github.com/adoriasoft/tendermint@v0.34.0-dev1.0.20200722151356-96d84601a75a/CHANGELOG.md (about) 1 # Changelog 2 3 ## v0.33.6 4 5 *July 2, 2020* 6 7 This security release fixes: 8 9 ### Denial of service 10 11 Tendermint 0.33.0 and above allow block proposers to include signatures for the 12 wrong block. This may happen naturally if you start a network, have it run for 13 some time and restart it **without changing the chainID**. (It is a 14 [misconfiguration](https://docs.tendermint.com/master/tendermint-core/using-tendermint.html) 15 to reuse chainIDs.) Correct block proposers will accidentally include signatures 16 for the wrong block if they see these signatures, and then commits won't validate, 17 making all proposed blocks invalid. A malicious validator (even with a minimal 18 amount of stake) can use this vulnerability to completely halt the network. 19 20 Tendermint 0.33.6 checks all the signatures are for the block with +2/3 21 majority before creating a commit. 22 23 ### False Witness 24 25 Tendermint 0.33.1 and above are no longer fully verifying commit signatures 26 during block execution - they stop after +2/3. This means proposers can propose 27 blocks that contain valid +2/3 signatures and then the rest of the signatures 28 can be whatever they want. They can claim that all the other validators signed 29 just by including a CommitSig with arbitrary signature data. While this doesn't 30 seem to impact safety of Tendermint per se, it means that Commits may contain a 31 lot of invalid data. 32 33 _This was already true of blocks, since they could include invalid txs filled 34 with garbage, but in that case the application knew that they are invalid and 35 could punish the proposer. But since applications didn't--and don't-- 36 verify commit signatures directly (they trust Tendermint to do that), 37 they won't be able to detect it._ 38 39 This can impact incentivization logic in the application that depends on the 40 LastCommitInfo sent in BeginBlock, which includes which validators signed. For 41 instance, Gaia incentivizes proposers with a bonus for including more than +2/3 42 of the signatures. But a proposer can now claim that bonus just by including 43 arbitrary data for the final -1/3 of validators without actually waiting for 44 their signatures. There may be other tricks that can be played because of this. 45 46 Tendermint 0.33.6 verifies all the signatures during block execution. 47 48 _Please note that the light client does not check nil votes and exits as soon 49 as 2/3+ of the signatures are checked._ 50 51 **All clients are recommended to upgrade.** 52 53 Special thanks to @njmurarka at Bluzelle Networks for reporting this. 54 55 Friendly reminder, we have a [bug bounty 56 program](https://hackerone.com/tendermint). 57 58 ### SECURITY: 59 60 - [consensus] Do not allow signatures for a wrong block in commits (@ebuchman) 61 - [consensus] Verify all the signatures during block execution (@melekes) 62 63 **Please note that the fix for the False Witness issue renames the `VerifyCommitTrusting` 64 function to `VerifyCommitLightTrusting`. If you were relying on the light client, you may 65 need to update your code.** 66 67 ## v0.33.5 68 69 Special thanks to external contributors on this release: @tau3, 70 71 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 72 73 ### BREAKING CHANGES: 74 75 - Go API 76 77 - [privval] [\#4744](https://github.com/tendermint/tendermint/pull/4744) Remove deprecated `OldFilePV` (@melekes) 78 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Modify `Mempool#InitWAL` to return an error (@melekes) 79 - [node] [\#4832](https://github.com/tendermint/tendermint/pull/4832) `ConfigureRPC` returns an error (@melekes) 80 - [rpc] [\#4836](https://github.com/tendermint/tendermint/pull/4836) Overhaul `lib` folder (@melekes) 81 Move lib/ folder to jsonrpc/. 82 Rename: 83 rpc package -> jsonrpc package 84 rpcclient package -> client package 85 rpcserver package -> server package 86 JSONRPCClient to Client 87 JSONRPCRequestBatch to RequestBatch 88 JSONRPCCaller to Caller 89 StartHTTPServer to Serve 90 StartHTTPAndTLSServer to ServeTLS 91 NewURIClient to NewURI 92 NewJSONRPCClient to New 93 NewJSONRPCClientWithHTTPClient to NewWithHTTPClient 94 NewWSClient to NewWS 95 Unexpose ResponseWriterWrapper 96 Remove unused http_params.go 97 98 99 ### FEATURES: 100 101 - [pex] [\#4439](https://github.com/tendermint/tendermint/pull/4439) Use highwayhash for pex buckets (@tau3) 102 103 ### IMPROVEMENTS: 104 105 - [abci/server] [\#4719](https://github.com/tendermint/tendermint/pull/4719) Print panic & stack trace to STDERR if logger is not set (@melekes) 106 - [types] [\#4638](https://github.com/tendermint/tendermint/pull/4638) Implement `Header#ValidateBasic` (@alexanderbez) 107 - [buildsystem] [\#4378](https://github.com/tendermint/tendermint/pull/4738) Replace build_c and install_c with TENDERMINT_BUILD_OPTIONS parsing. The following options are available: 108 - nostrip: don't strip debugging symbols nor DWARF tables. 109 - cleveldb: use cleveldb as db backend instead of goleveldb. 110 - race: pass -race to go build and enable data race detection. 111 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Allow ReapX and CheckTx functions to run in parallel (@melekes) 112 - [rpc/core] [\#4844](https://github.com/tendermint/tendermint/pull/4844) Do not lock consensus state in `/validators`, `/consensus_params` and `/status` (@melekes) 113 114 ### BUG FIXES: 115 116 - [blockchain/v2] [\#4761](https://github.com/tendermint/tendermint/pull/4761) Fix excessive CPU usage caused by spinning on closed channels (@erikgrinaker) 117 - [blockchain/v2] Respect `fast_sync` option (@erikgrinaker) 118 - [light] [\#4741](https://github.com/tendermint/tendermint/pull/4741) Correctly return `ErrSignedHeaderNotFound` and `ErrValidatorSetNotFound` on corresponding RPC errors (@erikgrinaker) 119 - [rpc] [\#4805](https://github.com/tendermint/tendermint/issues/4805) Attempt to handle panics during panic recovery (@erikgrinaker) 120 - [types] [\#4764](https://github.com/tendermint/tendermint/pull/4764) Return an error if voting power overflows in `VerifyCommitTrusting` (@melekes) 121 - [privval] [\#4812](https://github.com/tendermint/tendermint/pull/4812) Retry `GetPubKey/SignVote/SignProposal` a few times before returning an error (@melekes) 122 - [p2p] [\#4847](https://github.com/tendermint/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 123 124 ## v0.33.4 125 126 - Nodes are no longer guaranteed to contain all blocks up to the latest height. The ABCI app can now control which blocks to retain through the ABCI field `ResponseCommit.retain_height`, all blocks and associated data below this height will be removed. 127 128 *April 21, 2020* 129 130 Special thanks to external contributors on this release: @whylee259, @greg-szabo 131 132 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 133 134 ### BREAKING CHANGES: 135 136 - Go API 137 138 - [lite2] [\#4616](https://github.com/tendermint/tendermint/pull/4616) Make `maxClockDrift` an option `Verify/VerifyAdjacent/VerifyNonAdjacent` now accept `maxClockDrift time.Duration` (@melekes). 139 - [rpc/client] [\#4628](https://github.com/tendermint/tendermint/pull/4628) Split out HTTP and local clients into `http` and `local` packages (@erikgrinaker). 140 141 ### FEATURES: 142 143 - [abci] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `ResponseCommit.retain_height` field, which will automatically remove blocks below this height. This bumps the ABCI version to 0.16.2 (@erikgrinaker). 144 - [cmd] [\#4665](https://github.com/tendermint/tendermint/pull/4665) New `tendermint completion` command to generate Bash/Zsh completion scripts (@alessio). 145 - [rpc] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `/status` response fields for the earliest block available on the node (@erikgrinaker). 146 - [rpc] [\#4611](https://github.com/tendermint/tendermint/pull/4611) Add `codespace` to `ResultBroadcastTx` (@whylee259). 147 148 ### IMPROVEMENTS: 149 150 - [all] [\#4608](https://github.com/tendermint/tendermint/pull/4608) Give reactors descriptive names when they're initialized (@tessr). 151 - [blockchain] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `Base` to blockchain reactor P2P messages `StatusRequest` and `StatusResponse` (@erikgrinaker). 152 - [Docker] [\#4569](https://github.com/tendermint/tendermint/issues/4569) Default configuration added to docker image (you can still mount your own config the same way) (@greg-szabo). 153 - [example/kvstore] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `RetainBlocks` option to control block retention (@erikgrinaker). 154 - [evidence] [\#4632](https://github.com/tendermint/tendermint/pull/4632) Inbound evidence checked if already existing (@cmwaters). 155 - [lite2] [\#4575](https://github.com/tendermint/tendermint/pull/4575) Use bisection for within-range verification (@cmwaters). 156 - [lite2] [\#4562](https://github.com/tendermint/tendermint/pull/4562) Cache headers when using bisection (@cmwaters). 157 - [p2p] [\#4548](https://github.com/tendermint/tendermint/pull/4548) Add ban list to address book (@cmwaters). 158 - [privval] [\#4534](https://github.com/tendermint/tendermint/issues/4534) Add `error` as a return value on`GetPubKey()` (@marbar3778). 159 - [p2p] [\#4621](https://github.com/tendermint/tendermint/issues/4621) Ban peers when messages are unsolicited or too frequent (@cmwaters). 160 - [rpc] [\#4703](https://github.com/tendermint/tendermint/pull/4703) Add `count` and `total` to `/validators` response (@melekes). 161 - [tools] [\#4615](https://github.com/tendermint/tendermint/issues/4615) Allow developers to use Docker to generate proto stubs, via `make proto-gen-docker` (@erikgrinaker). 162 163 ### BUG FIXES: 164 165 - [rpc] [\#4568](https://github.com/tendermint/tendermint/issues/4568) Fix panic when `Subscribe` is called, but HTTP client is not running. `Subscribe`, `Unsubscribe(All)` methods return an error now (@melekes). 166 167 ## v0.33.3 168 169 *April 6, 2020* 170 171 This security release fixes: 172 173 ### Denial of service 1 174 175 Tendermint 0.33.2 and earlier does not limit P2P connection requests number. 176 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 177 memory is garbage collected once the connection is terminated (due to duplicate 178 IP or reaching a maximum number of inbound peers), temporary memory spikes can 179 lead to OOM (Out-Of-Memory) exceptions. 180 181 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 182 connection requests to to `p2p.max_num_inbound_peers + 183 len(p2p.unconditional_peer_ids)`. 184 185 Notes: 186 187 - Tendermint does not rate limit P2P connection requests per IP (an attacker 188 can saturate all the inbound slots); 189 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 190 endpoints to the public, please make sure to put in place some protection 191 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 192 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 193 194 ### Denial of service 2 195 196 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 197 removed in `Mempool` reactor. This does not happen all the time. It only 198 happens when a connection fails (for any reason) before the Peer is created and 199 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 200 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 201 maximum size of 65535 and the node will panic if this map reaches the maximum. 202 An attacker can create a lot of connection attempts (exploiting Denial of 203 service 1), which ultimately will lead to the node panicking. 204 205 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 206 which is executed before `MConnection` is started. 207 208 Notes: 209 210 - `InitPeer` function was added to all reactors to combat a similar issue - 211 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 212 - Denial of service 2 is independent of Denial of service 1 and can be executed 213 without it. 214 215 **All clients are recommended to upgrade** 216 217 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 218 and reporting this. 219 220 Friendly reminder, we have a [bug bounty 221 program](https://hackerone.com/tendermint). 222 223 ### SECURITY: 224 225 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 226 - [p2p] Limit the number of incoming connections (@melekes) 227 228 ## v0.33.2 229 230 *March 11, 2020* 231 232 Special thanks to external contributors on this release: 233 @antho1404, @michaelfig, @gterzian, @tau3, @Shivani912 234 235 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 236 237 ### BREAKING CHANGES: 238 239 - CLI/RPC/Config 240 - [cli] [\#4505](https://github.com/tendermint/tendermint/pull/4505) `tendermint lite` sub-command new syntax (@melekes): 241 `lite cosmoshub-3 -p 52.57.29.196:26657 -w public-seed-node.cosmoshub.certus.one:26657 242 --height 962118 --hash 28B97BE9F6DE51AC69F70E0B7BFD7E5C9CD1A595B7DC31AFF27C50D4948` 243 244 - Go API 245 - [lite2] [\#4535](https://github.com/tendermint/tendermint/pull/4535) Remove `Start/Stop` (@melekes) 246 - [lite2] [\#4469](https://github.com/tendermint/tendermint/issues/4469) Remove `RemoveNoLongerTrustedHeaders` and `RemoveNoLongerTrustedHeadersPeriod` option (@cmwaters) 247 - [lite2] [\#4473](https://github.com/tendermint/tendermint/issues/4473) Return height as a 2nd param in `TrustedValidatorSet` (@melekes) 248 - [lite2] [\#4536](https://github.com/tendermint/tendermint/pull/4536) `Update` returns a signed header (1st param) (@melekes) 249 250 251 ### IMPROVEMENTS: 252 253 - [blockchain/v2] [\#4361](https://github.com/tendermint/tendermint/pull/4361) Add reactor (@brapse) 254 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) Change `tendermint debug dump` sub-command archives filename's format (@melekes) 255 - [consensus] [\#3583](https://github.com/tendermint/tendermint/issues/3583) Reduce `non-deterministic signature` log noise (@tau3) 256 - [examples/kvstore] [\#4507](https://github.com/tendermint/tendermint/issues/4507) ABCI query now returns the proper height (@erikgrinaker) 257 - [lite2] [\#4462](https://github.com/tendermint/tendermint/issues/4462) Add `NewHTTPClient` and `NewHTTPClientFromTrustedStore` (@cmwaters) 258 - [lite2] [\#4329](https://github.com/tendermint/tendermint/issues/4329) modified bisection to loop (@cmwaters) 259 - [lite2] [\#4385](https://github.com/tendermint/tendermint/issues/4385) Disconnect from bad nodes (@melekes) 260 - [lite2] [\#4398](https://github.com/tendermint/tendermint/issues/4398) Add `VerifyAdjacent` and `VerifyNonAdjacent` funcs (@cmwaters) 261 - [lite2] [\#4426](https://github.com/tendermint/tendermint/issues/4426) Don't save intermediate headers (@cmwaters) 262 - [lite2] [\#4464](https://github.com/tendermint/tendermint/issues/4464) Cross-check first header (@cmwaters) 263 - [lite2] [\#4470](https://github.com/tendermint/tendermint/issues/4470) Fix inconsistent header-validatorset pairing (@melekes) 264 - [lite2] [\#4488](https://github.com/tendermint/tendermint/issues/4488) Allow local clock drift -10 sec. (@melekes) 265 - [p2p] [\#4449](https://github.com/tendermint/tendermint/pull/4449) Use `curve25519.X25519()` instead of `ScalarMult` (@erikgrinaker) 266 - [types] [\#4417](https://github.com/tendermint/tendermint/issues/4417) **VerifyCommitX() functions should return as soon as +2/3 threshold is reached** (@alessio). 267 - [libs/kv] [\#4542](https://github.com/tendermint/tendermint/pull/4542) remove unused type KI64Pair (@tessr) 268 269 ### BUG FIXES: 270 271 - [cmd] [\#4303](https://github.com/tendermint/tendermint/issues/4303) Show useful error when Tendermint is not initialized (@melekes) 272 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) **Fix `tendermint debug kill` sub-command** (@melekes) 273 - [rpc] [\#3935](https://github.com/tendermint/tendermint/issues/3935) **Create buffered subscriptions on `/subscribe`** (@melekes) 274 - [rpc] [\#4375](https://github.com/tendermint/tendermint/issues/4375) Stop searching for txs in `/tx_search` upon client timeout (@gterzian) 275 - [rpc] [\#4406](https://github.com/tendermint/tendermint/pull/4406) Fix issue with multiple subscriptions on the websocket (@antho1404) 276 - [rpc] [\#4432](https://github.com/tendermint/tendermint/issues/4432) Fix `/tx_search` pagination with ordered results (@erikgrinaker) 277 - [rpc] [\#4492](https://github.com/tendermint/tendermint/issues/4492) Keep the original subscription "id" field when new RPCs come in (@michaelfig) 278 279 280 ## v0.33.1 281 282 *Feburary 13, 2020* 283 284 Special thanks to external contributors on this release: 285 @princesinha19 286 287 Friendly reminder, we have a [bug bounty 288 program](https://hackerone.com/tendermint). 289 290 ### FEATURES: 291 292 - [rpc] [\#3333](https://github.com/tendermint/tendermint/issues/3333) Add `order_by` to `/tx_search` endpoint, allowing to change default ordering from asc to desc (@princesinha19) 293 294 ### IMPROVEMENTS: 295 296 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add [buf](https://buf.build/) for usage with linting and checking if there are breaking changes with the master branch. 297 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add `make proto-gen` cmd to generate proto stubs outside of GOPATH. 298 299 ### BUG FIXES: 300 301 - [node] [\#4311](https://github.com/tendermint/tendermint/issues/4311) Use `GRPCMaxOpenConnections` when creating the gRPC server, not `MaxOpenConnections` 302 - [rpc] [\#4319](https://github.com/tendermint/tendermint/issues/4319) Check `BlockMeta` is not nil in `/block` & `/block_by_hash` 303 304 ## v0.33 305 306 Special thanks to external contributors on this release: @mrekucci, @PSalant726, @princesinha19, @greg-szabo, @dongsam, @cuonglm, @jgimeno, @yenkhoon 307 308 Friendly reminder, we have a [bug bounty 309 program.](https://hackerone.com/tendermint). 310 311 *January 14, 2020* 312 313 This release contains breaking changes to the `Block#Header`, specifically 314 `NumTxs` and `TotalTxs` were removed (\#2521). Here's how this change affects 315 different modules: 316 317 - apps: it breaks the ABCI header field numbering 318 - state: it breaks the format of `State` on disk 319 - RPC: all RPC requests which expose the header broke 320 - Go API: the `Header` broke 321 - P2P: since blocks go over the wire, technically the P2P protocol broke 322 323 Also, blocks are significantly smaller 🔥 because we got rid of the redundant 324 information in `Block#LastCommit`. `Commit` now mainly consists of a signature 325 and a validator address plus a timestamp. Note we may remove the validator 326 address & timestamp fields in the future (see ADR-25). 327 328 `lite2` package has been added to solve `lite` issues and introduce weak 329 subjectivity interface. Refer to the [spec](https://github.com/tendermint/spec/blob/master/spec/consensus/light-client.md) for complete details. 330 `lite` package is now deprecated and will be removed in v0.34 release. 331 332 ### BREAKING CHANGES: 333 334 - CLI/RPC/Config 335 336 - [rpc] [\#3471](https://github.com/tendermint/tendermint/issues/3471) Paginate `/validators` response (default: 30 vals per page) 337 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Remove `BlockMeta` in `ResultBlock` in favor of `BlockId` for `/block` 338 - [rpc] `/block_results` response format updated (see RPC docs for details) 339 ``` 340 { 341 "jsonrpc": "2.0", 342 "id": "", 343 "result": { 344 "height": "2109", 345 "txs_results": null, 346 "begin_block_events": null, 347 "end_block_events": null, 348 "validator_updates": null, 349 "consensus_param_updates": null 350 } 351 } 352 ``` 353 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Remove `#event` suffix from the ID in event responses. 354 `{"jsonrpc": "2.0", "id": 0, "result": ...}` 355 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Switch to integer IDs instead of `json-client-XYZ` 356 ``` 357 id=0 method=/subscribe 358 id=0 result=... 359 id=1 method=/abci_query 360 id=1 result=... 361 ``` 362 - ID is unique for each request; 363 - Request.ID is now optional. Notification is a Request without an ID. Previously ID="" or ID=0 were considered as notifications. 364 365 - [config] [\#4046](https://github.com/tendermint/tendermint/issues/4046) Rename tag(s) to CompositeKey & places where tag is still present it was renamed to event or events. Find how a compositeKey is constructed [here](https://github.com/tendermint/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md) 366 - You will have to generate a new config for your Tendermint node(s) 367 - [genesis] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Add `consensus_params.evidence.max_age_duration`. Rename 368 `consensus_params.evidence.max_age` to `max_age_num_blocks`. 