97: Slatepack transactions ⚛️
May 04-10 2020
tl;dr
Big update from Grin++ and results from security audit published.
Slatepack RFC proposes a single Grin transaction building standard.
Disclosure of a node vulnerability that was patched in v3.1.0, there’s been no indication of an exploit.
It may not be required to lock outputs during transaction building, would improve usability considerably.
Projects
Grin++ is now at v1.0.0, with a new UI designed by @dtavarez, and lots of fixes and improved functionality. Forum update by lead developer @dburkett.
At the same time, the results from the Grin++ Security Audit by SmartDec were also published in entirety.
Dev
There are 104 open issues in /grin, and 33 open issues in /grin-wallet.
Merged PRs: 2 in /grin | 1 in /grin-wallet | 3 unique contributors
Grin v4.0.0 Network Upgrade (HF3), expected ~ July 15, 2020:
@antiochp weekly update.
A potential node vulnerability, CVE-2020-12439, was patched in v3.1.0. There’s no evidence of an exploit, as it would have required a significant graphrate. The worst case would likely have been a node failing to reach consensus. All users are encouraged to upgrade to v3.1.0 or later.
Following a meeting to review recent efforts in transaction building, ideas have converged into a Slatepack RFC, written by @joltz, proposing to unify Grin transaction building methods into a single protocol.
Tomorrow’s dev meeting will be discussing http(s) transaction method deprecation, and whether it should be announced in v4.0.0 or not.
The next bi-weekly developer meeting is scheduled for tomorrow Tue May 12 @ 15:00 UTC in grincoin#dev on Keybase. You can add topics to the agenda.
Governance
The next bi-weekly governance meeting is scheduled for tomorrow Tue May 19 @ 15:00 UTC in grincoin#general on Keybase. You can add topics to the agenda.
Research
@tromp observed that outputs do not necessarily need to remain locked during transaction building, potentially having huge implications for usability and high volume transaction processing.
@phyro and @tromp discuss ObscuroJoin - a proposal to obscure transactions before they are broadcasted.
If you want to impress your friends in succinctness, Grin can be expressed as:
Σ utxo = Σ kernel + offset * G + (height+1) * 60 * H
RFCs
Draft
Slate Serialization [wallet-dev]
e2e encrypted slates over http(s) [wallet-dev]
Parallel IBD [node-dev]
Open
QA Team [core]
Armored slates [wallet-dev]
Deprecate HTTP(S) Transactions [wallet-dev]
NEW! - Slatepack [wallet-dev]
Final Comment Period
General fund spending guidelines [core] - disposition to Merge, FCP extended to May 19.
No Recent Duplicate (NRD) Kernels [node-dev] - disposition to Merge, FCP closes May 21.
Compact Slates [wallet-dev] - disposition to Merge, FCP closes May 21.
Accepted
-
Closed
Create a Moderation team [core]
Multiple named wallets [wallet-dev]
Relative kernels [node-dev]
“Grin Nature” Artwork in this edition is by @LovelyGrin.
This newsletter is curated by Daniel Lehnberg. Any views expressed are personal and do not represent an official position of the Grin project.
Got news or articles you would like to include? Any feedback or other suggestions? drop me a line on daniel.lehnberg-at-protonmail.com or find me on Keybase.