github.com/fiagdao/tendermint@v0.32.11-0.20220824195748-2087fcc480c1/CHANGELOG.md (about) 1 # Changelog 2 3 ## v0.33.7 4 5 *August 4, 2020* 6 7 ### BUG FIXES: 8 9 - [go] Build release binary using Go 1.14.4, to avoid halt caused by Go 1.14.1 (https://github.com/golang/go/issues/38223) 10 - [privval] [\#5140](https://github.com/tendermint/tendermint/pull/5140) `RemoteSignerError` from remote signers are no longer retried (@melekes) 11 12 ## v0.33.6 13 14 *July 2, 2020* 15 16 This security release fixes: 17 18 ### Denial of service 19 20 Tendermint 0.33.0 and above allow block proposers to include signatures for the 21 wrong block. This may happen naturally if you start a network, have it run for 22 some time and restart it **without changing the chainID**. (It is a 23 [misconfiguration](https://docs.tendermint.com/master/tendermint-core/using-tendermint.html) 24 to reuse chainIDs.) Correct block proposers will accidentally include signatures 25 for the wrong block if they see these signatures, and then commits won't validate, 26 making all proposed blocks invalid. A malicious validator (even with a minimal 27 amount of stake) can use this vulnerability to completely halt the network. 28 29 Tendermint 0.33.6 checks all the signatures are for the block with +2/3 30 majority before creating a commit. 31 32 ### False Witness 33 34 Tendermint 0.33.1 and above are no longer fully verifying commit signatures 35 during block execution - they stop after +2/3. This means proposers can propose 36 blocks that contain valid +2/3 signatures and then the rest of the signatures 37 can be whatever they want. They can claim that all the other validators signed 38 just by including a CommitSig with arbitrary signature data. While this doesn't 39 seem to impact safety of Tendermint per se, it means that Commits may contain a 40 lot of invalid data. 41 42 _This was already true of blocks, since they could include invalid txs filled 43 with garbage, but in that case the application knew that they are invalid and 44 could punish the proposer. But since applications didn't--and don't-- 45 verify commit signatures directly (they trust Tendermint to do that), 46 they won't be able to detect it._ 47 48 This can impact incentivization logic in the application that depends on the 49 LastCommitInfo sent in BeginBlock, which includes which validators signed. For 50 instance, Gaia incentivizes proposers with a bonus for including more than +2/3 51 of the signatures. But a proposer can now claim that bonus just by including 52 arbitrary data for the final -1/3 of validators without actually waiting for 53 their signatures. There may be other tricks that can be played because of this. 54 55 Tendermint 0.33.6 verifies all the signatures during block execution. 56 57 _Please note that the light client does not check nil votes and exits as soon 58 as 2/3+ of the signatures are checked._ 59 60 **All clients are recommended to upgrade.** 61 62 Special thanks to @njmurarka at Bluzelle Networks for reporting this. 63 64 Friendly reminder, we have a [bug bounty 65 program](https://hackerone.com/tendermint). 66 67 ### SECURITY: 68 69 - [consensus] Do not allow signatures for a wrong block in commits (@ebuchman) 70 - [consensus] Verify all the signatures during block execution (@melekes) 71 72 ## v.0.33.5 73 74 Special thanks to our external contributor on this release: @tau3 75 76 Friendly reminder: We have a [bug bounty program](https://hackerone.com/tendermint). 77 78 ### BREAKING CHANGES: 79 80 - Go API 81 82 - [privval] [\#4744](https://github.com/tendermint/tendermint/pull/4744) Remove deprecated `OldFilePV` (@melekes) 83 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Modify `Mempool#InitWAL` to return an error (@melekes) 84 - [node] [\#4832](https://github.com/tendermint/tendermint/pull/4832) `ConfigureRPC` returns an error (@melekes) 85 - [rpc] [\#4836](https://github.com/tendermint/tendermint/pull/4836) Overhaul `lib` folder (@melekes) 86 Move lib/ folder to jsonrpc/. 87 Rename: 88 rpc package -> jsonrpc package 89 rpcclient package -> client package 90 rpcserver package -> server package 91 JSONRPCClient to Client 92 JSONRPCRequestBatch to RequestBatch 93 JSONRPCCaller to Caller 94 StartHTTPServer to Serve 95 StartHTTPAndTLSServer to ServeTLS 96 NewURIClient to NewURI 97 NewJSONRPCClient to New 98 NewJSONRPCClientWithHTTPClient to NewWithHTTPClient 99 NewWSClient to NewWS 100 Unexpose ResponseWriterWrapper 101 Remove unused http_params.go 102 103 104 ### FEATURES: 105 106 - [pex] [\#4439](https://github.com/tendermint/tendermint/pull/4439) Use highwayhash for pex buckets (@tau3) 107 108 ### IMPROVEMENTS: 109 110 - [abci/server] [\#4719](https://github.com/tendermint/tendermint/pull/4719) Print panic & stack trace to STDERR if logger is not set (@melekes) 111 - [types] [\#4638](https://github.com/tendermint/tendermint/pull/4638) Implement `Header#ValidateBasic` (@alexanderbez) 112 - [buildsystem] [\#4378](https://github.com/tendermint/tendermint/pull/4738) Replace build_c and install_c with TENDERMINT_BUILD_OPTIONS parsing. The following options are available: 113 - nostrip: don't strip debugging symbols nor DWARF tables. 114 - cleveldb: use cleveldb as db backend instead of goleveldb. 115 - race: pass -race to go build and enable data race detection. 116 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Allow ReapX and CheckTx functions to run in parallel (@melekes) 117 - [rpc/core] [\#4844](https://github.com/tendermint/tendermint/pull/4844) Do not lock consensus state in `/validators`, `/consensus_params` and `/status` (@melekes) 118 119 ### BUG FIXES: 120 121 - [blockchain/v2] [\#4761](https://github.com/tendermint/tendermint/pull/4761) Fix excessive CPU usage caused by spinning on closed channels (@erikgrinaker) 122 - [blockchain/v2] Respect `fast_sync` option (@erikgrinaker) 123 - [light] [\#4741](https://github.com/tendermint/tendermint/pull/4741) Correctly return `ErrSignedHeaderNotFound` and `ErrValidatorSetNotFound` on corresponding RPC errors (@erikgrinaker) 124 - [rpc] [\#4805](https://github.com/tendermint/tendermint/issues/4805) Attempt to handle panics during panic recovery (@erikgrinaker) 125 - [types] [\#4764](https://github.com/tendermint/tendermint/pull/4764) Return an error if voting power overflows in `VerifyCommitTrusting` (@melekes) 126 - [privval] [\#4812](https://github.com/tendermint/tendermint/pull/4812) Retry `GetPubKey/SignVote/SignProposal` a few times before returning an error (@melekes) 127 - [p2p] [\#4847](https://github.com/tendermint/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 128 129 ## v0.33.4 130 131 - Nodes are no longer guaranteed to contain all blocks up to the latest height. The ABCI app can now control which blocks to retain through the ABCI field `ResponseCommit.retain_height`, all blocks and associated data below this height will be removed. 132 133 *April 21, 2020* 134 135 Special thanks to external contributors on this release: @whylee259, @greg-szabo 136 137 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 138 139 ### BREAKING CHANGES: 140 141 - Go API 142 143 - [lite2] [\#4616](https://github.com/tendermint/tendermint/pull/4616) Make `maxClockDrift` an option `Verify/VerifyAdjacent/VerifyNonAdjacent` now accept `maxClockDrift time.Duration` (@melekes). 144 - [rpc/client] [\#4628](https://github.com/tendermint/tendermint/pull/4628) Split out HTTP and local clients into `http` and `local` packages (@erikgrinaker). 145 146 ### FEATURES: 147 148 - [abci] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `ResponseCommit.retain_height` field, which will automatically remove blocks below this height. This bumps the ABCI version to 0.16.2 (@erikgrinaker). 149 - [cmd] [\#4665](https://github.com/tendermint/tendermint/pull/4665) New `tendermint completion` command to generate Bash/Zsh completion scripts (@alessio). 150 - [rpc] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `/status` response fields for the earliest block available on the node (@erikgrinaker). 151 - [rpc] [\#4611](https://github.com/tendermint/tendermint/pull/4611) Add `codespace` to `ResultBroadcastTx` (@whylee259). 152 153 ### IMPROVEMENTS: 154 155 - [all] [\#4608](https://github.com/tendermint/tendermint/pull/4608) Give reactors descriptive names when they're initialized (@tessr). 156 - [blockchain] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `Base` to blockchain reactor P2P messages `StatusRequest` and `StatusResponse` (@erikgrinaker). 157 - [Docker] [\#4569](https://github.com/tendermint/tendermint/issues/4569) Default configuration added to docker image (you can still mount your own config the same way) (@greg-szabo). 158 - [example/kvstore] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `RetainBlocks` option to control block retention (@erikgrinaker). 159 - [evidence] [\#4632](https://github.com/tendermint/tendermint/pull/4632) Inbound evidence checked if already existing (@cmwaters). 160 - [lite2] [\#4575](https://github.com/tendermint/tendermint/pull/4575) Use bisection for within-range verification (@cmwaters). 161 - [lite2] [\#4562](https://github.com/tendermint/tendermint/pull/4562) Cache headers when using bisection (@cmwaters). 162 - [p2p] [\#4548](https://github.com/tendermint/tendermint/pull/4548) Add ban list to address book (@cmwaters). 163 - [privval] [\#4534](https://github.com/tendermint/tendermint/issues/4534) Add `error` as a return value on`GetPubKey()` (@marbar3778). 164 - [p2p] [\#4621](https://github.com/tendermint/tendermint/issues/4621) Ban peers when messages are unsolicited or too frequent (@cmwaters). 165 - [rpc] [\#4703](https://github.com/tendermint/tendermint/pull/4703) Add `count` and `total` to `/validators` response (@melekes). 166 - [tools] [\#4615](https://github.com/tendermint/tendermint/issues/4615) Allow developers to use Docker to generate proto stubs, via `make proto-gen-docker` (@erikgrinaker). 167 168 ### BUG FIXES: 169 170 - [rpc] [\#4568](https://github.com/tendermint/tendermint/issues/4568) Fix panic when `Subscribe` is called, but HTTP client is not running. `Subscribe`, `Unsubscribe(All)` methods return an error now (@melekes). 171 172 ## v0.33.3 173 174 *April 6, 2020* 175 176 This security release fixes: 177 178 ### Denial of service 1 179 180 Tendermint 0.33.2 and earlier does not limit P2P connection requests number. 181 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 182 memory is garbage collected once the connection is terminated (due to duplicate 183 IP or reaching a maximum number of inbound peers), temporary memory spikes can 184 lead to OOM (Out-Of-Memory) exceptions. 185 186 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 187 connection requests to to `p2p.max_num_inbound_peers + 188 len(p2p.unconditional_peer_ids)`. 189 190 Notes: 191 192 - Tendermint does not rate limit P2P connection requests per IP (an attacker 193 can saturate all the inbound slots); 194 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 195 endpoints to the public, please make sure to put in place some protection 196 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 197 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 198 199 ### Denial of service 2 200 201 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 202 removed in `Mempool` reactor. This does not happen all the time. It only 203 happens when a connection fails (for any reason) before the Peer is created and 204 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 205 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 206 maximum size of 65535 and the node will panic if this map reaches the maximum. 207 An attacker can create a lot of connection attempts (exploiting Denial of 208 service 1), which ultimately will lead to the node panicking. 209 210 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 211 which is executed before `MConnection` is started. 212 213 Notes: 214 215 - `InitPeer` function was added to all reactors to combat a similar issue - 216 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 217 - Denial of service 2 is independent of Denial of service 1 and can be executed 218 without it. 219 220 **All clients are recommended to upgrade** 221 222 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 223 and reporting this. 224 225 Friendly reminder, we have a [bug bounty 226 program](https://hackerone.com/tendermint). 227 228 ### SECURITY: 229 230 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 231 - [p2p] Limit the number of incoming connections (@melekes) 232 233 ## v0.33.2 234 235 *March 11, 2020* 236 237 Special thanks to external contributors on this release: 238 @antho1404, @michaelfig, @gterzian, @tau3, @Shivani912 239 240 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 241 242 ### BREAKING CHANGES: 243 244 - CLI/RPC/Config 245 - [cli] [\#4505](https://github.com/tendermint/tendermint/pull/4505) `tendermint lite` sub-command new syntax (@melekes): 246 `lite cosmoshub-3 -p 52.57.29.196:26657 -w public-seed-node.cosmoshub.certus.one:26657 247 --height 962118 --hash 28B97BE9F6DE51AC69F70E0B7BFD7E5C9CD1A595B7DC31AFF27C50D4948` 248 249 - Go API 250 - [lite2] [\#4535](https://github.com/tendermint/tendermint/pull/4535) Remove `Start/Stop` (@melekes) 251 - [lite2] [\#4469](https://github.com/tendermint/tendermint/issues/4469) Remove `RemoveNoLongerTrustedHeaders` and `RemoveNoLongerTrustedHeadersPeriod` option (@cmwaters) 252 - [lite2] [\#4473](https://github.com/tendermint/tendermint/issues/4473) Return height as a 2nd param in `TrustedValidatorSet` (@melekes) 253 - [lite2] [\#4536](https://github.com/tendermint/tendermint/pull/4536) `Update` returns a signed header (1st param) (@melekes) 254 255 256 ### IMPROVEMENTS: 257 258 - [blockchain/v2] [\#4361](https://github.com/tendermint/tendermint/pull/4361) Add reactor (@brapse) 259 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) Change `tendermint debug dump` sub-command archives filename's format (@melekes) 260 - [consensus] [\#3583](https://github.com/tendermint/tendermint/issues/3583) Reduce `non-deterministic signature` log noise (@tau3) 261 - [examples/kvstore] [\#4507](https://github.com/tendermint/tendermint/issues/4507) ABCI query now returns the proper height (@erikgrinaker) 262 - [lite2] [\#4462](https://github.com/tendermint/tendermint/issues/4462) Add `NewHTTPClient` and `NewHTTPClientFromTrustedStore` (@cmwaters) 263 - [lite2] [\#4329](https://github.com/tendermint/tendermint/issues/4329) modified bisection to loop (@cmwaters) 264 - [lite2] [\#4385](https://github.com/tendermint/tendermint/issues/4385) Disconnect from bad nodes (@melekes) 265 - [lite2] [\#4398](https://github.com/tendermint/tendermint/issues/4398) Add `VerifyAdjacent` and `VerifyNonAdjacent` funcs (@cmwaters) 266 - [lite2] [\#4426](https://github.com/tendermint/tendermint/issues/4426) Don't save intermediate headers (@cmwaters) 267 - [lite2] [\#4464](https://github.com/tendermint/tendermint/issues/4464) Cross-check first header (@cmwaters) 268 - [lite2] [\#4470](https://github.com/tendermint/tendermint/issues/4470) Fix inconsistent header-validatorset pairing (@melekes) 269 - [lite2] [\#4488](https://github.com/tendermint/tendermint/issues/4488) Allow local clock drift -10 sec. (@melekes) 270 - [p2p] [\#4449](https://github.com/tendermint/tendermint/pull/4449) Use `curve25519.X25519()` instead of `ScalarMult` (@erikgrinaker) 271 - [types] [\#4417](https://github.com/tendermint/tendermint/issues/4417) **VerifyCommitX() functions should return as soon as +2/3 threshold is reached** (@alessio). 272 - [libs/kv] [\#4542](https://github.com/tendermint/tendermint/pull/4542) remove unused type KI64Pair (@tessr) 273 274 ### BUG FIXES: 275 276 - [cmd] [\#4303](https://github.com/tendermint/tendermint/issues/4303) Show useful error when Tendermint is not initialized (@melekes) 277 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) **Fix `tendermint debug kill` sub-command** (@melekes) 278 - [rpc] [\#3935](https://github.com/tendermint/tendermint/issues/3935) **Create buffered subscriptions on `/subscribe`** (@melekes) 279 - [rpc] [\#4375](https://github.com/tendermint/tendermint/issues/4375) Stop searching for txs in `/tx_search` upon client timeout (@gterzian) 280 - [rpc] [\#4406](https://github.com/tendermint/tendermint/pull/4406) Fix issue with multiple subscriptions on the websocket (@antho1404) 281 - [rpc] [\#4432](https://github.com/tendermint/tendermint/issues/4432) Fix `/tx_search` pagination with ordered results (@erikgrinaker) 282 - [rpc] [\#4492](https://github.com/tendermint/tendermint/issues/4492) Keep the original subscription "id" field when new RPCs come in (@michaelfig) 283 284 285 ## v0.33.1 286 287 *Feburary 13, 2020* 288 289 Special thanks to external contributors on this release: 290 @princesinha19 291 292 Friendly reminder, we have a [bug bounty 293 program](https://hackerone.com/tendermint). 294 295 ### FEATURES: 296 297 - [rpc] [\#3333](https://github.com/tendermint/tendermint/issues/3333) Add `order_by` to `/tx_search` endpoint, allowing to change default ordering from asc to desc (@princesinha19) 298 299 ### IMPROVEMENTS: 300 301 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add [buf](https://buf.build/) for usage with linting and checking if there are breaking changes with the master branch. 