you
    tried to open a page while locked, unlocking now takes you to that page instead of
    dropping you on the home screen.

  Getting set up

  • A clear prompt when you're not signed in. A site-wide banner now explains the
    accountless state and links you to the right next step, instead of leaving you to
    guess where to start.

  For operators

  • Manage payment methods is now an interactive menu. The "Manage payment methods"
    item in morphit-ops previously just printed the list and dropped you back at the
    shell. It now opens a list / add / remove menu that prompts you for each field and
    signs the on-chain change for you — no need to remember the command-line flags. The
    scriptable payment-method add | remove | list commands still work exactly as
    before.

  • As with recent betas, this release changes no third-party dependencies.

  Under the hood

  • The balance and welcome-back changes ship with regression tests, including a
    tamper-checked guard that fails if the balance cache is ever loosened back to a
    stale-serving window, and a check that keeps the operator menu wired to the
    interactive payment-method flow. A fresh five-persona walkthrough and a focused
    deep-deep review confirmed the changed sign-in and operator surfaces end to end.

  Downloads

  • morphit-v1.0.0-beta.33.tar.gz
    1 download · 2026-06-26 22:27:05 +00:00 · 10 MiB
  • morphit-v1.0.0-beta.33.tar.gz.sha256
    1 download · 2026-06-26 22:27:03 +00:00 · 96 B
• v1.0.0-beta.32 cbd330ddac

  Compare

  Morphit v1.0.0-beta.32 Stable

  agorise released this 2026-06-26 05:46:14 +00:00 | 2 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release fixes a bug where your avatar could vanish after a profile edit, makes
  your avatar and display name show up everywhere they should, lets you skip typing
  your account name when you import from a seed phrase, makes that lookup private,
  hardens every text field against pathological input, and adds the usual round of
  polish to the profile and sign-in screens.

  Nothing here changes how trading works or what anything costs, and Morphit still
  keeps no data about you. If you're already signed in, your account, keys, and
  balances carry over untouched.

  Your profile and avatar

  • Fixed: your avatar no longer disappears when you change only your bio. Updating
    one part of your profile (say, just your short bio) used to overwrite the rest,
    which could orphan an avatar you'd already set even though it was still on chain.
    Profile updates now merge field-by-field — an omitted field is left alone, and only
    an explicit clear removes one — so a partial edit keeps everything else intact.

  • Your avatar shows up everywhere now. Once you've set an avatar, it appears in
    the top-right menu and anywhere your identity is shown, not just on your public
    profile page.

  • A display name is now optional. You can set an avatar and links without being
    forced to choose a display name first, and leaving the name blank no longer wipes a
    name you set earlier.

  • A bit more room for your avatar. The inline avatar size limit was raised so more
    designs fit comfortably.

  • Clearer broadcast status and a new avatar card in Settings. Publishing now says
    "Broadcasted" when it lands, and Settings gained a dedicated avatar card with a
    thumbnail preview and a confirmation step before you replace one.

  Signing in

  • Importing from a seed phrase now finds your account name for you. A seed phrase
    contains your keys but not your account name, so you used to have to type it in by
    hand. Morphit now looks the name up for you, and if it matches exactly one account
    it signs you straight in. If it's ambiguous or unavailable, you simply enter the
    name as before.

  • That lookup is private. The name lookup goes through your operator's own node,
    so the request — and your connection — never reaches a third-party node directly. If
    the lookup can't be made for any reason, Morphit quietly falls back to asking you
    for the name rather than reaching out to anyone else.

  • Import-screen polish. The remember-me option is gated correctly, and a mismatch
    is flagged with a clear red border. The "sign in with your keys" button shows a lock
    icon on the welcome-back screen.

  Privacy and hardening

  • Every text field has a length cap. A site-wide review added a length backstop to
    every free-text input and text area, on top of the existing validation, so an
    oversized or pathological paste can't slip through. The caps are set above every
    legitimate limit, so normal input is never cut off.

  • Clearer errors when your key doesn't match. Before publishing, Morphit now checks
    that your key actually has authority for the action and tells you up front if it
    doesn't, instead of failing further along.

  Small fixes and polish

  • The block-explorer card was removed from the home page (with a subtle hover lift on
    the cards that remain), the slide-in arrow links were unified into one consistent
    style across the app (correct in right-to-left languages too), the FAQ article hover
    border was toned down, and the profile page now shows your identity glyphs without
    repeating the @handle, with friendlier titles like "Message @username" on other
    people's profiles.

  For operators

  • The welcome dust for new accounts was nudged up slightly so a brand-new account
    has a touch more headroom out of the gate. Funding requirements are otherwise
    unchanged.

  • As with recent betas, this release changes no third-party dependencies.

  Under the hood

  • Two fresh, independent code reviews re-ran the full test, type-check, and
    security-smoke suites from a clean slate. The first audited every text input across
    the site for injection and overflow risks and confirmed there's no stored-cross-site
    scripting hole. The second re-checked the new profile, avatar, and seed-import work
    and caught one privacy issue before release: the seed-import name lookup had been
    reaching a third-party node directly. It now routes through your operator's node like
    the rest of Morphit, with a regression check added so a future change can't quietly
    reintroduce a direct lookup.