369 - [cli] [\#1771](https://github.com/tendermint/tendermint/issues/1771) `tendermint lite` now uses new light client package (`lite2`) 370 and has 3 more flags: `--trusting-period`, `--trusted-height` and 371 `--trusted-hash` 372 373 - Apps 374 375 - [tm-bench] Removed tm-bench in favor of [tm-load-test](https://github.com/informalsystems/tm-load-test) 376 377 - Go API 378 379 - [rpc] [\#3953](https://github.com/tendermint/tendermint/issues/3953) Modify NewHTTP, NewXXXClient functions to return an error on invalid remote instead of panicking (@mrekucci) 380 - [rpc/client] [\#3471](https://github.com/tendermint/tendermint/issues/3471) `Validators` now requires two more args: `page` and `perPage` 381 - [libs/common] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Make error the last parameter of `Task` (@PSalant726) 382 - [cs/types] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Rename `GotVoteFromUnwantedRoundError` to `ErrGotVoteFromUnwantedRound` (@PSalant726) 383 - [libs/common] [\#3862](https://github.com/tendermint/tendermint/issues/3862) Remove `errors.go` from `libs/common` 384 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Move `KV` out of common to its own pkg 385 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Rename `cmn.KVPair(s)` to `kv.Pair(s)`s 386 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `Service` & `BaseService` from `libs/common` to `libs/service` 387 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `common/nil.go` to `types/utils.go` & make the functions private 388 - [libs/common] [\#4231](https://github.com/tendermint/tendermint/issues/4231) Move random functions from `libs/common` into pkg `rand` 389 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move byte functions from `libs/common` into pkg `bytes` 390 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move throttletimer functions from `libs/common` into pkg `timer` 391 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move tempfile functions from `libs/common` into pkg `tempfile` 392 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move os functions from `libs/common` into pkg `os` 393 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move net functions from `libs/common` into pkg `net` 394 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move mathematical functions and types out of `libs/common` to `math` pkg 395 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move string functions out of `libs/common` to `strings` pkg 396 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move async functions out of `libs/common` to `async` pkg 397 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move bit functions out of `libs/common` to `bits` pkg 398 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move cmap functions out of `libs/common` to `cmap` pkg 399 - [libs/common] [\#4258](https://github.com/tendermint/tendermint/issues/4258) Remove `Rand` from all `rand` pkg functions 400 - [types] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Remove `MockBadEvidence` & `MockGoodEvidence` in favor of `MockEvidence` 401 402 - Blockchain Protocol 403 404 - [abci] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Remove `TotalTxs` and `NumTxs` from `Header` 405 - [types] [\#4151](https://github.com/tendermint/tendermint/pull/4151) Enforce ordering of votes in DuplicateVoteEvidence to be lexicographically sorted on BlockID 406 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) Change `Commit` to consist of just signatures 407 408 - P2P Protocol 409 410 - [p2p] [\#3668](https://github.com/tendermint/tendermint/pull/3668) Make `SecretConnection` non-malleable 411 412 - [proto] [\#3986](https://github.com/tendermint/tendermint/pull/3986) Prefix protobuf types to avoid name conflicts. 413 - ABCI becomes `tendermint.abci.types` with the new API endpoint `/tendermint.abci.types.ABCIApplication/` 414 - core_grpc becomes `tendermint.rpc.grpc` with the new API endpoint `/tendermint.rpc.grpc.BroadcastAPI/` 415 - merkle becomes `tendermint.crypto.merkle` 416 - libs.common becomes `tendermint.libs.common` 417 - proto3 becomes `tendermint.types.proto3` 418 419 ### FEATURES: 420 421 - [p2p] [\#4053](https://github.com/tendermint/tendermint/issues/4053) Add `unconditional_peer_ids` and `persistent_peers_max_dial_period` config variables (see ADR-050) (@dongsam) 422 - [tools] [\#4227](https://github.com/tendermint/tendermint/pull/4227) Implement `tendermint debug kill` and 423 `tendermint debug dump` commands for Tendermint node debugging functionality. See `--help` in both 424 commands for further documentation and usage. 425 - [cli] [\#4234](https://github.com/tendermint/tendermint/issues/4234) Add `--db_backend and --db_dir` flags (@princesinha19) 426 - [cli] [\#4113](https://github.com/tendermint/tendermint/issues/4113) Add optional `--genesis_hash` flag to check genesis hash upon startup 427 - [config] [\#3831](https://github.com/tendermint/tendermint/issues/3831) Add support for [RocksDB](https://rocksdb.org/) (@Stumble) 428 - [rpc] [\#3985](https://github.com/tendermint/tendermint/issues/3985) Add new `/block_by_hash` endpoint, which allows to fetch a block by its hash (@princesinha19) 429 - [metrics] [\#4263](https://github.com/tendermint/tendermint/issues/4263) Add 430 - `consensus_validator_power`: track your validators power 431 - `consensus_validator_last_signed_height`: track at which height the validator last signed 432 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 433 as gauges in prometheus for validator specific metrics 434 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 435 - [lite2] [\#1771](https://github.com/tendermint/tendermint/issues/1771) Light client with weak subjectivity 436 437 ### IMPROVEMENTS: 438 439 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Added `block_size` to `BlockMeta` this is reflected in `/blockchain` 440 - [types] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Add `NumTxs` to `BlockMeta` and `EventDataNewBlockHeader` 441 - [p2p] [\#4185](https://github.com/tendermint/tendermint/pull/4185) Simplify `SecretConnection` handshake with merlin 442 - [cli] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Add `--consensus.create_empty_blocks_interval` flag (@jgimeno) 443 - [docs] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Document `--consensus.create_empty_blocks_interval` flag (@jgimeno) 444 - [crypto] [\#4190](https://github.com/tendermint/tendermint/pull/4190) Added SR25519 signature scheme 445 - [abci] [\#4177] kvstore: Return `LastBlockHeight` and `LastBlockAppHash` in `Info` (@princesinha19) 446 - [rpc] [\#2741](https://github.com/tendermint/tendermint/issues/2741) Add `proposer` to `/consensus_state` response (@princesinha19) 447 - [deps] [\#4289](https://github.com/tendermint/tendermint/pull/4289) Update tm-db to 0.4.0, this includes major breaking changes in the dep that change how errors are handled. 448 449 ### BUG FIXES: 450 451 - [rpc/lib][\#4051](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 452 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) JSONRPCClient: validate that Response.ID matches Request.ID 453 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) WSClient: check for unsolicited responses 454 - [types] [\4164](https://github.com/tendermint/tendermint/pull/4164) Prevent temporary power overflows on validator updates 455 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 456 - [types] [\#4164](https://github.com/tendermint/tendermint/issues/4164) Prevent temporary power overflows on validator updates (joint 457 efforts of @gchaincl and @ancazamfir) 458 - [p2p] [\#4140](https://github.com/tendermint/tendermint/issues/4140) `SecretConnection`: use the transcript solely for authentication (i.e. MAC) 459 - [consensus/types] [\#4243](https://github.com/tendermint/tendermint/issues/4243) fix BenchmarkRoundStateDeepCopy panics (@cuonglm) 460 - [rpc] [\#4256](https://github.com/tendermint/tendermint/issues/4256) Pass `outCapacity` to `eventBus#Subscribe` when subscribing using a local client 461 462 ## v0.32.12 463 464 *May 19, 2020* 465 466 ### BUG FIXES 467 468 - [p2p] [\#4847](https://github.com/tendermint/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 469 470 ## v0.32.11 471 472 ### BUG FIXES: 473 474 - [privval] [\#4275](https://github.com/tendermint/tendermint/issues/4275) Fix consensus failure when remote signer drops (@melekes) 475 476 ## v0.32.10 477 478 *April 6, 2020* 479 480 This security release fixes: 481 482 ### Denial of Service 1 483 484 Tendermint 0.33.2 and earlier does not limit the number of P2P connection 485 requests. For each p2p connection, Tendermint allocates ~0.5MB. Even though 486 this memory is garbage collected once the connection is terminated (due to 487 duplicate IP or reaching a maximum number of inbound peers), temporary memory 488 spikes can lead to OOM (Out-Of-Memory) exceptions. 489 490 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 491 connection requests to to `p2p.max_num_inbound_peers + 492 len(p2p.unconditional_peer_ids)`. 493 494 Notes: 495 496 - Tendermint does not rate limit P2P connection requests per IP (an attacker 497 can saturate all the inbound slots); 498 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 499 endpoints to the public, please make sure to put in place some protection 500 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 501 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 502 503 ### Denial of Service 2 504 505 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 506 removed in `Mempool` reactor. This does not happen all the time. It only 507 happens when a connection fails (for any reason) before the Peer is created and 508 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 509 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 510 maximum size of 65535 and the node will panic if this map reaches the maximum. 511 An attacker can create a lot of connection attempts (exploiting Denial of 512 Service 1), which ultimately will lead to the node panicking. 513 514 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 515 which is executed before `MConnection` is started. 516 517 Notes: 518 519 - `InitPeer` function was added to all reactors to combat a similar issue - 520 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 521 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 522 without it. 523 524 **All clients are recommended to upgrade** 525 526 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 527 and reporting this. 528 529 Friendly reminder, we have a [bug bounty 530 program](https://hackerone.com/tendermint). 531 532 ### SECURITY: 533 534 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 535 - [p2p] Limit the number of incoming connections (@melekes) 536 537 ## v0.32.9 538 539 _January, 9, 2020_ 540 541 Special thanks to external contributors on this release: @greg-szabo, @gregzaitsev, @yenkhoon 542 543 Friendly reminder, we have a [bug bounty 544 program](https://hackerone.com/tendermint). 545 546 ### FEATURES: 547 548 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 549 550 - [metrics] [\#4294](https://github.com/tendermint/tendermint/pull/4294) Add 551 - `consensus_validator_power`: track your validators power 552 - `consensus_validator_last_signed_height`: track at which height the validator last signed 553 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 554 as gauges in prometheus for validator specific metrics 555 556 ### BUG FIXES: 557 558 - [rpc/lib] [\#4131](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 559 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 560 561 ## v0.32.8 562 563 *November 19, 2019* 564 565 Special thanks to external contributors on this release: @erikgrinaker, @guagualvcha, @hsyis, @cosmostuba, @whunmr, @austinabell 566 567 Friendly reminder, we have a [bug bounty 568 program.](https://hackerone.com/tendermint). 569 570 571 ### BREAKING CHANGES: 572 573 - Go API 574 575 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) `Query#(Matches|Conditions)` returns an error. 576 577 ### IMPROVEMENTS: 578 579 - [mempool] [\#4083](https://github.com/tendermint/tendermint/pull/4083) Added TxInfo parameter to CheckTx(), and removed CheckTxWithInfo() (@erikgrinaker) 580 - [mempool] [\#4057](https://github.com/tendermint/tendermint/issues/4057) Include peer ID when logging rejected txns (@erikgrinaker) 581 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker) 582 - [p2p] [\#3991](https://github.com/tendermint/tendermint/issues/3991) Log "has been established or dialed" as debug log instead of Error for connected peers (@whunmr) 583 - [rpc] [\#4077](https://github.com/tendermint/tendermint/pull/4077) Added support for `EXISTS` clause to the Websocket query interface. 584 - [privval] Add `SignerDialerEndpointRetryWaitInterval` option (@cosmostuba) 585 - [crypto] Add `RegisterKeyType` to amino to allow external key types registration (@austinabell) 586 587 ### BUG FIXES: 588 589 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) Strip out non-numeric characters when attempting to match numeric values. 590 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) No longer panic in Query#(Matches|Conditions) preferring to return an error instead. 591 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker) 592 - [state] [\#4104](https://github.com/tendermint/tendermint/pull/4104) txindex/kv: Fsync data to disk immediately after receiving it (@guagualvcha) 593 - [state] [\#4095](https://github.com/tendermint/tendermint/pull/4095) txindex/kv: Return an error if there's one when the user searches for a tx (hash=X) (@hsyis) 594 595 ## v0.32.7 596 597 *October 18, 2019* 598 599 This security release fixes a vulnerability found in the `consensus` package, 600 where an attacker could construct a `BlockPartMessage` message in such a way 601 that it will lead to consensus failure. A few similar issues have been 602 identified and fixed here. 603 604 **All clients are recommended to upgrade** 605 606 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 607 and reporting this. 608 609 Friendly reminder, we have a [bug bounty 610 program](https://hackerone.com/tendermint). 611 612 ### BREAKING CHANGES: 613 614 - Go API 615 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 616 they fail to write a message 617 618 ### SECURITY: 619 620 - [consensus] Validate incoming messages more throughly 621 622 ## v0.32.6 623 624 *October 8, 2019* 625 626 The previous patch was insufficient because the attacker could still find a way 627 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 628 with `nil` subpubkeys for example. 629 630 This release provides multiple fixes, which include recovering from panics when 631 accepting new peers and only allowing `ed25519` pubkeys. 632 633 **All clients are recommended to upgrade** 634 635 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 636 this out. 637 638 Friendly reminder, we have a [bug bounty 639 program](https://hackerone.com/tendermint). 640 641 ### SECURITY: 642 643 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 644 645 ## v0.32.5 646 647 *October 1, 2019* 648 649 This release fixes a major security vulnerability found in the `p2p` package. 650 All clients are recommended to upgrade. See 651 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 652 653 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 654 and reporting this issue. 655 656 Friendly reminder, we have a [bug bounty 657 program](https://hackerone.com/tendermint). 658 659 ### SECURITY: 660 661 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 662 663 ## v0.32.4 664 665 *September 19, 2019* 666 667 Special thanks to external contributors on this release: @jon-certik, @gracenoah, @PSalant726, @gchaincl 668 669 Friendly reminder, we have a [bug bounty 670 program](https://hackerone.com/tendermint). 671 672 ### BREAKING CHANGES: 673 674 - CLI/RPC/Config 675 - [rpc] [\#3984](https://github.com/tendermint/tendermint/issues/3984) Add `MempoolClient` interface to `Client` interface 676 677 ### IMPROVEMENTS: 678 679 - [rpc] [\#2010](https://github.com/tendermint/tendermint/issues/2010) Add NewHTTPWithClient and NewJSONRPCClientWithHTTPClient (note these and NewHTTP, NewJSONRPCClient functions panic if remote is invalid) (@gracenoah) 680 - [rpc] [\#3882](https://github.com/tendermint/tendermint/issues/3882) Add custom marshalers to proto messages to disable `omitempty` 681 - [deps] [\#3952](https://github.com/tendermint/tendermint/pull/3952) bump github.com/go-kit/kit from 0.6.0 to 0.9.0 682 - [deps] [\#3951](https://github.com/tendermint/tendermint/pull/3951) bump github.com/stretchr/testify from 1.3.0 to 1.4.0 683 - [deps] [\#3945](https://github.com/tendermint/tendermint/pull/3945) bump github.com/gorilla/websocket from 1.2.0 to 1.4.1 684 - [deps] [\#3948](https://github.com/tendermint/tendermint/pull/3948) bump github.com/libp2p/go-buffer-pool from 0.0.1 to 0.0.2 685 - [deps] [\#3943](https://github.com/tendermint/tendermint/pull/3943) bump github.com/fortytw2/leaktest from 1.2.0 to 1.3.0 686 - [deps] [\#3939](https://github.com/tendermint/tendermint/pull/3939) bump github.com/rs/cors from 1.6.0 to 1.7.0 687 - [deps] [\#3937](https://github.com/tendermint/tendermint/pull/3937) bump github.com/magiconair/properties from 1.8.0 to 1.8.1 688 - [deps] [\#3947](https://github.com/tendermint/tendermint/pull/3947) update gogo/protobuf version from v1.2.1 to v1.3.0 689 - [deps] [\#4001](https://github.com/tendermint/tendermint/pull/4001) bump github.com/tendermint/tm-db from 0.1.1 to 0.2.0 690 691 ### BUG FIXES: 692 693 - [consensus] [\#3908](https://github.com/tendermint/tendermint/issues/3908) Wait `timeout_commit` to pass even if `create_empty_blocks` is `false` 694 - [mempool] [\#3968](https://github.com/tendermint/tendermint/issues/3968) Fix memory loading error on 32-bit machines (@jon-certik) 695 696 ## v0.32.3 697 698 *August 28, 2019* 699 700 @climber73 wrote the [Writing a Tendermint Core application in Java 701 (gRPC)](https://github.com/tendermint/tendermint/blob/master/docs/guides/java.md) 702 guide. 703 704 Special thanks to external contributors on this release: 705 @gchaincl, @bluele, @climber73 706 707 Friendly reminder, we have a [bug bounty 708 program](https://hackerone.com/tendermint). 709 710 ### IMPROVEMENTS: 711 712 - [consensus] [\#3839](https://github.com/tendermint/tendermint/issues/3839) Reduce "Error attempting to add vote" message severity (Error -> Info) 713 - [mempool] [\#3877](https://github.com/tendermint/tendermint/pull/3877) Make `max_tx_bytes` configurable instead of `max_msg_bytes` (@bluele) 714 - [privval] [\#3370](https://github.com/tendermint/tendermint/issues/3370) Refactor and simplify validator/kms connection handling. Please refer to [this comment](https://github.com/tendermint/tendermint/pull/3370#issue-257360971) for details 715 - [rpc] [\#3880](https://github.com/tendermint/tendermint/issues/3880) Document endpoints with `swagger`, introduce contract tests of implementation against documentation 716 717 ### BUG FIXES: 718 719 - [config] [\#3868](https://github.com/tendermint/tendermint/issues/3868) Move misplaced `max_msg_bytes` into mempool section (@bluele) 720 - [rpc] [\#3910](https://github.com/tendermint/tendermint/pull/3910) Fix DATA RACE in HTTP client (@gchaincl) 721 - [store] [\#3893](https://github.com/tendermint/tendermint/issues/3893) Fix "Unregistered interface types.Evidence" panic 722 723 ## v0.32.2 724 725 *July 31, 2019* 726 727 Special thanks to external contributors on this release: 728 @ruseinov, @bluele, @guagualvcha 729 730 Friendly reminder, we have a [bug bounty 731 program](https://hackerone.com/tendermint). 732 733 ### BREAKING CHANGES: 734 735 - Go API 736 - [libs] [\#3811](https://github.com/tendermint/tendermint/issues/3811) Remove `db` from libs in favor of `https://github.com/tendermint/tm-db` 737 738 ### FEATURES: 739 740 - [blockchain] [\#3561](https://github.com/tendermint/tendermint/issues/3561) Add early version of the new blockchain reactor, which is supposed to be more modular and testable compared to the old version. To try it, you'll have to change `version` in the config file, [here](https://github.com/tendermint/tendermint/blob/master/config/toml.go#L303) NOTE: It's not ready for a production yet. For further information, see [ADR-40](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-040-blockchain-reactor-refactor.md) & [ADR-43](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-043-blockchain-riri-org.md) 741 - [mempool] [\#3826](https://github.com/tendermint/tendermint/issues/3826) Make `max_msg_bytes` configurable(@bluele) 742 - [node] [\#3846](https://github.com/tendermint/tendermint/pull/3846) Allow replacing existing p2p.Reactor(s) using [`CustomReactors` 743 option](https://godoc.org/github.com/tendermint/tendermint/node#CustomReactors). 744 Warning: beware of accidental name clashes. Here is the list of existing 745 reactors: MEMPOOL, BLOCKCHAIN, CONSENSUS, EVIDENCE, PEX. 746 - [rpc] [\#3818](https://github.com/tendermint/tendermint/issues/3818) Make `max_body_bytes` and `max_header_bytes` configurable(@bluele) 747 - [rpc] [\#2252](https://github.com/tendermint/tendermint/issues/2252) Add `/broadcast_evidence` endpoint to submit double signing and other types of evidence 748 749 ### IMPROVEMENTS: 750 751 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 752 - [p2p] [\#3664](https://github.com/tendermint/tendermint/issues/3664) p2p/conn: reuse buffer when write/read from secret connection(@guagualvcha) 753 - [p2p] [\#3834](https://github.com/tendermint/tendermint/issues/3834) Do not write 'Couldn't connect to any seeds' error log if there are no seeds in config file 754 - [rpc] [\#3076](https://github.com/tendermint/tendermint/issues/3076) Improve transaction search performance 755 756 ### BUG FIXES: 757 758 - [p2p] [\#3644](https://github.com/tendermint/tendermint/issues/3644) Fix error logging for connection stop (@defunctzombie) 759 - [rpc] [\#3813](https://github.com/tendermint/tendermint/issues/3813) Return err if page is incorrect (less than 0 or greater than total pages) 760 761 ## v0.32.1 762 763 *July 15, 2019* 764 765 Special thanks to external contributors on this release: 766 @ParthDesai, @climber73, @jim380, @ashleyvega 767 768 This release contains a minor enhancement to the ABCI and some breaking changes to our libs folder, namely: 769 - CheckTx requests include a `CheckTxType` enum that can be set to `Recheck` to indicate to the application that this transaction was already checked/validated and certain expensive operations (like checking signatures) can be skipped 770 - Removed various functions from `libs` pkgs 771 772 Friendly reminder, we have a [bug bounty 773 program](https://hackerone.com/tendermint). 