302 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add `make proto-gen` cmd to generate proto stubs outside of GOPATH. 303 304 ### BUG FIXES: 305 306 - [node] [\#4311](https://github.com/tendermint/tendermint/issues/4311) Use `GRPCMaxOpenConnections` when creating the gRPC server, not `MaxOpenConnections` 307 - [rpc] [\#4319](https://github.com/tendermint/tendermint/issues/4319) Check `BlockMeta` is not nil in `/block` & `/block_by_hash` 308 309 ## v0.33 310 311 Special thanks to external contributors on this release: @mrekucci, @PSalant726, @princesinha19, @greg-szabo, @dongsam, @cuonglm, @jgimeno, @yenkhoon 312 313 Friendly reminder, we have a [bug bounty 314 program.](https://hackerone.com/tendermint). 315 316 *January 14, 2020* 317 318 This release contains breaking changes to the `Block#Header`, specifically 319 `NumTxs` and `TotalTxs` were removed (\#2521). Here's how this change affects 320 different modules: 321 322 - apps: it breaks the ABCI header field numbering 323 - state: it breaks the format of `State` on disk 324 - RPC: all RPC requests which expose the header broke 325 - Go API: the `Header` broke 326 - P2P: since blocks go over the wire, technically the P2P protocol broke 327 328 Also, blocks are significantly smaller 🔥 because we got rid of the redundant 329 information in `Block#LastCommit`. `Commit` now mainly consists of a signature 330 and a validator address plus a timestamp. Note we may remove the validator 331 address & timestamp fields in the future (see ADR-25). 332 333 `lite2` package has been added to solve `lite` issues and introduce weak 334 subjectivity interface. Refer to the [spec](https://github.com/tendermint/spec/blob/master/spec/consensus/light-client.md) for complete details. 335 `lite` package is now deprecated and will be removed in v0.34 release. 336 337 ### BREAKING CHANGES: 338 339 - CLI/RPC/Config 340 341 - [rpc] [\#3471](https://github.com/tendermint/tendermint/issues/3471) Paginate `/validators` response (default: 30 vals per page) 342 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Remove `BlockMeta` in `ResultBlock` in favor of `BlockId` for `/block` 343 - [rpc] `/block_results` response format updated (see RPC docs for details) 344 ``` 345 { 346 "jsonrpc": "2.0", 347 "id": "", 348 "result": { 349 "height": "2109", 350 "txs_results": null, 351 "begin_block_events": null, 352 "end_block_events": null, 353 "validator_updates": null, 354 "consensus_param_updates": null 355 } 356 } 357 ``` 358 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Remove `#event` suffix from the ID in event responses. 359 `{"jsonrpc": "2.0", "id": 0, "result": ...}` 360 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Switch to integer IDs instead of `json-client-XYZ` 361 ``` 362 id=0 method=/subscribe 363 id=0 result=... 364 id=1 method=/abci_query 365 id=1 result=... 366 ``` 367 - ID is unique for each request; 368 - Request.ID is now optional. Notification is a Request without an ID. Previously ID="" or ID=0 were considered as notifications. 369 370 - [config] [\#4046](https://github.com/tendermint/tendermint/issues/4046) Rename tag(s) to CompositeKey & places where tag is still present it was renamed to event or events. Find how a compositeKey is constructed [here](https://github.com/tendermint/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md) 371 - You will have to generate a new config for your Tendermint node(s) 372 - [genesis] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Add `consensus_params.evidence.max_age_duration`. Rename 373 `consensus_params.evidence.max_age` to `max_age_num_blocks`. 374 - [cli] [\#1771](https://github.com/tendermint/tendermint/issues/1771) `tendermint lite` now uses new light client package (`lite2`) 375 and has 3 more flags: `--trusting-period`, `--trusted-height` and 376 `--trusted-hash` 377 378 - Apps 379 380 - [tm-bench] Removed tm-bench in favor of [tm-load-test](https://github.com/informalsystems/tm-load-test) 381 382 - Go API 383 384 - [rpc] [\#3953](https://github.com/tendermint/tendermint/issues/3953) Modify NewHTTP, NewXXXClient functions to return an error on invalid remote instead of panicking (@mrekucci) 385 - [rpc/client] [\#3471](https://github.com/tendermint/tendermint/issues/3471) `Validators` now requires two more args: `page` and `perPage` 386 - [libs/common] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Make error the last parameter of `Task` (@PSalant726) 387 - [cs/types] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Rename `GotVoteFromUnwantedRoundError` to `ErrGotVoteFromUnwantedRound` (@PSalant726) 388 - [libs/common] [\#3862](https://github.com/tendermint/tendermint/issues/3862) Remove `errors.go` from `libs/common` 389 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Move `KV` out of common to its own pkg 390 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Rename `cmn.KVPair(s)` to `kv.Pair(s)`s 391 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `Service` & `BaseService` from `libs/common` to `libs/service` 392 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `common/nil.go` to `types/utils.go` & make the functions private 393 - [libs/common] [\#4231](https://github.com/tendermint/tendermint/issues/4231) Move random functions from `libs/common` into pkg `rand` 394 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move byte functions from `libs/common` into pkg `bytes` 395 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move throttletimer functions from `libs/common` into pkg `timer` 396 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move tempfile functions from `libs/common` into pkg `tempfile` 397 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move os functions from `libs/common` into pkg `os` 398 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move net functions from `libs/common` into pkg `net` 399 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move mathematical functions and types out of `libs/common` to `math` pkg 400 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move string functions out of `libs/common` to `strings` pkg 401 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move async functions out of `libs/common` to `async` pkg 402 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move bit functions out of `libs/common` to `bits` pkg 403 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move cmap functions out of `libs/common` to `cmap` pkg 404 - [libs/common] [\#4258](https://github.com/tendermint/tendermint/issues/4258) Remove `Rand` from all `rand` pkg functions 405 - [types] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Remove `MockBadEvidence` & `MockGoodEvidence` in favor of `MockEvidence` 406 407 - Blockchain Protocol 408 409 - [abci] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Remove `TotalTxs` and `NumTxs` from `Header` 410 - [types] [\#4151](https://github.com/tendermint/tendermint/pull/4151) Enforce ordering of votes in DuplicateVoteEvidence to be lexicographically sorted on BlockID 411 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) Change `Commit` to consist of just signatures 412 413 - P2P Protocol 414 415 - [p2p] [\#3668](https://github.com/tendermint/tendermint/pull/3668) Make `SecretConnection` non-malleable 416 417 - [proto] [\#3986](https://github.com/tendermint/tendermint/pull/3986) Prefix protobuf types to avoid name conflicts. 418 - ABCI becomes `tendermint.abci.types` with the new API endpoint `/tendermint.abci.types.ABCIApplication/` 419 - core_grpc becomes `tendermint.rpc.grpc` with the new API endpoint `/tendermint.rpc.grpc.BroadcastAPI/` 420 - merkle becomes `tendermint.crypto.merkle` 421 - libs.common becomes `tendermint.libs.common` 422 - proto3 becomes `tendermint.types.proto3` 423 424 ### FEATURES: 425 426 - [p2p] [\#4053](https://github.com/tendermint/tendermint/issues/4053) Add `unconditional_peer_ids` and `persistent_peers_max_dial_period` config variables (see ADR-050) (@dongsam) 427 - [tools] [\#4227](https://github.com/tendermint/tendermint/pull/4227) Implement `tendermint debug kill` and 428 `tendermint debug dump` commands for Tendermint node debugging functionality. See `--help` in both 429 commands for further documentation and usage. 430 - [cli] [\#4234](https://github.com/tendermint/tendermint/issues/4234) Add `--db_backend and --db_dir` flags (@princesinha19) 431 - [cli] [\#4113](https://github.com/tendermint/tendermint/issues/4113) Add optional `--genesis_hash` flag to check genesis hash upon startup 432 - [config] [\#3831](https://github.com/tendermint/tendermint/issues/3831) Add support for [RocksDB](https://rocksdb.org/) (@Stumble) 433 - [rpc] [\#3985](https://github.com/tendermint/tendermint/issues/3985) Add new `/block_by_hash` endpoint, which allows to fetch a block by its hash (@princesinha19) 434 - [metrics] [\#4263](https://github.com/tendermint/tendermint/issues/4263) Add 435 - `consensus_validator_power`: track your validators power 436 - `consensus_validator_last_signed_height`: track at which height the validator last signed 437 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 438 as gauges in prometheus for validator specific metrics 439 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 440 - [lite2] [\#1771](https://github.com/tendermint/tendermint/issues/1771) Light client with weak subjectivity 441 442 ### IMPROVEMENTS: 443 444 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Added `block_size` to `BlockMeta` this is reflected in `/blockchain` 445 - [types] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Add `NumTxs` to `BlockMeta` and `EventDataNewBlockHeader` 446 - [p2p] [\#4185](https://github.com/tendermint/tendermint/pull/4185) Simplify `SecretConnection` handshake with merlin 447 - [cli] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Add `--consensus.create_empty_blocks_interval` flag (@jgimeno) 448 - [docs] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Document `--consensus.create_empty_blocks_interval` flag (@jgimeno) 449 - [crypto] [\#4190](https://github.com/tendermint/tendermint/pull/4190) Added SR25519 signature scheme 450 - [abci] [\#4177] kvstore: Return `LastBlockHeight` and `LastBlockAppHash` in `Info` (@princesinha19) 451 - [rpc] [\#2741](https://github.com/tendermint/tendermint/issues/2741) Add `proposer` to `/consensus_state` response (@princesinha19) 452 - [deps] [\#4289](https://github.com/tendermint/tendermint/pull/4289) Update tm-db to 0.4.0, this includes major breaking changes in the dep that change how errors are handled. 453 454 ### BUG FIXES: 455 456 - [rpc/lib][\#4051](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 457 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) JSONRPCClient: validate that Response.ID matches Request.ID 458 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) WSClient: check for unsolicited responses 459 - [types] [\4164](https://github.com/tendermint/tendermint/pull/4164) Prevent temporary power overflows on validator updates 460 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 461 - [types] [\#4164](https://github.com/tendermint/tendermint/issues/4164) Prevent temporary power overflows on validator updates (joint 462 efforts of @gchaincl and @ancazamfir) 463 - [p2p] [\#4140](https://github.com/tendermint/tendermint/issues/4140) `SecretConnection`: use the transcript solely for authentication (i.e. MAC) 464 - [consensus/types] [\#4243](https://github.com/tendermint/tendermint/issues/4243) fix BenchmarkRoundStateDeepCopy panics (@cuonglm) 465 - [rpc] [\#4256](https://github.com/tendermint/tendermint/issues/4256) Pass `outCapacity` to `eventBus#Subscribe` when subscribing using a local client 466 467 ## v0.32.11 468 469 ### BUG FIXES: 470 471 - [privval] [\#4275](https://github.com/tendermint/tendermint/issues/4275) Fix consensus failure when remote signer drops (@melekes) 472 473 ## v0.32.10 474 475 *April 6, 2020* 476 477 This security release fixes: 478 479 ### Denial of Service 1 480 481 Tendermint 0.33.2 and earlier does not limit the number of P2P connection 482 requests. For each p2p connection, Tendermint allocates ~0.5MB. Even though 483 this memory is garbage collected once the connection is terminated (due to 484 duplicate IP or reaching a maximum number of inbound peers), temporary memory 485 spikes can lead to OOM (Out-Of-Memory) exceptions. 486 487 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 488 connection requests to to `p2p.max_num_inbound_peers + 489 len(p2p.unconditional_peer_ids)`. 490 491 Notes: 492 493 - Tendermint does not rate limit P2P connection requests per IP (an attacker 494 can saturate all the inbound slots); 495 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 496 endpoints to the public, please make sure to put in place some protection 497 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 498 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 499 500 ### Denial of Service 2 501 502 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 503 removed in `Mempool` reactor. This does not happen all the time. It only 504 happens when a connection fails (for any reason) before the Peer is created and 505 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 506 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 507 maximum size of 65535 and the node will panic if this map reaches the maximum. 508 An attacker can create a lot of connection attempts (exploiting Denial of 509 Service 1), which ultimately will lead to the node panicking. 510 511 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 512 which is executed before `MConnection` is started. 513 514 Notes: 515 516 - `InitPeer` function was added to all reactors to combat a similar issue - 517 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 518 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 519 without it. 520 521 **All clients are recommended to upgrade** 522 523 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 524 and reporting this. 525 526 Friendly reminder, we have a [bug bounty 527 program](https://hackerone.com/tendermint). 528 529 ### SECURITY: 530 531 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 532 - [p2p] Limit the number of incoming connections (@melekes) 533 534 ## v0.32.9 535 536 _January, 9, 2020_ 537 538 Special thanks to external contributors on this release: @greg-szabo, @gregzaitsev, @yenkhoon 539 540 Friendly reminder, we have a [bug bounty 541 program](https://hackerone.com/tendermint). 542 543 ### FEATURES: 544 545 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 546 547 - [metrics] [\#4294](https://github.com/tendermint/tendermint/pull/4294) Add 548 - `consensus_validator_power`: track your validators power 549 - `consensus_validator_last_signed_height`: track at which height the validator last signed 550 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 551 as gauges in prometheus for validator specific metrics 552 553 ### BUG FIXES: 554 555 - [rpc/lib] [\#4131](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 556 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 557 558 ## v0.32.8 559 560 *November 19, 2019* 561 562 Special thanks to external contributors on this release: @erikgrinaker, @guagualvcha, @hsyis, @cosmostuba, @whunmr, @austinabell 563 564 Friendly reminder, we have a [bug bounty 565 program.](https://hackerone.com/tendermint). 566 567 568 ### BREAKING CHANGES: 569 570 - Go API 571 572 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) `Query#(Matches|Conditions)` returns an error. 573 574 ### IMPROVEMENTS: 575 576 - [mempool] [\#4083](https://github.com/tendermint/tendermint/pull/4083) Added TxInfo parameter to CheckTx(), and removed CheckTxWithInfo() (@erikgrinaker) 577 - [mempool] [\#4057](https://github.com/tendermint/tendermint/issues/4057) Include peer ID when logging rejected txns (@erikgrinaker) 578 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker) 579 - [p2p] [\#3991](https://github.com/tendermint/tendermint/issues/3991) Log "has been established or dialed" as debug log instead of Error for connected peers (@whunmr) 580 - [rpc] [\#4077](https://github.com/tendermint/tendermint/pull/4077) Added support for `EXISTS` clause to the Websocket query interface. 581 - [privval] Add `SignerDialerEndpointRetryWaitInterval` option (@cosmostuba) 582 - [crypto] Add `RegisterKeyType` to amino to allow external key types registration (@austinabell) 583 584 ### BUG FIXES: 585 586 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) Strip out non-numeric characters when attempting to match numeric values. 587 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) No longer panic in Query#(Matches|Conditions) preferring to return an error instead. 588 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker) 589 - [state] [\#4104](https://github.com/tendermint/tendermint/pull/4104) txindex/kv: Fsync data to disk immediately after receiving it (@guagualvcha) 590 - [state] [\#4095](https://github.com/tendermint/tendermint/pull/4095) txindex/kv: Return an error if there's one when the user searches for a tx (hash=X) (@hsyis) 591 592 ## v0.32.7 593 594 *October 18, 2019* 595 596 This security release fixes a vulnerability found in the `consensus` package, 597 where an attacker could construct a `BlockPartMessage` message in such a way 598 that it will lead to consensus failure. A few similar issues have been 599 identified and fixed here. 600 601 **All clients are recommended to upgrade** 602 603 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 604 and reporting this. 605 606 Friendly reminder, we have a [bug bounty 607 program](https://hackerone.com/tendermint). 