  Downloads

  • morphit-v1.0.0-beta.32.tar.gz
    2 downloads · 2026-06-26 06:30:29 +00:00 · 10 MiB
  • morphit-v1.0.0-beta.32.tar.gz.sha256
    1 download · 2026-06-26 06:30:26 +00:00 · 96 B
• v1.0.0-beta.31 444ce29527

  Compare

  Morphit v1.0.0-beta.31 Stable

  agorise released this 2026-06-25 23:42:42 +00:00 | 3 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release makes publishing to the chain more private and more reliable, fixes a
  settings bug that could show you another account's profile, polishes the sign-in and
  locked-screen experience, unifies the navigation arrows, fixes the desktop update
  banner, and clears out some obsolete account-creation machinery for operators.

  Nothing here changes how trading works, what anything costs, or what data Morphit
  keeps (still none of it). If you're already signed in, your account, keys, and
  balances carry over untouched.

  Privacy and reliability

  • Publishing to the chain now goes through your operator's own node. Previously,
    every action you published — placing or editing an order, sending a chat message,
    updating your profile, leaving feedback — was sent straight from your browser to a
    third-party Blurt node. That leaked your IP address and your exact action to a node
    Morphit doesn't control, and it broke entirely if that node went down or changed
    its settings. Now those writes travel through the same node that already serves the
    app, so outsiders never see your connection, and if anything does go wrong you get
    the real reason instead of a generic "couldn't broadcast" message. This matches how
    reading already worked, and it falls back to the old path automatically if your
    operator's node is briefly unreachable, so it can never be less reliable than
    before.

  • Fixed: switching accounts could show the previous account's profile. If you
    signed out and back in as a different account, the Settings page could show the
    earlier account's display name, short bio, and links. Profile drafts are now kept
    separately per account, the leftover shared drafts are cleared, and the form fills
    in from what's actually on chain for the account you're signed in as.

  • Clearer connection errors in Settings. The RPC-endpoint panel in Settings now
    tells you why a node isn't responding — "Timed out", "Unreachable", or the HTTP
    error — instead of only showing it as failing.

  Signing in

  • The header button says "Unlock" when your keys are saved. On a device that
    remembers your keys, the top-right button now reads "Unlock" (and takes you to the
    welcome-back screen) instead of "Start", which looked as if you had no account. A
    brand-new device still says "Start".

  • Refreshing a locked page sends you home. If you refresh, lock, or arrive on a
    page that needs you signed in — settings, posting, chat, backups, two-factor —
    while your session is locked, you now land on the homepage with that "Unlock"
    button, instead of being stranded on an empty page.

  • The password field is focused and ready. On the welcome-back screen you can now
    just type your password and press Enter; the field is focused automatically.

  • Matching icons on the sign-in buttons. The "sign in with your keys" and "use my
    phone" buttons now use crisp matching icons.

  Your profile, orders, and settings

  • Save-locally buttons everywhere they belong. The blurt.media and Nostr fields
    now each have a "Save locally only" button alongside "Save & broadcast", matching
    the short-bio field.

  • Small fixes: the blurt.media and Nostr inputs now show one clear colour per
    state instead of a doubled border, profile icons are spaced consistently, and the
    balance refresh button always shows a visible spin when you tap it.

  • Clearer "My Orders" when you're signed out. If you open your orders page before
    signing in — or on a locked device — the page now explains what to do in its own
    words (with both a "create an account" and an "I already have an account" option),
    rather than borrowing the wording from the order-posting screen. A locked device
    never reveals your past trades.

  Getting around

  • Unified navigation arrows. The back and forward arrows across the app now share
    one consistent style — they slide in the direction they point and turn green on
    hover, with no underline — matching the "Learn more" arrows on the homepage. They
    also point the correct way in right-to-left languages.

  • A tidier sign-up intro. The introductory explanation now appears only on the
    first sign-up step instead of repeating on every step.

  Updates

  • Fixed the "update available" banner on desktop. The banner could get stuck or
    reload the page on its own. Now it only reloads when you choose "Load it now", the
    "Later" button simply dismisses it for the session, and it reappears on its own if
    a newer version is deployed.

  Help / FAQ

  • FAQ links now scroll to the right place. Footer links into the FAQ (such as the
    AGPL-3.0 and API links) now smoothly scroll to and open the article they point at,
    even for articles far down the page.

  • A safer seed-import button. On the import screen, the "Unlock my account" button
    now activates only when you've entered exactly twelve words, so a stray paste can't
    light it up prematurely.

  For operators

  • Footer addresses show only what you've configured. The Tor, i2p, Lokinet, Nostr,
    and ENS pills in the footer now appear only for the networks you've actually set,
    instead of showing greyed-out placeholders for the ones you haven't.

  • ENS links to the bare name. An advertised ENS address now links to the bare name
    (e.g. morphit.eth), which ENS-aware browsers resolve directly with no centralized
    gateway.

  • Removed the obsolete weekly ACT-minting machinery. Since beta.28, account
    creation pays the chain's creation fee inline with a direct account_create op, so
    the old weekly "mint Account Creation Tokens" ceremony no longer exists. This
    release removes the leftovers that still referred to it: two dead systemd unit
    templates, a dead helper script entry, and stale instructions in the launch
    checklist, automation notes, security notes, and the Ansible deployment role that
    told you to run a command that no longer exists. What you need to do is unchanged
    and simpler: keep @morphit-relay funded with enough liquid BLURT to cover
    signups (about 100 BLURT per account). If you're upgrading from an older deploy that
    set up the weekly timer, you can remove the morphit-relay-mint-acts service and
    timer; they do nothing now.

