Big update from Grin++ and results from security audit published.
Slatepack RFC proposes a single Grin transaction building standard.
Disclosure of a node vulnerability that was patched in v3.1.0, there’s been no indication of an exploit.
It may not be required to lock outputs during transaction building, would improve usability considerably.
Grin++ is now at v1.0.0, with a new UI designed by @dtavarez, and lots of fixes and improved functionality. Forum update by lead developer @dburkett.
At the same time, the results from the Grin++ Security Audit by SmartDec were also published in entirety.
Grin v4.0.0 Network Upgrade (HF3), expected ~ July 15, 2020:
@antiochp weekly update.
A potential node vulnerability, CVE-2020-12439, was patched in v3.1.0. There’s no evidence of an exploit, as it would have required a significant graphrate. The worst case would likely have been a node failing to reach consensus. All users are encouraged to upgrade to v3.1.0 or later.
Following a meeting to review recent efforts in transaction building, ideas have converged into a Slatepack RFC, written by @joltz, proposing to unify Grin transaction building methods into a single protocol.
Tomorrow’s dev meeting will be discussing http(s) transaction method deprecation, and whether it should be announced in v4.0.0 or not.
@tromp observed that outputs do not necessarily need to remain locked during transaction building, potentially having huge implications for usability and high volume transaction processing.
@phyro and @tromp discuss ObscuroJoin - a proposal to obscure transactions before they are broadcasted.
If you want to impress your friends in succinctness, Grin can be expressed as:
Σ utxo = Σ kernel + offset * G + (height+1) * 60 * H
Slate Serialization [wallet-dev]
e2e encrypted slates over http(s) [wallet-dev]
Parallel IBD [node-dev]
QA Team [core]
Armored slates [wallet-dev]
Deprecate HTTP(S) Transactions [wallet-dev]
NEW! - Slatepack [wallet-dev]
Final Comment Period
General fund spending guidelines [core] - disposition to Merge, FCP extended to May 19.
No Recent Duplicate (NRD) Kernels [node-dev] - disposition to Merge, FCP closes May 21.
Compact Slates [wallet-dev] - disposition to Merge, FCP closes May 21.
“Grin Nature” Artwork in this edition is by @LovelyGrin.
This newsletter is curated by Daniel Lehnberg. Any views expressed are personal and do not represent an official position of the Grin project.
Got news or articles you would like to include? Any feedback or other suggestions? drop me a line on daniel.lehnberg-at-protonmail.com or find me on Keybase.