608 609 ### BREAKING CHANGES: 610 611 - Go API 612 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 613 they fail to write a message 614 615 ### SECURITY: 616 617 - [consensus] Validate incoming messages more throughly 618 619 ## v0.32.6 620 621 *October 8, 2019* 622 623 The previous patch was insufficient because the attacker could still find a way 624 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 625 with `nil` subpubkeys for example. 626 627 This release provides multiple fixes, which include recovering from panics when 628 accepting new peers and only allowing `ed25519` pubkeys. 629 630 **All clients are recommended to upgrade** 631 632 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 633 this out. 634 635 Friendly reminder, we have a [bug bounty 636 program](https://hackerone.com/tendermint). 637 638 ### SECURITY: 639 640 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 641 642 ## v0.32.5 643 644 *October 1, 2019* 645 646 This release fixes a major security vulnerability found in the `p2p` package. 647 All clients are recommended to upgrade. See 648 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 649 650 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 651 and reporting this issue. 652 653 Friendly reminder, we have a [bug bounty 654 program](https://hackerone.com/tendermint). 655 656 ### SECURITY: 657 658 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 659 660 ## v0.32.4 661 662 *September 19, 2019* 663 664 Special thanks to external contributors on this release: @jon-certik, @gracenoah, @PSalant726, @gchaincl 665 666 Friendly reminder, we have a [bug bounty 667 program](https://hackerone.com/tendermint). 668 669 ### BREAKING CHANGES: 670 671 - CLI/RPC/Config 672 - [rpc] [\#3984](https://github.com/tendermint/tendermint/issues/3984) Add `MempoolClient` interface to `Client` interface 673 674 ### IMPROVEMENTS: 675 676 - [rpc] [\#2010](https://github.com/tendermint/tendermint/issues/2010) Add NewHTTPWithClient and NewJSONRPCClientWithHTTPClient (note these and NewHTTP, NewJSONRPCClient functions panic if remote is invalid) (@gracenoah) 677 - [rpc] [\#3882](https://github.com/tendermint/tendermint/issues/3882) Add custom marshalers to proto messages to disable `omitempty` 678 - [deps] [\#3952](https://github.com/tendermint/tendermint/pull/3952) bump github.com/go-kit/kit from 0.6.0 to 0.9.0 679 - [deps] [\#3951](https://github.com/tendermint/tendermint/pull/3951) bump github.com/stretchr/testify from 1.3.0 to 1.4.0 680 - [deps] [\#3945](https://github.com/tendermint/tendermint/pull/3945) bump github.com/gorilla/websocket from 1.2.0 to 1.4.1 681 - [deps] [\#3948](https://github.com/tendermint/tendermint/pull/3948) bump github.com/libp2p/go-buffer-pool from 0.0.1 to 0.0.2 682 - [deps] [\#3943](https://github.com/tendermint/tendermint/pull/3943) bump github.com/fortytw2/leaktest from 1.2.0 to 1.3.0 683 - [deps] [\#3939](https://github.com/tendermint/tendermint/pull/3939) bump github.com/rs/cors from 1.6.0 to 1.7.0 684 - [deps] [\#3937](https://github.com/tendermint/tendermint/pull/3937) bump github.com/magiconair/properties from 1.8.0 to 1.8.1 685 - [deps] [\#3947](https://github.com/tendermint/tendermint/pull/3947) update gogo/protobuf version from v1.2.1 to v1.3.0 686 - [deps] [\#4001](https://github.com/tendermint/tendermint/pull/4001) bump github.com/tendermint/tm-db from 0.1.1 to 0.2.0 687 688 ### BUG FIXES: 689 690 - [consensus] [\#3908](https://github.com/tendermint/tendermint/issues/3908) Wait `timeout_commit` to pass even if `create_empty_blocks` is `false` 691 - [mempool] [\#3968](https://github.com/tendermint/tendermint/issues/3968) Fix memory loading error on 32-bit machines (@jon-certik) 692 693 ## v0.32.3 694 695 *August 28, 2019* 696 697 @climber73 wrote the [Writing a Tendermint Core application in Java 698 (gRPC)](https://github.com/tendermint/tendermint/blob/master/docs/guides/java.md) 699 guide. 700 701 Special thanks to external contributors on this release: 702 @gchaincl, @bluele, @climber73 703 704 Friendly reminder, we have a [bug bounty 705 program](https://hackerone.com/tendermint). 706 707 ### IMPROVEMENTS: 708 709 - [consensus] [\#3839](https://github.com/tendermint/tendermint/issues/3839) Reduce "Error attempting to add vote" message severity (Error -> Info) 710 - [mempool] [\#3877](https://github.com/tendermint/tendermint/pull/3877) Make `max_tx_bytes` configurable instead of `max_msg_bytes` (@bluele) 711 - [privval] [\#3370](https://github.com/tendermint/tendermint/issues/3370) Refactor and simplify validator/kms connection handling. Please refer to [this comment](https://github.com/tendermint/tendermint/pull/3370#issue-257360971) for details 712 - [rpc] [\#3880](https://github.com/tendermint/tendermint/issues/3880) Document endpoints with `swagger`, introduce contract tests of implementation against documentation 713 714 ### BUG FIXES: 715 716 - [config] [\#3868](https://github.com/tendermint/tendermint/issues/3868) Move misplaced `max_msg_bytes` into mempool section (@bluele) 717 - [rpc] [\#3910](https://github.com/tendermint/tendermint/pull/3910) Fix DATA RACE in HTTP client (@gchaincl) 718 - [store] [\#3893](https://github.com/tendermint/tendermint/issues/3893) Fix "Unregistered interface types.Evidence" panic 719 720 ## v0.32.2 721 722 *July 31, 2019* 723 724 Special thanks to external contributors on this release: 725 @ruseinov, @bluele, @guagualvcha 726 727 Friendly reminder, we have a [bug bounty 728 program](https://hackerone.com/tendermint). 729 730 ### BREAKING CHANGES: 731 732 - Go API 733 - [libs] [\#3811](https://github.com/tendermint/tendermint/issues/3811) Remove `db` from libs in favor of `https://github.com/tendermint/tm-db` 734 735 ### FEATURES: 736 737 - [blockchain] [\#3561](https://github.com/tendermint/tendermint/issues/3561) Add early version of the new blockchain reactor, which is supposed to be more modular and testable compared to the old version. To try it, you'll have to change `version` in the config file, [here](https://github.com/tendermint/tendermint/blob/master/config/toml.go#L303) NOTE: It's not ready for a production yet. For further information, see [ADR-40](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-040-blockchain-reactor-refactor.md) & [ADR-43](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-043-blockchain-riri-org.md) 738 - [mempool] [\#3826](https://github.com/tendermint/tendermint/issues/3826) Make `max_msg_bytes` configurable(@bluele) 739 - [node] [\#3846](https://github.com/tendermint/tendermint/pull/3846) Allow replacing existing p2p.Reactor(s) using [`CustomReactors` 740 option](https://godoc.org/github.com/tendermint/tendermint/node#CustomReactors). 741 Warning: beware of accidental name clashes. Here is the list of existing 742 reactors: MEMPOOL, BLOCKCHAIN, CONSENSUS, EVIDENCE, PEX. 743 - [rpc] [\#3818](https://github.com/tendermint/tendermint/issues/3818) Make `max_body_bytes` and `max_header_bytes` configurable(@bluele) 744 - [rpc] [\#2252](https://github.com/tendermint/tendermint/issues/2252) Add `/broadcast_evidence` endpoint to submit double signing and other types of evidence 745 746 ### IMPROVEMENTS: 747 748 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 749 - [p2p] [\#3664](https://github.com/tendermint/tendermint/issues/3664) p2p/conn: reuse buffer when write/read from secret connection(@guagualvcha) 750 - [p2p] [\#3834](https://github.com/tendermint/tendermint/issues/3834) Do not write 'Couldn't connect to any seeds' error log if there are no seeds in config file 751 - [rpc] [\#3076](https://github.com/tendermint/tendermint/issues/3076) Improve transaction search performance 752 753 ### BUG FIXES: 754 755 - [p2p] [\#3644](https://github.com/tendermint/tendermint/issues/3644) Fix error logging for connection stop (@defunctzombie) 756 - [rpc] [\#3813](https://github.com/tendermint/tendermint/issues/3813) Return err if page is incorrect (less than 0 or greater than total pages) 757 758 ## v0.32.1 759 760 *July 15, 2019* 761 762 Special thanks to external contributors on this release: 763 @ParthDesai, @climber73, @jim380, @ashleyvega 764 765 This release contains a minor enhancement to the ABCI and some breaking changes to our libs folder, namely: 766 - CheckTx requests include a `CheckTxType` enum that can be set to `Recheck` to indicate to the application that this transaction was already checked/validated and certain expensive operations (like checking signatures) can be skipped 767 - Removed various functions from `libs` pkgs 768 769 Friendly reminder, we have a [bug bounty 770 program](https://hackerone.com/tendermint). 771 772 ### BREAKING CHANGES: 773 774 - Go API 775 776 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127) The CheckTx and DeliverTx methods in the ABCI `Application` interface now take structs as arguments (RequestCheckTx and RequestDeliverTx, respectively), instead of just the raw tx bytes. This allows more information to be passed to these methods, for instance, indicating whether a tx has already been checked. 777 - [libs] Remove unused `db/debugDB` and `common/colors.go` & `errors/errors.go` files (@marbar3778) 778 - [libs] [\#2432](https://github.com/tendermint/tendermint/issues/2432) Remove unused `common/heap.go` file (@marbar3778) 779 - [libs] Remove unused `date.go`, `io.go`. Remove `GoPath()`, `Prompt()` and `IsDirEmpty()` functions from `os.go` (@marbar3778) 780 - [libs] Remove unused `FailRand()` func and minor clean up to `fail.go`(@marbar3778) 781 782 ### FEATURES: 783 784 - [node] Add variadic argument to `NewNode` to support functional options, allowing the Node to be more easily customized. 785 - [node][\#3730](https://github.com/tendermint/tendermint/pull/3730) Add `CustomReactors` option to `NewNode` allowing caller to pass 786 custom reactors to run inside Tendermint node (@ParthDesai) 787 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127)RequestCheckTx has a new field, `CheckTxType`, which can take values of `CheckTxType_New` and `CheckTxType_Recheck`, indicating whether this is a new tx being checked for the first time or whether this tx is being rechecked after a block commit. This allows applications to skip certain expensive operations, like signature checking, if they've already been done once. see [docs](https://github.com/tendermint/tendermint/blob/eddb433d7c082efbeaf8974413a36641519ee895/docs/spec/abci/apps.md#mempool-connection) 788 789 ### IMPROVEMENTS: 790 791 - [rpc] [\#3700](https://github.com/tendermint/tendermint/issues/3700) Make possible to set absolute paths for TLS cert and key (@climber73) 792 - [abci] [\#3513](https://github.com/tendermint/tendermint/issues/3513) Call the reqRes callback after the resCb so they always happen in the same order 793 794 ### BUG FIXES: 795 796 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 797 ensurePeers outside of ensurePeersRoutine 798 - [behaviour] [\3772](https://github.com/tendermint/tendermint/pull/3772) Return correct reason in MessageOutOfOrder (@jim380) 799 - [config] [\#3723](https://github.com/tendermint/tendermint/issues/3723) Add consensus_params to testnet config generation; document time_iota_ms (@ashleyvega) 800 801 802 ## v0.32.0 803 804 *June 25, 2019* 805 806 Special thanks to external contributors on this release: 807 @needkane, @SebastianElvis, @andynog, @Yawning, @wooparadog 808 809 This release contains breaking changes to our build and release processes, ABCI, 810 and the RPC, namely: 811 - Use Go modules instead of dep 812 - Bring active development to the `master` Github branch 813 - ABCI Tags are now Events - see 814 [docs](https://github.com/tendermint/tendermint/blob/60827f75623b92eff132dc0eff5b49d2025c591e/docs/spec/abci/abci.md#events) 815 - Bind RPC to localhost by default, not to the public interface [UPGRADING/RPC_Changes](./UPGRADING.md#rpc_changes) 816 817 Friendly reminder, we have a [bug bounty 818 program](https://hackerone.com/tendermint). 819 820 ### BREAKING CHANGES: 821 822 * CLI/RPC/Config 823 - [cli] [\#3613](https://github.com/tendermint/tendermint/issues/3613) Switch from golang/dep to Go Modules to resolve dependencies: 824 It is recommended to switch to Go Modules if your project has tendermint as 825 a dependency. Read more on Modules here: 826 https://github.com/golang/go/wiki/Modules 827 - [config] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed `leveldb` as generic 828 option for `db_backend`. Must be `goleveldb` or `cleveldb`. 829 - [rpc] [\#3616](https://github.com/tendermint/tendermint/issues/3616) Fix field names for `/block_results` response (eg. `results.DeliverTx` 830 -> `results.deliver_tx`). See docs for details. 831 - [rpc] [\#3724](https://github.com/tendermint/tendermint/issues/3724) RPC now binds to `127.0.0.1` by default instead of `0.0.0.0` 832 833 * Apps 834 - [abci] [\#1859](https://github.com/tendermint/tendermint/issues/1859) `ResponseCheckTx`, `ResponseDeliverTx`, `ResponseBeginBlock`, 835 and `ResponseEndBlock` now include `Events` instead of `Tags`. Each `Event` 836 contains a `type` and a list of `attributes` (list of key-value pairs) 837 allowing for inclusion of multiple distinct events in each response. 838 839 * Go API 840 - [abci] [\#3193](https://github.com/tendermint/tendermint/issues/3193) Use RequestDeliverTx and RequestCheckTx in the ABCI 841 Application interface 842 - [libs/db] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed deprecated `LevelDBBackend` const 843 If you have `db_backend` set to `leveldb` in your config file, please 844 change it to `goleveldb` or `cleveldb`. 845 - [p2p] [\#3521](https://github.com/tendermint/tendermint/issues/3521) Remove NewNetAddressStringWithOptionalID 846 847 * Blockchain Protocol 848 849 * P2P Protocol 850 851 ### FEATURES: 852 853 ### IMPROVEMENTS: 854 - [abci/examples] [\#3659](https://github.com/tendermint/tendermint/issues/3659) Change validator update tx format in the `persistent_kvstore` to use base64 for pubkeys instead of hex (@needkane) 855 - [consensus] [\#3656](https://github.com/tendermint/tendermint/issues/3656) Exit if SwitchToConsensus fails 856 - [p2p] [\#3666](https://github.com/tendermint/tendermint/issues/3666) Add per channel telemetry to improve reactor observability 857 - [rpc] [\#3686](https://github.com/tendermint/tendermint/pull/3686) `HTTPClient#Call` returns wrapped errors, so a caller could use `errors.Cause` to retrieve an error code. (@wooparadog) 858 859 ### BUG FIXES: 860 - [libs/db] [\#3717](https://github.com/tendermint/tendermint/issues/3717) Fixed the BoltDB backend's Batch.Delete implementation (@Yawning) 861 - [libs/db] [\#3718](https://github.com/tendermint/tendermint/issues/3718) Fixed the BoltDB backend's Get and Iterator implementation (@Yawning) 862 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 863 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 864 865 *Tendermint 0.31 release series has reached End-Of-Life and is no longer supported.* 866 867 ## v0.31.12 868 869 *April 6, 2020* 870 871 This security release fixes: 872 873 ### Denial of Service 1 874 875 Tendermint 0.33.2 and earlier does not limit the number of P2P connection requests. 876 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 877 memory is garbage collected once the connection is terminated (due to duplicate 878 IP or reaching a maximum number of inbound peers), temporary memory spikes can 879 lead to OOM (Out-Of-Memory) exceptions. 880 881 Tendermint 0.33.3, 0.32.10, and 0.31.12 limit the total number of P2P incoming 882 connection requests to to `p2p.max_num_inbound_peers + 883 len(p2p.unconditional_peer_ids)`. 884 885 Notes: 886 887 - Tendermint does not rate limit P2P connection requests per IP (an attacker 888 can saturate all the inbound slots); 889 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 890 endpoints to the public, please make sure to put in place some protection 891 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 892 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 893 894 ### Denial of Service 2 895 896 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 897 removed in `Mempool` reactor. This does not happen all the time. It only 898 happens when a connection fails (for any reason) before the Peer is created and 899 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 900 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 901 maximum size of 65535 and the node will panic if this map reaches the maximum. 902 An attacker can create a lot of connection attempts (exploiting Denial of 903 Service 1), which ultimately will lead to the node panicking. 904 905 Tendermint 0.33.3, 0.32.10, and 0.31.12 claim `activeID` for a peer in `InitPeer`, 906 which is executed before `MConnection` is started. 907 908 Notes: 909 910 - `InitPeer` function was added to all reactors to combat a similar issue - 911 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 912 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 913 without it. 914 915 **All clients are recommended to upgrade** 916 917 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 918 and reporting this. 919 920 Friendly reminder, we have a [bug bounty 921 program](https://hackerone.com/tendermint). 