  • As with recent betas, this release changes no third-party dependencies.

  Under the hood

  • A fresh, independent code review re-ran the full test, type-check, and
    security-smoke suites from a clean slate and confirmed everything passes, including
    a close look at the new same-origin publishing path (it only forwards the
    operations Morphit actually uses, the transaction stays signed entirely on your
    device, and it's rate-limited) and the per-account profile fix.

  Downloads

  • morphit-v1.0.0-beta.31.tar.gz
    1 download · 2026-06-26 00:29:11 +00:00 · 10 MiB
  • morphit-v1.0.0-beta.31.tar.gz.sha256
    1 download · 2026-06-26 00:29:09 +00:00 · 96 B
• v1.0.0-beta.30 41f38fd40a

  Compare

  Morphit v1.0.0-beta.30 Stable

  agorise released this 2026-06-25 02:00:26 +00:00 | 4 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release fixes an important sign-in reliability problem, adds a short bio to your
  profile, tidies up the settings and sign-up screens, makes the navigation arrows
  easier to see, and gives operators a new decentralized address option plus a fix for
  a crash in the node-management tool.

  Nothing here changes how trading works, what anything costs, or what data Morphit
  keeps (still none of it). If you're already signed in, your account, keys, and
  balances carry over untouched — and thanks to the fix below, staying signed in is now
  more reliable.

  Staying signed in

  • Refreshing the page no longer signs you out. If you chose to be remembered on
    this device, a normal page refresh could quietly drop you back to the import
    screen, as if you'd never saved your keys. That's fixed: refreshing the page,
    closing a tab, or locking one tab now leaves your saved keys in place, and only a
    real sign out clears them. Signing out in one tab still signs you out of the
    others, as before.

  Your profile and settings

  • New: a short bio. You can add an optional short bio (up to 128 characters) to
    your profile from Settings. It appears under your name on your profile page. Like
    your display name, you can save it on this device only or broadcast it so other
    instances see it.

  • Clearer save buttons. The two profile-save buttons are now labelled
    "Save locally only" and "Save & broadcast", with a one-line explanation of each
    above them, so it's obvious which one keeps a change on your device and which one
    publishes it.

  • A tidier settings screen. The avatar card moved up next to your account name,
    some wordy explanations were trimmed, and the auto-lock timer now shows a brief
    "Changed to …" confirmation when you pick a new value.

  Signing up

  • A progress bar. New accounts now see a simple "Step X of Y" progress bar during
    sign-up, so you can tell how far along you are. (If you're importing an existing
    account, you won't see it — that path is a single step.)

  Getting around

  • Bigger, clearer navigation arrows. The small back and forward arrows around the
    app are now larger and easier to see, and they match the colour and size of the
    text next to them. They also point the correct way in right-to-left languages.

  • Consistent back links. The "back" links at the top of the block explorer,
    privacy, and two-factor pages now all use the same clear styling instead of three
    different colours.

  Two-factor settings

  • A clearer two-factor page. The authenticator-app two-factor settings page got a
    visual tidy-up — its expandable sections are easier to spot, the recommended and
    not-recommended app lists are alphabetised, and the headings are clearer. (How
    two-factor works is unchanged.)

  For operators

  • A new decentralized address option: ENS (.eth). Your instance can now
    advertise an ENS .eth name alongside its Tor, i2p, and Lokinet addresses. It
    appears in the footer and on the instances page and links out through .eth.limo,
    giving visitors another censorship-resistant way to reach your node. Set it from
    the init wizard or the morphit-ops alt-address command; it's a display-only
    pointer, so there's no key to manage.

  • Fixed: the morphit-ops menu could crash after an upgrade. If you ran
    morphit-ops from a directory that had been replaced during an upgrade, choosing
    most menu items (edit settings, alternate addresses, status, and so on) would crash
    with a uv_cwd error. The tool now recovers cleanly and works regardless of which
    directory you launch it from.

  • As with recent betas, this release changes no third-party dependencies.

  Under the hood

  • A fresh, independent code review of the recent changes re-ran the full test and
    type-checking suite from a clean slate and confirmed everything passes, with the
    sign-in fix above pinned by an automated regression test so it can't quietly return.
    A few internal code comments were also brought back in line with how the sign-in
    code now actually behaves.

  Downloads

  • morphit-v1.0.0-beta.30.tar.gz
    1 download · 2026-06-25 02:49:39 +00:00 · 10 MiB
  • morphit-v1.0.0-beta.30.tar.gz.sha256
    1 download · 2026-06-25 02:49:36 +00:00 · 96 B
• v1.0.0-beta.29 5199375ae9

  Compare

  Morphit v1.0.0-beta.29 Stable

  agorise released this 2026-06-24 03:11:16 +00:00 | 5 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release is mostly about making your account protection more trustworthy and
  your wallet and profile screens more accurate. The biggest work happened in the
  parts you can't see — the code that guards your keys — but there are also a number
  of visible fixes across the wallet, the profile, sign-up, the block explorer, and
  the operator tools, plus a new FAQ entry explaining why Morphit is licensed the way
  it is.