774 775 ### BREAKING CHANGES: 776 777 - Go API 778 779 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127) The CheckTx and DeliverTx methods in the ABCI `Application` interface now take structs as arguments (RequestCheckTx and RequestDeliverTx, respectively), instead of just the raw tx bytes. This allows more information to be passed to these methods, for instance, indicating whether a tx has already been checked. 780 - [libs] Remove unused `db/debugDB` and `common/colors.go` & `errors/errors.go` files (@marbar3778) 781 - [libs] [\#2432](https://github.com/tendermint/tendermint/issues/2432) Remove unused `common/heap.go` file (@marbar3778) 782 - [libs] Remove unused `date.go`, `io.go`. Remove `GoPath()`, `Prompt()` and `IsDirEmpty()` functions from `os.go` (@marbar3778) 783 - [libs] Remove unused `FailRand()` func and minor clean up to `fail.go`(@marbar3778) 784 785 ### FEATURES: 786 787 - [node] Add variadic argument to `NewNode` to support functional options, allowing the Node to be more easily customized. 788 - [node][\#3730](https://github.com/tendermint/tendermint/pull/3730) Add `CustomReactors` option to `NewNode` allowing caller to pass 789 custom reactors to run inside Tendermint node (@ParthDesai) 790 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127)RequestCheckTx has a new field, `CheckTxType`, which can take values of `CheckTxType_New` and `CheckTxType_Recheck`, indicating whether this is a new tx being checked for the first time or whether this tx is being rechecked after a block commit. This allows applications to skip certain expensive operations, like signature checking, if they've already been done once. see [docs](https://github.com/tendermint/tendermint/blob/eddb433d7c082efbeaf8974413a36641519ee895/docs/spec/abci/apps.md#mempool-connection) 791 792 ### IMPROVEMENTS: 793 794 - [rpc] [\#3700](https://github.com/tendermint/tendermint/issues/3700) Make possible to set absolute paths for TLS cert and key (@climber73) 795 - [abci] [\#3513](https://github.com/tendermint/tendermint/issues/3513) Call the reqRes callback after the resCb so they always happen in the same order 796 797 ### BUG FIXES: 798 799 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 800 ensurePeers outside of ensurePeersRoutine 801 - [behaviour] [\3772](https://github.com/tendermint/tendermint/pull/3772) Return correct reason in MessageOutOfOrder (@jim380) 802 - [config] [\#3723](https://github.com/tendermint/tendermint/issues/3723) Add consensus_params to testnet config generation; document time_iota_ms (@ashleyvega) 803 804 805 ## v0.32.0 806 807 *June 25, 2019* 808 809 Special thanks to external contributors on this release: 810 @needkane, @SebastianElvis, @andynog, @Yawning, @wooparadog 811 812 This release contains breaking changes to our build and release processes, ABCI, 813 and the RPC, namely: 814 - Use Go modules instead of dep 815 - Bring active development to the `master` Github branch 816 - ABCI Tags are now Events - see 817 [docs](https://github.com/tendermint/tendermint/blob/60827f75623b92eff132dc0eff5b49d2025c591e/docs/spec/abci/abci.md#events) 818 - Bind RPC to localhost by default, not to the public interface [UPGRADING/RPC_Changes](./UPGRADING.md#rpc_changes) 819 820 Friendly reminder, we have a [bug bounty 821 program](https://hackerone.com/tendermint). 822 823 ### BREAKING CHANGES: 824 825 * CLI/RPC/Config 826 - [cli] [\#3613](https://github.com/tendermint/tendermint/issues/3613) Switch from golang/dep to Go Modules to resolve dependencies: 827 It is recommended to switch to Go Modules if your project has tendermint as 828 a dependency. Read more on Modules here: 829 https://github.com/golang/go/wiki/Modules 830 - [config] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed `leveldb` as generic 831 option for `db_backend`. Must be `goleveldb` or `cleveldb`. 832 - [rpc] [\#3616](https://github.com/tendermint/tendermint/issues/3616) Fix field names for `/block_results` response (eg. `results.DeliverTx` 833 -> `results.deliver_tx`). See docs for details. 834 - [rpc] [\#3724](https://github.com/tendermint/tendermint/issues/3724) RPC now binds to `127.0.0.1` by default instead of `0.0.0.0` 835 836 * Apps 837 - [abci] [\#1859](https://github.com/tendermint/tendermint/issues/1859) `ResponseCheckTx`, `ResponseDeliverTx`, `ResponseBeginBlock`, 838 and `ResponseEndBlock` now include `Events` instead of `Tags`. Each `Event` 839 contains a `type` and a list of `attributes` (list of key-value pairs) 840 allowing for inclusion of multiple distinct events in each response. 841 842 * Go API 843 - [abci] [\#3193](https://github.com/tendermint/tendermint/issues/3193) Use RequestDeliverTx and RequestCheckTx in the ABCI 844 Application interface 845 - [libs/db] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed deprecated `LevelDBBackend` const 846 If you have `db_backend` set to `leveldb` in your config file, please 847 change it to `goleveldb` or `cleveldb`. 848 - [p2p] [\#3521](https://github.com/tendermint/tendermint/issues/3521) Remove NewNetAddressStringWithOptionalID 849 850 * Blockchain Protocol 851 852 * P2P Protocol 853 854 ### FEATURES: 855 856 ### IMPROVEMENTS: 857 - [abci/examples] [\#3659](https://github.com/tendermint/tendermint/issues/3659) Change validator update tx format in the `persistent_kvstore` to use base64 for pubkeys instead of hex (@needkane) 858 - [consensus] [\#3656](https://github.com/tendermint/tendermint/issues/3656) Exit if SwitchToConsensus fails 859 - [p2p] [\#3666](https://github.com/tendermint/tendermint/issues/3666) Add per channel telemetry to improve reactor observability 860 - [rpc] [\#3686](https://github.com/tendermint/tendermint/pull/3686) `HTTPClient#Call` returns wrapped errors, so a caller could use `errors.Cause` to retrieve an error code. (@wooparadog) 861 862 ### BUG FIXES: 863 - [libs/db] [\#3717](https://github.com/tendermint/tendermint/issues/3717) Fixed the BoltDB backend's Batch.Delete implementation (@Yawning) 864 - [libs/db] [\#3718](https://github.com/tendermint/tendermint/issues/3718) Fixed the BoltDB backend's Get and Iterator implementation (@Yawning) 865 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 866 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 867 868 *Tendermint 0.31 release series has reached End-Of-Life and is no longer supported.* 869 870 ## v0.31.12 871 872 *April 6, 2020* 873 874 This security release fixes: 875 876 ### Denial of Service 1 877 878 Tendermint 0.33.2 and earlier does not limit the number of P2P connection requests. 879 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 880 memory is garbage collected once the connection is terminated (due to duplicate 881 IP or reaching a maximum number of inbound peers), temporary memory spikes can 882 lead to OOM (Out-Of-Memory) exceptions. 883 884 Tendermint 0.33.3, 0.32.10, and 0.31.12 limit the total number of P2P incoming 885 connection requests to to `p2p.max_num_inbound_peers + 886 len(p2p.unconditional_peer_ids)`. 887 888 Notes: 889 890 - Tendermint does not rate limit P2P connection requests per IP (an attacker 891 can saturate all the inbound slots); 892 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 893 endpoints to the public, please make sure to put in place some protection 894 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 895 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 896 897 ### Denial of Service 2 898 899 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 900 removed in `Mempool` reactor. This does not happen all the time. It only 901 happens when a connection fails (for any reason) before the Peer is created and 902 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 903 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 904 maximum size of 65535 and the node will panic if this map reaches the maximum. 905 An attacker can create a lot of connection attempts (exploiting Denial of 906 Service 1), which ultimately will lead to the node panicking. 907 908 Tendermint 0.33.3, 0.32.10, and 0.31.12 claim `activeID` for a peer in `InitPeer`, 909 which is executed before `MConnection` is started. 910 911 Notes: 912 913 - `InitPeer` function was added to all reactors to combat a similar issue - 914 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 915 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 916 without it. 917 918 **All clients are recommended to upgrade** 919 920 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 921 and reporting this. 922 923 Friendly reminder, we have a [bug bounty 924 program](https://hackerone.com/tendermint). 925 926 ### SECURITY: 927 928 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 929 - [p2p] Limit the number of incoming connections (@melekes) 930 931 ## v0.31.11 932 933 *October 18, 2019* 934 935 This security release fixes a vulnerability found in the `consensus` package, 936 where an attacker could construct a `BlockPartMessage` message in such a way 937 that it will lead to consensus failure. A few similar issues have been 938 identified and fixed here. 939 940 **All clients are recommended to upgrade** 941 942 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 943 and reporting this. 944 945 Friendly reminder, we have a [bug bounty 946 program](https://hackerone.com/tendermint). 947 948 ### BREAKING CHANGES: 949 950 - Go API 951 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 952 they fail to write a message 953 954 ### SECURITY: 955 956 - [consensus] Validate incoming messages more throughly 957 958 ## v0.31.10 959 960 *October 8, 2019* 961 962 The previous patch was insufficient because the attacker could still find a way 963 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 964 with `nil` subpubkeys for example. 965 966 This release provides multiple fixes, which include recovering from panics when 967 accepting new peers and only allowing `ed25519` pubkeys. 968 969 **All clients are recommended to upgrade** 970 971 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 972 this out. 973 974 Friendly reminder, we have a [bug bounty 975 program](https://hackerone.com/tendermint). 976 977 ### SECURITY: 978 979 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 980 981 ## v0.31.9 982 983 *October 1, 2019* 984 985 This release fixes a major security vulnerability found in the `p2p` package. 986 All clients are recommended to upgrade. See 987 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 988 989 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 990 and reporting this issue. 991 992 Friendly reminder, we have a [bug bounty 993 program](https://hackerone.com/tendermint). 994 995 ### SECURITY: 996 997 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 998 999 ### BUG FIXES: 1000 1001 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 1002 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 1003 1004 ## v0.31.8 1005 1006 *July 29, 2019* 1007 1008 This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's 1009 ABCI server, which allows it to properly cleanup. 1010 1011 ### IMPROVEMENTS: 1012 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 1013 1014 ### BUG FIXES: 1015 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 1016 ensurePeers outside of ensurePeersRoutine 1017 1018 ## v0.31.7 1019 1020 *June 3, 2019* 1021 1022 This releases fixes a regression in the mempool introduced in v0.31.6. 1023 The regression caused the invalid committed txs to be proposed in blocks over and 1024 over again. 1025 1026 ### BUG FIXES: 1027 - [mempool] [\#3699](https://github.com/tendermint/tendermint/issues/3699) Remove all committed txs from the mempool. 1028 This reverts the change from v0.31.6 where we only remove valid txs from the mempool. 1029 Note this means malicious proposals can cause txs to be dropped from the 1030 mempools of other nodes by including them in blocks before they are valid. 1031 See [\#3322](https://github.com/tendermint/tendermint/issues/3322). 1032 1033 ## v0.31.6 1034 1035 *May 31st, 2019* 1036 1037 This release contains many fixes and improvements, primarily for p2p functionality. 1038 It also fixes a security issue in the mempool package. 1039 1040 With this release, Tendermint now supports [boltdb](https://github.com/etcd-io/bbolt), although 1041 in experimental mode. Feel free to try and report to us any findings/issues. 1042 Note also that the build tags for compiling CLevelDB have changed. 1043 1044 Special thanks to external contributors on this release: 1045 @guagualvcha, @james-ray, @gregdhill, @climber73, @yutianwu, 1046 @carlosflrs, @defunctzombie, @leoluk, @needkane, @CrocdileChan 1047 1048 ### BREAKING CHANGES: 1049 1050 * Go API 1051 - [libs/common] Removed deprecated `PanicSanity`, `PanicCrisis`, 1052 `PanicConsensus` and `PanicQ` 1053 - [mempool, state] [\#2659](https://github.com/tendermint/tendermint/issues/2659) `Mempool` now an interface that lives in the mempool package. 1054 See issue and PR for more details. 1055 - [p2p] [\#3346](https://github.com/tendermint/tendermint/issues/3346) `Reactor#InitPeer` method is added to `Reactor` interface 1056 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) `Commit#VoteSignBytes` signature was changed 1057 1058 ### FEATURES: 1059 - [node] [\#2659](https://github.com/tendermint/tendermint/issues/2659) Add `node.Mempool()` method, which allows you to access mempool 1060 - [libs/db] [\#3604](https://github.com/tendermint/tendermint/pull/3604) Add experimental support for bolt db (etcd's fork of bolt) (@CrocdileChan) 1061 1062 ### IMPROVEMENTS: 1063 - [cli] [\#3585](https://github.com/tendermint/tendermint/issues/3585) Add `--keep-addr-book` option to `unsafe_reset_all` cmd to not 1064 clear the address book (@climber73) 1065 - [cli] [\#3160](https://github.com/tendermint/tendermint/issues/3160) Add 1066 `--config=<path-to-config>` option to `testnet` cmd (@gregdhill) 1067 - [cli] [\#3661](https://github.com/tendermint/tendermint/pull/3661) Add 1068 `--hostname-suffix`, `--hostname` and `--random-monikers` options to `testnet` 1069 cmd for greater peer address/identity generation flexibility. 1070 - [crypto] [\#3672](https://github.com/tendermint/tendermint/issues/3672) Return more info in the `AddSignatureFromPubKey` error 1071 - [cs/replay] [\#3460](https://github.com/tendermint/tendermint/issues/3460) Check appHash for each block 1072 - [libs/db] [\#3611](https://github.com/tendermint/tendermint/issues/3611) Conditional compilation 1073 * Use `cleveldb` tag instead of `gcc` to compile Tendermint with CLevelDB or 1074 use `make build_c` / `make install_c` (full instructions can be found at 1075 https://docs.tendermint.com/master/introduction/install.html#compile-with-cleveldb-support) 1076 * Use `boltdb` tag to compile Tendermint with bolt db 1077 - [node] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Return an error if `persistent_peers` list is invalid (except 1078 when IP lookup fails) 1079 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer (@guagualvcha) 1080 - [p2p] [\#3531](https://github.com/tendermint/tendermint/issues/3531) Terminate session on nonce wrapping (@climber73) 1081 - [pex] [\#3647](https://github.com/tendermint/tendermint/pull/3647) Dial seeds, if any, instead of crawling peers first (@defunctzombie) 1082 - [rpc] [\#3534](https://github.com/tendermint/tendermint/pull/3534) Add support for batched requests/responses in JSON RPC 1083 - [rpc] [\#3362](https://github.com/tendermint/tendermint/issues/3362) `/dial_seeds` & `/dial_peers` return errors if addresses are 1084 incorrect (except when IP lookup fails) 1085 1086 ### BUG FIXES: 1087 - [consensus] [\#3067](https://github.com/tendermint/tendermint/issues/3067) Fix replay from appHeight==0 with validator set changes (@james-ray) 1088 - [consensus] [\#3304](https://github.com/tendermint/tendermint/issues/3304) Create a peer state in consensus reactor before the peer 1089 is started (@guagualvcha) 1090 - [lite] [\#3669](https://github.com/tendermint/tendermint/issues/3669) Add context parameter to RPC Handlers in proxy routes (@yutianwu) 1091 - [mempool] [\#3322](https://github.com/tendermint/tendermint/issues/3322) When a block is committed, only remove committed txs from the mempool 1092 that were valid (ie. `ResponseDeliverTx.Code == 0`) 1093 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Ensure `RemovePeer` is always called before `InitPeer` (upon a peer 1094 reconnecting to our node) 1095 - [p2p] [\#3532](https://github.com/tendermint/tendermint/issues/3532) Limit the number of attempts to connect to a peer in seed mode 1096 to 16 (as a result, the node will stop retrying after a 35 hours time window) 1097 - [p2p] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Allow inbound peers to be persistent, including for seed nodes. 1098 - [pex] [\#3603](https://github.com/tendermint/tendermint/pull/3603) Dial seeds when addrbook needs more addresses (@defunctzombie) 1099 1100 ### OTHERS: 1101 - [networks] fixes ansible integration script (@carlosflrs) 1102 1103 ## v0.31.5 1104 1105 *April 16th, 2019* 1106 1107 This release fixes a regression from v0.31.4 where, in existing chains that 1108 were upgraded, `/validators` could return an empty validator set. This is true 1109 for almost all heights, given the validator set remains the same. 1110 1111 Special thanks to external contributors on this release: 1112 @brapse, @guagualvcha, @dongsam, @phucc 1113 1114 ### IMPROVEMENTS: 1115 1116 - [libs/common] `CMap`: slight optimization in `Keys()` and `Values()` (@phucc) 1117 - [gitignore] gitignore: add .vendor-new (@dongsam) 1118 1119 ### BUG FIXES: 1120 1121 - [state] [\#3537](https://github.com/tendermint/tendermint/pull/3537#issuecomment-482711833) 1122 `LoadValidators`: do not return an empty validator set 1123 - [blockchain] [\#3457](https://github.com/tendermint/tendermint/issues/3457) 1124 Fix "peer did not send us anything" in `fast_sync` mode when under high pressure 1125 1126 ## v0.31.4 1127 1128 *April 12th, 2019* 1129 1130 This release fixes a regression from v0.31.3 which used the peer's `SocketAddr` to add the peer to 1131 the address book. This swallowed the peer's self-reported port which is important in case of reconnect. 1132 It brings back `NetAddress()` to `NodeInfo` and uses it instead of `SocketAddr` for adding peers. 1133 Additionally, it improves response time on the `/validators` or `/status` RPC endpoints. 1134 As a side-effect it makes these RPC endpoint more difficult to DoS and fixes a performance degradation in `ExecCommitBlock`. 1135 Also, it contains an [ADR](https://github.com/tendermint/tendermint/pull/3539) that proposes decoupling the 1136 responsibility for peer behaviour from the `p2p.Switch` (by @brapse). 1137 1138 Special thanks to external contributors on this release: 1139 @brapse, @guagualvcha, @mydring 1140 1141 ### IMPROVEMENTS: 1142 1143 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer 1144 - [p2p] [\#3547](https://github.com/tendermint/tendermint/pull/3547) Fix a couple of annoying typos (@mdyring) 1145 1146 ### BUG FIXES: 1147 1148 - [docs] [\#3514](https://github.com/tendermint/tendermint/issues/3514) Fix block.Header.Time description (@melekes) 1149 - [p2p] [\#2716](https://github.com/tendermint/tendermint/issues/2716) Check if we're already connected to peer right before dialing it (@melekes) 1150 - [p2p] [\#3545](https://github.com/tendermint/tendermint/issues/3545) Add back `NetAddress()` to `NodeInfo` and use it instead of peer's `SocketAddr()` when adding a peer to the `PEXReactor` (potential fix for [\#3532](https://github.com/tendermint/tendermint/issues/3532)) 1151 - [state] [\#3438](https://github.com/tendermint/tendermint/pull/3438) 1152 Persist validators every 100000 blocks even if no changes to the set 1153 occurred (@guagualvcha). This 1154 1) Prevents possible DoS attack using `/validators` or `/status` RPC 1155 endpoints. Before response time was growing linearly with height if no 1156 changes were made to the validator set. 1157 2) Fixes performance degradation in `ExecCommitBlock` where we call 1158 `LoadValidators` for each `Evidence` in the block. 1159 1160 ## v0.31.3 1161 1162 *April 1st, 2019* 1163 1164 This release includes two security sensitive fixes: it ensures generated private 1165 keys are valid, and it prevents certain DNS lookups that would cause the node to 1166 panic if the lookup failed. 1167 1168 ### BREAKING CHANGES: 1169 * Go API 1170 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1171 The `secp256k1.GenPrivKeySecp256k1` function has changed to guarantee that it returns a valid key, which means it 1172 will return a different private key than in previous versions for the same secret. 1173 1174 ### BUG FIXES: 1175 1176 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1177 Ensure generated private keys are valid by randomly sampling until a valid key is found. 1178 Previously, it was possible (though rare!) to generate keys that exceeded the curve order. 1179 Such keys would lead to invalid signatures. 1180 - [p2p] [\#3522](https://github.com/tendermint/tendermint/issues/3522) Memoize 1181 socket address in peer connections to avoid DNS lookups. Previously, failed 1182 DNS lookups could cause the node to panic. 