922 923 ### SECURITY: 924 925 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 926 - [p2p] Limit the number of incoming connections (@melekes) 927 928 ## v0.31.11 929 930 *October 18, 2019* 931 932 This security release fixes a vulnerability found in the `consensus` package, 933 where an attacker could construct a `BlockPartMessage` message in such a way 934 that it will lead to consensus failure. A few similar issues have been 935 identified and fixed here. 936 937 **All clients are recommended to upgrade** 938 939 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 940 and reporting this. 941 942 Friendly reminder, we have a [bug bounty 943 program](https://hackerone.com/tendermint). 944 945 ### BREAKING CHANGES: 946 947 - Go API 948 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 949 they fail to write a message 950 951 ### SECURITY: 952 953 - [consensus] Validate incoming messages more throughly 954 955 ## v0.31.10 956 957 *October 8, 2019* 958 959 The previous patch was insufficient because the attacker could still find a way 960 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 961 with `nil` subpubkeys for example. 962 963 This release provides multiple fixes, which include recovering from panics when 964 accepting new peers and only allowing `ed25519` pubkeys. 965 966 **All clients are recommended to upgrade** 967 968 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 969 this out. 970 971 Friendly reminder, we have a [bug bounty 972 program](https://hackerone.com/tendermint). 973 974 ### SECURITY: 975 976 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 977 978 ## v0.31.9 979 980 *October 1, 2019* 981 982 This release fixes a major security vulnerability found in the `p2p` package. 983 All clients are recommended to upgrade. See 984 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 985 986 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 987 and reporting this issue. 988 989 Friendly reminder, we have a [bug bounty 990 program](https://hackerone.com/tendermint). 991 992 ### SECURITY: 993 994 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 995 996 ### BUG FIXES: 997 998 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 999 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 1000 1001 ## v0.31.8 1002 1003 *July 29, 2019* 1004 1005 This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's 1006 ABCI server, which allows it to properly cleanup. 1007 1008 ### IMPROVEMENTS: 1009 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 1010 1011 ### BUG FIXES: 1012 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 1013 ensurePeers outside of ensurePeersRoutine 1014 1015 ## v0.31.7 1016 1017 *June 3, 2019* 1018 1019 This releases fixes a regression in the mempool introduced in v0.31.6. 1020 The regression caused the invalid committed txs to be proposed in blocks over and 1021 over again. 1022 1023 ### BUG FIXES: 1024 - [mempool] [\#3699](https://github.com/tendermint/tendermint/issues/3699) Remove all committed txs from the mempool. 1025 This reverts the change from v0.31.6 where we only remove valid txs from the mempool. 1026 Note this means malicious proposals can cause txs to be dropped from the 1027 mempools of other nodes by including them in blocks before they are valid. 1028 See [\#3322](https://github.com/tendermint/tendermint/issues/3322). 1029 1030 ## v0.31.6 1031 1032 *May 31st, 2019* 1033 1034 This release contains many fixes and improvements, primarily for p2p functionality. 1035 It also fixes a security issue in the mempool package. 1036 1037 With this release, Tendermint now supports [boltdb](https://github.com/etcd-io/bbolt), although 1038 in experimental mode. Feel free to try and report to us any findings/issues. 1039 Note also that the build tags for compiling CLevelDB have changed. 1040 1041 Special thanks to external contributors on this release: 1042 @guagualvcha, @james-ray, @gregdhill, @climber73, @yutianwu, 1043 @carlosflrs, @defunctzombie, @leoluk, @needkane, @CrocdileChan 1044 1045 ### BREAKING CHANGES: 1046 1047 * Go API 1048 - [libs/common] Removed deprecated `PanicSanity`, `PanicCrisis`, 1049 `PanicConsensus` and `PanicQ` 1050 - [mempool, state] [\#2659](https://github.com/tendermint/tendermint/issues/2659) `Mempool` now an interface that lives in the mempool package. 1051 See issue and PR for more details. 1052 - [p2p] [\#3346](https://github.com/tendermint/tendermint/issues/3346) `Reactor#InitPeer` method is added to `Reactor` interface 1053 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) `Commit#VoteSignBytes` signature was changed 1054 1055 ### FEATURES: 1056 - [node] [\#2659](https://github.com/tendermint/tendermint/issues/2659) Add `node.Mempool()` method, which allows you to access mempool 1057 - [libs/db] [\#3604](https://github.com/tendermint/tendermint/pull/3604) Add experimental support for bolt db (etcd's fork of bolt) (@CrocdileChan) 1058 1059 ### IMPROVEMENTS: 1060 - [cli] [\#3585](https://github.com/tendermint/tendermint/issues/3585) Add `--keep-addr-book` option to `unsafe_reset_all` cmd to not 1061 clear the address book (@climber73) 1062 - [cli] [\#3160](https://github.com/tendermint/tendermint/issues/3160) Add 1063 `--config=<path-to-config>` option to `testnet` cmd (@gregdhill) 1064 - [cli] [\#3661](https://github.com/tendermint/tendermint/pull/3661) Add 1065 `--hostname-suffix`, `--hostname` and `--random-monikers` options to `testnet` 1066 cmd for greater peer address/identity generation flexibility. 1067 - [crypto] [\#3672](https://github.com/tendermint/tendermint/issues/3672) Return more info in the `AddSignatureFromPubKey` error 1068 - [cs/replay] [\#3460](https://github.com/tendermint/tendermint/issues/3460) Check appHash for each block 1069 - [libs/db] [\#3611](https://github.com/tendermint/tendermint/issues/3611) Conditional compilation 1070 * Use `cleveldb` tag instead of `gcc` to compile Tendermint with CLevelDB or 1071 use `make build_c` / `make install_c` (full instructions can be found at 1072 https://docs.tendermint.com/master/introduction/install.html#compile-with-cleveldb-support) 1073 * Use `boltdb` tag to compile Tendermint with bolt db 1074 - [node] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Return an error if `persistent_peers` list is invalid (except 1075 when IP lookup fails) 1076 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer (@guagualvcha) 1077 - [p2p] [\#3531](https://github.com/tendermint/tendermint/issues/3531) Terminate session on nonce wrapping (@climber73) 1078 - [pex] [\#3647](https://github.com/tendermint/tendermint/pull/3647) Dial seeds, if any, instead of crawling peers first (@defunctzombie) 1079 - [rpc] [\#3534](https://github.com/tendermint/tendermint/pull/3534) Add support for batched requests/responses in JSON RPC 1080 - [rpc] [\#3362](https://github.com/tendermint/tendermint/issues/3362) `/dial_seeds` & `/dial_peers` return errors if addresses are 1081 incorrect (except when IP lookup fails) 1082 1083 ### BUG FIXES: 1084 - [consensus] [\#3067](https://github.com/tendermint/tendermint/issues/3067) Fix replay from appHeight==0 with validator set changes (@james-ray) 1085 - [consensus] [\#3304](https://github.com/tendermint/tendermint/issues/3304) Create a peer state in consensus reactor before the peer 1086 is started (@guagualvcha) 1087 - [lite] [\#3669](https://github.com/tendermint/tendermint/issues/3669) Add context parameter to RPC Handlers in proxy routes (@yutianwu) 1088 - [mempool] [\#3322](https://github.com/tendermint/tendermint/issues/3322) When a block is committed, only remove committed txs from the mempool 1089 that were valid (ie. `ResponseDeliverTx.Code == 0`) 1090 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Ensure `RemovePeer` is always called before `InitPeer` (upon a peer 1091 reconnecting to our node) 1092 - [p2p] [\#3532](https://github.com/tendermint/tendermint/issues/3532) Limit the number of attempts to connect to a peer in seed mode 1093 to 16 (as a result, the node will stop retrying after a 35 hours time window) 1094 - [p2p] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Allow inbound peers to be persistent, including for seed nodes. 1095 - [pex] [\#3603](https://github.com/tendermint/tendermint/pull/3603) Dial seeds when addrbook needs more addresses (@defunctzombie) 1096 1097 ### OTHERS: 1098 - [networks] fixes ansible integration script (@carlosflrs) 1099 1100 ## v0.31.5 1101 1102 *April 16th, 2019* 1103 1104 This release fixes a regression from v0.31.4 where, in existing chains that 1105 were upgraded, `/validators` could return an empty validator set. This is true 1106 for almost all heights, given the validator set remains the same. 1107 1108 Special thanks to external contributors on this release: 1109 @brapse, @guagualvcha, @dongsam, @phucc 1110 1111 ### IMPROVEMENTS: 1112 1113 - [libs/common] `CMap`: slight optimization in `Keys()` and `Values()` (@phucc) 1114 - [gitignore] gitignore: add .vendor-new (@dongsam) 1115 1116 ### BUG FIXES: 1117 1118 - [state] [\#3537](https://github.com/tendermint/tendermint/pull/3537#issuecomment-482711833) 1119 `LoadValidators`: do not return an empty validator set 1120 - [blockchain] [\#3457](https://github.com/tendermint/tendermint/issues/3457) 1121 Fix "peer did not send us anything" in `fast_sync` mode when under high pressure 1122 1123 ## v0.31.4 1124 1125 *April 12th, 2019* 1126 1127 This release fixes a regression from v0.31.3 which used the peer's `SocketAddr` to add the peer to 1128 the address book. This swallowed the peer's self-reported port which is important in case of reconnect. 1129 It brings back `NetAddress()` to `NodeInfo` and uses it instead of `SocketAddr` for adding peers. 1130 Additionally, it improves response time on the `/validators` or `/status` RPC endpoints. 1131 As a side-effect it makes these RPC endpoint more difficult to DoS and fixes a performance degradation in `ExecCommitBlock`. 1132 Also, it contains an [ADR](https://github.com/tendermint/tendermint/pull/3539) that proposes decoupling the 1133 responsibility for peer behaviour from the `p2p.Switch` (by @brapse). 1134 1135 Special thanks to external contributors on this release: 1136 @brapse, @guagualvcha, @mydring 1137 1138 ### IMPROVEMENTS: 1139 1140 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer 1141 - [p2p] [\#3547](https://github.com/tendermint/tendermint/pull/3547) Fix a couple of annoying typos (@mdyring) 1142 1143 ### BUG FIXES: 1144 1145 - [docs] [\#3514](https://github.com/tendermint/tendermint/issues/3514) Fix block.Header.Time description (@melekes) 1146 - [p2p] [\#2716](https://github.com/tendermint/tendermint/issues/2716) Check if we're already connected to peer right before dialing it (@melekes) 1147 - [p2p] [\#3545](https://github.com/tendermint/tendermint/issues/3545) Add back `NetAddress()` to `NodeInfo` and use it instead of peer's `SocketAddr()` when adding a peer to the `PEXReactor` (potential fix for [\#3532](https://github.com/tendermint/tendermint/issues/3532)) 1148 - [state] [\#3438](https://github.com/tendermint/tendermint/pull/3438) 1149 Persist validators every 100000 blocks even if no changes to the set 1150 occurred (@guagualvcha). This 1151 1) Prevents possible DoS attack using `/validators` or `/status` RPC 1152 endpoints. Before response time was growing linearly with height if no 1153 changes were made to the validator set. 1154 2) Fixes performance degradation in `ExecCommitBlock` where we call 1155 `LoadValidators` for each `Evidence` in the block. 1156 1157 ## v0.31.3 1158 1159 *April 1st, 2019* 1160 1161 This release includes two security sensitive fixes: it ensures generated private 1162 keys are valid, and it prevents certain DNS lookups that would cause the node to 1163 panic if the lookup failed. 1164 1165 ### BREAKING CHANGES: 1166 * Go API 1167 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1168 The `secp256k1.GenPrivKeySecp256k1` function has changed to guarantee that it returns a valid key, which means it 1169 will return a different private key than in previous versions for the same secret. 1170 1171 ### BUG FIXES: 1172 1173 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1174 Ensure generated private keys are valid by randomly sampling until a valid key is found. 1175 Previously, it was possible (though rare!) to generate keys that exceeded the curve order. 1176 Such keys would lead to invalid signatures. 1177 - [p2p] [\#3522](https://github.com/tendermint/tendermint/issues/3522) Memoize 1178 socket address in peer connections to avoid DNS lookups. Previously, failed 1179 DNS lookups could cause the node to panic. 1180 1181 ## v0.31.2 1182 1183 *March 30th, 2019* 1184 1185 This release fixes a regression from v0.31.1 where Tendermint panics under 1186 mempool load for external ABCI apps. 1187 1188 Special thanks to external contributors on this release: 1189 @guagualvcha 1190 1191 ### BREAKING CHANGES: 1192 1193 * CLI/RPC/Config 1194 1195 * Apps 1196 1197 * Go API 1198 - [libs/autofile] [\#3504](https://github.com/tendermint/tendermint/issues/3504) Remove unused code in autofile package. Deleted functions: `Group.Search`, `Group.FindLast`, `GroupReader.ReadLine`, `GroupReader.PushLine`, `MakeSimpleSearchFunc` (@guagualvcha) 1199 1200 * Blockchain Protocol 1201 1202 * P2P Protocol 1203 1204 ### FEATURES: 1205 1206 ### IMPROVEMENTS: 1207 1208 - [circle] [\#3497](https://github.com/tendermint/tendermint/issues/3497) Move release management to CircleCI 1209 1210 ### BUG FIXES: 1211 1212 - [mempool] [\#3512](https://github.com/tendermint/tendermint/issues/3512) Fix panic from concurrent access to txsMap, a regression for external ABCI apps introduced in v0.31.1 1213 1214 ## v0.31.1 1215 1216 *March 27th, 2019* 1217 1218 This release contains a major improvement for the mempool that reduce the amount of sent data by about 30% 1219 (see some numbers below). 1220 It also fixes a memory leak in the mempool and adds TLS support to the RPC server by providing a certificate and key in the config. 1221 1222 Special thanks to external contributors on this release: 1223 @brapse, @guagualvcha, @HaoyangLiu, @needkane, @TraceBundy 1224 1225 ### BREAKING CHANGES: 1226 1227 * CLI/RPC/Config 1228 1229 * Apps 1230 1231 * Go API 1232 - [crypto] [\#3426](https://github.com/tendermint/tendermint/pull/3426) Remove `Ripemd160` helper method (@needkane) 1233 - [libs/common] [\#3429](https://github.com/tendermint/tendermint/pull/3429) Remove `RepeatTimer` (also `TimerMaker` and `Ticker` interface) 1234 - [rpc/client] [\#3458](https://github.com/tendermint/tendermint/issues/3458) Include `NetworkClient` interface into `Client` interface 1235 - [types] [\#3448](https://github.com/tendermint/tendermint/issues/3448) Remove method `PB2TM.ConsensusParams` 1236 1237 * Blockchain Protocol 1238 1239 * P2P Protocol 1240 1241 ### FEATURES: 1242 1243 - [rpc] [\#3419](https://github.com/tendermint/tendermint/issues/3419) Start HTTPS server if `rpc.tls_cert_file` and `rpc.tls_key_file` are provided in the config (@guagualvcha) 1244 1245 ### IMPROVEMENTS: 1246 1247 - [docs] [\#3140](https://github.com/tendermint/tendermint/issues/3140) Formalize proposer election algorithm properties 1248 - [docs] [\#3482](https://github.com/tendermint/tendermint/issues/3482) Fix broken links (@brapse) 1249 - [mempool] [\#2778](https://github.com/tendermint/tendermint/issues/2778) No longer send txs back to peers who sent it to you. 1250 Also, limit to 65536 active peers. 1251 This vastly improves the bandwidth consumption of nodes. 1252 For instance, for a 4 node localnet, in a test sending 250byte txs for 120 sec. at 500 txs/sec (total of 15MB): 1253 - total bytes received from 1st node: 1254 - before: 42793967 (43MB) 1255 - after: 30003256 (30MB) 1256 - total bytes sent to 1st node: 1257 - before: 30569339 (30MB) 1258 - after: 19304964 (19MB) 1259 - [p2p] [\#3475](https://github.com/tendermint/tendermint/issues/3475) Simplify `GetSelectionWithBias` for addressbook (@guagualvcha) 1260 - [rpc/lib/client] [\#3430](https://github.com/tendermint/tendermint/issues/3430) Disable compression for HTTP client to prevent GZIP-bomb DoS attacks (@guagualvcha) 1261 1262 ### BUG FIXES: 1263 1264 - [blockchain] [\#2699](https://github.com/tendermint/tendermint/issues/2699) Update the maxHeight when a peer is removed 1265 - [mempool] [\#3478](https://github.com/tendermint/tendermint/issues/3478) Fix memory-leak related to `broadcastTxRoutine` (@HaoyangLiu) 1266 1267 1268 ## v0.31.0 1269 1270 *March 16th, 2019* 1271 1272 Special thanks to external contributors on this release: 1273 @danil-lashin, @guagualvcha, @siburu, @silasdavis, @srmo, @Stumble, @svenstaro 1274 1275 This release is primarily about the new pubsub implementation, dubbed `pubsub 2.0`, and related changes, 1276 like configurable limits on the number of active RPC subscriptions at a time (`max_subscription_clients`). 1277 Pubsub 2.0 is an improved version of the older pubsub that is non-blocking and has a nicer API. 1278 Note the improved pubsub API also resulted in some improvements to the HTTPClient interface and the API for WebSocket subscriptions. 