Author: Sophia Brown
After a smooth launch, please find a few updates of note below. These probably will be of interest only to the more advanced users amongst you – if you’re not a miner, there is nothing to action. Epoch switch in 2 hours Let’s start with a quick heads up to miners, the network will be switching epoch in roughly 2 hours. If you are using the geth/ethminer combo, you should be all set if you have opted to use the –autodag flag on geth and –no-precompute on ethminer. If not, keep an eye on your miners as they generate the…
Here comes the first Frontier patch, and this is a big one! Before you go further, if your keys date back from Go 1.0 rc or C++ 0.9.36, note that you should regenerate all of your keys NOW. Though some releases of the pre-alpha and alpha clients are secure, this depends on which codebase and which version. You should assume that all keys generated prior to these clients are insecure and compromised. This, note, does not affect the pre-sale wallets. Thawing The thawing pull request has been merged for the Go client and the Master branch has been updated. If…
Over the last year the concept of “private blockchains” has become very popular in the broader blockchain technology discussion. Essentially, instead of having a fully public and uncontrolled network and state machine secured by cryptoeconomics (eg. proof of work, proof of stake), it is also possible to create a system where access permissions are more tightly controlled, with rights to modify or even read the blockchain state restricted to a few users, while still maintaining many kinds of partial guarantees of authenticity and decentralization that blockchains provide. Such systems have been a primary focus of interest from financial institutions, and…
This affects users of Alethzero GUI client on Windows. Users of eth CLI client or not on the Windows platform are unlikely to be affected but should take action detailed below. Users of Frontier command line interface geth are unaffected. Issue description: While setting privacy permissions on the keys directory, insufficient error handling can cause the key files to not be written; this may be widespread on the Windows platform. As such, current versions of AlethZero and eth may include identities for which there exists no underlying key. Ether Presale Claim functionality of AlethZero may result in funds automatically being transferred…
This following shows our current and planned expectations concerning maximum likely chain-reorganisation depth. We would not consider transactions within this depth to have an exceptionally high chance of being permanent. These are our own expectations only and do not constitute any sort of guarantee. They are derived from theoretical considerations, ongoing empirical data, human factors in contingency planning and the past experience of our security team. As with all things in the peer-to-peer space the risk is entirely with the individual operator. In much the same way as many in the space, we will be monitoring the chain for any…
After a successful launch, Frontier passed it’s 100000th block earlier this week. Here are some interesting stats from these first blocks. The first 50 block times (in seconds): Right after genesis, it took 29 seconds for the second block to appear, then 31 and 29 seconds for the next couple of blocks. Not too surprising as the miners scrambled with their setups as the final genesis block became known. After these first blocks, we see the block time drop significantly at the onslaught of larger miners, flooring at 1 second that is the limit enforced by the consensus protocol. Let’s…
This alert is related to a consensus issue that occurred on the Frontier network at block 116,522, mined on 2015-08-20 at 14:59:16+02:00 – Issue has been fixed, see “Fix” below. Impact: High Issue description: State database consensus issue in geth with deletion of account data, which could happen during SUICIDE instructions. Affected implementations: All geth implementations up to and including versions 1.0.1, 1.1.0 and develop (“unstable 1.1.0”) were affected. Eth (C++) and pyethereum (Python) are unaffected. Effects on expected chain reorganisation depth: Increase waiting time for eventual block confirmation to 12 hours Proposed temporary workaround: Miners switch to eth or pyethereum asap…
ETH DEV would like to thank everyone for their participation in the Olympic test network, which helped us greatly in stress testing, optimization, and finding bugs in the Ethereum clients, as well as determining what the limits of the current Ethereum system are. To that end, we are pleased to announce the Olympic reward recipients. On top of the rewards announced below, every miner who mined a block in the Olympic chain with block number in the range [310000, 589999] is entitled to receive 0.5 ETH per block, and every miner who mined a block in the Olympic chain with…
An increasing number of proposed applications on top of Ethereum rely on some kind of incentivized, multi-party data provision – whether voting, random number collection, or other use cases where getting information from multiple parties to increase decentralization is highly desirable, but also where there is a strong risk of collusion. A RANDAO can certainly provide random numbers with much higher cryptoeconomic security than simple block hashes – and certainly better than deterministic algorithms with publicly knowable seeds, but it is not infinitely collusion-proof: if 100% of participants in a RANDAO collude with each other, they can set the result…
Insecurely configured Ethereum clients with no firewall and unlocked accounts can lead to funds being accessed remotely by attackers. Affected configurations: Issue reported for Geth, though all implementations incl. C++ and Python can in principle display this behavior if used insecurely; only for nodes which leave the JSON-RPC port open to an attacker (this precludes most nodes on internal networks behind NAT), bind the interface to a public IP, and simultaneously leave accounts unlocked at startup. Likelihood: Low Severity: High Impact: Loss of funds related to wallets imported or generated in clients Details: It’s come to our attention that some…