1183 1184 ## v0.31.2 1185 1186 *March 30th, 2019* 1187 1188 This release fixes a regression from v0.31.1 where Tendermint panics under 1189 mempool load for external ABCI apps. 1190 1191 Special thanks to external contributors on this release: 1192 @guagualvcha 1193 1194 ### BREAKING CHANGES: 1195 1196 * CLI/RPC/Config 1197 1198 * Apps 1199 1200 * Go API 1201 - [libs/autofile] [\#3504](https://github.com/tendermint/tendermint/issues/3504) Remove unused code in autofile package. Deleted functions: `Group.Search`, `Group.FindLast`, `GroupReader.ReadLine`, `GroupReader.PushLine`, `MakeSimpleSearchFunc` (@guagualvcha) 1202 1203 * Blockchain Protocol 1204 1205 * P2P Protocol 1206 1207 ### FEATURES: 1208 1209 ### IMPROVEMENTS: 1210 1211 - [circle] [\#3497](https://github.com/tendermint/tendermint/issues/3497) Move release management to CircleCI 1212 1213 ### BUG FIXES: 1214 1215 - [mempool] [\#3512](https://github.com/tendermint/tendermint/issues/3512) Fix panic from concurrent access to txsMap, a regression for external ABCI apps introduced in v0.31.1 1216 1217 ## v0.31.1 1218 1219 *March 27th, 2019* 1220 1221 This release contains a major improvement for the mempool that reduce the amount of sent data by about 30% 1222 (see some numbers below). 1223 It also fixes a memory leak in the mempool and adds TLS support to the RPC server by providing a certificate and key in the config. 1224 1225 Special thanks to external contributors on this release: 1226 @brapse, @guagualvcha, @HaoyangLiu, @needkane, @TraceBundy 1227 1228 ### BREAKING CHANGES: 1229 1230 * CLI/RPC/Config 1231 1232 * Apps 1233 1234 * Go API 1235 - [crypto] [\#3426](https://github.com/tendermint/tendermint/pull/3426) Remove `Ripemd160` helper method (@needkane) 1236 - [libs/common] [\#3429](https://github.com/tendermint/tendermint/pull/3429) Remove `RepeatTimer` (also `TimerMaker` and `Ticker` interface) 1237 - [rpc/client] [\#3458](https://github.com/tendermint/tendermint/issues/3458) Include `NetworkClient` interface into `Client` interface 1238 - [types] [\#3448](https://github.com/tendermint/tendermint/issues/3448) Remove method `PB2TM.ConsensusParams` 1239 1240 * Blockchain Protocol 1241 1242 * P2P Protocol 1243 1244 ### FEATURES: 1245 1246 - [rpc] [\#3419](https://github.com/tendermint/tendermint/issues/3419) Start HTTPS server if `rpc.tls_cert_file` and `rpc.tls_key_file` are provided in the config (@guagualvcha) 1247 1248 ### IMPROVEMENTS: 1249 1250 - [docs] [\#3140](https://github.com/tendermint/tendermint/issues/3140) Formalize proposer election algorithm properties 1251 - [docs] [\#3482](https://github.com/tendermint/tendermint/issues/3482) Fix broken links (@brapse) 1252 - [mempool] [\#2778](https://github.com/tendermint/tendermint/issues/2778) No longer send txs back to peers who sent it to you. 1253 Also, limit to 65536 active peers. 1254 This vastly improves the bandwidth consumption of nodes. 1255 For instance, for a 4 node localnet, in a test sending 250byte txs for 120 sec. at 500 txs/sec (total of 15MB): 1256 - total bytes received from 1st node: 1257 - before: 42793967 (43MB) 1258 - after: 30003256 (30MB) 1259 - total bytes sent to 1st node: 1260 - before: 30569339 (30MB) 1261 - after: 19304964 (19MB) 1262 - [p2p] [\#3475](https://github.com/tendermint/tendermint/issues/3475) Simplify `GetSelectionWithBias` for addressbook (@guagualvcha) 1263 - [rpc/lib/client] [\#3430](https://github.com/tendermint/tendermint/issues/3430) Disable compression for HTTP client to prevent GZIP-bomb DoS attacks (@guagualvcha) 1264 1265 ### BUG FIXES: 1266 1267 - [blockchain] [\#2699](https://github.com/tendermint/tendermint/issues/2699) Update the maxHeight when a peer is removed 1268 - [mempool] [\#3478](https://github.com/tendermint/tendermint/issues/3478) Fix memory-leak related to `broadcastTxRoutine` (@HaoyangLiu) 1269 1270 1271 ## v0.31.0 1272 1273 *March 16th, 2019* 1274 1275 Special thanks to external contributors on this release: 1276 @danil-lashin, @guagualvcha, @siburu, @silasdavis, @srmo, @Stumble, @svenstaro 1277 1278 This release is primarily about the new pubsub implementation, dubbed `pubsub 2.0`, and related changes, 1279 like configurable limits on the number of active RPC subscriptions at a time (`max_subscription_clients`). 1280 Pubsub 2.0 is an improved version of the older pubsub that is non-blocking and has a nicer API. 1281 Note the improved pubsub API also resulted in some improvements to the HTTPClient interface and the API for WebSocket subscriptions. 1282 This release also adds a configurable limit to the mempool size (`max_txs_bytes`, default 1GB) 1283 and a configurable timeout for the `/broadcast_tx_commit` endpoint. 1284 1285 See the [v0.31.0 1286 Milestone](https://github.com/tendermint/tendermint/milestone/19?closed=1) for 1287 more details. 1288 1289 Friendly reminder, we have a [bug bounty 1290 program](https://hackerone.com/tendermint). 1291 1292 ### BREAKING CHANGES: 1293 1294 * CLI/RPC/Config 1295 - [config] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Remove `consensus.blocktime_iota` parameter 1296 - [rpc] [\#3227](https://github.com/tendermint/tendermint/issues/3227) New PubSub design does not block on clients when publishing 1297 messages. Slow clients may miss messages and receive an error, terminating 1298 the subscription. 1299 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique clientIDs with open subscriptions. Configurable via `rpc.max_subscription_clients` 1300 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique queries a given client can subscribe to at once. Configurable via `rpc.max_subscriptions_per_client`. 1301 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) Default ReadTimeout and WriteTimeout changed to 10s. WriteTimeout can increased by setting `rpc.timeout_broadcast_tx_commit` in the config. 1302 - [rpc/client] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Update `EventsClient` interface to reflect new pubsub/eventBus API [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md). This includes `Subscribe`, `Unsubscribe`, and `UnsubscribeAll` methods. 1303 1304 * Apps 1305 - [abci] [\#3403](https://github.com/tendermint/tendermint/issues/3403) Remove `time_iota_ms` from BlockParams. This is a 1306 ConsensusParam but need not be exposed to the app for now. 1307 - [abci] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Rename `consensus_params.block_size` to `consensus_params.block` in ABCI ConsensusParams 1308 1309 * Go API 1310 - [libs/common] TrapSignal accepts logger as a first parameter and does not block anymore 1311 * previously it was dumping "captured ..." msg to os.Stdout 1312 * TrapSignal should not be responsible for blocking thread of execution 1313 - [libs/db] [\#3397](https://github.com/tendermint/tendermint/pull/3397) Add possibility to `Close()` `Batch` to prevent memory leak when using ClevelDB. (@Stumble) 1314 - [types] [\#3354](https://github.com/tendermint/tendermint/issues/3354) Remove RoundState from EventDataRoundState 1315 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) `StartHTTPServer` / `StartHTTPAndTLSServer` now require a Config (use `rpcserver.DefaultConfig`) 1316 1317 * Blockchain Protocol 1318 1319 * P2P Protocol 1320 1321 ### FEATURES: 1322 - [config] [\#3269](https://github.com/tendermint/tendermint/issues/2826) New configuration values for controlling RPC subscriptions: 1323 - `rpc.max_subscription_clients` sets the maximum number of unique clients 1324 with open subscriptions 1325 - `rpc.max_subscriptions_per_client`sets the maximum number of unique 1326 subscriptions from a given client 1327 - `rpc.timeout_broadcast_tx_commit` sets the time to wait for a tx to be committed during `/broadcast_tx_commit` 1328 - [types] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Add `time_iota_ms` to block's consensus parameters (not exposed to the application) 1329 - [lite] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Add `/unsubscribe_all` endpoint to unsubscribe from all events 1330 - [mempool] [\#3079](https://github.com/tendermint/tendermint/issues/3079) Bound mempool memory usage via the `mempool.max_txs_bytes` configuration value. Set to 1GB by default. The mempool's current `txs_total_bytes` is exposed via `total_bytes` field in 1331 `/num_unconfirmed_txs` and `/unconfirmed_txs` RPC endpoints. 1332 1333 ### IMPROVEMENTS: 1334 - [all] [\#3385](https://github.com/tendermint/tendermint/issues/3385), [\#3386](https://github.com/tendermint/tendermint/issues/3386) Various linting improvements 1335 - [crypto] [\#3371](https://github.com/tendermint/tendermint/issues/3371) Copy in secp256k1 package from go-ethereum instead of importing 1336 go-ethereum (@silasdavis) 1337 - [deps] [\#3382](https://github.com/tendermint/tendermint/issues/3382) Don't pin repos without releases 1338 - [deps] [\#3357](https://github.com/tendermint/tendermint/issues/3357), [\#3389](https://github.com/tendermint/tendermint/issues/3389), [\#3392](https://github.com/tendermint/tendermint/issues/3392) Update gogo/protobuf, golang/protobuf, levigo, golang.org/x/crypto 1339 - [libs/common] [\#3238](https://github.com/tendermint/tendermint/issues/3238) exit with zero (0) code upon receiving SIGTERM/SIGINT 1340 - [libs/db] [\#3378](https://github.com/tendermint/tendermint/issues/3378) CLevelDB#Stats now returns the following properties: 1341 - leveldb.num-files-at-level{n} 1342 - leveldb.stats 1343 - leveldb.sstables 1344 - leveldb.blockpool 1345 - leveldb.cachedblock 1346 - leveldb.openedtables 1347 - leveldb.alivesnaps 1348 - leveldb.aliveiters 1349 - [privval] [\#3351](https://github.com/tendermint/tendermint/pull/3351) First part of larger refactoring that clarifies and separates concerns in the privval package. 1350 1351 ### BUG FIXES: 1352 - [blockchain] [\#3358](https://github.com/tendermint/tendermint/pull/3358) Fix timer leak in `BlockPool` (@guagualvcha) 1353 - [cmd] [\#3408](https://github.com/tendermint/tendermint/issues/3408) Fix `testnet` command's panic when creating non-validator configs (using `--n` flag) (@srmo) 1354 - [libs/db/remotedb/grpcdb] [\#3402](https://github.com/tendermint/tendermint/issues/3402) Close Iterator/ReverseIterator after use 1355 - [libs/pubsub] [\#951](https://github.com/tendermint/tendermint/issues/951), [\#1880](https://github.com/tendermint/tendermint/issues/1880) Use non-blocking send when dispatching messages [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md) 1356 - [lite] [\#3364](https://github.com/tendermint/tendermint/issues/3364) Fix `/validators` and `/abci_query` proxy endpoints 1357 (@guagualvcha) 1358 - [p2p/conn] [\#3347](https://github.com/tendermint/tendermint/issues/3347) Reject all-zero shared secrets in the Diffie-Hellman step of secret-connection 1359 - [p2p] [\#3369](https://github.com/tendermint/tendermint/issues/3369) Do not panic when filter times out 1360 - [p2p] [\#3359](https://github.com/tendermint/tendermint/pull/3359) Fix reconnecting report duplicate ID error due to race condition between adding peer to peerSet and starting it (@guagualvcha) 1361 1362 ## v0.30.2 1363 1364 *March 10th, 2019* 1365 1366 This release fixes a CLevelDB memory leak. It was happening because we were not 1367 closing the WriteBatch object after use. See [levigo's 1368 godoc](https://godoc.org/github.com/jmhodges/levigo#WriteBatch.Close) for the 1369 Close method. Special thanks goes to @Stumble who both reported an issue in 1370 [cosmos-sdk](https://github.com/cosmos/cosmos-sdk/issues/3842) and provided a 1371 fix here. 1372 1373 ### BREAKING CHANGES: 1374 1375 * Go API 1376 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Add Close() method to Batch interface (@Stumble) 1377 1378 ### BUG FIXES: 1379 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Fix CLevelDB memory leak (@Stumble) 1380 1381 ## v0.30.1 1382 1383 *February 20th, 2019* 1384 1385 This release fixes a consensus halt and a DataCorruptionError after restart 1386 discovered in `game_of_stakes_6`. It also fixes a security issue in the p2p 1387 handshake by authenticating the NetAddress.ID of the peer we're dialing. 1388 1389 ### IMPROVEMENTS: 1390 1391 * [config] [\#3291](https://github.com/tendermint/tendermint/issues/3291) Make 1392 config.ResetTestRootWithChainID() create concurrency-safe test directories. 1393 1394 ### BUG FIXES: 1395 1396 * [consensus] [\#3295](https://github.com/tendermint/tendermint/issues/3295) 1397 Flush WAL on stop to prevent data corruption during graceful shutdown. 1398 * [consensus] [\#3302](https://github.com/tendermint/tendermint/issues/3302) 1399 Fix possible halt by resetting TriggeredTimeoutPrecommit before starting next height. 1400 * [rpc] [\#3251](https://github.com/tendermint/tendermint/issues/3251) Fix 1401 `/net_info#peers#remote_ip` format. New format spec: 1402 * dotted decimal ("192.0.2.1"), if ip is an IPv4 or IP4-mapped IPv6 address 1403 * IPv6 ("2001:db8::1"), if ip is a valid IPv6 address 1404 * [cmd] [\#3314](https://github.com/tendermint/tendermint/issues/3314) Return 1405 an error on `show_validator` when the private validator file does not exist. 1406 * [p2p] [\#3010](https://github.com/tendermint/tendermint/issues/3010#issuecomment-464287627) 1407 Authenticate a peer against its NetAddress.ID when dialing. 1408 1409 ## v0.30.0 1410 1411 *February 8th, 2019* 1412 1413 This release fixes yet another issue with the proposer selection algorithm. 1414 We hope it's the last one, but we won't be surprised if it's not. 1415 We plan to one day expose the selection algorithm more directly to 1416 the application ([\#3285](https://github.com/tendermint/tendermint/issues/3285)), and even to support randomness ([\#763](https://github.com/tendermint/tendermint/issues/763)). 1417 For more, see issues marked 1418 [proposer-selection](https://github.com/tendermint/tendermint/labels/proposer-selection). 1419 1420 This release also includes a fix to prevent Tendermint from including the same 1421 piece of evidence in more than one block. This issue was reported by @chengwenxi in our 1422 [bug bounty program](https://hackerone.com/tendermint). 1423 1424 ### BREAKING CHANGES: 1425 1426 * Apps 1427 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1428 Duplicate updates for the same validator are forbidden. Apps must ensure 1429 that a given `ResponseEndBlock.ValidatorUpdates` contains only one entry per pubkey. 1430 1431 * Go API 1432 - [types] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1433 Remove `Add` and `Update` methods from `ValidatorSet` in favor of new 1434 `UpdateWithChangeSet`. This allows updates to be applied as a set, instead of 1435 one at a time. 1436 1437 * Block Protocol 1438 - [state] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Blocks that include already committed evidence are invalid. 1439 1440 * P2P Protocol 1441 - [consensus] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1442 Validator updates are applied as a set, instead of one at a time, thus 1443 impacting the proposer priority calculation. This ensures that the proposer 1444 selection algorithm does not depend on the order of updates in 1445 `ResponseEndBlock.ValidatorUpdates`. 1446 1447 ### IMPROVEMENTS: 1448 - [crypto] [\#3279](https://github.com/tendermint/tendermint/issues/3279) Use `btcec.S256().N` directly instead of hard coding a copy. 1449 1450 ### BUG FIXES: 1451 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) Fix validator set updates so they are applied as a set, rather 1452 than one at a time. This makes the proposer selection algorithm independent of 1453 the order of updates in `ResponseEndBlock.ValidatorUpdates`. 1454 - [evidence] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Don't add committed evidence to evidence pool. 1455 1456 ## v0.29.2 1457 1458 *February 7th, 2019* 1459 1460 Special thanks to external contributors on this release: 1461 @ackratos, @rickyyangz 1462 1463 **Note**: This release contains security sensitive patches in the `p2p` and 1464 `crypto` packages: 1465 - p2p: 1466 - Partial fix for MITM attacks on the p2p connection. MITM conditions may 1467 still exist. See [\#3010](https://github.com/tendermint/tendermint/issues/3010). 1468 - crypto: 1469 - Eliminate our fork of `btcd` and use the `btcd/btcec` library directly for 1470 native secp256k1 signing. Note we still modify the signature encoding to 1471 prevent malleability. 1472 - Support the libsecp256k1 library via CGo through the `go-ethereum/crypto/secp256k1` package. 1473 - Eliminate MixEntropy functions 1474 1475 ### BREAKING CHANGES: 1476 1477 * Go API 1478 - [crypto] [\#3278](https://github.com/tendermint/tendermint/issues/3278) Remove 1479 MixEntropy functions 1480 - [types] [\#3245](https://github.com/tendermint/tendermint/issues/3245) Commit uses `type CommitSig Vote` instead of `Vote` directly. 1481 In preparation for removing redundant fields from the commit [\#1648](https://github.com/tendermint/tendermint/issues/1648) 1482 1483 ### IMPROVEMENTS: 1484 - [consensus] [\#3246](https://github.com/tendermint/tendermint/issues/3246) Better logging and notes on recovery for corrupted WAL file 1485 - [crypto] [\#3163](https://github.com/tendermint/tendermint/issues/3163) Use ethereum's libsecp256k1 go-wrapper for signatures when cgo is available 1486 - [crypto] [\#3162](https://github.com/tendermint/tendermint/issues/3162) Wrap btcd instead of forking it to keep up with fixes (used if cgo is not available) 1487 - [makefile] [\#3233](https://github.com/tendermint/tendermint/issues/3233) Use golangci-lint instead of go-metalinter 1488 - [tools] [\#3218](https://github.com/tendermint/tendermint/issues/3218) Add go-deadlock tool to help detect deadlocks 1489 - [tools] [\#3106](https://github.com/tendermint/tendermint/issues/3106) Add tm-signer-harness test harness for remote signers 1490 - [tests] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fixed a bunch of non-deterministic test failures 1491 1492 ### BUG FIXES: 1493 - [node] [\#3186](https://github.com/tendermint/tendermint/issues/3186) EventBus and indexerService should be started before first block (for replay last block on handshake) execution (@ackratos) 1494 - [p2p] [\#3232](https://github.com/tendermint/tendermint/issues/3232) Fix infinite loop leading to addrbook deadlock for seed nodes 1495 - [p2p] [\#3247](https://github.com/tendermint/tendermint/issues/3247) Fix panic in SeedMode when calling FlushStop and OnStop 1496 concurrently 1497 - [p2p] [\#3040](https://github.com/tendermint/tendermint/issues/3040) Fix MITM on secret connection by checking low-order points 1498 - [privval] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fix race between sign requests and ping requests in socket that was causing messages to be corrupted 1499 1500 ## v0.29.1 1501 1502 *January 24, 2019* 1503 1504 Special thanks to external contributors on this release: 1505 @infinytum, @gauthamzz 1506 1507 This release contains two important fixes: one for p2p layer where we sometimes 1508 were not closing connections and one for consensus layer where consensus with 1509 no empty blocks (`create_empty_blocks = false`) could halt. 1510 1511 Friendly reminder, we have a [bug bounty 1512 program](https://hackerone.com/tendermint). 1513 1514 ### IMPROVEMENTS: 1515 - [pex] [\#3037](https://github.com/tendermint/tendermint/issues/3037) Only log "Reached max attempts to dial" once 1516 - [rpc] [\#3159](https://github.com/tendermint/tendermint/issues/3159) Expose 1517 `triggered_timeout_commit` in the `/dump_consensus_state` 1518 1519 ### BUG FIXES: 1520 - [consensus] [\#3199](https://github.com/tendermint/tendermint/issues/3199) Fix consensus halt with no empty blocks from not resetting triggeredTimeoutCommit 1521 - [p2p] [\#2967](https://github.com/tendermint/tendermint/issues/2967) Fix file descriptor leak 1522 1523 ## v0.29.0 1524 1525 *January 21, 2019* 1526 1527 Special thanks to external contributors on this release: 1528 @bradyjoestar, @kunaldhariwal, @gauthamzz, @hrharder 1529 1530 This release is primarily about making some breaking changes to 1531 the Block protocol version before Cosmos launch, and to fixing more issues 1532 in the proposer selection algorithm discovered on Cosmos testnets. 1533 1534 The Block protocol changes include using a standard Merkle tree format (RFC 6962), 1535 fixing some inconsistencies between field orders in Vote and Proposal structs, 1536 and constraining the hash of the ConsensusParams to include only a few fields. 1537 1538 The proposer selection algorithm saw significant progress, 1539 including a [formal proof by @cwgoes for the base-case in Idris](https://github.com/cwgoes/tm-proposer-idris) 1540 and a [much more detailed specification (still in progress) by 1541 @ancazamfir](https://github.com/tendermint/tendermint/pull/3140). 1542 1543 Fixes to the proposer selection algorithm include normalizing the proposer 1544 priorities to mitigate the effects of large changes to the validator set. 1545 That said, we just discovered [another bug](https://github.com/tendermint/tendermint/issues/3181), 1546 which will be fixed in the next breaking release. 1547 1548 While we are trying to stabilize the Block protocol to preserve compatibility 1549 with old chains, there may be some final changes yet to come before Cosmos 1550 launch as we continue to audit and test the software. 1551 1552 Friendly reminder, we have a [bug bounty 1553 program](https://hackerone.com/tendermint). 1554 1555 ### BREAKING CHANGES: 1556 1557 * CLI/RPC/Config 1558 1559 * Apps 1560 - [state] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Total voting power of the validator set is upper bounded by 1561 `MaxInt64 / 8`. Apps must ensure they do not return changes to the validator 1562 set that cause this maximum to be exceeded. 