1279 This release also adds a configurable limit to the mempool size (`max_txs_bytes`, default 1GB) 1280 and a configurable timeout for the `/broadcast_tx_commit` endpoint. 1281 1282 See the [v0.31.0 1283 Milestone](https://github.com/tendermint/tendermint/milestone/19?closed=1) for 1284 more details. 1285 1286 Friendly reminder, we have a [bug bounty 1287 program](https://hackerone.com/tendermint). 1288 1289 ### BREAKING CHANGES: 1290 1291 * CLI/RPC/Config 1292 - [config] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Remove `consensus.blocktime_iota` parameter 1293 - [rpc] [\#3227](https://github.com/tendermint/tendermint/issues/3227) New PubSub design does not block on clients when publishing 1294 messages. Slow clients may miss messages and receive an error, terminating 1295 the subscription. 1296 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique clientIDs with open subscriptions. Configurable via `rpc.max_subscription_clients` 1297 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique queries a given client can subscribe to at once. Configurable via `rpc.max_subscriptions_per_client`. 1298 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) Default ReadTimeout and WriteTimeout changed to 10s. WriteTimeout can increased by setting `rpc.timeout_broadcast_tx_commit` in the config. 1299 - [rpc/client] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Update `EventsClient` interface to reflect new pubsub/eventBus API [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md). This includes `Subscribe`, `Unsubscribe`, and `UnsubscribeAll` methods. 1300 1301 * Apps 1302 - [abci] [\#3403](https://github.com/tendermint/tendermint/issues/3403) Remove `time_iota_ms` from BlockParams. This is a 1303 ConsensusParam but need not be exposed to the app for now. 1304 - [abci] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Rename `consensus_params.block_size` to `consensus_params.block` in ABCI ConsensusParams 1305 1306 * Go API 1307 - [libs/common] TrapSignal accepts logger as a first parameter and does not block anymore 1308 * previously it was dumping "captured ..." msg to os.Stdout 1309 * TrapSignal should not be responsible for blocking thread of execution 1310 - [libs/db] [\#3397](https://github.com/tendermint/tendermint/pull/3397) Add possibility to `Close()` `Batch` to prevent memory leak when using ClevelDB. (@Stumble) 1311 - [types] [\#3354](https://github.com/tendermint/tendermint/issues/3354) Remove RoundState from EventDataRoundState 1312 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) `StartHTTPServer` / `StartHTTPAndTLSServer` now require a Config (use `rpcserver.DefaultConfig`) 1313 1314 * Blockchain Protocol 1315 1316 * P2P Protocol 1317 1318 ### FEATURES: 1319 - [config] [\#3269](https://github.com/tendermint/tendermint/issues/2826) New configuration values for controlling RPC subscriptions: 1320 - `rpc.max_subscription_clients` sets the maximum number of unique clients 1321 with open subscriptions 1322 - `rpc.max_subscriptions_per_client`sets the maximum number of unique 1323 subscriptions from a given client 1324 - `rpc.timeout_broadcast_tx_commit` sets the time to wait for a tx to be committed during `/broadcast_tx_commit` 1325 - [types] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Add `time_iota_ms` to block's consensus parameters (not exposed to the application) 1326 - [lite] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Add `/unsubscribe_all` endpoint to unsubscribe from all events 1327 - [mempool] [\#3079](https://github.com/tendermint/tendermint/issues/3079) Bound mempool memory usage via the `mempool.max_txs_bytes` configuration value. Set to 1GB by default. The mempool's current `txs_total_bytes` is exposed via `total_bytes` field in 1328 `/num_unconfirmed_txs` and `/unconfirmed_txs` RPC endpoints. 1329 1330 ### IMPROVEMENTS: 1331 - [all] [\#3385](https://github.com/tendermint/tendermint/issues/3385), [\#3386](https://github.com/tendermint/tendermint/issues/3386) Various linting improvements 1332 - [crypto] [\#3371](https://github.com/tendermint/tendermint/issues/3371) Copy in secp256k1 package from go-ethereum instead of importing 1333 go-ethereum (@silasdavis) 1334 - [deps] [\#3382](https://github.com/tendermint/tendermint/issues/3382) Don't pin repos without releases 1335 - [deps] [\#3357](https://github.com/tendermint/tendermint/issues/3357), [\#3389](https://github.com/tendermint/tendermint/issues/3389), [\#3392](https://github.com/tendermint/tendermint/issues/3392) Update gogo/protobuf, golang/protobuf, levigo, golang.org/x/crypto 1336 - [libs/common] [\#3238](https://github.com/tendermint/tendermint/issues/3238) exit with zero (0) code upon receiving SIGTERM/SIGINT 1337 - [libs/db] [\#3378](https://github.com/tendermint/tendermint/issues/3378) CLevelDB#Stats now returns the following properties: 1338 - leveldb.num-files-at-level{n} 1339 - leveldb.stats 1340 - leveldb.sstables 1341 - leveldb.blockpool 1342 - leveldb.cachedblock 1343 - leveldb.openedtables 1344 - leveldb.alivesnaps 1345 - leveldb.aliveiters 1346 - [privval] [\#3351](https://github.com/tendermint/tendermint/pull/3351) First part of larger refactoring that clarifies and separates concerns in the privval package. 1347 1348 ### BUG FIXES: 1349 - [blockchain] [\#3358](https://github.com/tendermint/tendermint/pull/3358) Fix timer leak in `BlockPool` (@guagualvcha) 1350 - [cmd] [\#3408](https://github.com/tendermint/tendermint/issues/3408) Fix `testnet` command's panic when creating non-validator configs (using `--n` flag) (@srmo) 1351 - [libs/db/remotedb/grpcdb] [\#3402](https://github.com/tendermint/tendermint/issues/3402) Close Iterator/ReverseIterator after use 1352 - [libs/pubsub] [\#951](https://github.com/tendermint/tendermint/issues/951), [\#1880](https://github.com/tendermint/tendermint/issues/1880) Use non-blocking send when dispatching messages [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md) 1353 - [lite] [\#3364](https://github.com/tendermint/tendermint/issues/3364) Fix `/validators` and `/abci_query` proxy endpoints 1354 (@guagualvcha) 1355 - [p2p/conn] [\#3347](https://github.com/tendermint/tendermint/issues/3347) Reject all-zero shared secrets in the Diffie-Hellman step of secret-connection 1356 - [p2p] [\#3369](https://github.com/tendermint/tendermint/issues/3369) Do not panic when filter times out 1357 - [p2p] [\#3359](https://github.com/tendermint/tendermint/pull/3359) Fix reconnecting report duplicate ID error due to race condition between adding peer to peerSet and starting it (@guagualvcha) 1358 1359 ## v0.30.2 1360 1361 *March 10th, 2019* 1362 1363 This release fixes a CLevelDB memory leak. It was happening because we were not 1364 closing the WriteBatch object after use. See [levigo's 1365 godoc](https://godoc.org/github.com/jmhodges/levigo#WriteBatch.Close) for the 1366 Close method. Special thanks goes to @Stumble who both reported an issue in 1367 [cosmos-sdk](https://github.com/cosmos/cosmos-sdk/issues/3842) and provided a 1368 fix here. 1369 1370 ### BREAKING CHANGES: 1371 1372 * Go API 1373 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Add Close() method to Batch interface (@Stumble) 1374 1375 ### BUG FIXES: 1376 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Fix CLevelDB memory leak (@Stumble) 1377 1378 ## v0.30.1 1379 1380 *February 20th, 2019* 1381 1382 This release fixes a consensus halt and a DataCorruptionError after restart 1383 discovered in `game_of_stakes_6`. It also fixes a security issue in the p2p 1384 handshake by authenticating the NetAddress.ID of the peer we're dialing. 1385 1386 ### IMPROVEMENTS: 1387 1388 * [config] [\#3291](https://github.com/tendermint/tendermint/issues/3291) Make 1389 config.ResetTestRootWithChainID() create concurrency-safe test directories. 1390 1391 ### BUG FIXES: 1392 1393 * [consensus] [\#3295](https://github.com/tendermint/tendermint/issues/3295) 1394 Flush WAL on stop to prevent data corruption during graceful shutdown. 1395 * [consensus] [\#3302](https://github.com/tendermint/tendermint/issues/3302) 1396 Fix possible halt by resetting TriggeredTimeoutPrecommit before starting next height. 1397 * [rpc] [\#3251](https://github.com/tendermint/tendermint/issues/3251) Fix 1398 `/net_info#peers#remote_ip` format. New format spec: 1399 * dotted decimal ("192.0.2.1"), if ip is an IPv4 or IP4-mapped IPv6 address 1400 * IPv6 ("2001:db8::1"), if ip is a valid IPv6 address 1401 * [cmd] [\#3314](https://github.com/tendermint/tendermint/issues/3314) Return 1402 an error on `show_validator` when the private validator file does not exist. 1403 * [p2p] [\#3010](https://github.com/tendermint/tendermint/issues/3010#issuecomment-464287627) 1404 Authenticate a peer against its NetAddress.ID when dialing. 1405 1406 ## v0.30.0 1407 1408 *February 8th, 2019* 1409 1410 This release fixes yet another issue with the proposer selection algorithm. 1411 We hope it's the last one, but we won't be surprised if it's not. 1412 We plan to one day expose the selection algorithm more directly to 1413 the application ([\#3285](https://github.com/tendermint/tendermint/issues/3285)), and even to support randomness ([\#763](https://github.com/tendermint/tendermint/issues/763)). 1414 For more, see issues marked 1415 [proposer-selection](https://github.com/tendermint/tendermint/labels/proposer-selection). 1416 1417 This release also includes a fix to prevent Tendermint from including the same 1418 piece of evidence in more than one block. This issue was reported by @chengwenxi in our 1419 [bug bounty program](https://hackerone.com/tendermint). 1420 1421 ### BREAKING CHANGES: 1422 1423 * Apps 1424 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1425 Duplicate updates for the same validator are forbidden. Apps must ensure 1426 that a given `ResponseEndBlock.ValidatorUpdates` contains only one entry per pubkey. 1427 1428 * Go API 1429 - [types] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1430 Remove `Add` and `Update` methods from `ValidatorSet` in favor of new 1431 `UpdateWithChangeSet`. This allows updates to be applied as a set, instead of 1432 one at a time. 1433 1434 * Block Protocol 1435 - [state] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Blocks that include already committed evidence are invalid. 1436 1437 * P2P Protocol 1438 - [consensus] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1439 Validator updates are applied as a set, instead of one at a time, thus 1440 impacting the proposer priority calculation. This ensures that the proposer 1441 selection algorithm does not depend on the order of updates in 1442 `ResponseEndBlock.ValidatorUpdates`. 1443 1444 ### IMPROVEMENTS: 1445 - [crypto] [\#3279](https://github.com/tendermint/tendermint/issues/3279) Use `btcec.S256().N` directly instead of hard coding a copy. 1446 1447 ### BUG FIXES: 1448 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) Fix validator set updates so they are applied as a set, rather 1449 than one at a time. This makes the proposer selection algorithm independent of 1450 the order of updates in `ResponseEndBlock.ValidatorUpdates`. 1451 - [evidence] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Don't add committed evidence to evidence pool. 1452 1453 ## v0.29.2 1454 1455 *February 7th, 2019* 1456 1457 Special thanks to external contributors on this release: 1458 @ackratos, @rickyyangz 1459 1460 **Note**: This release contains security sensitive patches in the `p2p` and 1461 `crypto` packages: 1462 - p2p: 1463 - Partial fix for MITM attacks on the p2p connection. MITM conditions may 1464 still exist. See [\#3010](https://github.com/tendermint/tendermint/issues/3010). 1465 - crypto: 1466 - Eliminate our fork of `btcd` and use the `btcd/btcec` library directly for 1467 native secp256k1 signing. Note we still modify the signature encoding to 1468 prevent malleability. 1469 - Support the libsecp256k1 library via CGo through the `go-ethereum/crypto/secp256k1` package. 1470 - Eliminate MixEntropy functions 1471 1472 ### BREAKING CHANGES: 1473 1474 * Go API 1475 - [crypto] [\#3278](https://github.com/tendermint/tendermint/issues/3278) Remove 1476 MixEntropy functions 1477 - [types] [\#3245](https://github.com/tendermint/tendermint/issues/3245) Commit uses `type CommitSig Vote` instead of `Vote` directly. 1478 In preparation for removing redundant fields from the commit [\#1648](https://github.com/tendermint/tendermint/issues/1648) 1479 1480 ### IMPROVEMENTS: 1481 - [consensus] [\#3246](https://github.com/tendermint/tendermint/issues/3246) Better logging and notes on recovery for corrupted WAL file 1482 - [crypto] [\#3163](https://github.com/tendermint/tendermint/issues/3163) Use ethereum's libsecp256k1 go-wrapper for signatures when cgo is available 1483 - [crypto] [\#3162](https://github.com/tendermint/tendermint/issues/3162) Wrap btcd instead of forking it to keep up with fixes (used if cgo is not available) 1484 - [makefile] [\#3233](https://github.com/tendermint/tendermint/issues/3233) Use golangci-lint instead of go-metalinter 1485 - [tools] [\#3218](https://github.com/tendermint/tendermint/issues/3218) Add go-deadlock tool to help detect deadlocks 1486 - [tools] [\#3106](https://github.com/tendermint/tendermint/issues/3106) Add tm-signer-harness test harness for remote signers 1487 - [tests] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fixed a bunch of non-deterministic test failures 1488 1489 ### BUG FIXES: 1490 - [node] [\#3186](https://github.com/tendermint/tendermint/issues/3186) EventBus and indexerService should be started before first block (for replay last block on handshake) execution (@ackratos) 1491 - [p2p] [\#3232](https://github.com/tendermint/tendermint/issues/3232) Fix infinite loop leading to addrbook deadlock for seed nodes 1492 - [p2p] [\#3247](https://github.com/tendermint/tendermint/issues/3247) Fix panic in SeedMode when calling FlushStop and OnStop 1493 concurrently 1494 - [p2p] [\#3040](https://github.com/tendermint/tendermint/issues/3040) Fix MITM on secret connection by checking low-order points 1495 - [privval] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fix race between sign requests and ping requests in socket that was causing messages to be corrupted 1496 1497 ## v0.29.1 1498 1499 *January 24, 2019* 1500 1501 Special thanks to external contributors on this release: 1502 @infinytum, @gauthamzz 1503 1504 This release contains two important fixes: one for p2p layer where we sometimes 1505 were not closing connections and one for consensus layer where consensus with 1506 no empty blocks (`create_empty_blocks = false`) could halt. 1507 1508 Friendly reminder, we have a [bug bounty 1509 program](https://hackerone.com/tendermint). 1510 1511 ### IMPROVEMENTS: 1512 - [pex] [\#3037](https://github.com/tendermint/tendermint/issues/3037) Only log "Reached max attempts to dial" once 1513 - [rpc] [\#3159](https://github.com/tendermint/tendermint/issues/3159) Expose 1514 `triggered_timeout_commit` in the `/dump_consensus_state` 1515 1516 ### BUG FIXES: 1517 - [consensus] [\#3199](https://github.com/tendermint/tendermint/issues/3199) Fix consensus halt with no empty blocks from not resetting triggeredTimeoutCommit 1518 - [p2p] [\#2967](https://github.com/tendermint/tendermint/issues/2967) Fix file descriptor leak 1519 1520 ## v0.29.0 1521 1522 *January 21, 2019* 1523 1524 Special thanks to external contributors on this release: 1525 @bradyjoestar, @kunaldhariwal, @gauthamzz, @hrharder 1526 1527 This release is primarily about making some breaking changes to 1528 the Block protocol version before Cosmos launch, and to fixing more issues 1529 in the proposer selection algorithm discovered on Cosmos testnets. 1530 1531 The Block protocol changes include using a standard Merkle tree format (RFC 6962), 1532 fixing some inconsistencies between field orders in Vote and Proposal structs, 1533 and constraining the hash of the ConsensusParams to include only a few fields. 1534 1535 The proposer selection algorithm saw significant progress, 1536 including a [formal proof by @cwgoes for the base-case in Idris](https://github.com/cwgoes/tm-proposer-idris) 1537 and a [much more detailed specification (still in progress) by 1538 @ancazamfir](https://github.com/tendermint/tendermint/pull/3140). 1539 1540 Fixes to the proposer selection algorithm include normalizing the proposer 1541 priorities to mitigate the effects of large changes to the validator set. 1542 That said, we just discovered [another bug](https://github.com/tendermint/tendermint/issues/3181), 1543 which will be fixed in the next breaking release. 1544 1545 While we are trying to stabilize the Block protocol to preserve compatibility 1546 with old chains, there may be some final changes yet to come before Cosmos 1547 launch as we continue to audit and test the software. 1548 1549 Friendly reminder, we have a [bug bounty 1550 program](https://hackerone.com/tendermint). 1551 1552 ### BREAKING CHANGES: 1553 1554 * CLI/RPC/Config 1555 1556 * Apps 1557 - [state] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Total voting power of the validator set is upper bounded by 1558 `MaxInt64 / 8`. Apps must ensure they do not return changes to the validator 1559 set that cause this maximum to be exceeded. 