feat: upgrade template to runtime v0.15.0

[tusharpamnani]

Description

This PR upgrades the hello-world template to utilize Midnight SDK v8 (runtime v0.15.0). It refactors the core wallet and provider logic to align with the latest architectural patterns, including the new asynchronous WalletFacade initialization and the mandatory encrypted private state provider.

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Code refactoring
• Performance improvement
• Test update
• Build/CI update
• Other (please describe):

Related Issues

Related to # Runtime compatibility upgrade

Motivation and Context

The Midnight SDK has introduced significant breaking changes in v8, most notably the transition to ledger-v8 and the requirement for encrypted local storage for the level private state provider. This update ensures that new projects created with create-mn-app are compatible with the latest network requirements and security best practices.

Changes Made

• SDK Upgrade: Migrated all template dependencies to @midnight-ntwrk/ledger-v8.
• Wallet Refactor: Replaced legacy synchronous WalletFacade constructor with the new WalletFacade.init pattern.
• Transaction Signing: Implemented the official signRecipe methodology, replacing the previous manual intent-signing workaround.
• Security: Added support for the encrypted level private state provider, requiring a PRIVATE_STATE_PASSWORD environment variable.
• Improved UX: Integrated wallet.waitForSyncedState() into deploy, cli, and check-balance for more reliable network synchronization.
• Documentation: Updated the template README to guide users through the new environment variable requirements.

Testing Performed

Manual Testing

• Tested on macOS
• Tested on Linux
• Tested on Windows
• Tested with npm
• Tested with yarn
• Tested with pnpm
• Tested with bun

Test Commands

# Generated a new project and verified the updated templates
npm install
export PRIVATE_STATE_PASSWORD='YourTestPassword'
npm run compile
npm run deploy
npm run cli

Breaking Changes

• This PR introduces breaking changes
• Migration guide updated (if applicable)

Note: Projects generated with this version will require PRIVATE_STATE_PASSWORD to be set in the environment or an error will be thrown during script execution.

Documentation

• README.md updated (if needed)
• CHANGELOG.md updated
• Code comments updated
• API documentation updated (if applicable)
• Examples updated (if applicable)

Checklist

Code Quality

• My code follows the project's coding standards
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings or errors
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

[Olanetsoft]

Hey, thanks for the updated PR! This is a big improvement over the first one; the source files are properly updated this time, and the new SDK patterns (WalletFacade.init, signRecipe, waitForSyncedState) all check out.

A few things before we can merge:

rxjs was dropped from package.json, but the code still uses it. All three template files still import * as Rx from 'rxjs', and deploy/cli uses it heavily for the polling loops. It works right now because other midnight packages transitively pull it, but that's fragile. Please add it back as a direct dependency.

@midnight-ntwrk/compact-js should be 2.5.0, not 2.4.0. The other v4 packages (midnight-js-contracts, midnight-js-types) depend on compact-js 2.5.0, so pinning 2.4.0 causes two versions to get installed. Bumping to 2.5.0 keeps everything aligned.

On the PRIVATE_STATE_PASSWORD requirement — I get that the new SDK requires it for encrypted local storage, but for a hello-world template meant for local dev, throwing a hard error if the env var isn't set adds unnecessary friction for beginners. Could we default to something like process.env.PRIVATE_STATE_PASSWORD || 'development' instead? That way, it just works out of the box, but people can still override it. We can drop the README section about it, too, if we go that route.

Minor: There's a pre-existing TS error on address.slice() in deploy.ts (line 415) — address is MidnightBech32m which doesn't have .slice(). Since you're already touching these files, it would be great to fix it with address.toString().slice(...).

Overall, this is looking close, just these tweaks, and it should be good to go!

[Olanetsoft]

Check comment

[tusharpamnani]

hey @Olanetsoft, I've updated the code according to the requested changes.
would be happy to fix any other changes (if any)

[Olanetsoft]

Thanks for the quick turnaround on the fixes! Everything checks out — approving and merging.

[Olanetsoft]

@tusharpamnani I'm not able to merge; please sign your commits.

[tusharpamnani]

hey @Olanetsoft, just pushed a signed commit (added a small whitespace change). It should be good to merge now!

[Olanetsoft]

@tusharpamnani i still can't get this merged. can you do

git config --global user.signingkey <YOUR_GPG_KEY_ID>
git config --global commit.gpgsign true

And then to re-sign all commits:
git rebase --exec 'git commit --amend --no-edit -S' origin/main
^ replays every commit on the branch and re-signs each one without changing any content.

Then:
git push --force-with-lease

You should be all good!

[tusharpamnani]

hey @Olanetsoft, all commits have been re-signed and the branch is updated. This should be good to merge now

[Olanetsoft]

Hey Tushar! The PR is approved and looking great, but GitHub is still blocking the merge because the commit signatures aren't showing as verified.

A couple of things to check:

1. Make sure your GPG key is uploaded to GitHub (Settings → SSH and GPG keys).
2. The email on your GPG key needs to match the email on your commits. You can check with: git log --show-signature -3

Once that's sorted, do the rebase and force push again:

git rebase --exec 'git commit --amend --no-edit -S' origin/main
git push --force-with-lease

After pushing, check on GitHub that each commit shows a green "Verified" badge. If they don't, the key/email mismatch is usually the culprit.

Let me know if you run into any issues! @tusharpamnani

[tusharpamnani]

Hey @Olanetsoft , just pushed a fix for the signature issue.

Turned out the problem was a mix of unsigned commits + my old GPG key being unusable, so I generated a new key, configured Git properly, and re-signed everything.

Just verified locally as well — latest commit shows:

gpg: Good signature from "tusharpamnani (created-new-gpg-keys) <tusharpamnani1@gmail.com>"

You should now see the green Verified badge on GitHub. Let me know if it's all good from your side!

[Olanetsoft]

@tusharpamnani, unfortunately, we’re facing the same problem. It’s frustrating despite all the fixes, so we might have to close this PR. Please open a new one with the same code but use a signed commit. That way, we'll have a single signed commit for the code, and I can approve it.