1563 1564 * Go API 1565 - [node] [\#3082](https://github.com/tendermint/tendermint/issues/3082) MetricsProvider now requires you to pass a chain ID 1566 - [types] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Rename `TxProof.LeafHash` to `TxProof.Leaf` 1567 - [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) `SimpleProof.Verify` takes a `leaf` instead of a 1568 `leafHash` and performs the hashing itself 1569 1570 * Blockchain Protocol 1571 * [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Merkle trees now match the RFC 6962 specification 1572 * [types] [\#3078](https://github.com/tendermint/tendermint/issues/3078) Re-order Timestamp and BlockID in CanonicalVote so it's 1573 consistent with CanonicalProposal (BlockID comes 1574 first) 1575 * [types] [\#3165](https://github.com/tendermint/tendermint/issues/3165) Hash of ConsensusParams only includes BlockSize.MaxBytes and 1576 BlockSize.MaxGas 1577 1578 * P2P Protocol 1579 - [consensus] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Normalize priorities to not exceed `2*TotalVotingPower` to mitigate unfair proposer selection 1580 heavily preferring earlier joined validators in the case of an early bonded large validator unbonding 1581 1582 ### FEATURES: 1583 1584 ### IMPROVEMENTS: 1585 - [rpc] [\#3065](https://github.com/tendermint/tendermint/issues/3065) Return maxPerPage (100), not defaultPerPage (30) if `per_page` is greater than the max 100. 1586 - [instrumentation] [\#3082](https://github.com/tendermint/tendermint/issues/3082) Add `chain_id` label for all metrics 1587 1588 ### BUG FIXES: 1589 - [crypto] [\#3164](https://github.com/tendermint/tendermint/issues/3164) Update `btcd` fork for rare signRFC6979 bug 1590 - [lite] [\#3171](https://github.com/tendermint/tendermint/issues/3171) Fix verifying large validator set changes 1591 - [log] [\#3125](https://github.com/tendermint/tendermint/issues/3125) Fix year format 1592 - [mempool] [\#3168](https://github.com/tendermint/tendermint/issues/3168) Limit tx size to fit in the max reactor msg size 1593 - [scripts] [\#3147](https://github.com/tendermint/tendermint/issues/3147) Fix json2wal for large block parts (@bradyjoestar) 1594 1595 ## v0.28.1 1596 1597 *January 18th, 2019* 1598 1599 Special thanks to external contributors on this release: 1600 @HaoyangLiu 1601 1602 Friendly reminder, we have a [bug bounty 1603 program](https://hackerone.com/tendermint). 1604 1605 ### BUG FIXES: 1606 - [consensus] Fix consensus halt from proposing blocks with too much evidence 1607 1608 ## v0.28.0 1609 1610 *January 16th, 2019* 1611 1612 Special thanks to external contributors on this release: 1613 @fmauricios, @gianfelipe93, @husio, @needkane, @srmo, @yutianwu 1614 1615 This release is primarily about upgrades to the `privval` system - 1616 separating the `priv_validator.json` into distinct config and data files, and 1617 refactoring the socket validator to support reconnections. 1618 1619 **Note:** Please backup your existing `priv_validator.json` before using this 1620 version. 1621 1622 See [UPGRADING.md](UPGRADING.md) for more details. 1623 1624 ### BREAKING CHANGES: 1625 1626 * CLI/RPC/Config 1627 - [cli] Removed `--proxy_app=dummy` option. Use `kvstore` (`persistent_kvstore`) instead. 1628 - [cli] Renamed `--proxy_app=nilapp` to `--proxy_app=noop`. 1629 - [config] [\#2992](https://github.com/tendermint/tendermint/issues/2992) `allow_duplicate_ip` is now set to false 1630 - [privval] [\#1181](https://github.com/tendermint/tendermint/issues/1181) Split `priv_validator.json` into immutable (`config/priv_validator_key.json`) and mutable (`data/priv_validator_state.json`) parts (@yutianwu) 1631 - [privval] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Split up `PubKeyMsg` into `PubKeyRequest` and `PubKeyResponse` to be consistent with other message types 1632 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Listen for unix socket connections instead of dialing them 1633 1634 * Apps 1635 1636 * Go API 1637 - [types] [\#2981](https://github.com/tendermint/tendermint/issues/2981) Remove `PrivValidator.GetAddress()` 1638 1639 * Blockchain Protocol 1640 1641 * P2P Protocol 1642 1643 ### FEATURES: 1644 - [rpc] [\#3052](https://github.com/tendermint/tendermint/issues/3052) Include peer's remote IP in `/net_info` 1645 1646 ### IMPROVEMENTS: 1647 - [consensus] [\#3086](https://github.com/tendermint/tendermint/issues/3086) Log peerID on ignored votes (@srmo) 1648 - [docs] [\#3061](https://github.com/tendermint/tendermint/issues/3061) Added specification for signing consensus msgs at 1649 ./docs/spec/consensus/signing.md 1650 - [privval] [\#2948](https://github.com/tendermint/tendermint/issues/2948) Memoize pubkey so it's only requested once on startup 1651 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Retry RemoteSigner connections on error 1652 1653 ### BUG FIXES: 1654 1655 - [build] [\#3085](https://github.com/tendermint/tendermint/issues/3085) Fix `Version` field in build scripts (@husio) 1656 - [crypto/multisig] [\#3102](https://github.com/tendermint/tendermint/issues/3102) Fix multisig keys address length 1657 - [crypto/encoding] [\#3101](https://github.com/tendermint/tendermint/issues/3101) Fix `PubKeyMultisigThreshold` unmarshalling into `crypto.PubKey` interface 1658 - [p2p/conn] [\#3111](https://github.com/tendermint/tendermint/issues/3111) Make SecretConnection thread safe 1659 - [rpc] [\#3053](https://github.com/tendermint/tendermint/issues/3053) Fix internal error in `/tx_search` when results are empty 1660 (@gianfelipe93) 1661 - [types] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Do not panic if retrieving the privval's public key fails 1662 1663 ## v0.27.4 1664 1665 *December 21st, 2018* 1666 1667 ### BUG FIXES: 1668 1669 - [mempool] [\#3036](https://github.com/tendermint/tendermint/issues/3036) Fix 1670 LRU cache by popping the least recently used item when the cache is full, 1671 not the most recently used one! 1672 1673 ## v0.27.3 1674 1675 *December 16th, 2018* 1676 1677 ### BREAKING CHANGES: 1678 1679 * Go API 1680 - [dep] [\#3027](https://github.com/tendermint/tendermint/issues/3027) Revert to mainline Go crypto library, eliminating the modified 1681 `bcrypt.GenerateFromPassword` 1682 1683 ## v0.27.2 1684 1685 *December 16th, 2018* 1686 1687 ### IMPROVEMENTS: 1688 1689 - [node] [\#3025](https://github.com/tendermint/tendermint/issues/3025) Validate NodeInfo addresses on startup. 1690 1691 ### BUG FIXES: 1692 1693 - [p2p] [\#3025](https://github.com/tendermint/tendermint/pull/3025) Revert to using defers in addrbook. Fixes deadlocks in pex and consensus upon invalid ExternalAddr/ListenAddr configuration. 1694 1695 ## v0.27.1 1696 1697 *December 15th, 2018* 1698 1699 Special thanks to external contributors on this release: 1700 @danil-lashin, @hleb-albau, @james-ray, @leo-xinwang 1701 1702 ### FEATURES: 1703 - [rpc] [\#2964](https://github.com/tendermint/tendermint/issues/2964) Add `UnconfirmedTxs(limit)` and `NumUnconfirmedTxs()` methods to HTTP/Local clients (@danil-lashin) 1704 - [docs] [\#3004](https://github.com/tendermint/tendermint/issues/3004) Enable full-text search on docs pages 1705 1706 ### IMPROVEMENTS: 1707 - [consensus] [\#2971](https://github.com/tendermint/tendermint/issues/2971) Return error if ValidatorSet is empty after InitChain 1708 (@leo-xinwang) 1709 - [ci/cd] [\#3005](https://github.com/tendermint/tendermint/issues/3005) Updated CircleCI job to trigger website build when docs are updated 1710 - [docs] Various updates 1711 1712 ### BUG FIXES: 1713 - [cmd] [\#2983](https://github.com/tendermint/tendermint/issues/2983) `testnet` command always sets `addr_book_strict = false` 1714 - [config] [\#2980](https://github.com/tendermint/tendermint/issues/2980) Fix CORS options formatting 1715 - [kv indexer] [\#2912](https://github.com/tendermint/tendermint/issues/2912) Don't ignore key when executing CONTAINS 1716 - [mempool] [\#2961](https://github.com/tendermint/tendermint/issues/2961) Call `notifyTxsAvailable` if there're txs left after committing a block, but recheck=false 1717 - [mempool] [\#2994](https://github.com/tendermint/tendermint/issues/2994) Reject txs with negative GasWanted 1718 - [p2p] [\#2990](https://github.com/tendermint/tendermint/issues/2990) Fix a bug where seeds don't disconnect from a peer after 3h 1719 - [consensus] [\#3006](https://github.com/tendermint/tendermint/issues/3006) Save state after InitChain only when stateHeight is also 0 (@james-ray) 1720 1721 ## v0.27.0 1722 1723 *December 5th, 2018* 1724 1725 Special thanks to external contributors on this release: 1726 @danil-lashin, @srmo 1727 1728 Special thanks to @dlguddus for discovering a [major 1729 issue](https://github.com/tendermint/tendermint/issues/2718#issuecomment-440888677) 1730 in the proposer selection algorithm. 1731 1732 Friendly reminder, we have a [bug bounty 1733 program](https://hackerone.com/tendermint). 1734 1735 This release is primarily about fixes to the proposer selection algorithm 1736 in preparation for the [Cosmos Game of 1737 Stakes](https://blog.cosmos.network/the-game-of-stakes-is-open-for-registration-83a404746ee6). 1738 It also makes use of the `ConsensusParams.Validator.PubKeyTypes` to restrict the 1739 key types that can be used by validators, and removes the `Heartbeat` consensus 1740 message. 1741 1742 ### BREAKING CHANGES: 1743 1744 * CLI/RPC/Config 1745 - [rpc] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `accum` to `proposer_priority` 1746 1747 * Go API 1748 - [db] [\#2913](https://github.com/tendermint/tendermint/pull/2913) 1749 ReverseIterator API change: start < end, and end is exclusive. 1750 - [types] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `Validator.Accum` to `Validator.ProposerPriority` 1751 1752 * Blockchain Protocol 1753 - [state] [\#2714](https://github.com/tendermint/tendermint/issues/2714) Validators can now only use pubkeys allowed within 1754 ConsensusParams.Validator.PubKeyTypes 1755 1756 * P2P Protocol 1757 - [consensus] [\#2871](https://github.com/tendermint/tendermint/issues/2871) 1758 Remove *ProposalHeartbeat* message as it serves no real purpose (@srmo) 1759 - [state] Fixes for proposer selection: 1760 - [\#2785](https://github.com/tendermint/tendermint/issues/2785) Accum for new validators is `-1.125*totalVotingPower` instead of 0 1761 - [\#2941](https://github.com/tendermint/tendermint/issues/2941) val.Accum is preserved during ValidatorSet.Update to avoid being 1762 reset to 0 1763 1764 ### IMPROVEMENTS: 1765 1766 - [state] [\#2929](https://github.com/tendermint/tendermint/issues/2929) Minor refactor of updateState logic (@danil-lashin) 1767 - [node] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Allow node to start even if software's BlockProtocol is 1768 different from state's BlockProtocol 1769 - [pex] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Pex reactor logger uses `module=pex` 1770 1771 ### BUG FIXES: 1772 1773 - [p2p] [\#2968](https://github.com/tendermint/tendermint/issues/2968) Panic on transport error rather than continuing to run but not 1774 accept new connections 1775 - [p2p] [\#2969](https://github.com/tendermint/tendermint/issues/2969) Fix mismatch in peer count between `/net_info` and the prometheus 1776 metrics 1777 - [rpc] [\#2408](https://github.com/tendermint/tendermint/issues/2408) `/broadcast_tx_commit`: Fix "interface conversion: interface {} in nil, not EventDataTx" panic (could happen if somebody sent a tx using `/broadcast_tx_commit` while Tendermint was being stopped) 1778 - [state] [\#2785](https://github.com/tendermint/tendermint/issues/2785) Fix accum for new validators to be `-1.125*totalVotingPower` 1779 instead of 0, forcing them to wait before becoming the proposer. Also: 1780 - do not batch clip 1781 - keep accums averaged near 0 1782 - [txindex/kv] [\#2925](https://github.com/tendermint/tendermint/issues/2925) Don't return false positives when range searching for a prefix of a tag value 1783 - [types] [\#2938](https://github.com/tendermint/tendermint/issues/2938) Fix regression in v0.26.4 where we panic on empty 1784 genDoc.Validators 1785 - [types] [\#2941](https://github.com/tendermint/tendermint/issues/2941) Preserve val.Accum during ValidatorSet.Update to avoid it being 1786 reset to 0 every time a validator is updated 1787 1788 ## v0.26.4 1789 1790 *November 27th, 2018* 1791 1792 Special thanks to external contributors on this release: 1793 @ackratos, @goolAdapter, @james-ray, @joe-bowman, @kostko, 1794 @nagarajmanjunath, @tomtau 1795 1796 Friendly reminder, we have a [bug bounty 1797 program](https://hackerone.com/tendermint). 1798 1799 ### FEATURES: 1800 1801 - [rpc] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Enable subscription to tags emitted from `BeginBlock`/`EndBlock` (@kostko) 1802 - [types] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Add `ResultBeginBlock` and `ResultEndBlock` fields to `EventDataNewBlock` 1803 and `EventDataNewBlockHeader` to support subscriptions (@kostko) 1804 - [types] [\#2918](https://github.com/tendermint/tendermint/issues/2918) Add Marshal, MarshalTo, Unmarshal methods to various structs 1805 to support Protobuf compatibility (@nagarajmanjunath) 1806 1807 ### IMPROVEMENTS: 1808 1809 - [config] [\#2877](https://github.com/tendermint/tendermint/issues/2877) Add `blocktime_iota` to the config.toml (@ackratos) 1810 - NOTE: this should be a ConsensusParam, not part of the config, and will be 1811 removed from the config at a later date 1812 ([\#2920](https://github.com/tendermint/tendermint/issues/2920). 1813 - [mempool] [\#2882](https://github.com/tendermint/tendermint/issues/2882) Add txs from Update to cache 1814 - [mempool] [\#2891](https://github.com/tendermint/tendermint/issues/2891) Remove local int64 counter from being stored in every tx 1815 - [node] [\#2866](https://github.com/tendermint/tendermint/issues/2866) Add ability to instantiate IPCVal (@joe-bowman) 1816 1817 ### BUG FIXES: 1818 1819 - [blockchain] [\#2731](https://github.com/tendermint/tendermint/issues/2731) Retry both blocks if either is bad to avoid getting stuck during fast sync (@goolAdapter) 1820 - [consensus] [\#2893](https://github.com/tendermint/tendermint/issues/2893) Use genDoc.Validators instead of state.NextValidators on replay when appHeight==0 (@james-ray) 1821 - [log] [\#2868](https://github.com/tendermint/tendermint/issues/2868) Fix `module=main` setting overriding all others 1822 - NOTE: this changes the default logging behaviour to be much less verbose. 1823 Set `log_level="info"` to restore the previous behaviour. 1824 - [rpc] [\#2808](https://github.com/tendermint/tendermint/issues/2808) Fix `accum` field in `/validators` by calling `IncrementAccum` if necessary 1825 - [rpc] [\#2811](https://github.com/tendermint/tendermint/issues/2811) Allow integer IDs in JSON-RPC requests (@tomtau) 1826 - [txindex/kv] [\#2759](https://github.com/tendermint/tendermint/issues/2759) Fix tx.height range queries 1827 - [txindex/kv] [\#2775](https://github.com/tendermint/tendermint/issues/2775) Order tx results by index if height is the same 1828 - [txindex/kv] [\#2908](https://github.com/tendermint/tendermint/issues/2908) Don't return false positives when searching for a prefix of a tag value 1829 1830 ## v0.26.3 1831 1832 *November 17th, 2018* 1833 1834 Special thanks to external contributors on this release: 1835 @danil-lashin, @kevlubkcm, @krhubert, @srmo 1836 1837 Friendly reminder, we have a [bug bounty 1838 program](https://hackerone.com/tendermint). 1839 1840 ### BREAKING CHANGES: 1841 1842 * Go API 1843 - [rpc] [\#2791](https://github.com/tendermint/tendermint/issues/2791) Functions that start HTTP servers are now blocking: 1844 - Impacts `StartHTTPServer`, `StartHTTPAndTLSServer`, and `StartGRPCServer` 1845 - These functions now take a `net.Listener` instead of an address 1846 - [rpc] [\#2767](https://github.com/tendermint/tendermint/issues/2767) Subscribing to events 1847 `NewRound` and `CompleteProposal` return new types `EventDataNewRound` and 1848 `EventDataCompleteProposal`, respectively, instead of the generic `EventDataRoundState`. (@kevlubkcm) 1849 1850 ### FEATURES: 1851 1852 - [log] [\#2843](https://github.com/tendermint/tendermint/issues/2843) New `log_format` config option, which can be set to 'plain' for colored 1853 text or 'json' for JSON output 1854 - [types] [\#2767](https://github.com/tendermint/tendermint/issues/2767) New event types EventDataNewRound (with ProposerInfo) and EventDataCompleteProposal (with BlockID). (@kevlubkcm) 1855 1856 ### IMPROVEMENTS: 1857 1858 - [dep] [\#2844](https://github.com/tendermint/tendermint/issues/2844) Dependencies are no longer pinned to an exact version in the 1859 Gopkg.toml: 1860 - Serialization libs are allowed to vary by patch release 1861 - Other libs are allowed to vary by minor release 1862 - [p2p] [\#2857](https://github.com/tendermint/tendermint/issues/2857) "Send failed" is logged at debug level instead of error. 1863 - [rpc] [\#2780](https://github.com/tendermint/tendermint/issues/2780) Add read and write timeouts to HTTP servers 1864 - [state] [\#2848](https://github.com/tendermint/tendermint/issues/2848) Make "Update to validators" msg value pretty (@danil-lashin) 1865 1866 ### BUG FIXES: 1867 - [consensus] [\#2819](https://github.com/tendermint/tendermint/issues/2819) Don't send proposalHearbeat if not a validator 1868 - [docs] [\#2859](https://github.com/tendermint/tendermint/issues/2859) Fix ConsensusParams details in spec 1869 - [libs/autofile] [\#2760](https://github.com/tendermint/tendermint/issues/2760) Comment out autofile permissions check - should fix 1870 running Tendermint on Windows 1871 - [p2p] [\#2869](https://github.com/tendermint/tendermint/issues/2869) Set connection config properly instead of always using default 1872 - [p2p/pex] [\#2802](https://github.com/tendermint/tendermint/issues/2802) Seed mode fixes: 1873 - Only disconnect from inbound peers 1874 - Use FlushStop instead of Sleep to ensure all messages are sent before 1875 disconnecting 1876 1877 ## v0.26.2 1878 1879 *November 15th, 2018* 1880 1881 Special thanks to external contributors on this release: @hleb-albau, @zhuzeyu 1882 1883 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1884 1885 ### FEATURES: 1886 1887 - [rpc] [\#2582](https://github.com/tendermint/tendermint/issues/2582) Enable CORS on RPC API (@hleb-albau) 1888 1889 ### BUG FIXES: 1890 1891 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Unlock mutex in localClient so even when app panics (e.g. during CheckTx), consensus continue working 1892 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Fix DATA RACE in localClient 1893 - [amino] [\#2822](https://github.com/tendermint/tendermint/issues/2822) Update to v0.14.1 to support compiling on 32-bit platforms 1894 - [rpc] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Drain channel before calling Unsubscribe(All) in `/broadcast_tx_commit` 1895 1896 ## v0.26.1 1897 1898 *November 11, 2018* 1899 1900 Special thanks to external contributors on this release: @katakonst 1901 1902 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1903 1904 ### IMPROVEMENTS: 1905 1906 - [consensus] [\#2704](https://github.com/tendermint/tendermint/issues/2704) Simplify valid POL round logic 1907 - [docs] [\#2749](https://github.com/tendermint/tendermint/issues/2749) Deduplicate some ABCI docs 1908 - [mempool] More detailed log messages 1909 - [\#2724](https://github.com/tendermint/tendermint/issues/2724) 1910 - [\#2762](https://github.com/tendermint/tendermint/issues/2762) 1911 1912 ### BUG FIXES: 1913 1914 - [autofile] [\#2703](https://github.com/tendermint/tendermint/issues/2703) Do not panic when checking Head size 1915 - [crypto/merkle] [\#2756](https://github.com/tendermint/tendermint/issues/2756) Fix crypto/merkle ProofOperators.Verify to check bounds on keypath parts. 1916 - [mempool] fix a bug where we create a WAL despite `wal_dir` being empty 1917 - [p2p] [\#2771](https://github.com/tendermint/tendermint/issues/2771) Fix `peer-id` label name to `peer_id` in prometheus metrics 1918 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Fix IDs in peer NodeInfo and require them for addresses 1919 in AddressBook 1920 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Do not close conn immediately after sending pex addrs in seed mode. Partial fix for [\#2092](https://github.com/tendermint/tendermint/issues/2092). 1921 1922 ## v0.26.0 1923 1924 *November 2, 2018* 1925 1926 Special thanks to external contributors on this release: 1927 @bradyjoestar, @connorwstein, @goolAdapter, @HaoyangLiu, 1928 @james-ray, @overbool, @phymbert, @Slamper, @Uzair1995, @yutianwu. 1929 1930 Special thanks to @Slamper for a series of bug reports in our [bug bounty 1931 program](https://hackerone.com/tendermint) which are fixed in this release. 1932 1933 This release is primarily about adding Version fields to various data structures, 1934 optimizing consensus messages for signing and verification in 1935 restricted environments (like HSMs and the Ethereum Virtual Machine), and 1936 aligning the consensus code with the [specification](https://arxiv.org/abs/1807.04938). 1937 It also includes our first take at a generalized merkle proof system, and 1938 changes the length of hashes used for hashing data structures from 20 to 32 1939 bytes. 1940 1941 See the [UPGRADING.md](UPGRADING.md#v0.26.0) for details on upgrading to the new 1942 version. 1943 1944 Please note that we are still making breaking changes to the protocols. 1945 While the new Version fields should help us to keep the software backwards compatible 1946 even while upgrading the protocols, we cannot guarantee that new releases will 1947 be compatible with old chains just yet. We expect there will be another breaking 1948 release or two before the Cosmos Hub launch, but we will otherwise be paying 1949 increasing attention to backwards compatibility. Thanks for bearing with us! 1950 1951 ### BREAKING CHANGES: 1952 1953 * CLI/RPC/Config 1954 * [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are now strings like "3s" and "100ms", not ints 1955 * [config] [\#2505](https://github.com/tendermint/tendermint/issues/2505) Remove Mempool.RecheckEmpty (it was effectively useless anyways) 1956 * [config] [\#2490](https://github.com/tendermint/tendermint/issues/2490) `mempool.wal` is disabled by default 1957 * [privval] [\#2459](https://github.com/tendermint/tendermint/issues/2459) Split `SocketPVMsg`s implementations into Request and Response, where the Response may contain a error message (returned by the remote signer) 1958 * [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version field to State, breaking the format of State as 1959 encoded on disk. 1960 * [rpc] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `/abci_query` takes `prove` argument instead of `trusted` and switches the default 1961 behaviour to `prove=false` 1962 * [rpc] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Remove all `node_info.other.