1560 1561 * Go API 1562 - [node] [\#3082](https://github.com/tendermint/tendermint/issues/3082) MetricsProvider now requires you to pass a chain ID 1563 - [types] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Rename `TxProof.LeafHash` to `TxProof.Leaf` 1564 - [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) `SimpleProof.Verify` takes a `leaf` instead of a 1565 `leafHash` and performs the hashing itself 1566 1567 * Blockchain Protocol 1568 * [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Merkle trees now match the RFC 6962 specification 1569 * [types] [\#3078](https://github.com/tendermint/tendermint/issues/3078) Re-order Timestamp and BlockID in CanonicalVote so it's 1570 consistent with CanonicalProposal (BlockID comes 1571 first) 1572 * [types] [\#3165](https://github.com/tendermint/tendermint/issues/3165) Hash of ConsensusParams only includes BlockSize.MaxBytes and 1573 BlockSize.MaxGas 1574 1575 * P2P Protocol 1576 - [consensus] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Normalize priorities to not exceed `2*TotalVotingPower` to mitigate unfair proposer selection 1577 heavily preferring earlier joined validators in the case of an early bonded large validator unbonding 1578 1579 ### FEATURES: 1580 1581 ### IMPROVEMENTS: 1582 - [rpc] [\#3065](https://github.com/tendermint/tendermint/issues/3065) Return maxPerPage (100), not defaultPerPage (30) if `per_page` is greater than the max 100. 1583 - [instrumentation] [\#3082](https://github.com/tendermint/tendermint/issues/3082) Add `chain_id` label for all metrics 1584 1585 ### BUG FIXES: 1586 - [crypto] [\#3164](https://github.com/tendermint/tendermint/issues/3164) Update `btcd` fork for rare signRFC6979 bug 1587 - [lite] [\#3171](https://github.com/tendermint/tendermint/issues/3171) Fix verifying large validator set changes 1588 - [log] [\#3125](https://github.com/tendermint/tendermint/issues/3125) Fix year format 1589 - [mempool] [\#3168](https://github.com/tendermint/tendermint/issues/3168) Limit tx size to fit in the max reactor msg size 1590 - [scripts] [\#3147](https://github.com/tendermint/tendermint/issues/3147) Fix json2wal for large block parts (@bradyjoestar) 1591 1592 ## v0.28.1 1593 1594 *January 18th, 2019* 1595 1596 Special thanks to external contributors on this release: 1597 @HaoyangLiu 1598 1599 Friendly reminder, we have a [bug bounty 1600 program](https://hackerone.com/tendermint). 1601 1602 ### BUG FIXES: 1603 - [consensus] Fix consensus halt from proposing blocks with too much evidence 1604 1605 ## v0.28.0 1606 1607 *January 16th, 2019* 1608 1609 Special thanks to external contributors on this release: 1610 @fmauricios, @gianfelipe93, @husio, @needkane, @srmo, @yutianwu 1611 1612 This release is primarily about upgrades to the `privval` system - 1613 separating the `priv_validator.json` into distinct config and data files, and 1614 refactoring the socket validator to support reconnections. 1615 1616 **Note:** Please backup your existing `priv_validator.json` before using this 1617 version. 1618 1619 See [UPGRADING.md](UPGRADING.md) for more details. 1620 1621 ### BREAKING CHANGES: 1622 1623 * CLI/RPC/Config 1624 - [cli] Removed `--proxy_app=dummy` option. Use `kvstore` (`persistent_kvstore`) instead. 1625 - [cli] Renamed `--proxy_app=nilapp` to `--proxy_app=noop`. 1626 - [config] [\#2992](https://github.com/tendermint/tendermint/issues/2992) `allow_duplicate_ip` is now set to false 1627 - [privval] [\#1181](https://github.com/tendermint/tendermint/issues/1181) Split `priv_validator.json` into immutable (`config/priv_validator_key.json`) and mutable (`data/priv_validator_state.json`) parts (@yutianwu) 1628 - [privval] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Split up `PubKeyMsg` into `PubKeyRequest` and `PubKeyResponse` to be consistent with other message types 1629 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Listen for unix socket connections instead of dialing them 1630 1631 * Apps 1632 1633 * Go API 1634 - [types] [\#2981](https://github.com/tendermint/tendermint/issues/2981) Remove `PrivValidator.GetAddress()` 1635 1636 * Blockchain Protocol 1637 1638 * P2P Protocol 1639 1640 ### FEATURES: 1641 - [rpc] [\#3052](https://github.com/tendermint/tendermint/issues/3052) Include peer's remote IP in `/net_info` 1642 1643 ### IMPROVEMENTS: 1644 - [consensus] [\#3086](https://github.com/tendermint/tendermint/issues/3086) Log peerID on ignored votes (@srmo) 1645 - [docs] [\#3061](https://github.com/tendermint/tendermint/issues/3061) Added specification for signing consensus msgs at 1646 ./docs/spec/consensus/signing.md 1647 - [privval] [\#2948](https://github.com/tendermint/tendermint/issues/2948) Memoize pubkey so it's only requested once on startup 1648 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Retry RemoteSigner connections on error 1649 1650 ### BUG FIXES: 1651 1652 - [build] [\#3085](https://github.com/tendermint/tendermint/issues/3085) Fix `Version` field in build scripts (@husio) 1653 - [crypto/multisig] [\#3102](https://github.com/tendermint/tendermint/issues/3102) Fix multisig keys address length 1654 - [crypto/encoding] [\#3101](https://github.com/tendermint/tendermint/issues/3101) Fix `PubKeyMultisigThreshold` unmarshalling into `crypto.PubKey` interface 1655 - [p2p/conn] [\#3111](https://github.com/tendermint/tendermint/issues/3111) Make SecretConnection thread safe 1656 - [rpc] [\#3053](https://github.com/tendermint/tendermint/issues/3053) Fix internal error in `/tx_search` when results are empty 1657 (@gianfelipe93) 1658 - [types] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Do not panic if retrieving the privval's public key fails 1659 1660 ## v0.27.4 1661 1662 *December 21st, 2018* 1663 1664 ### BUG FIXES: 1665 1666 - [mempool] [\#3036](https://github.com/tendermint/tendermint/issues/3036) Fix 1667 LRU cache by popping the least recently used item when the cache is full, 1668 not the most recently used one! 1669 1670 ## v0.27.3 1671 1672 *December 16th, 2018* 1673 1674 ### BREAKING CHANGES: 1675 1676 * Go API 1677 - [dep] [\#3027](https://github.com/tendermint/tendermint/issues/3027) Revert to mainline Go crypto library, eliminating the modified 1678 `bcrypt.GenerateFromPassword` 1679 1680 ## v0.27.2 1681 1682 *December 16th, 2018* 1683 1684 ### IMPROVEMENTS: 1685 1686 - [node] [\#3025](https://github.com/tendermint/tendermint/issues/3025) Validate NodeInfo addresses on startup. 1687 1688 ### BUG FIXES: 1689 1690 - [p2p] [\#3025](https://github.com/tendermint/tendermint/pull/3025) Revert to using defers in addrbook. Fixes deadlocks in pex and consensus upon invalid ExternalAddr/ListenAddr configuration. 1691 1692 ## v0.27.1 1693 1694 *December 15th, 2018* 1695 1696 Special thanks to external contributors on this release: 1697 @danil-lashin, @hleb-albau, @james-ray, @leo-xinwang 1698 1699 ### FEATURES: 1700 - [rpc] [\#2964](https://github.com/tendermint/tendermint/issues/2964) Add `UnconfirmedTxs(limit)` and `NumUnconfirmedTxs()` methods to HTTP/Local clients (@danil-lashin) 1701 - [docs] [\#3004](https://github.com/tendermint/tendermint/issues/3004) Enable full-text search on docs pages 1702 1703 ### IMPROVEMENTS: 1704 - [consensus] [\#2971](https://github.com/tendermint/tendermint/issues/2971) Return error if ValidatorSet is empty after InitChain 1705 (@leo-xinwang) 1706 - [ci/cd] [\#3005](https://github.com/tendermint/tendermint/issues/3005) Updated CircleCI job to trigger website build when docs are updated 1707 - [docs] Various updates 1708 1709 ### BUG FIXES: 1710 - [cmd] [\#2983](https://github.com/tendermint/tendermint/issues/2983) `testnet` command always sets `addr_book_strict = false` 1711 - [config] [\#2980](https://github.com/tendermint/tendermint/issues/2980) Fix CORS options formatting 1712 - [kv indexer] [\#2912](https://github.com/tendermint/tendermint/issues/2912) Don't ignore key when executing CONTAINS 1713 - [mempool] [\#2961](https://github.com/tendermint/tendermint/issues/2961) Call `notifyTxsAvailable` if there're txs left after committing a block, but recheck=false 1714 - [mempool] [\#2994](https://github.com/tendermint/tendermint/issues/2994) Reject txs with negative GasWanted 1715 - [p2p] [\#2990](https://github.com/tendermint/tendermint/issues/2990) Fix a bug where seeds don't disconnect from a peer after 3h 1716 - [consensus] [\#3006](https://github.com/tendermint/tendermint/issues/3006) Save state after InitChain only when stateHeight is also 0 (@james-ray) 1717 1718 ## v0.27.0 1719 1720 *December 5th, 2018* 1721 1722 Special thanks to external contributors on this release: 1723 @danil-lashin, @srmo 1724 1725 Special thanks to @dlguddus for discovering a [major 1726 issue](https://github.com/tendermint/tendermint/issues/2718#issuecomment-440888677) 1727 in the proposer selection algorithm. 1728 1729 Friendly reminder, we have a [bug bounty 1730 program](https://hackerone.com/tendermint). 1731 1732 This release is primarily about fixes to the proposer selection algorithm 1733 in preparation for the [Cosmos Game of 1734 Stakes](https://blog.cosmos.network/the-game-of-stakes-is-open-for-registration-83a404746ee6). 1735 It also makes use of the `ConsensusParams.Validator.PubKeyTypes` to restrict the 1736 key types that can be used by validators, and removes the `Heartbeat` consensus 1737 message. 1738 1739 ### BREAKING CHANGES: 1740 1741 * CLI/RPC/Config 1742 - [rpc] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `accum` to `proposer_priority` 1743 1744 * Go API 1745 - [db] [\#2913](https://github.com/tendermint/tendermint/pull/2913) 1746 ReverseIterator API change: start < end, and end is exclusive. 1747 - [types] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `Validator.Accum` to `Validator.ProposerPriority` 1748 1749 * Blockchain Protocol 1750 - [state] [\#2714](https://github.com/tendermint/tendermint/issues/2714) Validators can now only use pubkeys allowed within 1751 ConsensusParams.Validator.PubKeyTypes 1752 1753 * P2P Protocol 1754 - [consensus] [\#2871](https://github.com/tendermint/tendermint/issues/2871) 1755 Remove *ProposalHeartbeat* message as it serves no real purpose (@srmo) 1756 - [state] Fixes for proposer selection: 1757 - [\#2785](https://github.com/tendermint/tendermint/issues/2785) Accum for new validators is `-1.125*totalVotingPower` instead of 0 1758 - [\#2941](https://github.com/tendermint/tendermint/issues/2941) val.Accum is preserved during ValidatorSet.Update to avoid being 1759 reset to 0 1760 1761 ### IMPROVEMENTS: 1762 1763 - [state] [\#2929](https://github.com/tendermint/tendermint/issues/2929) Minor refactor of updateState logic (@danil-lashin) 1764 - [node] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Allow node to start even if software's BlockProtocol is 1765 different from state's BlockProtocol 1766 - [pex] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Pex reactor logger uses `module=pex` 1767 1768 ### BUG FIXES: 1769 1770 - [p2p] [\#2968](https://github.com/tendermint/tendermint/issues/2968) Panic on transport error rather than continuing to run but not 1771 accept new connections 1772 - [p2p] [\#2969](https://github.com/tendermint/tendermint/issues/2969) Fix mismatch in peer count between `/net_info` and the prometheus 1773 metrics 1774 - [rpc] [\#2408](https://github.com/tendermint/tendermint/issues/2408) `/broadcast_tx_commit`: Fix "interface conversion: interface {} in nil, not EventDataTx" panic (could happen if somebody sent a tx using `/broadcast_tx_commit` while Tendermint was being stopped) 1775 - [state] [\#2785](https://github.com/tendermint/tendermint/issues/2785) Fix accum for new validators to be `-1.125*totalVotingPower` 1776 instead of 0, forcing them to wait before becoming the proposer. Also: 1777 - do not batch clip 1778 - keep accums averaged near 0 1779 - [txindex/kv] [\#2925](https://github.com/tendermint/tendermint/issues/2925) Don't return false positives when range searching for a prefix of a tag value 1780 - [types] [\#2938](https://github.com/tendermint/tendermint/issues/2938) Fix regression in v0.26.4 where we panic on empty 1781 genDoc.Validators 1782 - [types] [\#2941](https://github.com/tendermint/tendermint/issues/2941) Preserve val.Accum during ValidatorSet.Update to avoid it being 1783 reset to 0 every time a validator is updated 1784 1785 ## v0.26.4 1786 1787 *November 27th, 2018* 1788 1789 Special thanks to external contributors on this release: 1790 @ackratos, @goolAdapter, @james-ray, @joe-bowman, @kostko, 1791 @nagarajmanjunath, @tomtau 1792 1793 Friendly reminder, we have a [bug bounty 1794 program](https://hackerone.com/tendermint). 1795 1796 ### FEATURES: 1797 1798 - [rpc] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Enable subscription to tags emitted from `BeginBlock`/`EndBlock` (@kostko) 1799 - [types] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Add `ResultBeginBlock` and `ResultEndBlock` fields to `EventDataNewBlock` 1800 and `EventDataNewBlockHeader` to support subscriptions (@kostko) 1801 - [types] [\#2918](https://github.com/tendermint/tendermint/issues/2918) Add Marshal, MarshalTo, Unmarshal methods to various structs 1802 to support Protobuf compatibility (@nagarajmanjunath) 1803 1804 ### IMPROVEMENTS: 1805 1806 - [config] [\#2877](https://github.com/tendermint/tendermint/issues/2877) Add `blocktime_iota` to the config.toml (@ackratos) 1807 - NOTE: this should be a ConsensusParam, not part of the config, and will be 1808 removed from the config at a later date 1809 ([\#2920](https://github.com/tendermint/tendermint/issues/2920). 1810 - [mempool] [\#2882](https://github.com/tendermint/tendermint/issues/2882) Add txs from Update to cache 1811 - [mempool] [\#2891](https://github.com/tendermint/tendermint/issues/2891) Remove local int64 counter from being stored in every tx 1812 - [node] [\#2866](https://github.com/tendermint/tendermint/issues/2866) Add ability to instantiate IPCVal (@joe-bowman) 1813 1814 ### BUG FIXES: 1815 1816 - [blockchain] [\#2731](https://github.com/tendermint/tendermint/issues/2731) Retry both blocks if either is bad to avoid getting stuck during fast sync (@goolAdapter) 1817 - [consensus] [\#2893](https://github.com/tendermint/tendermint/issues/2893) Use genDoc.Validators instead of state.NextValidators on replay when appHeight==0 (@james-ray) 1818 - [log] [\#2868](https://github.com/tendermint/tendermint/issues/2868) Fix `module=main` setting overriding all others 1819 - NOTE: this changes the default logging behaviour to be much less verbose. 1820 Set `log_level="info"` to restore the previous behaviour. 1821 - [rpc] [\#2808](https://github.com/tendermint/tendermint/issues/2808) Fix `accum` field in `/validators` by calling `IncrementAccum` if necessary 1822 - [rpc] [\#2811](https://github.com/tendermint/tendermint/issues/2811) Allow integer IDs in JSON-RPC requests (@tomtau) 1823 - [txindex/kv] [\#2759](https://github.com/tendermint/tendermint/issues/2759) Fix tx.height range queries 1824 - [txindex/kv] [\#2775](https://github.com/tendermint/tendermint/issues/2775) Order tx results by index if height is the same 1825 - [txindex/kv] [\#2908](https://github.com/tendermint/tendermint/issues/2908) Don't return false positives when searching for a prefix of a tag value 1826 1827 ## v0.26.3 1828 1829 *November 17th, 2018* 1830 1831 Special thanks to external contributors on this release: 1832 @danil-lashin, @kevlubkcm, @krhubert, @srmo 1833 1834 Friendly reminder, we have a [bug bounty 1835 program](https://hackerone.com/tendermint). 1836 1837 ### BREAKING CHANGES: 1838 1839 * Go API 1840 - [rpc] [\#2791](https://github.com/tendermint/tendermint/issues/2791) Functions that start HTTP servers are now blocking: 1841 - Impacts `StartHTTPServer`, `StartHTTPAndTLSServer`, and `StartGRPCServer` 1842 - These functions now take a `net.Listener` instead of an address 1843 - [rpc] [\#2767](https://github.com/tendermint/tendermint/issues/2767) Subscribing to events 1844 `NewRound` and `CompleteProposal` return new types `EventDataNewRound` and 1845 `EventDataCompleteProposal`, respectively, instead of the generic `EventDataRoundState`. (@kevlubkcm) 1846 1847 ### FEATURES: 1848 1849 - [log] [\#2843](https://github.com/tendermint/tendermint/issues/2843) New `log_format` config option, which can be set to 'plain' for colored 1850 text or 'json' for JSON output 1851 - [types] [\#2767](https://github.com/tendermint/tendermint/issues/2767) New event types EventDataNewRound (with ProposerInfo) and EventDataCompleteProposal (with BlockID). (@kevlubkcm) 1852 1853 ### IMPROVEMENTS: 1854 1855 - [dep] [\#2844](https://github.com/tendermint/tendermint/issues/2844) Dependencies are no longer pinned to an exact version in the 1856 Gopkg.toml: 1857 - Serialization libs are allowed to vary by patch release 1858 - Other libs are allowed to vary by minor release 1859 - [p2p] [\#2857](https://github.com/tendermint/tendermint/issues/2857) "Send failed" is logged at debug level instead of error. 