  Nothing here changes how trading works, what anything costs, or what data Morphit
  keeps (still none of it). If you're already signed in, you don't need to do
  anything; your account, keys, and balances carry over untouched.

  Your account protection

  • Changing your password no longer risks your hardware key. If you protect your
    account with a YubiKey, changing your password used to quietly drop the hardware
    key — afterwards the key could no longer unlock you. That's fixed: a password
    change now keeps every unlock method you've set up exactly as it was, hardware key
    included. (Two-factor authenticator codes were always preserved, and still are.)

  • Enrolling a hardware key now proves it actually works first. When you add a
    YubiKey, Morphit now checks that the key produces a real, unique response before it
    trusts it for unlocking — and refuses to finish if it can't. This closes a subtle
    way a misbehaving key or browser could have left you with a "protected" account
    that wasn't genuinely protected. Your password remains a fallback, so a bad key can
    never lock you out.

  • A long-standing flaw in the encrypted key store was fixed. A wrong internal
    setting meant the hardware-key / layered key-store path could fail when writing —
    it now works correctly. This path requires a physical key, so it never affected
    password-only accounts.

  Wallet and profile

  • Voting power now matches your Blurt wallet. The "Voting" figure on your balance
    card and on explorer account pages now uses the same calculation Blurt's own wallet
    shows, to two decimals, instead of a different measure that could read low.

  • The balance card refreshes on demand and animates changes. A refresh button
    (matching the one on explorer pages) lets you pull fresh numbers, and changed
    balances count up smoothly rather than jumping.

  • Your profile picture is consistent everywhere. The little identicon in the
    account menu now always matches the one on your profile and settings — it used to
    occasionally show an older version until a full page reload.

  • Clearer sign-up. While you type a username, the claim button now previews
    "Claim my @yourname username now" in real time, the field shows a clear invalid
    state when a name is taken or reserved, and the "are you sure you want to leave?"
    prompt wording is plainer.

  • Smaller touches. The on-screen private key now carries a lock icon so it's
    obvious it's secret; low-balance hints are now a readable amber with a warning
    icon; a duplicate "sign out" button was removed from settings (the one in the
    account menu stays); and several support and explorer links now open correctly in
    a new tab.

  • Block explorer link fixes. Transaction and block links that could land on a
    "not found" page now resolve correctly, and the account page shows all four Blurt
    key types (owner, active, posting, memo).

  Connectivity

  • The node list is clearer and sortable. Your settings now list the relay/index
    nodes best-first, with a refresh button to re-check their speeds, latencies shown
    in seconds (turning amber when a node is slow), a plain "Error: " when a node
is failing, and the full set of network nodes shown — including the ones your
browser can't reach directly but your instance uses behind the scenes.

  A note on the license

  • New FAQ: "Why does Morphit use the AGPL-3.0 license?" A short, plain-language
    explanation of the privacy-and-freedom reasoning behind Morphit's copyleft license
    — why it's a better fit than permissive or no-license alternatives for software
    meant to be forked and run by anyone. The "AGPL-3.0" text in the footer now links
    straight to it.

  For operators

  • Two i2p addresses, not one. Your instance can now advertise both an
    always-resolvable .b32.i2p address and a human-readable .i2p vanity address
    (either, both, or neither), set independently. Existing single-address setups keep
    working.

  • Editing one alternate address no longer wipes the others. A bug in the main
    morphit-ops menu could erase your Tor, i2p, or Nostr addresses when you edited a
    different one. Editing alternate-network addresses now keeps the values you don't
    touch, the same way Branding & SEO already did. If your live instance lost its Tor
    onion to this, you can re-add it from the dedicated alt-address command without
    waiting — it's per-network and won't disturb the rest.

  • Node-health shows your sign-up funding at a glance. The morphit-ops node
    health view now surfaces your relay's account-creation funding status alongside
    version and uptime.

  • The desktop "update available" prompt now appears reliably, and a caching bug
    that made the footer occasionally "forget" your instance's name (and could serve
    stale data on mobile) is fixed; the fix heals itself on the next deploy with no
    hard reload needed.

  • As with recent betas, this release changes no third-party dependencies.

  Under the hood

  • The cryptographic core of both two-factor methods is now covered by automated
    tests for the first time — the full hardware-key enroll-and-unlock round trip and
    the authenticator-code enroll-and-verify flow, including that codes survive a
    password change, plus the new enrollment-verification guard described above.

  • The hardware-key USB transport has a complete, documented diagnosis of what still
    needs fixing on real hardware. The browser-to-key byte protocol has known issues
    that can only be verified and corrected with a physical key in hand; rather than
    guess, the exact problems are now written down in the code, and the enrollment
    guard above prevents an unverified key from ever being trusted in the meantime.

  Downloads

  • morphit-v1.0.0-beta.29.tar.gz
    1 download · 2026-06-24 04:29:59 +00:00 · 10 MiB
  • morphit-v1.0.0-beta.29.tar.gz.sha256
    1 download · 2026-06-24 04:29:57 +00:00 · 96 B
• v1.0.0-beta.28 d18868dd80

  Compare

  Morphit v1.0.0-beta.28 Stable

  agorise released this 2026-06-23 06:36:04 +00:00 | 6 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  This release changes how your instance creates new Blurt accounts at signup, so
  that it uses the only account-creation method Blurt still supports. Until now the
  relay relied on Blurt's Account-Creation-Token system — minting tokens ahead of
  time and spending one per signup. Blurt disabled that system at a hard fork (both
  of its operations now hard-fail on the chain), so the relay now creates each
  account with a direct account-creation operation instead, paying the chain's
  account-creation fee inline at the moment someone signs up.