*_version` fields in `/status` and 1963 `/net_info` 1964 * [rpc] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Remove 1965 `_params` suffix from fields in `consensus_params`. 1966 1967 * Apps 1968 * [abci] [\#2298](https://github.com/tendermint/tendermint/issues/2298) ResponseQuery.Proof is now a structured merkle.Proof, not just 1969 arbitrary bytes 1970 * [abci] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version to Header and shift all fields by one 1971 * [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Bump the field numbers for some `ResponseInfo` fields to make room for 1972 `AppVersion` 1973 * [abci] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Updates to ConsensusParams 1974 * Remove `Params` suffix from field names 1975 * Add `Params` suffix to message types 1976 * Add new field and type, `Validator ValidatorParams`, to control what types of validator keys are allowed. 1977 1978 * Go API 1979 * [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are time.Duration, not ints 1980 * [crypto/merkle & lite] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Various changes to accomodate General Merkle trees 1981 * [crypto/merkle] [\#2595](https://github.com/tendermint/tendermint/issues/2595) Remove all Hasher objects in favor of byte slices 1982 * [crypto/merkle] [\#2635](https://github.com/tendermint/tendermint/issues/2635) merkle.SimpleHashFromTwoHashes is no longer exported 1983 * [node] [\#2479](https://github.com/tendermint/tendermint/issues/2479) Remove node.RunForever 1984 * [rpc/client] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `ABCIQueryOptions.Trusted` -> `ABCIQueryOptions.Prove` 1985 * [types] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Remove `Index` and `Total` fields from `TxProof`. 1986 * [types] [\#2598](https://github.com/tendermint/tendermint/issues/2598) 1987 `VoteTypeXxx` are now of type `SignedMsgType byte` and named `XxxType`, eg. 1988 `PrevoteType`, `PrecommitType`. 1989 * [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Rename fields in ConsensusParams to remove `Params` suffixes 1990 * [types] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify Proposal message to align with spec 1991 1992 * Blockchain Protocol 1993 * [crypto/tmhash] [\#2732](https://github.com/tendermint/tendermint/issues/2732) TMHASH is now full 32-byte SHA256 1994 * All hashes in the block header and Merkle trees are now 32-bytes 1995 * PubKey Addresses are still only 20-bytes 1996 * [state] [\#2587](https://github.com/tendermint/tendermint/issues/2587) Require block.Time of the fist block to be genesis time 1997 * [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Require block.Version to match state.Version 1998 * [types] Update SignBytes for `Vote`/`Proposal`/`Heartbeat`: 1999 * [\#2459](https://github.com/tendermint/tendermint/issues/2459) Use amino encoding instead of JSON in `SignBytes`. 2000 * [\#2598](https://github.com/tendermint/tendermint/issues/2598) Reorder fields and use fixed sized encoding. 2001 * [\#2598](https://github.com/tendermint/tendermint/issues/2598) Change `Type` field from `string` to `byte` and use new 2002 `SignedMsgType` to enumerate. 2003 * [types] [\#2730](https://github.com/tendermint/tendermint/issues/2730) Use 2004 same order for fields in `Vote` as in the SignBytes 2005 * [types] [\#2732](https://github.com/tendermint/tendermint/issues/2732) Remove the address field from the validator hash 2006 * [types] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version struct to Header 2007 * [types] [\#2609](https://github.com/tendermint/tendermint/issues/2609) ConsensusParams.Hash() is the hash of the amino encoded 2008 struct instead of the Merkle tree of the fields 2009 * [types] [\#2670](https://github.com/tendermint/tendermint/issues/2670) Header.Hash() builds Merkle tree out of fields in the same 2010 order they appear in the header, instead of sorting by field name 2011 * [types] [\#2682](https://github.com/tendermint/tendermint/issues/2682) Use proto3 `varint` encoding for ints that are usually unsigned (instead of zigzag encoding). 2012 * [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Add Validator field to ConsensusParams 2013 (Used to control which pubkey types validators can use, by abci type). 2014 2015 * P2P Protocol 2016 * [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) 2017 Replace `CommitStepMessage` with `NewValidBlockMessage` 2018 * [consensus] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify `Proposal` message to align with spec 2019 * [consensus] [\#2730](https://github.com/tendermint/tendermint/issues/2730) 2020 Add `Type` field to `Proposal` and use same order of fields as in the 2021 SignBytes for both `Proposal` and `Vote` 2022 * [p2p] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Add `ProtocolVersion` struct with protocol versions to top of 2023 DefaultNodeInfo and require `ProtocolVersion.Block` to match during peer handshake 2024 2025 2026 ### FEATURES: 2027 - [abci] [\#2557](https://github.com/tendermint/tendermint/issues/2557) Add `Codespace` field to `Response{CheckTx, DeliverTx, Query}` 2028 - [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Add `BlockVersion` and `P2PVersion` to `RequestInfo` 2029 - [crypto/merkle] [\#2298](https://github.com/tendermint/tendermint/issues/2298) General Merkle Proof scheme for chaining various types of Merkle trees together 2030 - [docs/architecture] [\#1181](https://github.com/tendermint/tendermint/issues/1181) S 2031 plit immutable and mutable parts of priv_validator.json 2032 2033 ### IMPROVEMENTS: 2034 - Additional Metrics 2035 - [consensus] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2036 - [p2p] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2037 - [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Added ValidateBasic method, which performs basic checks 2038 - [crypto/ed25519] [\#2558](https://github.com/tendermint/tendermint/issues/2558) Switch to use latest `golang.org/x/crypto` through our fork at 2039 github.com/tendermint/crypto 2040 - [libs/log] [\#2707](https://github.com/tendermint/tendermint/issues/2707) Add year to log format (@yutianwu) 2041 - [tools] [\#2238](https://github.com/tendermint/tendermint/issues/2238) Binary dependencies are now locked to a specific git commit 2042 2043 ### BUG FIXES: 2044 - [\#2711](https://github.com/tendermint/tendermint/issues/2711) Validate all incoming reactor messages. Fixes various bugs due to negative ints. 2045 - [autofile] [\#2428](https://github.com/tendermint/tendermint/issues/2428) Group.RotateFile need call Flush() before rename (@goolAdapter) 2046 - [common] [\#2533](https://github.com/tendermint/tendermint/issues/2533) Fixed a bug in the `BitArray.Or` method 2047 - [common] [\#2506](https://github.com/tendermint/tendermint/issues/2506) Fixed a bug in the `BitArray.Sub` method (@james-ray) 2048 - [common] [\#2534](https://github.com/tendermint/tendermint/issues/2534) Fix `BitArray.PickRandom` to choose uniformly from true bits 2049 - [consensus] [\#1690](https://github.com/tendermint/tendermint/issues/1690) Wait for 2050 timeoutPrecommit before starting next round 2051 - [consensus] [\#1745](https://github.com/tendermint/tendermint/issues/1745) Wait for 2052 Proposal or timeoutProposal before entering prevote 2053 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Only propose ValidBlock, not LockedBlock 2054 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Initialized ValidRound and LockedRound to -1 2055 - [consensus] [\#1637](https://github.com/tendermint/tendermint/issues/1637) Limit the amount of evidence that can be included in a 2056 block 2057 - [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) Ensure valid block property with faulty proposer 2058 - [evidence] [\#2515](https://github.com/tendermint/tendermint/issues/2515) Fix db iter leak (@goolAdapter) 2059 - [libs/event] [\#2518](https://github.com/tendermint/tendermint/issues/2518) Fix event concurrency flaw (@goolAdapter) 2060 - [node] [\#2434](https://github.com/tendermint/tendermint/issues/2434) Make node respond to signal interrupts while sleeping for genesis time 2061 - [state] [\#2616](https://github.com/tendermint/tendermint/issues/2616) Pass nil to NewValidatorSet() when genesis file's Validators field is nil 2062 - [p2p] [\#2555](https://github.com/tendermint/tendermint/issues/2555) Fix p2p switch FlushThrottle value (@goolAdapter) 2063 - [p2p] [\#2668](https://github.com/tendermint/tendermint/issues/2668) Reconnect to originally dialed address (not self-reported address) for persistent peers 2064 2065 ## v0.25.0 2066 2067 *September 22, 2018* 2068 2069 Special thanks to external contributors on this release: 2070 @scriptionist, @bradyjoestar, @WALL-E 2071 2072 This release is mostly about the ConsensusParams - removing fields and enforcing MaxGas. 2073 It also addresses some issues found via security audit, removes various unused 2074 functions from `libs/common`, and implements 2075 [ADR-012](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-012-peer-transport.md). 2076 2077 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 2078 2079 BREAKING CHANGES: 2080 2081 * CLI/RPC/Config 2082 * [rpc] [\#2391](https://github.com/tendermint/tendermint/issues/2391) /status `result.node_info.other` became a map 2083 * [types] [\#2364](https://github.com/tendermint/tendermint/issues/2364) Remove `TxSize` and `BlockGossip` from `ConsensusParams` 2084 * Maximum tx size is now set implicitly via the `BlockSize.MaxBytes` 2085 * The size of block parts in the consensus is now fixed to 64kB 2086 2087 * Apps 2088 * [mempool] [\#2360](https://github.com/tendermint/tendermint/issues/2360) Mempool tracks the `ResponseCheckTx.GasWanted` and 2089 `ConsensusParams.BlockSize.MaxGas` and enforces: 2090 - `GasWanted <= MaxGas` for every tx 2091 - `(sum of GasWanted in block) <= MaxGas` for block proposal 2092 2093 * Go API 2094 * [libs/common] [\#2431](https://github.com/tendermint/tendermint/issues/2431) Remove Word256 due to lack of use 2095 * [libs/common] [\#2452](https://github.com/tendermint/tendermint/issues/2452) Remove the following functions due to lack of use: 2096 * byteslice.go: cmn.IsZeros, cmn.RightPadBytes, cmn.LeftPadBytes, cmn.PrefixEndBytes 2097 * strings.go: cmn.IsHex, cmn.StripHex 2098 * int.go: Uint64Slice, all put/get int64 methods 2099 2100 FEATURES: 2101 - [rpc] [\#2415](https://github.com/tendermint/tendermint/issues/2415) New `/consensus_params?height=X` endpoint to query the consensus 2102 params at any height (@scriptonist) 2103 - [types] [\#1714](https://github.com/tendermint/tendermint/issues/1714) Add Address to GenesisValidator 2104 - [metrics] [\#2337](https://github.com/tendermint/tendermint/issues/2337) `consensus.block_interval_metrics` is now gauge, not histogram (you will be able to see spikes, if any) 2105 - [libs] [\#2286](https://github.com/tendermint/tendermint/issues/2286) Panic if `autofile` or `db/fsdb` permissions change from 0600. 2106 2107 IMPROVEMENTS: 2108 - [libs/db] [\#2371](https://github.com/tendermint/tendermint/issues/2371) Output error instead of panic when the given `db_backend` is not initialised (@bradyjoestar) 2109 - [mempool] [\#2399](https://github.com/tendermint/tendermint/issues/2399) Make mempool cache a proper LRU (@bradyjoestar) 2110 - [p2p] [\#2126](https://github.com/tendermint/tendermint/issues/2126) Introduce PeerTransport interface to improve isolation of concerns 2111 - [libs/common] [\#2326](https://github.com/tendermint/tendermint/issues/2326) Service returns ErrNotStarted 2112 2113 BUG FIXES: 2114 - [node] [\#2294](https://github.com/tendermint/tendermint/issues/2294) Delay starting node until Genesis time 2115 - [consensus] [\#2048](https://github.com/tendermint/tendermint/issues/2048) Correct peer statistics for marking peer as good 2116 - [rpc] [\#2460](https://github.com/tendermint/tendermint/issues/2460) StartHTTPAndTLSServer() now passes StartTLS() errors back to the caller rather than hanging forever. 2117 - [p2p] [\#2047](https://github.com/tendermint/tendermint/issues/2047) Accept new connections asynchronously 2118 - [tm-bench] [\#2410](https://github.com/tendermint/tendermint/issues/2410) Enforce minimum transaction size (@WALL-E) 2119 2120 ## 0.24.0 2121 2122 *September 6th, 2018* 2123 2124 Special thanks to external contributors with PRs included in this release: ackratos, james-ray, bradyjoestar, 2125 peerlink, Ahmah2009, bluele, b00f. 2126 2127 This release includes breaking upgrades in the block header, 2128 including the long awaited changes for delaying validator set updates by one 2129 block to better support light clients. 2130 It also fixes enforcement on the maximum size of blocks, and includes a BFT 2131 timestamp in each block that can be safely used by applications. 2132 There are also some minor breaking changes to the rpc, config, and ABCI. 2133 2134 See the [UPGRADING.md](UPGRADING.md#v0.24.0) for details on upgrading to the new 2135 version. 2136 2137 From here on, breaking changes will be broken down to better reflect how users 2138 are affected by a change. 2139 2140 A few more breaking changes are in the works - each will come with a clear 2141 Architecture Decision Record (ADR) explaining the change. You can review ADRs 2142 [here](https://github.com/tendermint/tendermint/tree/develop/docs/architecture) 2143 or in the [open Pull Requests](https://github.com/tendermint/tendermint/pulls). 2144 You can also check in on the [issues marked as 2145 breaking](https://github.com/tendermint/tendermint/issues?q=is%3Aopen+is%3Aissue+label%3Abreaking). 2146 2147 BREAKING CHANGES: 2148 2149 * CLI/RPC/Config 2150 - [config] [\#2169](https://github.com/tendermint/tendermint/issues/2169) Replace MaxNumPeers with MaxNumInboundPeers and MaxNumOutboundPeers 2151 - [config] [\#2300](https://github.com/tendermint/tendermint/issues/2300) Reduce default mempool size from 100k to 5k, until ABCI rechecking is implemented. 2152 - [rpc] [\#1815](https://github.com/tendermint/tendermint/issues/1815) `/commit` returns a `signed_header` field instead of everything being top-level 2153 2154 * Apps 2155 - [abci] Added address of the original proposer of the block to Header 2156 - [abci] Change ABCI Header to match Tendermint exactly 2157 - [abci] [\#2159](https://github.com/tendermint/tendermint/issues/2159) Update use of `Validator` (see 2158 [ADR-018](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-018-ABCI-Validators.md)): 2159 - Remove PubKey from `Validator` (so it's just Address and Power) 2160 - Introduce `ValidatorUpdate` (with just PubKey and Power) 2161 - InitChain and EndBlock use ValidatorUpdate 2162 - Update field names and types in BeginBlock 2163 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block 2164 - updates returned in ResponseEndBlock for block H will be included in RequestBeginBlock for block H+2 2165 2166 * Go API 2167 - [lite] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Complete refactor of the package 2168 - [node] [\#2212](https://github.com/tendermint/tendermint/issues/2212) NewNode now accepts a `*p2p.NodeKey` (@bradyjoestar) 2169 - [libs/common] [\#2199](https://github.com/tendermint/tendermint/issues/2199) Remove Fmt, in favor of fmt.Sprintf 2170 - [libs/common] SplitAndTrim was deleted 2171 - [libs/common] [\#2274](https://github.com/tendermint/tendermint/issues/2274) Remove unused Math functions like MaxInt, MaxInt64, 2172 MinInt, MinInt64 (@Ahmah2009) 2173 - [libs/clist] Panics if list extends beyond MaxLength 2174 - [crypto] [\#2205](https://github.com/tendermint/tendermint/issues/2205) Rename AminoRoute variables to no longer be prefixed by signature type. 2175 2176 * Blockchain Protocol 2177 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block (!) 2178 - Add NextValidatorSet to State, changes on-disk representation of state 2179 - [state] [\#2184](https://github.com/tendermint/tendermint/issues/2184) Enforce ConsensusParams.BlockSize.MaxBytes (See 2180 [ADR-020](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-020-block-size.md)). 2181 - Remove ConsensusParams.BlockSize.MaxTxs 2182 - Introduce maximum sizes for all components of a block, including ChainID 2183 - [types] Updates to the block Header: 2184 - [\#1815](https://github.com/tendermint/tendermint/issues/1815) NextValidatorsHash - hash of the validator set for the next block, 2185 so the current validators actually sign over the hash for the new 2186 validators 2187 - [\#2106](https://github.com/tendermint/tendermint/issues/2106) ProposerAddress - address of the block's original proposer 2188 - [consensus] [\#2203](https://github.com/tendermint/tendermint/issues/2203) Implement BFT time 2189 - Timestamp in block must be monotonic and equal the median of timestamps in block's LastCommit 2190 - [crypto] [\#2239](https://github.com/tendermint/tendermint/issues/2239) Secp256k1 signature changes (See 2191 [ADR-014](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-014-secp-malleability.md)): 2192 - format changed from DER to `r || s`, both little endian encoded as 32 bytes. 2193 - malleability removed by requiring `s` to be in canonical form. 2194 2195 * P2P Protocol 2196 - [p2p] [\#2263](https://github.com/tendermint/tendermint/issues/2263) Update secret connection to use a little endian encoded nonce 2197 - [blockchain] [\#2213](https://github.com/tendermint/tendermint/issues/2213) Fix Amino routes for blockchain reactor messages 2198 (@peerlink) 2199 2200 2201 FEATURES: 2202 - [types] [\#2015](https://github.com/tendermint/tendermint/issues/2015) Allow genesis file to have 0 validators (@b00f) 2203 - Initial validator set can be determined by the app in ResponseInitChain 2204 - [rpc] [\#2161](https://github.com/tendermint/tendermint/issues/2161) New event `ValidatorSetUpdates` for when the validator set changes 2205 - [crypto/multisig] [\#2164](https://github.com/tendermint/tendermint/issues/2164) Introduce multisig pubkey and signature format 2206 - [libs/db] [\#2293](https://github.com/tendermint/tendermint/issues/2293) Allow passing options through when creating instances of leveldb dbs 2207 2208 IMPROVEMENTS: 2209 - [docs] Lint documentation with `write-good` and `stop-words`. 2210 - [docs] [\#2249](https://github.com/tendermint/tendermint/issues/2249) Refactor, deduplicate, and improve the ABCI docs and spec (with thanks to @ttmc). 2211 - [scripts] [\#2196](https://github.com/tendermint/tendermint/issues/2196) Added json2wal tool, which is supposed to help our users restore (@bradyjoestar) 2212 corrupted WAL files and compose test WAL files (@bradyjoestar) 2213 - [mempool] [\#2234](https://github.com/tendermint/tendermint/issues/2234) Now stores txs by hash inside of the cache, to mitigate memory leakage 2214 - [mempool] [\#2166](https://github.com/tendermint/tendermint/issues/2166) Set explicit capacity for map when updating txs (@bluele) 2215 2216 BUG FIXES: 2217 - [config] [\#2284](https://github.com/tendermint/tendermint/issues/2284) Replace `db_path` with `db_dir` from automatically generated configuration files. 2218 - [mempool] [\#2188](https://github.com/tendermint/tendermint/issues/2188) Fix OOM issue from cache map and list getting out of sync 2219 - [state] [\#2051](https://github.com/tendermint/tendermint/issues/2051) KV store index supports searching by `tx.height` (@ackratos) 2220 - [rpc] [\#2327](https://github.com/tendermint/tendermint/issues/2327) `/dial_peers` does not try to dial existing peers 2221 - [node] [\#2323](https://github.com/tendermint/tendermint/issues/2323) Filter empty strings from config lists (@james-ray) 2222 - [abci/client] [\#2236](https://github.com/tendermint/tendermint/issues/2236) Fix closing GRPC connection (@bradyjoestar) 2223 2224 ## 0.23.1 2225 2226 *August 22nd, 2018* 2227 2228 BUG FIXES: 2229 - [libs/autofile] [\#2261](https://github.com/tendermint/tendermint/issues/2261) Fix log rotation so it actually happens. 2230 - Fixes issues with consensus WAL growing unbounded ala [\#2259](https://github.com/tendermint/tendermint/issues/2259) 2231 2232 ## 0.23.0 2233 2234 *August 5th, 2018* 2235 2236 This release includes breaking upgrades in our P2P encryption, 2237 some ABCI messages, and how we encode time and signatures. 2238 2239 A few more changes are still coming to the Header, ABCI, 2240 and validator set handling to better support light clients, BFT time, and 2241 upgrades. Most notably, validator set changes will be delayed by one block (see 2242 [#1815][i1815]). 2243 2244 We also removed `make ensure_deps` in favour of `make get_vendor_deps`. 2245 2246 BREAKING CHANGES: 2247 - [abci] Changed time format from int64 to google.protobuf.Timestamp 2248 - [abci] Changed Validators to LastCommitInfo in RequestBeginBlock 2249 - [abci] Removed Fee from ResponseDeliverTx and ResponseCheckTx 2250 - [crypto] Switch crypto.Signature from interface to []byte for space efficiency 2251 [#2128](https://github.com/tendermint/tendermint/pull/2128) 2252 - NOTE: this means signatures no longer have the prefix bytes in Amino 2253 binary nor the `type` field in Amino JSON. They're just bytes. 