1860 - [rpc] [\#2780](https://github.com/tendermint/tendermint/issues/2780) Add read and write timeouts to HTTP servers 1861 - [state] [\#2848](https://github.com/tendermint/tendermint/issues/2848) Make "Update to validators" msg value pretty (@danil-lashin) 1862 1863 ### BUG FIXES: 1864 - [consensus] [\#2819](https://github.com/tendermint/tendermint/issues/2819) Don't send proposalHearbeat if not a validator 1865 - [docs] [\#2859](https://github.com/tendermint/tendermint/issues/2859) Fix ConsensusParams details in spec 1866 - [libs/autofile] [\#2760](https://github.com/tendermint/tendermint/issues/2760) Comment out autofile permissions check - should fix 1867 running Tendermint on Windows 1868 - [p2p] [\#2869](https://github.com/tendermint/tendermint/issues/2869) Set connection config properly instead of always using default 1869 - [p2p/pex] [\#2802](https://github.com/tendermint/tendermint/issues/2802) Seed mode fixes: 1870 - Only disconnect from inbound peers 1871 - Use FlushStop instead of Sleep to ensure all messages are sent before 1872 disconnecting 1873 1874 ## v0.26.2 1875 1876 *November 15th, 2018* 1877 1878 Special thanks to external contributors on this release: @hleb-albau, @zhuzeyu 1879 1880 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1881 1882 ### FEATURES: 1883 1884 - [rpc] [\#2582](https://github.com/tendermint/tendermint/issues/2582) Enable CORS on RPC API (@hleb-albau) 1885 1886 ### BUG FIXES: 1887 1888 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Unlock mutex in localClient so even when app panics (e.g. during CheckTx), consensus continue working 1889 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Fix DATA RACE in localClient 1890 - [amino] [\#2822](https://github.com/tendermint/tendermint/issues/2822) Update to v0.14.1 to support compiling on 32-bit platforms 1891 - [rpc] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Drain channel before calling Unsubscribe(All) in `/broadcast_tx_commit` 1892 1893 ## v0.26.1 1894 1895 *November 11, 2018* 1896 1897 Special thanks to external contributors on this release: @katakonst 1898 1899 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1900 1901 ### IMPROVEMENTS: 1902 1903 - [consensus] [\#2704](https://github.com/tendermint/tendermint/issues/2704) Simplify valid POL round logic 1904 - [docs] [\#2749](https://github.com/tendermint/tendermint/issues/2749) Deduplicate some ABCI docs 1905 - [mempool] More detailed log messages 1906 - [\#2724](https://github.com/tendermint/tendermint/issues/2724) 1907 - [\#2762](https://github.com/tendermint/tendermint/issues/2762) 1908 1909 ### BUG FIXES: 1910 1911 - [autofile] [\#2703](https://github.com/tendermint/tendermint/issues/2703) Do not panic when checking Head size 1912 - [crypto/merkle] [\#2756](https://github.com/tendermint/tendermint/issues/2756) Fix crypto/merkle ProofOperators.Verify to check bounds on keypath parts. 1913 - [mempool] fix a bug where we create a WAL despite `wal_dir` being empty 1914 - [p2p] [\#2771](https://github.com/tendermint/tendermint/issues/2771) Fix `peer-id` label name to `peer_id` in prometheus metrics 1915 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Fix IDs in peer NodeInfo and require them for addresses 1916 in AddressBook 1917 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Do not close conn immediately after sending pex addrs in seed mode. Partial fix for [\#2092](https://github.com/tendermint/tendermint/issues/2092). 1918 1919 ## v0.26.0 1920 1921 *November 2, 2018* 1922 1923 Special thanks to external contributors on this release: 1924 @bradyjoestar, @connorwstein, @goolAdapter, @HaoyangLiu, 1925 @james-ray, @overbool, @phymbert, @Slamper, @Uzair1995, @yutianwu. 1926 1927 Special thanks to @Slamper for a series of bug reports in our [bug bounty 1928 program](https://hackerone.com/tendermint) which are fixed in this release. 1929 1930 This release is primarily about adding Version fields to various data structures, 1931 optimizing consensus messages for signing and verification in 1932 restricted environments (like HSMs and the Ethereum Virtual Machine), and 1933 aligning the consensus code with the [specification](https://arxiv.org/abs/1807.04938). 1934 It also includes our first take at a generalized merkle proof system, and 1935 changes the length of hashes used for hashing data structures from 20 to 32 1936 bytes. 1937 1938 See the [UPGRADING.md](UPGRADING.md#v0.26.0) for details on upgrading to the new 1939 version. 1940 1941 Please note that we are still making breaking changes to the protocols. 1942 While the new Version fields should help us to keep the software backwards compatible 1943 even while upgrading the protocols, we cannot guarantee that new releases will 1944 be compatible with old chains just yet. We expect there will be another breaking 1945 release or two before the Cosmos Hub launch, but we will otherwise be paying 1946 increasing attention to backwards compatibility. Thanks for bearing with us! 1947 1948 ### BREAKING CHANGES: 1949 1950 * CLI/RPC/Config 1951 * [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are now strings like "3s" and "100ms", not ints 1952 * [config] [\#2505](https://github.com/tendermint/tendermint/issues/2505) Remove Mempool.RecheckEmpty (it was effectively useless anyways) 1953 * [config] [\#2490](https://github.com/tendermint/tendermint/issues/2490) `mempool.wal` is disabled by default 1954 * [privval] [\#2459](https://github.com/tendermint/tendermint/issues/2459) Split `SocketPVMsg`s implementations into Request and Response, where the Response may contain a error message (returned by the remote signer) 1955 * [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version field to State, breaking the format of State as 1956 encoded on disk. 1957 * [rpc] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `/abci_query` takes `prove` argument instead of `trusted` and switches the default 1958 behaviour to `prove=false` 1959 * [rpc] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Remove all `node_info.other.*_version` fields in `/status` and 1960 `/net_info` 1961 * [rpc] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Remove 1962 `_params` suffix from fields in `consensus_params`. 1963 1964 * Apps 1965 * [abci] [\#2298](https://github.com/tendermint/tendermint/issues/2298) ResponseQuery.Proof is now a structured merkle.Proof, not just 1966 arbitrary bytes 1967 * [abci] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version to Header and shift all fields by one 1968 * [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Bump the field numbers for some `ResponseInfo` fields to make room for 1969 `AppVersion` 1970 * [abci] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Updates to ConsensusParams 1971 * Remove `Params` suffix from field names 1972 * Add `Params` suffix to message types 1973 * Add new field and type, `Validator ValidatorParams`, to control what types of validator keys are allowed. 1974 1975 * Go API 1976 * [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are time.Duration, not ints 1977 * [crypto/merkle & lite] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Various changes to accomodate General Merkle trees 1978 * [crypto/merkle] [\#2595](https://github.com/tendermint/tendermint/issues/2595) Remove all Hasher objects in favor of byte slices 1979 * [crypto/merkle] [\#2635](https://github.com/tendermint/tendermint/issues/2635) merkle.SimpleHashFromTwoHashes is no longer exported 1980 * [node] [\#2479](https://github.com/tendermint/tendermint/issues/2479) Remove node.RunForever 1981 * [rpc/client] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `ABCIQueryOptions.Trusted` -> `ABCIQueryOptions.Prove` 1982 * [types] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Remove `Index` and `Total` fields from `TxProof`. 1983 * [types] [\#2598](https://github.com/tendermint/tendermint/issues/2598) 1984 `VoteTypeXxx` are now of type `SignedMsgType byte` and named `XxxType`, eg. 1985 `PrevoteType`, `PrecommitType`. 1986 * [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Rename fields in ConsensusParams to remove `Params` suffixes 1987 * [types] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify Proposal message to align with spec 1988 1989 * Blockchain Protocol 1990 * [crypto/tmhash] [\#2732](https://github.com/tendermint/tendermint/issues/2732) TMHASH is now full 32-byte SHA256 1991 * All hashes in the block header and Merkle trees are now 32-bytes 1992 * PubKey Addresses are still only 20-bytes 1993 * [state] [\#2587](https://github.com/tendermint/tendermint/issues/2587) Require block.Time of the fist block to be genesis time 1994 * [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Require block.Version to match state.Version 1995 * [types] Update SignBytes for `Vote`/`Proposal`/`Heartbeat`: 1996 * [\#2459](https://github.com/tendermint/tendermint/issues/2459) Use amino encoding instead of JSON in `SignBytes`. 1997 * [\#2598](https://github.com/tendermint/tendermint/issues/2598) Reorder fields and use fixed sized encoding. 1998 * [\#2598](https://github.com/tendermint/tendermint/issues/2598) Change `Type` field from `string` to `byte` and use new 1999 `SignedMsgType` to enumerate. 2000 * [types] [\#2730](https://github.com/tendermint/tendermint/issues/2730) Use 2001 same order for fields in `Vote` as in the SignBytes 2002 * [types] [\#2732](https://github.com/tendermint/tendermint/issues/2732) Remove the address field from the validator hash 2003 * [types] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version struct to Header 2004 * [types] [\#2609](https://github.com/tendermint/tendermint/issues/2609) ConsensusParams.Hash() is the hash of the amino encoded 2005 struct instead of the Merkle tree of the fields 2006 * [types] [\#2670](https://github.com/tendermint/tendermint/issues/2670) Header.Hash() builds Merkle tree out of fields in the same 2007 order they appear in the header, instead of sorting by field name 2008 * [types] [\#2682](https://github.com/tendermint/tendermint/issues/2682) Use proto3 `varint` encoding for ints that are usually unsigned (instead of zigzag encoding). 2009 * [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Add Validator field to ConsensusParams 2010 (Used to control which pubkey types validators can use, by abci type). 2011 2012 * P2P Protocol 2013 * [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) 2014 Replace `CommitStepMessage` with `NewValidBlockMessage` 2015 * [consensus] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify `Proposal` message to align with spec 2016 * [consensus] [\#2730](https://github.com/tendermint/tendermint/issues/2730) 2017 Add `Type` field to `Proposal` and use same order of fields as in the 2018 SignBytes for both `Proposal` and `Vote` 2019 * [p2p] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Add `ProtocolVersion` struct with protocol versions to top of 2020 DefaultNodeInfo and require `ProtocolVersion.Block` to match during peer handshake 2021 2022 2023 ### FEATURES: 2024 - [abci] [\#2557](https://github.com/tendermint/tendermint/issues/2557) Add `Codespace` field to `Response{CheckTx, DeliverTx, Query}` 2025 - [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Add `BlockVersion` and `P2PVersion` to `RequestInfo` 2026 - [crypto/merkle] [\#2298](https://github.com/tendermint/tendermint/issues/2298) General Merkle Proof scheme for chaining various types of Merkle trees together 2027 - [docs/architecture] [\#1181](https://github.com/tendermint/tendermint/issues/1181) S 2028 plit immutable and mutable parts of priv_validator.json 2029 2030 ### IMPROVEMENTS: 2031 - Additional Metrics 2032 - [consensus] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2033 - [p2p] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2034 - [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Added ValidateBasic method, which performs basic checks 2035 - [crypto/ed25519] [\#2558](https://github.com/tendermint/tendermint/issues/2558) Switch to use latest `golang.org/x/crypto` through our fork at 2036 github.com/tendermint/crypto 2037 - [libs/log] [\#2707](https://github.com/tendermint/tendermint/issues/2707) Add year to log format (@yutianwu) 2038 - [tools] [\#2238](https://github.com/tendermint/tendermint/issues/2238) Binary dependencies are now locked to a specific git commit 2039 2040 ### BUG FIXES: 2041 - [\#2711](https://github.com/tendermint/tendermint/issues/2711) Validate all incoming reactor messages. Fixes various bugs due to negative ints. 2042 - [autofile] [\#2428](https://github.com/tendermint/tendermint/issues/2428) Group.RotateFile need call Flush() before rename (@goolAdapter) 2043 - [common] [\#2533](https://github.com/tendermint/tendermint/issues/2533) Fixed a bug in the `BitArray.Or` method 2044 - [common] [\#2506](https://github.com/tendermint/tendermint/issues/2506) Fixed a bug in the `BitArray.Sub` method (@james-ray) 2045 - [common] [\#2534](https://github.com/tendermint/tendermint/issues/2534) Fix `BitArray.PickRandom` to choose uniformly from true bits 2046 - [consensus] [\#1690](https://github.com/tendermint/tendermint/issues/1690) Wait for 2047 timeoutPrecommit before starting next round 2048 - [consensus] [\#1745](https://github.com/tendermint/tendermint/issues/1745) Wait for 2049 Proposal or timeoutProposal before entering prevote 2050 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Only propose ValidBlock, not LockedBlock 2051 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Initialized ValidRound and LockedRound to -1 2052 - [consensus] [\#1637](https://github.com/tendermint/tendermint/issues/1637) Limit the amount of evidence that can be included in a 2053 block 2054 - [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) Ensure valid block property with faulty proposer 2055 - [evidence] [\#2515](https://github.com/tendermint/tendermint/issues/2515) Fix db iter leak (@goolAdapter) 2056 - [libs/event] [\#2518](https://github.com/tendermint/tendermint/issues/2518) Fix event concurrency flaw (@goolAdapter) 2057 - [node] [\#2434](https://github.com/tendermint/tendermint/issues/2434) Make node respond to signal interrupts while sleeping for genesis time 2058 - [state] [\#2616](https://github.com/tendermint/tendermint/issues/2616) Pass nil to NewValidatorSet() when genesis file's Validators field is nil 2059 - [p2p] [\#2555](https://github.com/tendermint/tendermint/issues/2555) Fix p2p switch FlushThrottle value (@goolAdapter) 2060 - [p2p] [\#2668](https://github.com/tendermint/tendermint/issues/2668) Reconnect to originally dialed address (not self-reported address) for persistent peers 2061 2062 ## v0.25.0 2063 2064 *September 22, 2018* 2065 2066 Special thanks to external contributors on this release: 2067 @scriptionist, @bradyjoestar, @WALL-E 2068 2069 This release is mostly about the ConsensusParams - removing fields and enforcing MaxGas. 2070 It also addresses some issues found via security audit, removes various unused 2071 functions from `libs/common`, and implements 2072 [ADR-012](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-012-peer-transport.md). 2073 2074 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 2075 2076 BREAKING CHANGES: 2077 2078 * CLI/RPC/Config 2079 * [rpc] [\#2391](https://github.com/tendermint/tendermint/issues/2391) /status `result.node_info.other` became a map 2080 * [types] [\#2364](https://github.com/tendermint/tendermint/issues/2364) Remove `TxSize` and `BlockGossip` from `ConsensusParams` 2081 * Maximum tx size is now set implicitly via the `BlockSize.MaxBytes` 2082 * The size of block parts in the consensus is now fixed to 64kB 2083 2084 * Apps 2085 * [mempool] [\#2360](https://github.com/tendermint/tendermint/issues/2360) Mempool tracks the `ResponseCheckTx.GasWanted` and 2086 `ConsensusParams.BlockSize.MaxGas` and enforces: 2087 - `GasWanted <= MaxGas` for every tx 2088 - `(sum of GasWanted in block) <= MaxGas` for block proposal 2089 2090 * Go API 2091 * [libs/common] [\#2431](https://github.com/tendermint/tendermint/issues/2431) Remove Word256 due to lack of use 2092 * [libs/common] [\#2452](https://github.com/tendermint/tendermint/issues/2452) Remove the following functions due to lack of use: 2093 * byteslice.go: cmn.IsZeros, cmn.RightPadBytes, cmn.LeftPadBytes, cmn.PrefixEndBytes 2094 * strings.go: cmn.IsHex, cmn.StripHex 2095 * int.go: Uint64Slice, all put/get int64 methods 2096 2097 FEATURES: 2098 - [rpc] [\#2415](https://github.com/tendermint/tendermint/issues/2415) New `/consensus_params?height=X` endpoint to query the consensus 2099 params at any height (@scriptonist) 2100 - [types] [\#1714](https://github.com/tendermint/tendermint/issues/1714) Add Address to GenesisValidator 2101 - [metrics] [\#2337](https://github.com/tendermint/tendermint/issues/2337) `consensus.block_interval_metrics` is now gauge, not histogram (you will be able to see spikes, if any) 2102 - [libs] [\#2286](https://github.com/tendermint/tendermint/issues/2286) Panic if `autofile` or `db/fsdb` permissions change from 0600. 2103 2104 IMPROVEMENTS: 2105 - [libs/db] [\#2371](https://github.com/tendermint/tendermint/issues/2371) Output error instead of panic when the given `db_backend` is not initialised (@bradyjoestar) 2106 - [mempool] [\#2399](https://github.com/tendermint/tendermint/issues/2399) Make mempool cache a proper LRU (@bradyjoestar) 2107 - [p2p] [\#2126](https://github.com/tendermint/tendermint/issues/2126) Introduce PeerTransport interface to improve isolation of concerns 2108 - [libs/common] [\#2326](https://github.com/tendermint/tendermint/issues/2326) Service returns ErrNotStarted 2109 2110 BUG FIXES: 2111 - [node] [\#2294](https://github.com/tendermint/tendermint/issues/2294) Delay starting node until Genesis time 2112 - [consensus] [\#2048](https://github.com/tendermint/tendermint/issues/2048) Correct peer statistics for marking peer as good 2113 - [rpc] [\#2460](https://github.com/tendermint/tendermint/issues/2460) StartHTTPAndTLSServer() now passes StartTLS() errors back to the caller rather than hanging forever. 