  For people signing up, nothing changes: registration still costs you nothing, you
  still get the welcome bonus after your first completed trade, and listing fees are
  unchanged. The difference is entirely on the relay's side — how it talks to the
  chain to create your account.

  Behind Morphit's beta access gate this hadn't surfaced as a visible failure yet,
  but the old token-based path would have blocked signups on any public instance.
  This release puts account creation back on a working footing.

  Changed

  • New accounts are created with a direct account-creation operation. The relay
    now pays the chain's account-creation fee (about 100 BLURT) inline, per signup,
    reading the exact current fee from the chain each time so it always matches what
    the network requires. The previous token-based approach — minting Account
    Creation Tokens in advance and consuming one per signup — is gone, because Blurt
    no longer allows either token operation. The account that ends up created, the
    one BLURT of starter bandwidth it receives, and the welcome bonus after a first
    trade are all exactly as before.

  For operators

  • No more token minting — keep the relay funded instead. There is no longer a
    weekly token-minting ceremony, no in-process auto-minter, and no mint-acts
    script or timer. Your relay creates each account by paying the fee directly from
    its liquid BLURT, so the one thing it needs is enough BLURT on hand to cover your
    signups (roughly 100 BLURT each, plus the welcome bonuses for people who go on to
    trade). When the balance runs low the relay pauses signups cleanly and your
    alert bot messages you over Matrix; top it up and signups resume on their own
    within about thirty seconds. The total cost is the same as before — only the
    timing changed, from pre-paying a weekly batch to paying per signup.

  • Upgrading from an earlier deploy: after morphit-ops upgrade, remove the
    leftover token-minting pieces if you set them up — the
    morphit-relay-mint-acts.service and .timer units, and any
    MORPHIT_RELAY_AUTOMINT_* or MORPHIT_RELAY_WEEKLY_ACT_COUNT lines in your
    relay's environment file. They no longer do anything. The funded-balance alert
    you may already have configured (the indexer's relay-balance threshold) keeps
    working unchanged. See OPERATIONS.md §0a for the funding math and §47 for the
    low-balance alerts. As with recent betas, this release changes no third-party
    dependencies.

  Under the hood

  • A regression guard pins the new path. A new automated check verifies that the
    relay builds the direct account-creation operation with the fee paid inline and
    the exact field layout the chain expects, and fails if anyone ever tries to bring
    back the disabled token operations. The key-custody design is unchanged — the
    same online key that signed the old operation signs the new one — and the
    architecture decision record and operator runbook have been updated to match.

  Downloads

  • morphit-v1.0.0-beta.28.tar.gz
    1 download · 2026-06-23 17:00:54 +00:00 · 9.9 MiB
  • morphit-v1.0.0-beta.28.tar.gz.sha256
    1 download · 2026-06-23 17:00:52 +00:00 · 96 B
• v1.0.0-beta.27 7a5415a8a1

  Compare

  Morphit v1.0.0-beta.27 Stable

  agorise released this 2026-06-23 03:10:48 +00:00 | 7 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  A small reliability release with one fix at its heart: your instance now routes
  around a Blurt RPC node that has gone down, instead of getting stuck on it. Every
  instance talks to a set of public Blurt nodes for reading the chain and
  broadcasting operations, and it already prefers the fastest one and fails over
  when a node times out or refuses the connection. But if a node's upstream proxy
  answered with an "origin is unreachable" error (the 520–527 status range), the
  instance treated that as a normal rejection and gave up on that request rather
  than trying another node. That's fixed: those errors are now recognized as "this
  node is unreachable — try the next one," so reads and broadcasts hop past a dead
  node automatically.

  The most visible symptom of the old behavior: a relay with a healthy BLURT
  balance could still mint zero account-creation tokens if the one node it
  reached for that broadcast happened to be down — the auto-minter would log a
  single failure and stop. With this release, a single down node no longer stalls
  account-creation token minting, signups, or anything else the relay or indexer
  broadcasts; the instance simply uses a node that's up.

  For operators: morphit-ops upgrade handles this release the usual way — it runs
  npm ci and rebuilds the web frontend, the command-line tools, and the MCP
  server for you. Like the last several betas, this release changes no
  third-party dependencies, so there's no special install step. Managing which
  Blurt RPC nodes your instance uses is the relay and indexer's job (with the
  upgrade flow keeping the defaults current) — never something you should have to
  hand-edit while the software is running.

  Fixed

  • Your instance routes around a downed Blurt RPC node. When a node's upstream
    proxy returns an "origin unreachable" error (HTTP 520–527 — e.g. 521 "web
    server is down"), the instance now classifies it as an unreachable endpoint and
    rotates to a healthy node, applying the same back-off it already uses for
    timeouts and rate limits. Previously these surfaced as ordinary errors, so a
    single down node could dead-end a request. This is what could leave a
    fully-funded relay minting zero account-creation tokens — its fastest node was
    down and it didn't fail over. Reads and broadcasts both recover now.