2254 - [p2p] Remove salsa and ripemd primitives, in favor of using chacha as a stream cipher, and hkdf [#2054](https://github.com/tendermint/tendermint/pull/2054) 2255 - [tools] Removed `make ensure_deps` in favor of `make get_vendor_deps` 2256 - [types] CanonicalTime uses nanoseconds instead of clipping to ms 2257 - breaks serialization/signing of all messages with a timestamp 2258 2259 FEATURES: 2260 - [tools] Added `make check_dep` 2261 - ensures gopkg.lock is synced with gopkg.toml 2262 - ensures no branches are used in the gopkg.toml 2263 2264 IMPROVEMENTS: 2265 - [blockchain] Improve fast-sync logic 2266 [#1805](https://github.com/tendermint/tendermint/pull/1805) 2267 - tweak params 2268 - only process one block at a time to avoid starving 2269 - [common] bit array functions which take in another parameter are now thread safe 2270 - [crypto] Switch hkdfchachapoly1305 to xchachapoly1305 2271 - [p2p] begin connecting to peers as soon a seed node provides them to you ([#2093](https://github.com/tendermint/tendermint/issues/2093)) 2272 2273 BUG FIXES: 2274 - [common] Safely handle cases where atomic write files already exist [#2109](https://github.com/tendermint/tendermint/issues/2109) 2275 - [privval] fix a deadline for accepting new connections in socket private 2276 validator. 2277 - [p2p] Allow startup if a configured seed node's IP can't be resolved ([#1716](https://github.com/tendermint/tendermint/issues/1716)) 2278 - [node] Fully exit when CTRL-C is pressed even if consensus state panics [#2072](https://github.com/tendermint/tendermint/issues/2072) 2279 2280 [i1815]: https://github.com/tendermint/tendermint/pull/1815 2281 2282 ## 0.22.8 2283 2284 *July 26th, 2018* 2285 2286 BUG FIXES 2287 2288 - [consensus, blockchain] Fix 0.22.7 below. 2289 2290 ## 0.22.7 2291 2292 *July 26th, 2018* 2293 2294 BUG FIXES 2295 2296 - [consensus, blockchain] Register the Evidence interface so it can be 2297 marshalled/unmarshalled by the blockchain and consensus reactors 2298 2299 ## 0.22.6 2300 2301 *July 24th, 2018* 2302 2303 BUG FIXES 2304 2305 - [rpc] Fix `/blockchain` endpoint 2306 - (#2049) Fix OOM attack by returning error on negative input 2307 - Fix result length to have max 20 (instead of 21) block metas 2308 - [rpc] Validate height is non-negative in `/abci_query` 2309 - [consensus] (#2050) Include evidence in proposal block parts (previously evidence was 2310 not being included in blocks!) 2311 - [p2p] (#2046) Close rejected inbound connections so file descriptor doesn't 2312 leak 2313 - [Gopkg] (#2053) Fix versions in the toml 2314 2315 ## 0.22.5 2316 2317 *July 23th, 2018* 2318 2319 BREAKING CHANGES: 2320 - [crypto] Refactor `tendermint/crypto` into many subpackages 2321 - [libs/common] remove exponentially distributed random numbers 2322 2323 IMPROVEMENTS: 2324 - [abci, libs/common] Generated gogoproto static marshaller methods 2325 - [config] Increase default send/recv rates to 5 mB/s 2326 - [p2p] reject addresses coming from private peers 2327 - [p2p] allow persistent peers to be private 2328 2329 BUG FIXES: 2330 - [mempool] fixed a race condition when `create_empty_blocks=false` where a 2331 transaction is published at an old height. 2332 - [p2p] dial external IP setup by `persistent_peers`, not internal NAT IP 2333 - [rpc] make `/status` RPC endpoint resistant to consensus halt 2334 2335 ## 0.22.4 2336 2337 *July 14th, 2018* 2338 2339 BREAKING CHANGES: 2340 - [genesis] removed deprecated `app_options` field. 2341 - [types] Genesis.AppStateJSON -> Genesis.AppState 2342 2343 FEATURES: 2344 - [tools] Merged in from github.com/tendermint/tools 2345 2346 BUG FIXES: 2347 - [tools/tm-bench] Various fixes 2348 - [consensus] Wait for WAL to stop on shutdown 2349 - [abci] Fix #1891, pending requests cannot hang when abci server dies. 2350 Previously a crash in BeginBlock could leave tendermint in broken state. 2351 2352 ## 0.22.3 2353 2354 *July 10th, 2018* 2355 2356 IMPROVEMENTS 2357 - Update dependencies 2358 * pin all values in Gopkg.toml to version or commit 2359 * update golang/protobuf to v1.1.0 2360 2361 ## 0.22.2 2362 2363 *July 10th, 2018* 2364 2365 IMPROVEMENTS 2366 - More cleanup post repo merge! 2367 - [docs] Include `ecosystem.json` and `tendermint-bft.md` from deprecated `aib-data` repository. 2368 - [config] Add `instrumentation.max_open_connections`, which limits the number 2369 of requests in flight to Prometheus server (if enabled). Default: 3. 2370 2371 2372 BUG FIXES 2373 - [rpc] Allow unquoted integers in requests 2374 - NOTE: this is only for URI requests. JSONRPC requests and all responses 2375 will use quoted integers (the proto3 JSON standard). 2376 - [consensus] Fix halt on shutdown 2377 2378 ## 0.22.1 2379 2380 *July 5th, 2018* 2381 2382 IMPROVEMENTS 2383 2384 * Cleanup post repo-merge. 2385 * [docs] Various improvements. 2386 2387 BUG FIXES 2388 2389 * [state] Return error when EndBlock returns a 0-power validator that isn't 2390 already in the validator set. 2391 * [consensus] Shut down WAL properly. 2392 2393 2394 ## 0.22.0 2395 2396 *July 2nd, 2018* 2397 2398 BREAKING CHANGES: 2399 - [config] 2400 * Remove `max_block_size_txs` and `max_block_size_bytes` in favor of 2401 consensus params from the genesis file. 2402 * Rename `skip_upnp` to `upnp`, and turn it off by default. 2403 * Change `max_packet_msg_size` back to `max_packet_msg_payload_size` 2404 - [rpc] 2405 * All integers are encoded as strings (part of the update for Amino v0.10.1) 2406 * `syncing` is now called `catching_up` 2407 - [types] Update Amino to v0.10.1 2408 * Amino is now fully proto3 compatible for the basic types 2409 * JSON-encoded types now use the type name instead of the prefix bytes 2410 * Integers are encoded as strings 2411 - [crypto] Update go-crypto to v0.10.0 and merge into `crypto` 2412 * privKey.Sign returns error. 2413 * ed25519 address changed to the first 20-bytes of the SHA256 of the raw pubkey bytes 2414 * `tmlibs/merkle` -> `crypto/merkle`. Uses SHA256 instead of RIPEMD160 2415 - [tmlibs] Update to v0.9.0 and merge into `libs` 2416 * remove `merkle` package (moved to `crypto/merkle`) 2417 2418 FEATURES 2419 - [cmd] Added metrics (served under `/metrics` using a Prometheus client; 2420 disabled by default). See the new `instrumentation` section in the config and 2421 [metrics](https://tendermint.readthedocs.io/projects/tools/en/develop/metrics.html) 2422 guide. 2423 - [p2p] Add IPv6 support to peering. 2424 - [p2p] Add `external_address` to config to allow specifying the address for 2425 peers to dial 2426 2427 IMPROVEMENT 2428 - [rpc/client] Supports https and wss now. 2429 - [crypto] Make public key size into public constants 2430 - [mempool] Log tx hash, not entire tx 2431 - [abci] Merged in github.com/tendermint/abci 2432 - [crypto] Merged in github.com/tendermint/go-crypto 2433 - [libs] Merged in github.com/tendermint/tmlibs 2434 - [docs] Move from .rst to .md 2435 2436 BUG FIXES: 2437 - [rpc] Limit maximum number of HTTP/WebSocket connections 2438 (`rpc.max_open_connections`) and gRPC connections 2439 (`rpc.grpc_max_open_connections`). Check out "Running In Production" guide if 2440 you want to increase them. 2441 - [rpc] Limit maximum request body size to 1MB (header is limited to 1MB). 2442 - [consensus] Fix a halting bug where `create_empty_blocks=false` 2443 - [p2p] Fix panic in seed mode 2444 2445 ## 0.21.0 2446 2447 *June 21th, 2018* 2448 2449 BREAKING CHANGES 2450 2451 - [config] Change default ports from 4665X to 2665X. Ports over 32768 are 2452 ephemeral and reserved for use by the kernel. 2453 - [cmd] `unsafe_reset_all` removes the addrbook.json 2454 2455 IMPROVEMENT 2456 2457 - [pubsub] Set default capacity to 0 2458 - [docs] Various improvements 2459 2460 BUG FIXES 2461 2462 - [consensus] Fix an issue where we don't make blocks after `fast_sync` when `create_empty_blocks=false` 2463 - [mempool] Fix #1761 where we don't process txs if `cache_size=0` 2464 - [rpc] Fix memory leak in Websocket (when using `/subscribe` method) 2465 - [config] Escape paths in config - fixes config paths on Windows 2466 2467 ## 0.20.0 2468 2469 *June 6th, 2018* 2470 2471 This is the first in a series of breaking releases coming to Tendermint after 2472 soliciting developer feedback and conducting security audits. 2473 2474 This release does not break any blockchain data structures or 2475 protocols other than the ABCI messages between Tendermint and the application. 2476 2477 Applications that upgrade for ABCI v0.11.0 should be able to continue running Tendermint 2478 v0.20.0 on blockchains created with v0.19.X 2479 2480 BREAKING CHANGES 2481 2482 - [abci] Upgrade to 2483 [v0.11.0](https://github.com/tendermint/abci/blob/master/CHANGELOG.md#0110) 2484 - [abci] Change Query path for filtering peers by node ID from 2485 `p2p/filter/pubkey/<id>` to `p2p/filter/id/<id>` 2486 2487 ## 0.19.9 2488 2489 *June 5th, 2018* 2490 2491 BREAKING CHANGES 2492 2493 - [types/priv_validator] Moved to top level `privval` package 2494 2495 FEATURES 2496 2497 - [config] Collapse PeerConfig into P2PConfig 2498 - [docs] Add quick-install script 2499 - [docs/spec] Add table of Amino prefixes 2500 2501 BUG FIXES 2502 2503 - [rpc] Return 404 for unknown endpoints 2504 - [consensus] Flush WAL on stop 2505 - [evidence] Don't send evidence to peers that are behind 2506 - [p2p] Fix memory leak on peer disconnects 2507 - [rpc] Fix panic when `per_page=0` 2508 2509 ## 0.19.8 2510 2511 *June 4th, 2018* 2512 2513 BREAKING: 2514 2515 - [p2p] Remove `auth_enc` config option, peer connections are always auth 2516 encrypted. Technically a breaking change but seems no one was using it and 2517 arguably a bug fix :) 2518 2519 BUG FIXES 2520 2521 - [mempool] Fix deadlock under high load when `skip_timeout_commit=true` and 2522 `create_empty_blocks=false` 2523 2524 ## 0.19.7 2525 2526 *May 31st, 2018* 2527 2528 BREAKING: 2529 2530 - [libs/pubsub] TagMap#Get returns a string value 2531 - [libs/pubsub] NewTagMap accepts a map of strings 2532 2533 FEATURES 2534 2535 - [rpc] the RPC documentation is now published to https://tendermint.github.io/slate 2536 - [p2p] AllowDuplicateIP config option to refuse connections from same IP. 2537 - true by default for now, false by default in next breaking release 2538 - [docs] Add docs for query, tx indexing, events, pubsub 2539 - [docs] Add some notes about running Tendermint in production 2540 2541 IMPROVEMENTS: 2542 2543 - [consensus] Consensus reactor now receives events from a separate synchronous event bus, 2544 which is not dependant on external RPC load 2545 - [consensus/wal] do not look for height in older files if we've seen height - 1 2546 - [docs] Various cleanup and link fixes 2547 2548 ## 0.19.6 2549 2550 *May 29th, 2018* 2551 2552 BUG FIXES 2553 2554 - [blockchain] Fix fast-sync deadlock during high peer turnover 2555 2556 BUG FIX: 2557 2558 - [evidence] Dont send peers evidence from heights they haven't synced to yet 2559 - [p2p] Refuse connections to more than one peer with the same IP 2560 - [docs] Various fixes 2561 2562 ## 0.19.5 2563 2564 *May 20th, 2018* 2565 2566 BREAKING CHANGES 2567 2568 - [rpc/client] TxSearch and UnconfirmedTxs have new arguments (see below) 2569 - [rpc/client] TxSearch returns ResultTxSearch 2570 - [version] Breaking changes to Go APIs will not be reflected in breaking 2571 version change, but will be included in changelog. 2572 2573 FEATURES 2574 2575 - [rpc] `/tx_search` takes `page` (starts at 1) and `per_page` (max 100, default 30) args to paginate results 2576 - [rpc] `/unconfirmed_txs` takes `limit` (max 100, default 30) arg to limit the output 2577 - [config] `mempool.size` and `mempool.cache_size` options 2578 2579 IMPROVEMENTS 2580 2581 - [docs] Lots of updates 2582 - [consensus] Only Fsync() the WAL before executing msgs from ourselves 2583 2584 BUG FIXES 2585 2586 - [mempool] Enforce upper bound on number of transactions 2587 2588 ## 0.19.4 (May 17th, 2018) 2589 2590 IMPROVEMENTS 2591 2592 - [state] Improve tx indexing by using batches 2593 - [consensus, state] Improve logging (more consensus logs, fewer tx logs) 2594 - [spec] Moved to `docs/spec` (TODO cleanup the rest of the docs ...) 2595 2596 BUG FIXES 2597 2598 - [consensus] Fix issue #1575 where a late proposer can get stuck 2599 2600 ## 0.19.3 (May 14th, 2018) 2601 2602 FEATURES 2603 2604 - [rpc] New `/consensus_state` returns just the votes seen at the current height 2605 2606 IMPROVEMENTS 2607 2608 - [rpc] Add stringified votes and fraction of power voted to `/dump_consensus_state` 2609 - [rpc] Add PeerStateStats to `/dump_consensus_state` 2610 2611 BUG FIXES 2612 2613 - [cmd] Set GenesisTime during `tendermint init` 2614 - [consensus] fix ValidBlock rules 2615 2616 ## 0.19.2 (April 30th, 2018) 2617 2618 FEATURES: 2619 2620 - [p2p] Allow peers with different Minor versions to connect 2621 - [rpc] `/net_info` includes `n_peers` 2622 2623 IMPROVEMENTS: 2624 2625 - [p2p] Various code comments, cleanup, error types 2626 - [p2p] Change some Error logs to Debug 2627 2628 BUG FIXES: 2629 2630 - [p2p] Fix reconnect to persistent peer when first dial fails 2631 - [p2p] Validate NodeInfo.ListenAddr 2632 - [p2p] Only allow (MaxNumPeers - MaxNumOutboundPeers) inbound peers 2633 - [p2p/pex] Limit max msg size to 64kB 2634 - [p2p] Fix panic when pex=false 2635 - [p2p] Allow multiple IPs per ID in AddrBook 2636 - [p2p] Fix before/after bugs in addrbook isBad() 2637 2638 ## 0.19.1 (April 27th, 2018) 2639 2640 Note this release includes some small breaking changes in the RPC and one in the 2641 config that are really bug fixes. v0.19.1 will work with existing chains, and make Tendermint 2642 easier to use and debug. With <3 2643 2644 BREAKING (MINOR) 2645 2646 - [config] Removed `wal_light` setting. If you really needed this, let us know 2647 2648 FEATURES: 2649 2650 - [networks] moved in tooling from devops repo: terraform and ansible scripts for deploying testnets ! 2651 - [cmd] Added `gen_node_key` command 2652 2653 BUG FIXES 2654 2655 Some of these are breaking in the RPC response, but they're really bugs! 2656 2657 - [spec] Document address format and pubkey encoding pre and post Amino 2658 - [rpc] Lower case JSON field names 2659 - [rpc] Fix missing entries, improve, and lower case the fields in `/dump_consensus_state` 2660 - [rpc] Fix NodeInfo.Channels format to hex 2661 - [rpc] Add Validator address to `/status` 2662 - [rpc] Fix `prove` in ABCIQuery 2663 - [cmd] MarshalJSONIndent on init 2664 2665 ## 0.19.0 (April 13th, 2018) 2666 2667 BREAKING: 2668 - [cmd] improved `testnet` command; now it can fill in `persistent_peers` for you in the config file and much more (see `tendermint testnet --help` for details) 2669 - [cmd] `show_node_id` now returns an error if there is no node key 2670 - [rpc]: changed the output format for the `/status` endpoint (see https://godoc.org/github.com/tendermint/tendermint/rpc/core#Status) 2671 2672 Upgrade from go-wire to go-amino. This is a sweeping change that breaks everything that is 2673 serialized to disk or over the network. 2674 2675 See github.com/tendermint/go-amino for details on the new format. 2676 2677 See `scripts/wire2amino.go` for a tool to upgrade 2678 genesis/priv_validator/node_key JSON files. 2679 2680 FEATURES 2681 2682 - [test] docker-compose for local testnet setup (thanks Greg!) 2683 2684 ## 0.18.0 (April 6th, 2018) 2685 2686 BREAKING: 2687 2688 - [types] Merkle tree uses different encoding for varints (see tmlibs v0.8.0) 2689 - [types] ValidtorSet.GetByAddress returns -1 if no validator found 2690 - [p2p] require all addresses come with an ID no matter what 2691 - [rpc] Listening address must contain tcp:// or unix:// prefix 2692 2693 FEATURES: 2694 2695 - [rpc] StartHTTPAndTLSServer (not used yet) 2696 - [rpc] Include validator's voting power in `/status` 2697 - [rpc] `/tx` and `/tx_search` responses now include the transaction hash 2698 - [rpc] Include peer NodeIDs in `/net_info` 2699 2700 IMPROVEMENTS: 2701 - [config] trim whitespace from elements of lists (like `persistent_peers`) 2702 - [rpc] `/tx_search` results are sorted by height 2703 - [p2p] do not try to connect to ourselves (ok, maybe only once) 2704 - [p2p] seeds respond with a bias towards good peers 2705 2706 BUG FIXES: 2707 - [rpc] fix subscribing using an abci.ResponseDeliverTx tag 2708 - [rpc] fix tx_indexers matchRange 2709 - [rpc] fix unsubscribing (see tmlibs v0.8.0) 2710 2711 ## 0.17.1 (March 27th, 2018) 2712 2713 BUG FIXES: 2714 - [types] Actually support `app_state` in genesis as `AppStateJSON` 2715 2716 ## 0.17.0 (March 27th, 2018) 2717 2718 BREAKING: 2719 - [types] WriteSignBytes -> SignBytes 2720 2721 IMPROVEMENTS: 2722 - [all] renamed `dummy` (`persistent_dummy`) to `kvstore` (`persistent_kvstore`) (name "dummy" is deprecated and will not work in the next breaking release) 2723 - [docs] note on determinism (docs/determinism.rst) 2724 - [genesis] `app_options` field is deprecated. please rename it to `app_state` in your genesis file(s). `app_options` will not work in the next breaking release 2725 - [p2p] dial seeds directly without potential peers 2726 - [p2p] exponential backoff for addrs in the address book 2727 - [p2p] mark peer as good if it contributed enough votes or block parts 2728 - [p2p] stop peer if it sends incorrect data, msg to unknown channel, msg we did not expect 2729 - [p2p] when `auth_enc` is true, all dialed peers must have a node ID in their address 2730 - [spec] various improvements 2731 - switched from glide to dep internally for package management 2732 - [wire] prep work for upgrading to new go-wire (which is now called go-amino) 2733 2734 FEATURES: 2735 - [config] exposed `auth_enc` flag to enable/disable encryption 2736 - [config] added the `--p2p.private_peer_ids` flag and `PrivatePeerIDs` config variable (see config for description) 2737 - [rpc] added `/health` endpoint, which returns empty result for now 2738 - [types/priv_validator] new format and socket client, allowing for remote signing 2739 2740 BUG FIXES: 2741 - [consensus] fix liveness bug by introducing ValidBlock mechanism 2742 2743 ## 0.16.0 (February 20th, 2018) 2744 2745 BREAKING CHANGES: 2746 - [config] use $TMHOME/config for all config and json files 2747 - [p2p] old `--p2p.seeds` is now `--p2p.persistent_peers` (persistent peers to which TM will always connect to) 2748 - [p2p] now `--p2p.seeds` only used for getting addresses (if addrbook is empty; not persistent) 2749 - [p2p] NodeInfo: remove RemoteAddr and add Channels 2750 - we must have at least one overlapping channel with peer 2751 - we only send msgs for channels the peer advertised 2752 - [p2p/conn] pong timeout 2753 - [lite] comment out IAVL related code 2754 2755 FEATURES: 2756 - [p2p] added new `/dial_peers&persistent=_` **unsafe** endpoint 2757 - [p2p] persistent node key in `$THMHOME/config/node_key.json` 2758 - [p2p] introduce peer ID and authenticate peers by ID using addresses like `ID@IP:PORT` 2759 - [p2p/pex] new seed mode crawls the network and serves as a seed. 2760 - [config] MempoolConfig.CacheSize 2761 - [config] P2P.SeedMode (`--p2p.seed_mode`) 2762 2763 IMPROVEMENT: 2764 - [p2p/pex] stricter rules in the PEX reactor for better handling of abuse 2765 - [p2p] various improvements to code structure including subpackages for `pex` and `conn` 2766 - [docs] new spec! 2767 - [all] speed up the tests! 2768 2769 BUG FIX: 2770 - [blockchain] StopPeerForError on timeout 2771 - [consensus] StopPeerForError on a bad Maj23 message 2772 - [state] flush mempool conn before calling commit 2773 - [types] fix priv val signing things that only differ by timestamp 2774 - [mempool] fix memory leak causing zombie peers 2775 - [p2p/conn] fix potential deadlock 2776 2777 ## 0.15.0 (December 29, 2017) 2778 2779 BREAKING CHANGES: 2780 - [p2p] enable the Peer Exchange reactor by default 2781 - [types] add Timestamp field to Proposal/Vote 2782 - [types] add new fields to Header: TotalTxs, ConsensusParamsHash, LastResultsHash, EvidenceHash 2783 - [types] add Evidence to Block 2784 - [types] simplify ValidateBasic 2785 - [state] updates to support changes to the header 2786 - [state] Enforce <1/3 of validator set can change at a time 2787 2788 FEATURES: 2789 - [state] Send indices of absent validators and addresses of byzantine validators in BeginBlock 2790 - [state] Historical ConsensusParams and ABCIResponses 2791 - [docs] Specification for the base Tendermint data structures. 2792 - [evidence] New evidence reactor for gossiping and managing evidence 2793 - [rpc] `/block_results?height=X` returns the DeliverTx results for a given height. 2794 2795 IMPROVEMENTS: 2796 - [consensus] Better handling of corrupt WAL file 2797 2798 BUG FIXES: 2799 - [lite] fix race 2800 - [state] validate block.Header.ValidatorsHash 2801 - [p2p] allow seed addresses to be prefixed with eg. `tcp://` 2802 - [p2p] use consistent key to refer to peers so we dont try to connect to existing peers 2803 - [cmd] fix `tendermint init` to ignore files that are there and generate files that aren't. 2804 2805 ## 0.14.0 (December 11, 2017) 2806 2807 BREAKING CHANGES: 2808 - consensus/wal: removed separator 2809 - rpc/client: changed Subscribe/Unsubscribe/UnsubscribeAll funcs signatures to be identical to event bus. 2810 2811 FEATURES: 2812 - new `tendermint lite` command (and `lite/proxy` pkg) for running a light-client RPC proxy. 2813 NOTE it is currently insecure and its APIs are not yet covered by semver 2814 2815 IMPROVEMENTS: 2816 - rpc/client: can act as event bus subscriber (See https://github.com/tendermint/tendermint/issues/945). 