build(deps): bump github.com/BoltzExchange/boltz-client/v2 from 2.9.1 to 2.10.0

[dependabot]

Bumps github.com/BoltzExchange/boltz-client/v2 from 2.9.1 to 2.10.0.

Release notes

Sourced from github.com/BoltzExchange/boltz-client/v2's releases.

v2.10.0 - Big Deal Knockout

Summary

Starting with this release, new Bitcoin wallets are powered by BDK.

Highlights

• feat: bdk rust bindings by @​jackstar12 in BoltzExchange/boltz-client#566
• feat: add tenant remove command by @​kilrau in BoltzExchange/boltz-client#597

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. You'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/BoltzExchange/boltz-client/master/keys/michael.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming boltz-client-manifest-master.txt.sig and boltz-client-manifest-master.txt are in the current directory) with:

gpg --verify boltz-client-manifest-master.txt.sig boltz-client-manifest-master.txt

You should see the following if the verification was successful:

gpg: Signature made Mo 01 Jul 2024 00:40:51 CEST
gpg:                using RSA key C2640F630570F5EDEDE02DE684D249BA71685D46
gpg: Good signature from "Michael <me@michael1011.at>" [unknown]
gpg:                 aka "Michael <michael101101@me.com>" [unknown]

You should also verify that the hashes still match with the archive you've downloaded.

sha256sum --ignore-missing -c boltz-client-manifest-master.txt

If your archive is valid, you should see the following output (depending on the archive you've downloaded):

boltz-client-linux-amd64-master.tar.gz: OK

Changelog

Sourced from github.com/BoltzExchange/boltz-client/v2's changelog.

[v2.10.0] - 2025-11-26

Feat

• add command to remove tenant (#597)
• bdk rust bindings (#566)

Fix

• do not to refund swaps without address or wallet (#606)
• go electrum connection timeout context (#607)
• add migration for legacy btc wallets (#604)
• always encrypt all wallet credentials fields (#588)
• full scan wallet on import (#587)
• also update submarine lockup tx on transaction.confirmed (#584)
• only try refunding submarine swap if funds were locked (#577)

Refactor

• liquid backend initialization (#605)
• increase default BDK sync interval (#592)
• use tempdir as datadir in integration tests (#602)
• wallet backend logs (#603)
• rm redundant invoice paid check (#600)
• use rustls for electrum (#590)
• always use mainnet for rescue keychain (#585)

Commits

• f33fa8e chore: bump version to v2.10.0
• cee41d7 refactor: liquid backend initialization (#605)
• aa7c34a chore: rename Blockstream Green to App (#610)
• ebe0278 fix: do not to refund swaps without address or wallet (#606)
• e931e9e docs: add proper deprecation to gRPC docs (#609)
• c52c746 fix: go electrum connection timeout context (#607)
• 2506305 refactor: increase default BDK sync interval (#592)
• 41618b3 refactor: use tempdir as datadir in integration tests (#602)
• 5817724 feat: add command to remove tenant (#597)
• fa6b007 fix: add migration for legacy btc wallets (#604)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.