  For operators

  • Fresh Ansible deployments point at the current Blurt nodes. The Ansible
    deployment defaults pinned the indexer to a Blurt RPC node that has since been
    decommissioned (and the egress firewall opened only that node), so a brand-new
    Ansible install could come up unable to reach a working node. The defaults now
    use the current canonical set of six Blurt RPC endpoints, and the egress
    allowlist matches. If you deployed via Ansible and chose your own endpoints,
    nothing changes for you. (Installs created by morphit-ops init were never
    affected — they already used the canonical set.)

  Under the hood

  • More regression guards. New automated checks pin both fixes so a future
    change can't quietly undo them: the RPC pool's "try another node" logic is
    tested against the full origin-unreachable status range (including the exact
    error a relay saw in the field), and the canonical-endpoint guard — which keeps
    every copy of the node list in sync — now also covers the Ansible deployment
    defaults, the one place the list had been allowed to drift.

  Downloads

  • morphit-v1.0.0-beta.27.tar.gz
    3 downloads · 2026-06-23 04:03:46 +00:00 · 9.9 MiB
  • morphit-v1.0.0-beta.27.tar.gz.sha256
    3 downloads · 2026-06-23 04:03:44 +00:00 · 96 B
• v1.0.0-beta.26 9ad3529127

  Compare

  Morphit v1.0.0-beta.26 Stable

  agorise released this 2026-06-22 23:33:03 +00:00 | 8 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  A reliability release, with one fix that matters more than all the others: new
  account creation works again. On the way to launch we discovered that the Blurt
  library Morphit relies on couldn't sign the two operations behind account
  sign-ups and the relay's automatic token top-up, so a relay with plenty of funds
  could still turn people away with a misleading "temporarily out of funds"
  message. That's fixed. Alongside it: the "a new version is ready" prompt now
  appears on desktop, not just mobile; the node-health screen shows your
  account-creation-token buffer at a glance; the block explorer's account page got
  a thorough polish; and a handful of smaller display bugs are closed.

  For operators: morphit-ops upgrade handles this release the usual way — it runs
  npm ci and rebuilds the web frontend, the command-line tools, and the MCP
  server for you. Like the last few betas, this release changes no third-party
  dependencies, so there's no special install step beyond the upgrade tool. After
  upgrading, your relay will top its account-creation-token buffer back up on its
  own; you can watch it on the node-health screen (option 13 in morphit-ops).

  New

  • Node health shows the auto-minter. The node-health screen now reports your
    relay's automatic account-creation-token (ACT) minter right next to version and
    uptime: a green "✓ N ACT's ready" with the buffer it tops up to, or a red
    "Disabled" if you've turned it off. It's on by default for every instance, so a
    relay keeps itself stocked to create accounts without you having to think about
    it.
  • The block explorer shows an account's four public keys. The account page now
    lists Owner, Active, Posting, and Memo public keys, instead of just the posting
    key — the full picture for anyone inspecting an account on-chain.
  • Reachability addresses are clickable. On the public instances directory, an
    instance's Tor, Lokinet, I2P, and Nostr addresses are now links you can open
    directly, rather than text you had to copy out of a tooltip.

  Fixed

  • New account sign-ups work again — and the relay restocks itself. The two
    on-chain operations behind creating an account and minting account-creation
    tokens couldn't be signed by the bundled Blurt library, which is why some
    instances showed "our registration service is temporarily out of funds" even
    with a healthy balance. Both operations now sign correctly, so sign-ups go
    through and the relay refills its token buffer automatically.
  • The "update ready" prompt now appears on desktop. Previously the prompt to
    load a freshly deployed version reliably showed up on mobile but often never
    appeared on a desktop browser, which would quietly pick up the new version on
    its own. The desktop prompt now appears the way it should, so loading an update
    is your choice on every device.
  • The footer remembers your instance's name. An over-eager cache could revert
    the operator's instance name in the footer back to the default until a hard
    reload; it now stays correct after a normal page load.
  • The order book's interest rate reads correctly. A display bug overstated the
    live BLURT annual rate by roughly five times on one surface; it now matches the
    real, on-chain-derived figure (the rate is always computed live, never
    hard-coded).
  • "Load older operations" no longer stalls near the start of history. On the
    explorer's account page, paging further back used to silently fail once you got
    close to the beginning of an account's history; it now loads the remaining
    operations correctly, with a clear loading indicator.
  • Explorer account links resolve. Transaction and block links on the account
    page no longer lead to a not-found page.
  • Two smaller display bugs. A profile picture that could differ between
    surfaces now derives from one consistent source, and a private account card no
    longer briefly appears for signed-out visitors.

  Improved

  • An accurate voting-power reading. The account's voting-power percentage now
    accounts for delegation (power received and delegated away), so heavy delegators
    see a correct figure rather than an understated one. For an account with no
    delegation, nothing changes. The label across the app is now simply "Voting,"
    and the accompanying hint drops an old, inaccurate description of how the chain
    charges for actions.
  • Clearer wording while signing in and setting up keys. Several small pieces of
    on-screen text on the login, avatar, and key-import screens were reworded for
    clarity, the key-import field now caps overly long input, and a private-key field
    shows a clearer icon.
  • A friendlier "leave this page?" warning. The prompt shown if you try to
    navigate away while choosing a username is now plainer, and the page previews
    your chosen "@name" on the claim button as you type.