2817 - p2p: use exponential backoff from seconds to hours when attempting to reconnect to persistent peer 2818 - config: moniker defaults to the machine's hostname instead of "anonymous" 2819 2820 BUG FIXES: 2821 - p2p: no longer exit if one of the seed addresses is incorrect 2822 2823 ## 0.13.0 (December 6, 2017) 2824 2825 BREAKING CHANGES: 2826 - abci: update to v0.8 using gogo/protobuf; includes tx tags, vote info in RequestBeginBlock, data.Bytes everywhere, use int64, etc. 2827 - types: block heights are now `int64` everywhere 2828 - types & node: EventSwitch and EventCache have been replaced by EventBus and EventBuffer; event types have been overhauled 2829 - node: EventSwitch methods now refer to EventBus 2830 - rpc/lib/types: RPCResponse is no longer a pointer; WSRPCConnection interface has been modified 2831 - rpc/client: WaitForOneEvent takes an EventsClient instead of types.EventSwitch 2832 - rpc/client: Add/RemoveListenerForEvent are now Subscribe/Unsubscribe 2833 - rpc/core/types: ResultABCIQuery wraps an abci.ResponseQuery 2834 - rpc: `/subscribe` and `/unsubscribe` take `query` arg instead of `event` 2835 - rpc: `/status` returns the LatestBlockTime in human readable form instead of in nanoseconds 2836 - mempool: cached transactions return an error instead of an ABCI response with BadNonce 2837 2838 FEATURES: 2839 - rpc: new `/unsubscribe_all` WebSocket RPC endpoint 2840 - rpc: new `/tx_search` endpoint for filtering transactions by more complex queries 2841 - p2p/trust: new trust metric for tracking peers. See ADR-006 2842 - config: TxIndexConfig allows to set what DeliverTx tags to index 2843 2844 IMPROVEMENTS: 2845 - New asynchronous events system using `tmlibs/pubsub` 2846 - logging: Various small improvements 2847 - consensus: Graceful shutdown when app crashes 2848 - tests: Fix various non-deterministic errors 2849 - p2p: more defensive programming 2850 2851 BUG FIXES: 2852 - consensus: fix panic where prs.ProposalBlockParts is not initialized 2853 - p2p: fix panic on bad channel 2854 2855 ## 0.12.1 (November 27, 2017) 2856 2857 BUG FIXES: 2858 - upgrade tmlibs dependency to enable Windows builds for Tendermint 2859 2860 ## 0.12.0 (October 27, 2017) 2861 2862 BREAKING CHANGES: 2863 - rpc/client: websocket ResultsCh and ErrorsCh unified in ResponsesCh. 2864 - rpc/client: ABCIQuery no longer takes `prove` 2865 - state: remove GenesisDoc from state. 2866 - consensus: new binary WAL format provides efficiency and uses checksums to detect corruption 2867 - use scripts/wal2json to convert to json for debugging 2868 2869 FEATURES: 2870 - new `Verifiers` pkg contains the tendermint light-client library (name subject to change)! 2871 - rpc: `/genesis` includes the `app_options` . 2872 - rpc: `/abci_query` takes an additional `height` parameter to support historical queries. 2873 - rpc/client: new ABCIQueryWithOptions supports options like `trusted` (set false to get a proof) and `height` to query a historical height. 2874 2875 IMPROVEMENTS: 2876 - rpc: `/genesis` result includes `app_options` 2877 - rpc/lib/client: add jitter to reconnects. 2878 - rpc/lib/types: `RPCError` satisfies the `error` interface. 2879 2880 BUG FIXES: 2881 - rpc/client: fix ws deadlock after stopping 2882 - blockchain: fix panic on AddBlock when peer is nil 2883 - mempool: fix sending on TxsAvailable when a tx has been invalidated 2884 - consensus: dont run WAL catchup if we fast synced 2885 2886 ## 0.11.1 (October 10, 2017) 2887 2888 IMPROVEMENTS: 2889 - blockchain/reactor: respondWithNoResponseMessage for missing height 2890 2891 BUG FIXES: 2892 - rpc: fixed client WebSocket timeout 2893 - rpc: client now resubscribes on reconnection 2894 - rpc: fix panics on missing params 2895 - rpc: fix `/dump_consensus_state` to have normal json output (NOTE: technically breaking, but worth a bug fix label) 2896 - types: fixed out of range error in VoteSet.addVote 2897 - consensus: fix wal autofile via https://github.com/tendermint/tmlibs/blob/master/CHANGELOG.md#032-october-2-2017 2898 2899 ## 0.11.0 (September 22, 2017) 2900 2901 BREAKING: 2902 - genesis file: validator `amount` is now `power` 2903 - abci: Info, BeginBlock, InitChain all take structs 2904 - rpc: various changes to match JSONRPC spec (http://www.jsonrpc.org/specification), including breaking ones: 2905 - requests that previously returned HTTP code 4XX now return 200 with an error code in the JSONRPC. 2906 - `rpctypes.RPCResponse` uses new `RPCError` type instead of `string`. 2907 2908 - cmd: if there is no genesis, exit immediately instead of waiting around for one to show. 2909 - types: `Signer.Sign` returns an error. 2910 - state: every validator set change is persisted to disk, which required some changes to the `State` structure. 2911 - p2p: new `p2p.Peer` interface used for all reactor methods (instead of `*p2p.Peer` struct). 2912 2913 FEATURES: 2914 - rpc: `/validators?height=X` allows querying of validators at previous heights. 2915 - rpc: Leaving the `height` param empty for `/block`, `/validators`, and `/commit` will return the value for the latest height. 2916 2917 IMPROVEMENTS: 2918 - docs: Moved all docs from the website and tools repo in, converted to `.rst`, and cleaned up for presentation on `tendermint.readthedocs.io` 2919 2920 BUG FIXES: 2921 - fix WAL openning issue on Windows 2922 2923 ## 0.10.4 (September 5, 2017) 2924 2925 IMPROVEMENTS: 2926 - docs: Added Slate docs to each rpc function (see rpc/core) 2927 - docs: Ported all website docs to Read The Docs 2928 - config: expose some p2p params to tweak performance: RecvRate, SendRate, and MaxMsgPacketPayloadSize 2929 - rpc: Upgrade the websocket client and server, including improved auto reconnect, and proper ping/pong 2930 2931 BUG FIXES: 2932 - consensus: fix panic on getVoteBitArray 2933 - consensus: hang instead of panicking on byzantine consensus failures 2934 - cmd: dont load config for version command 2935 2936 ## 0.10.3 (August 10, 2017) 2937 2938 FEATURES: 2939 - control over empty block production: 2940 - new flag, `--consensus.create_empty_blocks`; when set to false, blocks are only created when there are txs or when the AppHash changes. 2941 - new config option, `consensus.create_empty_blocks_interval`; an empty block is created after this many seconds. 2942 - in normal operation, `create_empty_blocks = true` and `create_empty_blocks_interval = 0`, so blocks are being created all the time (as in all previous versions of tendermint). The number of empty blocks can be reduced by increasing `create_empty_blocks_interval` or by setting `create_empty_blocks = false`. 2943 - new `TxsAvailable()` method added to Mempool that returns a channel which fires when txs are available. 2944 - new heartbeat message added to consensus reactor to notify peers that a node is waiting for txs before entering propose step. 2945 - rpc: Add `syncing` field to response returned by `/status`. Is `true` while in fast-sync mode. 2946 2947 IMPROVEMENTS: 2948 - various improvements to documentation and code comments 2949 2950 BUG FIXES: 2951 - mempool: pass height into constructor so it doesn't always start at 0 2952 2953 ## 0.10.2 (July 10, 2017) 2954 2955 FEATURES: 2956 - Enable lower latency block commits by adding consensus reactor sleep durations and p2p flush throttle timeout to the config 2957 2958 IMPROVEMENTS: 2959 - More detailed logging in the consensus reactor and state machine 2960 - More in-code documentation for many exposed functions, especially in consensus/reactor.go and p2p/switch.go 2961 - Improved readability for some function definitions and code blocks with long lines 2962 2963 ## 0.10.1 (June 28, 2017) 2964 2965 FEATURES: 2966 - Use `--trace` to get stack traces for logged errors 2967 - types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set 2968 - types: GenesisDocFromFile parses a GenesiDoc from a JSON file 2969 2970 IMPROVEMENTS: 2971 - Add a Code of Conduct 2972 - Variety of improvements as suggested by `megacheck` tool 2973 - rpc: deduplicate tests between rpc/client and rpc/tests 2974 - rpc: addresses without a protocol prefix default to `tcp://`. `http://` is also accepted as an alias for `tcp://` 2975 - cmd: commands are more easily reuseable from other tools 2976 - DOCKER: automate build/push 2977 2978 BUG FIXES: 2979 - Fix log statements using keys with spaces (logger does not currently support spaces) 2980 - rpc: set logger on websocket connection 2981 - rpc: fix ws connection stability by setting write deadline on pings 2982 2983 ## 0.10.0 (June 2, 2017) 2984 2985 Includes major updates to configuration, logging, and json serialization. 2986 Also includes the Grand Repo-Merge of 2017. 2987 2988 BREAKING CHANGES: 2989 2990 - Config and Flags: 2991 - The `config` map is replaced with a [`Config` struct](https://github.com/tendermint/tendermint/blob/master/config/config.go#L11), 2992 containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusConfig`, `RPCConfig` 2993 - This affects the following flags: 2994 - `--seeds` is now `--p2p.seeds` 2995 - `--node_laddr` is now `--p2p.laddr` 2996 - `--pex` is now `--p2p.pex` 2997 - `--skip_upnp` is now `--p2p.skip_upnp` 2998 - `--rpc_laddr` is now `--rpc.laddr` 2999 - `--grpc_laddr` is now `--rpc.grpc_laddr` 3000 - Any configuration option now within a substract must come under that heading in the `config.toml`, for instance: 3001 ``` 3002 [p2p] 3003 laddr="tcp://1.2.3.4:46656" 3004 3005 [consensus] 3006 timeout_propose=1000 3007 ``` 3008 - Use viper and `DefaultConfig() / TestConfig()` functions to handle defaults, and remove `config/tendermint` and `config/tendermint_test` 3009 - Change some function and method signatures to 3010 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) accomodate new config 3011 3012 - Logger 3013 - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`. 3014 See our new [logging library](https://github.com/tendermint/tmlibs/log) and [blog post](https://tendermint.com/blog/abstracting-the-logger-interface-in-go) for more details 3015 - Levels `warn` and `notice` are removed (you may need to change them in your `config.toml`!) 3016 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) to accept a logger 3017 3018 - JSON serialization: 3019 - Replace `[TypeByte, Xxx]` with `{"type": "some-type", "data": Xxx}` in RPC and all `.json` files by using `go-wire/data`. For instance, a public key is now: 3020 ``` 3021 "pub_key": { 3022 "type": "ed25519", 3023 "data": "83DDF8775937A4A12A2704269E2729FCFCD491B933C4B0A7FFE37FE41D7760D0" 3024 } 3025 ``` 3026 - Remove type information about RPC responses, so `[TypeByte, {"jsonrpc": "2.0", ... }]` is now just `{"jsonrpc": "2.0", ... }` 3027 - Change `[]byte` to `data.Bytes` in all serialized types (for hex encoding) 3028 - Lowercase the JSON tags in `ValidatorSet` fields 3029 - Introduce `EventDataInner` for serializing events 3030 3031 - Other: 3032 - Send InitChain message in handshake if `appBlockHeight == 0` 3033 - Do not include the `Accum` field when computing the validator hash. This makes the ValidatorSetHash unique for a given validator set, rather than changing with every block (as the Accum changes) 3034 - Unsafe RPC calls are not enabled by default. This includes `/dial_seeds`, and all calls prefixed with `unsafe`. Use the `--rpc.unsafe` flag to enable. 3035 3036 3037 FEATURES: 3038 3039 - Per-module log levels. For instance, the new default is `state:info,*:error`, which means the `state` package logs at `info` level, and everything else logs at `error` level 3040 - Log if a node is validator or not in every consensus round 3041 - Use ldflags to set git hash as part of the version 3042 - Ignore `address` and `pub_key` fields in `priv_validator.json` and overwrite them with the values derrived from the `priv_key` 3043 3044 IMPROVEMENTS: 3045 3046 - Merge `tendermint/go-p2p -> tendermint/tendermint/p2p` and `tendermint/go-rpc -> tendermint/tendermint/rpc/lib` 3047 - Update paths for grand repo merge: 3048 - `go-common -> tmlibs/common` 3049 - `go-data -> go-wire/data` 3050 - All other `go-` libs, except `go-crypto` and `go-wire`, are merged under `tmlibs` 3051 - No global loggers (loggers are passed into constructors, or preferably set with a SetLogger method) 3052 - Return HTTP status codes with errors for RPC responses 3053 - Limit `/blockchain_info` call to return a maximum of 20 blocks 3054 - Use `.Wrap()` and `.Unwrap()` instead of eg. `PubKeyS` for `go-crypto` types 3055 - RPC JSON responses use pretty printing (via `json.MarshalIndent`) 3056 - Color code different instances of the consensus for tests 3057 - Isolate viper to `cmd/tendermint/commands` and do not read config from file for tests 3058 3059 3060 ## 0.9.2 (April 26, 2017) 3061 3062 BUG FIXES: 3063 3064 - Fix bug in `ResetPrivValidator` where we were using the global config and log (causing external consumers, eg. basecoin, to fail). 3065 3066 ## 0.9.1 (April 21, 2017) 3067 3068 FEATURES: 3069 3070 - Transaction indexing - txs are indexed by their hash using a simple key-value store; easily extended to more advanced indexers 3071 - New `/tx?hash=X` endpoint to query for transactions and their DeliverTx result by hash. Optionally returns a proof of the tx's inclusion in the block 3072 - `tendermint testnet` command initializes files for a testnet 3073 3074 IMPROVEMENTS: 3075 3076 - CLI now uses Cobra framework 3077 - TMROOT is now TMHOME (TMROOT will stop working in 0.10.0) 3078 - `/broadcast_tx_XXX` also returns the Hash (can be used to query for the tx) 3079 - `/broadcast_tx_commit` also returns the height the block was committed in 3080 - ABCIResponses struct persisted to disk before calling Commit; makes handshake replay much cleaner 3081 - WAL uses #ENDHEIGHT instead of #HEIGHT (#HEIGHT will stop working in 0.10.0) 3082 - Peers included via `--seeds`, under `seeds` in the config, or in `/dial_seeds` are now persistent, and will be reconnected to if the connection breaks 3083 3084 BUG FIXES: 3085 3086 - Fix bug in fast-sync where we stop syncing after a peer is removed, even if they're re-added later 3087 - Fix handshake replay to handle validator set changes and results of DeliverTx when we crash after app.Commit but before state.Save() 3088 3089 ## 0.9.0 (March 6, 2017) 3090 3091 BREAKING CHANGES: 3092 3093 - Update ABCI to v0.4.0, where Query is now `Query(RequestQuery) ResponseQuery`, enabling precise proofs at particular heights: 3094 3095 ``` 3096 message RequestQuery{ 3097 bytes data = 1; 3098 string path = 2; 3099 uint64 height = 3; 3100 bool prove = 4; 3101 } 3102 3103 message ResponseQuery{ 3104 CodeType code = 1; 3105 int64 index = 2; 3106 bytes key = 3; 3107 bytes value = 4; 3108 bytes proof = 5; 3109 uint64 height = 6; 3110 string log = 7; 3111 } 3112 ``` 3113 3114 3115 - `BlockMeta` data type unifies its Hash and PartSetHash under a `BlockID`: 3116 3117 ``` 3118 type BlockMeta struct { 3119 BlockID BlockID `json:"block_id"` // the block hash and partsethash 3120 Header *Header `json:"header"` // The block's Header 3121 } 3122 ``` 3123 3124 - `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes. 3125 3126 - `tendermint gen_validator` command output is now pure JSON 3127 3128 FEATURES: 3129 3130 - New RPC endpoint `/commit?height=X` returns header and commit for block at height `X` 3131 - Client API for each endpoint, including mocks for testing 3132 3133 IMPROVEMENTS: 3134 3135 - `Node` is now a `BaseService` 3136 - Simplified starting Tendermint in-process from another application 3137 - Better organized Makefile 3138 - Scripts for auto-building binaries across platforms 3139 - Docker image improved, slimmed down (using Alpine), and changed from tendermint/tmbase to tendermint/tendermint 3140 - New repo files: `CONTRIBUTING.md`, Github `ISSUE_TEMPLATE`, `CHANGELOG.md` 3141 - Improvements on CircleCI for managing build/test artifacts 3142 - Handshake replay is doen through the consensus package, possibly using a mockApp 3143 - Graceful shutdown of RPC listeners 3144 - Tests for the PEX reactor and DialSeeds 3145 3146 BUG FIXES: 3147 3148 - Check peer.Send for failure before updating PeerState in consensus 3149 - Fix panic in `/dial_seeds` with invalid addresses 3150 - Fix proposer selection logic in ValidatorSet by taking the address into account in the `accumComparable` 3151 - Fix inconcistencies with `ValidatorSet.Proposer` across restarts by persisting it in the `State` 3152 3153 3154 ## 0.8.0 (January 13, 2017) 3155 3156 BREAKING CHANGES: 3157 3158 - New data type `BlockID` to represent blocks: 3159 3160 ``` 3161 type BlockID struct { 3162 Hash []byte `json:"hash"` 3163 PartsHeader PartSetHeader `json:"parts"` 3164 } 3165 ``` 3166 3167 - `Vote` data type now includes validator address and index: 3168 3169 ``` 3170 type Vote struct { 3171 ValidatorAddress []byte `json:"validator_address"` 3172 ValidatorIndex int `json:"validator_index"` 3173 Height int `json:"height"` 3174 Round int `json:"round"` 3175 Type byte `json:"type"` 3176 BlockID BlockID `json:"block_id"` // zero if vote is nil. 3177 Signature crypto.Signature `json:"signature"` 3178 } 3179 ``` 3180 3181 - Update TMSP to v0.3.0, where it is now called ABCI and AppendTx is DeliverTx 3182 - Hex strings in the RPC are now "0x" prefixed 3183 3184 3185 FEATURES: 3186 3187 - New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23, 3188 in order to track and handle conflicting votes intelligently to prevent Byzantine faults from causing halts: 3189 3190 ``` 3191 type VoteSetMaj23Message struct { 3192 Height int 3193 Round int 3194 Type byte 3195 BlockID types.BlockID 3196 } 3197 ``` 3198 3199 - Configurable block part set size 3200 - Validator set changes 3201 - Optionally skip TimeoutCommit if we have all the votes 3202 - Handshake between Tendermint and App on startup to sync latest state and ensure consistent recovery from crashes 3203 - GRPC server for BroadcastTx endpoint 3204 3205 IMPROVEMENTS: 3206 3207 - Less verbose logging 3208 - Better test coverage (37% -> 49%) 3209 - Canonical SignBytes for signable types 3210 - Write-Ahead Log for Mempool and Consensus via tmlibs/autofile 3211 - Better in-process testing for the consensus reactor and byzantine faults 3212 - Better crash/restart testing for individual nodes at preset failure points, and of networks at arbitrary points 3213 - Better abstraction over timeout mechanics 3214 3215 BUG FIXES: 3216 3217 - Fix memory leak in mempool peer 3218 - Fix panic on POLRound=-1 3219 - Actually set the CommitTime 3220 - Actually send BeginBlock message 3221 - Fix a liveness issues caused by Byzantine proposals/votes. Uses the new `Maj23Msg`. 3222 3223 3224 ## 0.7.4 (December 14, 2016) 3225 3226 FEATURES: 3227 3228 - Enable the Peer Exchange reactor with the `--pex` flag for more resilient gossip network (feature still in development, beware dragons) 3229 3230 IMPROVEMENTS: 3231 3232 - Remove restrictions on RPC endpoint `/dial_seeds` to enable manual network configuration 3233 3234 ## 0.7.3 (October 20, 2016) 3235 3236 IMPROVEMENTS: 3237 3238 - Type safe FireEvent 3239 - More WAL/replay tests 3240 - Cleanup some docs 3241 3242 BUG FIXES: 3243 3244 - Fix deadlock in mempool for synchronous apps 3245 - Replay handles non-empty blocks 3246 - Fix race condition in HeightVoteSet 3247 3248 ## 0.7.2 (September 11, 2016) 3249 3250 BUG FIXES: 3251 3252 - Set mustConnect=false so tendermint will retry connecting to the app 3253 3254 ## 0.7.1 (September 10, 2016) 3255 3256 FEATURES: 3257 3258 - New TMSP connection for Query/Info 3259 - New RPC endpoints: 3260 - `tmsp_query` 3261 - `tmsp_info` 3262 - Allow application to filter peers through Query (off by default) 3263 3264 IMPROVEMENTS: 3265 3266 - TMSP connection type enforced at compile time 3267 - All listen/client urls use a "tcp://" or "unix://" prefix 3268 3269 BUG FIXES: 3270 3271 - Save LastSignature/LastSignBytes to `priv_validator.json` for recovery 3272 - Fix event unsubscribe 3273 - Fix fastsync/blockchain reactor 3274 3275 ## 0.7.0 (August 7, 2016) 3276 3277 BREAKING CHANGES: 3278 3279 - Strict SemVer starting now! 3280 - Update to ABCI v0.2.0 3281 - Validation types now called Commit 3282 - NewBlock event only returns the block header 3283 3284 3285 FEATURES: 3286 3287 - TMSP and RPC support TCP and UNIX sockets 3288 - Addition config options including block size and consensus parameters 3289 - New WAL mode `cswal_light`; logs only the validator's own votes 3290 - New RPC endpoints: 3291 - for starting/stopping profilers, and for updating config 3292 - `/broadcast_tx_commit`, returns when tx is included in a block, else an error 3293 - `/unsafe_flush_mempool`, empties the mempool 3294 3295 3296 IMPROVEMENTS: 3297 3298 - Various optimizations 3299 - Remove bad or invalidated transactions from the mempool cache (allows later duplicates) 3300 - More elaborate testing using CircleCI including benchmarking throughput on 4 digitalocean droplets 3301 3302 BUG FIXES: 3303 3304 - Various fixes to WAL and replay logic 3305 - Various race conditions 3306 3307 ## PreHistory 3308 3309 Strict versioning only began with the release of v0.7.0, in late summer 2016. 3310 The project itself began in early summer 2014 and was workable decentralized cryptocurrency software by the end of that year. 3311 Through the course of 2015, in collaboration with Eris Industries (now Monax Industries), 3312 many additional features were integrated, including an implementation from scratch of the Ethereum Virtual Machine. 3313 That implementation now forms the heart of [Burrow](https://github.com/hyperledger/burrow). 3314 In the later half of 2015, the consensus algorithm was upgraded with a more asynchronous design and a more deterministic and robust implementation. 3315 3316 By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the 3317 invention of the Application Blockchain Interface (ABCI), then called the Tendermint Socket Protocol (TMSP). 3318 The Ethereum Virtual Machine and various other transaction features were removed, and Tendermint was whittled down to a core consensus engine 3319 driving an application running in another process. 3320 The ABCI interface and implementation were iterated on and improved over the course of 2016, 3321 until versioned history kicked in with v0.7.0.