  Under the hood

  • More regression guards. New automated checks pin the behaviors above — the
    account-creation-token serializers (proven byte-for-byte against the reference
    library), the node-health auto-minter line, the desktop update prompt, and the
    cache rules that keep the update surface fresh — so a future change can't quietly
    undo them.
  • The full project test suite runs clean again. Two service components that
    carry their checks as standalone smoke tests rather than unit tests were causing
    the repo-wide npm test to report a false failure; the command is green end to
    end again.
  • A repo-wide audit pass. A full security and code audit — including hostile-
    input checks on every on-chain operation handler, a sweep for dead database
    fields, stale references, and resource leaks, and complete persona walkthroughs
    across the app, the operator tools, and the read-only agent interface — found the
    tree in good shape, with the fixes above applied.
  • Translation upkeep. Every new or reworded piece of on-screen text ships in
    all ten languages.

  Downloads

  • morphit-v1.0.0-beta.26.tar.gz
    2 downloads · 2026-06-23 01:07:31 +00:00 · 9.9 MiB
  • morphit-v1.0.0-beta.26.tar.gz.sha256
    3 downloads · 2026-06-23 01:07:28 +00:00 · 96 B
• v1.0.0-beta.25 61fc71d3c1

  Compare

  Morphit v1.0.0-beta.25 Stable

  agorise released this 2026-06-22 02:57:16 +00:00 | 10 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  A trust, transparency, and launch-readiness release. The headline for operators
  is that the project's treasury addresses (BLURT, BTC, and XMR) are now baked into
  the software itself as a single source of truth — and the public instances
  directory flags any instance whose on-chain treasury doesn't match them, so a
  look-alike can't quietly redirect fees. Operators can also set their instance's
  display name and branding on the directory card. For everyone else: signing out
  now signs you out everywhere, the FAQ search is more precise, and a couple of
  small interface bugs are closed. Under the hood, the on-chain release machinery
  that the public launch depends on was completed and hardened.

  For operators: morphit-ops upgrade handles this release the usual way — it runs
  npm ci and rebuilds the web frontend, the command-line tools, and the MCP
  server for you. Like beta.24, this release changes no third-party
  dependencies, so there's no special install step beyond the upgrade tool.

  New

  • The project treasury is part of the software now. The canonical BLURT, BTC,
    and XMR treasury addresses are baked into the code as the single source of
    truth, rather than something each piece configures separately. Fee routing and
    every on-chain treasury check derive from that one place, which removes a whole
    class of "which address is right?" mistakes.
  • The directory flags treasury mismatches. On the public instances page, an
    instance whose on-chain treasury address doesn't match the canonical project
    treasury now carries a clear mismatch indicator — a trust signal that makes a
    fee-redirecting look-alike visible at a glance.
  • Name and brand your instance. Operators can set their instance's display
    name and branding for its directory card through morphit-ops, so your node
    shows up the way you want it to.

  Fixed

  • Sign out means sign out — everywhere. Signing out from any control,
    including the avatar menu, now clears your session across the whole app
    consistently, instead of leaving some surfaces still showing you as signed in.
  • Your instance's directory name actually updates. A bug kept an operator's
    chosen instance name from changing on the directory card; it now reflects what
    you set.
  • The asset picker on the order book closes properly. Selecting an asset no
    longer leaves the picker stuck open.

  Improved

  • Sharper FAQ search. Search now accepts ordinary straight quotes (not just
    curly ones) for exact-phrase matching, waits for a few characters before it
    starts matching so a single keystroke doesn't flood the results, and subtly
    highlights the matched terms so you can see why a result came up.
  • A foolproof path to the on-chain release. The release ceremony now has
    proper tooling: a laptop-only helper signs and broadcasts the on-chain release
    record with the signing key entered at a masked prompt (never stored, never
    logged), and previews exactly what it will send before asking for the key. The
    release bundle's integrity manifest now generates in the exact format the
    on-chain record and the in-browser verifier expect.
  • Clearer launch documentation. The operator launch runbook was de-duplicated
    and reconciled into one canonical sequence, so there's a single, unambiguous
    set of steps to follow at go-live.

  Under the hood

  • The on-chain release pipeline works end to end. The chain of build → integrity
    manifest → signed release record was completed and proven end to end, and is now
    pinned by automated checks so it can't drift back out of shape. This is the
    groundwork the public launch (which will let any visitor's browser verify the
    running site hasn't been tampered with) is built on.
  • Leaner chat bundle. A type-only import was corrected so a byte-handling
    polyfill no longer rides along into a chat code chunk it never needed.
  • More regression guards. New automated checks pin the behaviors above — the
    treasury single-source-of-truth, the release-manifest format, and more — so a
    future change can't quietly undo them.
  • Translation upkeep. Every new or reworded piece of on-screen text ships in
    all ten languages.

  Downloads

  • morphit-v1.0.0-beta.25.tar.gz
    2 downloads · 2026-06-22 03:37:41 +00:00 · 9.8 MiB
  • morphit-v1.0.0-beta.25.tar.gz.sha256
    2 downloads · 2026-06-22 03:37:34 +00:00 · 96 B
• v1.0.0-beta.24 be90400a42

  Compare

  Morphit v1.0.0-beta.24 Stable

  agorise released this 2026-06-21 05:15:04 +00:00 | 11 commits to main since this release

  Signed by agorise

  GPG key ID: 53524E1F1017EB9C

  A reliability, self-healing, and polish release. The headline for operators is
  that your instance now keeps its own account-creation buffer topped up by
  itself — so new sign-ups stop failing silently when that buffer runs dry — and
  it alerts you the moment account creation is actually being refused. For
  everyone else: a sign-in bug that wrongly rejected a valid account is fixed, a
  couple of subtle key- and order-handling issues are closed, the FAQ comparisons
  are refreshed, and a long tail of smaller annoyances is tidied up.

  For operators: morphit-ops upgrade handles this release the usual way — it runs
  npm ci and rebuilds the web frontend, the command-line tools, and the MCP
  server for you. Unlike beta.23, this release changes no third-party
  dependencies, so there's no special install step beyond what the upgrade tool
  already does. If you haven't already, this is a good moment to set your alert
  address (morphit-ops → Matrix alerts) so the new account-creation alerts
  actually reach you.

  New

  • Your instance keeps itself able to create accounts. Creating a new account
    consumes a pre-minted "account token" the relay holds in a small buffer; when
    that buffer empties, sign-ups fail — regardless of how much BLURT the relay is
    holding. The relay now refills that buffer on its own, in the background,
    spending only above a reserve you set, so you no longer have to top it up by
    hand. This is on by default; set the auto-mint switch to off if you'd rather
    manage it yourself.
  • An alert the moment sign-ups are actually being refused. Previously, if the
    account-creation buffer ran dry, new users just hit a failure and you got no
    warning (the only balance alert watched BLURT, which could be plentiful while
    the buffer was empty). There's now a CRITICAL alert that fires exactly when the
    buffer falls to the point where sign-ups are being rejected — and clears itself
    when it recovers — so a silent sign-up outage can't go unnoticed.
  • Exact-phrase FAQ search. Wrap a search in quotes ("…") to match that exact
    phrase instead of the individual words.

  Fixed

  • Sign-in no longer wrongly rejects a valid account. Importing or signing in
    could report a perfectly valid account as "invalid" because the account-lookup
    request was being built with a doubled slash in the URL that the server then
    refused. The address is now always built correctly, so a real account is found.
  • The right key, every time. On the key panel, the short fingerprint shown on
    screen could differ from the full key the Copy button actually gave you. It now
    shows a shortened form of the same value you copy.
  • No accidental duplicate orders. If you navigated away while an order was
    mid-broadcast — unsure whether it had landed — and then posted again, you could
    create a second, duplicate order on-chain (each attempt gets its own random
    identifier). Navigation is now held while an order is being broadcast, the same
    protection the account-creation step already had.
  • "Register when you're ready" actually points somewhere. A sign-up message
    used to tell people to "register from Settings," but Settings has no
    account-creation step — only on-chain name verification. The wording now points
    at the real path (the register prompt on the order book), in all ten languages.
  • Operator console fixes. The morphit-ops status dashboard no longer dead-ends
    with "No database URL configured" when you run it from outside the install
    directory, and the menu's colored markers (including the bright "update
    available" flag) render in color again.
  • Quieter console behind the beta gate. A harmless-but-noisy manifest 401
    during the beta's password gate is resolved.
  • Smaller fixes. Clicking the logo (and a couple of other spots) no longer
    drops your in-memory session; a fresh page no longer loads with its top heading
    tucked under the sticky header; and a "you're about to switch accounts" prompt
    prevents a stale-session mix-up on the sign-in page.

  Improved

  • The FAQ comparisons are current. The "how is Morphit different from …"
    articles were reorganized and brought up to date — including the recent
    real-world events that make the case (a major Bisq/Haveno-class exploit and the
    shutdown of a long-running competitor) — across all ten languages.
  • One wordmark, loaded once. The header, hero, and footer logo are now the
    exact same asset, fetched a single time and cached, instead of being requested
    repeatedly.
  • Glossary and copy. The glossary intro, the "BLURT Power" entry, and a number
    of labels and descriptions were tightened, with every change shipped in all ten
    languages.

  Under the hood

  • Self-healing by default. The account-token refill loop is bounded (it never
    spends below your reserve, mints only toward a target, and caps how much it does
    per cycle) and logs what it does, so the relay can keep itself healthy without
    surprising you.
  • More regression guards. New automated checks pin the behaviors above — the
    duplicate-order guard, the corrected sign-in lookup, a documentation-vs-code
    check that catches an operator example naming a setting the software doesn't
    read, and more — so a future change can't quietly undo them.
  • A deep, repo-wide audit pass. A multi-session review swept every workspace
    for drift, dead code, hostile-input handling, privacy leaks, and documentation
    accuracy; the findings it surfaced are the fixes above.
  • Translation upkeep. Every new or reworded piece of on-screen text ships in
    all ten languages.

  Downloads

  • morphit-v1.0.0-beta.24.tar.gz
    2 downloads · 2026-06-21 05:58:11 +00:00 · 9.3 MiB
  • morphit-v1.0.0-beta.24.tar.gz.sha256
    3 downloads · 2026-06-21 05:58:08 +00:00 · 96 B