2114 - [p2p] [\#2047](https://github.com/tendermint/tendermint/issues/2047) Accept new connections asynchronously 2115 - [tm-bench] [\#2410](https://github.com/tendermint/tendermint/issues/2410) Enforce minimum transaction size (@WALL-E) 2116 2117 ## 0.24.0 2118 2119 *September 6th, 2018* 2120 2121 Special thanks to external contributors with PRs included in this release: ackratos, james-ray, bradyjoestar, 2122 peerlink, Ahmah2009, bluele, b00f. 2123 2124 This release includes breaking upgrades in the block header, 2125 including the long awaited changes for delaying validator set updates by one 2126 block to better support light clients. 2127 It also fixes enforcement on the maximum size of blocks, and includes a BFT 2128 timestamp in each block that can be safely used by applications. 2129 There are also some minor breaking changes to the rpc, config, and ABCI. 2130 2131 See the [UPGRADING.md](UPGRADING.md#v0.24.0) for details on upgrading to the new 2132 version. 2133 2134 From here on, breaking changes will be broken down to better reflect how users 2135 are affected by a change. 2136 2137 A few more breaking changes are in the works - each will come with a clear 2138 Architecture Decision Record (ADR) explaining the change. You can review ADRs 2139 [here](https://github.com/tendermint/tendermint/tree/develop/docs/architecture) 2140 or in the [open Pull Requests](https://github.com/tendermint/tendermint/pulls). 2141 You can also check in on the [issues marked as 2142 breaking](https://github.com/tendermint/tendermint/issues?q=is%3Aopen+is%3Aissue+label%3Abreaking). 2143 2144 BREAKING CHANGES: 2145 2146 * CLI/RPC/Config 2147 - [config] [\#2169](https://github.com/tendermint/tendermint/issues/2169) Replace MaxNumPeers with MaxNumInboundPeers and MaxNumOutboundPeers 2148 - [config] [\#2300](https://github.com/tendermint/tendermint/issues/2300) Reduce default mempool size from 100k to 5k, until ABCI rechecking is implemented. 2149 - [rpc] [\#1815](https://github.com/tendermint/tendermint/issues/1815) `/commit` returns a `signed_header` field instead of everything being top-level 2150 2151 * Apps 2152 - [abci] Added address of the original proposer of the block to Header 2153 - [abci] Change ABCI Header to match Tendermint exactly 2154 - [abci] [\#2159](https://github.com/tendermint/tendermint/issues/2159) Update use of `Validator` (see 2155 [ADR-018](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-018-ABCI-Validators.md)): 2156 - Remove PubKey from `Validator` (so it's just Address and Power) 2157 - Introduce `ValidatorUpdate` (with just PubKey and Power) 2158 - InitChain and EndBlock use ValidatorUpdate 2159 - Update field names and types in BeginBlock 2160 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block 2161 - updates returned in ResponseEndBlock for block H will be included in RequestBeginBlock for block H+2 2162 2163 * Go API 2164 - [lite] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Complete refactor of the package 2165 - [node] [\#2212](https://github.com/tendermint/tendermint/issues/2212) NewNode now accepts a `*p2p.NodeKey` (@bradyjoestar) 2166 - [libs/common] [\#2199](https://github.com/tendermint/tendermint/issues/2199) Remove Fmt, in favor of fmt.Sprintf 2167 - [libs/common] SplitAndTrim was deleted 2168 - [libs/common] [\#2274](https://github.com/tendermint/tendermint/issues/2274) Remove unused Math functions like MaxInt, MaxInt64, 2169 MinInt, MinInt64 (@Ahmah2009) 2170 - [libs/clist] Panics if list extends beyond MaxLength 2171 - [crypto] [\#2205](https://github.com/tendermint/tendermint/issues/2205) Rename AminoRoute variables to no longer be prefixed by signature type. 2172 2173 * Blockchain Protocol 2174 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block (!) 2175 - Add NextValidatorSet to State, changes on-disk representation of state 2176 - [state] [\#2184](https://github.com/tendermint/tendermint/issues/2184) Enforce ConsensusParams.BlockSize.MaxBytes (See 2177 [ADR-020](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-020-block-size.md)). 2178 - Remove ConsensusParams.BlockSize.MaxTxs 2179 - Introduce maximum sizes for all components of a block, including ChainID 2180 - [types] Updates to the block Header: 2181 - [\#1815](https://github.com/tendermint/tendermint/issues/1815) NextValidatorsHash - hash of the validator set for the next block, 2182 so the current validators actually sign over the hash for the new 2183 validators 2184 - [\#2106](https://github.com/tendermint/tendermint/issues/2106) ProposerAddress - address of the block's original proposer 2185 - [consensus] [\#2203](https://github.com/tendermint/tendermint/issues/2203) Implement BFT time 2186 - Timestamp in block must be monotonic and equal the median of timestamps in block's LastCommit 2187 - [crypto] [\#2239](https://github.com/tendermint/tendermint/issues/2239) Secp256k1 signature changes (See 2188 [ADR-014](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-014-secp-malleability.md)): 2189 - format changed from DER to `r || s`, both little endian encoded as 32 bytes. 2190 - malleability removed by requiring `s` to be in canonical form. 2191 2192 * P2P Protocol 2193 - [p2p] [\#2263](https://github.com/tendermint/tendermint/issues/2263) Update secret connection to use a little endian encoded nonce 2194 - [blockchain] [\#2213](https://github.com/tendermint/tendermint/issues/2213) Fix Amino routes for blockchain reactor messages 2195 (@peerlink) 2196 2197 2198 FEATURES: 2199 - [types] [\#2015](https://github.com/tendermint/tendermint/issues/2015) Allow genesis file to have 0 validators (@b00f) 2200 - Initial validator set can be determined by the app in ResponseInitChain 2201 - [rpc] [\#2161](https://github.com/tendermint/tendermint/issues/2161) New event `ValidatorSetUpdates` for when the validator set changes 2202 - [crypto/multisig] [\#2164](https://github.com/tendermint/tendermint/issues/2164) Introduce multisig pubkey and signature format 2203 - [libs/db] [\#2293](https://github.com/tendermint/tendermint/issues/2293) Allow passing options through when creating instances of leveldb dbs 2204 2205 IMPROVEMENTS: 2206 - [docs] Lint documentation with `write-good` and `stop-words`. 2207 - [docs] [\#2249](https://github.com/tendermint/tendermint/issues/2249) Refactor, deduplicate, and improve the ABCI docs and spec (with thanks to @ttmc). 2208 - [scripts] [\#2196](https://github.com/tendermint/tendermint/issues/2196) Added json2wal tool, which is supposed to help our users restore (@bradyjoestar) 2209 corrupted WAL files and compose test WAL files (@bradyjoestar) 2210 - [mempool] [\#2234](https://github.com/tendermint/tendermint/issues/2234) Now stores txs by hash inside of the cache, to mitigate memory leakage 2211 - [mempool] [\#2166](https://github.com/tendermint/tendermint/issues/2166) Set explicit capacity for map when updating txs (@bluele) 2212 2213 BUG FIXES: 2214 - [config] [\#2284](https://github.com/tendermint/tendermint/issues/2284) Replace `db_path` with `db_dir` from automatically generated configuration files. 2215 - [mempool] [\#2188](https://github.com/tendermint/tendermint/issues/2188) Fix OOM issue from cache map and list getting out of sync 2216 - [state] [\#2051](https://github.com/tendermint/tendermint/issues/2051) KV store index supports searching by `tx.height` (@ackratos) 2217 - [rpc] [\#2327](https://github.com/tendermint/tendermint/issues/2327) `/dial_peers` does not try to dial existing peers 2218 - [node] [\#2323](https://github.com/tendermint/tendermint/issues/2323) Filter empty strings from config lists (@james-ray) 2219 - [abci/client] [\#2236](https://github.com/tendermint/tendermint/issues/2236) Fix closing GRPC connection (@bradyjoestar) 2220 2221 ## 0.23.1 2222 2223 *August 22nd, 2018* 2224 2225 BUG FIXES: 2226 - [libs/autofile] [\#2261](https://github.com/tendermint/tendermint/issues/2261) Fix log rotation so it actually happens. 2227 - Fixes issues with consensus WAL growing unbounded ala [\#2259](https://github.com/tendermint/tendermint/issues/2259) 2228 2229 ## 0.23.0 2230 2231 *August 5th, 2018* 2232 2233 This release includes breaking upgrades in our P2P encryption, 2234 some ABCI messages, and how we encode time and signatures. 2235 2236 A few more changes are still coming to the Header, ABCI, 2237 and validator set handling to better support light clients, BFT time, and 2238 upgrades. Most notably, validator set changes will be delayed by one block (see 2239 [#1815][i1815]). 2240 2241 We also removed `make ensure_deps` in favour of `make get_vendor_deps`. 2242 2243 BREAKING CHANGES: 2244 - [abci] Changed time format from int64 to google.protobuf.Timestamp 2245 - [abci] Changed Validators to LastCommitInfo in RequestBeginBlock 2246 - [abci] Removed Fee from ResponseDeliverTx and ResponseCheckTx 2247 - [crypto] Switch crypto.Signature from interface to []byte for space efficiency 2248 [#2128](https://github.com/tendermint/tendermint/pull/2128) 2249 - NOTE: this means signatures no longer have the prefix bytes in Amino 2250 binary nor the `type` field in Amino JSON. They're just bytes. 2251 - [p2p] Remove salsa and ripemd primitives, in favor of using chacha as a stream cipher, and hkdf [#2054](https://github.com/tendermint/tendermint/pull/2054) 2252 - [tools] Removed `make ensure_deps` in favor of `make get_vendor_deps` 2253 - [types] CanonicalTime uses nanoseconds instead of clipping to ms 2254 - breaks serialization/signing of all messages with a timestamp 2255 2256 FEATURES: 2257 - [tools] Added `make check_dep` 2258 - ensures gopkg.lock is synced with gopkg.toml 2259 - ensures no branches are used in the gopkg.toml 2260 2261 IMPROVEMENTS: 2262 - [blockchain] Improve fast-sync logic 2263 [#1805](https://github.com/tendermint/tendermint/pull/1805) 2264 - tweak params 2265 - only process one block at a time to avoid starving 2266 - [common] bit array functions which take in another parameter are now thread safe 2267 - [crypto] Switch hkdfchachapoly1305 to xchachapoly1305 2268 - [p2p] begin connecting to peers as soon a seed node provides them to you ([#2093](https://github.com/tendermint/tendermint/issues/2093)) 2269 2270 BUG FIXES: 2271 - [common] Safely handle cases where atomic write files already exist [#2109](https://github.com/tendermint/tendermint/issues/2109) 2272 - [privval] fix a deadline for accepting new connections in socket private 2273 validator. 2274 - [p2p] Allow startup if a configured seed node's IP can't be resolved ([#1716](https://github.com/tendermint/tendermint/issues/1716)) 2275 - [node] Fully exit when CTRL-C is pressed even if consensus state panics [#2072](https://github.com/tendermint/tendermint/issues/2072) 2276 2277 [i1815]: https://github.com/tendermint/tendermint/pull/1815 2278 2279 ## 0.22.8 2280 2281 *July 26th, 2018* 2282 2283 BUG FIXES 2284 2285 - [consensus, blockchain] Fix 0.22.7 below. 2286 2287 ## 0.22.7 2288 2289 *July 26th, 2018* 2290 2291 BUG FIXES 2292 2293 - [consensus, blockchain] Register the Evidence interface so it can be 2294 marshalled/unmarshalled by the blockchain and consensus reactors 2295 2296 ## 0.22.6 2297 2298 *July 24th, 2018* 2299 2300 BUG FIXES 2301 2302 - [rpc] Fix `/blockchain` endpoint 2303 - (#2049) Fix OOM attack by returning error on negative input 2304 - Fix result length to have max 20 (instead of 21) block metas 2305 - [rpc] Validate height is non-negative in `/abci_query` 2306 - [consensus] (#2050) Include evidence in proposal block parts (previously evidence was 2307 not being included in blocks!) 2308 - [p2p] (#2046) Close rejected inbound connections so file descriptor doesn't 2309 leak 2310 - [Gopkg] (#2053) Fix versions in the toml 2311 2312 ## 0.22.5 2313 2314 *July 23th, 2018* 2315 2316 BREAKING CHANGES: 2317 - [crypto] Refactor `tendermint/crypto` into many subpackages 2318 - [libs/common] remove exponentially distributed random numbers 2319 2320 IMPROVEMENTS: 2321 - [abci, libs/common] Generated gogoproto static marshaller methods 2322 - [config] Increase default send/recv rates to 5 mB/s 2323 - [p2p] reject addresses coming from private peers 2324 - [p2p] allow persistent peers to be private 2325 2326 BUG FIXES: 2327 - [mempool] fixed a race condition when `create_empty_blocks=false` where a 2328 transaction is published at an old height. 2329 - [p2p] dial external IP setup by `persistent_peers`, not internal NAT IP 2330 - [rpc] make `/status` RPC endpoint resistant to consensus halt 2331 2332 ## 0.22.4 2333 2334 *July 14th, 2018* 2335 2336 BREAKING CHANGES: 2337 - [genesis] removed deprecated `app_options` field. 2338 - [types] Genesis.AppStateJSON -> Genesis.AppState 2339 2340 FEATURES: 2341 - [tools] Merged in from github.com/tendermint/tools 2342 2343 BUG FIXES: 2344 - [tools/tm-bench] Various fixes 2345 - [consensus] Wait for WAL to stop on shutdown 2346 - [abci] Fix #1891, pending requests cannot hang when abci server dies. 2347 Previously a crash in BeginBlock could leave tendermint in broken state. 2348 2349 ## 0.22.3 2350 2351 *July 10th, 2018* 2352 2353 IMPROVEMENTS 2354 - Update dependencies 2355 * pin all values in Gopkg.toml to version or commit 2356 * update golang/protobuf to v1.1.0 2357 2358 ## 0.22.2 2359 2360 *July 10th, 2018* 2361 2362 IMPROVEMENTS 2363 - More cleanup post repo merge! 2364 - [docs] Include `ecosystem.json` and `tendermint-bft.md` from deprecated `aib-data` repository. 2365 - [config] Add `instrumentation.max_open_connections`, which limits the number 2366 of requests in flight to Prometheus server (if enabled). Default: 3. 2367 2368 2369 BUG FIXES 2370 - [rpc] Allow unquoted integers in requests 2371 - NOTE: this is only for URI requests. JSONRPC requests and all responses 2372 will use quoted integers (the proto3 JSON standard). 2373 - [consensus] Fix halt on shutdown 2374 2375 ## 0.22.1 2376 2377 *July 5th, 2018* 2378 2379 IMPROVEMENTS 2380 2381 * Cleanup post repo-merge. 2382 * [docs] Various improvements. 2383 2384 BUG FIXES 2385 2386 * [state] Return error when EndBlock returns a 0-power validator that isn't 2387 already in the validator set. 2388 * [consensus] Shut down WAL properly. 2389 2390 2391 ## 0.22.0 2392 2393 *July 2nd, 2018* 2394 2395 BREAKING CHANGES: 2396 - [config] 2397 * Remove `max_block_size_txs` and `max_block_size_bytes` in favor of 2398 consensus params from the genesis file. 2399 * Rename `skip_upnp` to `upnp`, and turn it off by default. 2400 * Change `max_packet_msg_size` back to `max_packet_msg_payload_size` 2401 - [rpc] 2402 * All integers are encoded as strings (part of the update for Amino v0.10.1) 2403 * `syncing` is now called `catching_up` 2404 - [types] Update Amino to v0.10.1 2405 * Amino is now fully proto3 compatible for the basic types 2406 * JSON-encoded types now use the type name instead of the prefix bytes 2407 * Integers are encoded as strings 2408 - [crypto] Update go-crypto to v0.10.0 and merge into `crypto` 2409 * privKey.Sign returns error. 2410 * ed25519 address changed to the first 20-bytes of the SHA256 of the raw pubkey bytes 2411 * `tmlibs/merkle` -> `crypto/merkle`. Uses SHA256 instead of RIPEMD160 2412 - [tmlibs] Update to v0.9.0 and merge into `libs` 2413 * remove `merkle` package (moved to `crypto/merkle`) 2414 2415 FEATURES 2416 - [cmd] Added metrics (served under `/metrics` using a Prometheus client; 2417 disabled by default). See the new `instrumentation` section in the config and 2418 [metrics](https://tendermint.readthedocs.io/projects/tools/en/develop/metrics.html) 2419 guide. 2420 - [p2p] Add IPv6 support to peering. 2421 - [p2p] Add `external_address` to config to allow specifying the address for 2422 peers to dial 2423 2424 IMPROVEMENT 2425 - [rpc/client] Supports https and wss now. 2426 - [crypto] Make public key size into public constants 2427 - [mempool] Log tx hash, not entire tx 2428 - [abci] Merged in github.com/tendermint/abci 2429 - [crypto] Merged in github.com/tendermint/go-crypto 2430 - [libs] Merged in github.com/tendermint/tmlibs 2431 - [docs] Move from .rst to .md 2432 2433 BUG FIXES: 2434 - [rpc] Limit maximum number of HTTP/WebSocket connections 2435 (`rpc.max_open_connections`) and gRPC connections 2436 (`rpc.grpc_max_open_connections`). Check out "Running In Production" guide if 2437 you want to increase them. 2438 - [rpc] Limit maximum request body size to 1MB (header is limited to 1MB). 2439 - [consensus] Fix a halting bug where `create_empty_blocks=false` 2440 - [p2p] Fix panic in seed mode 2441 2442 ## 0.21.0 2443 2444 *June 21th, 2018* 2445 2446 BREAKING CHANGES 2447 2448 - [config] Change default ports from 4665X to 2665X. Ports over 32768 are 2449 ephemeral and reserved for use by the kernel. 2450 - [cmd] `unsafe_reset_all` removes the addrbook.json 2451 2452 IMPROVEMENT 2453 2454 - [pubsub] Set default capacity to 0 2455 - [docs] Various improvements 2456 2457 BUG FIXES 2458 2459 - [consensus] Fix an issue where we don't make blocks after `fast_sync` when `create_empty_blocks=false` 2460 - [mempool] Fix #1761 where we don't process txs if `cache_size=0` 2461 - [rpc] Fix memory leak in Websocket (when using `/subscribe` method) 2462 - [config] Escape paths in config - fixes config paths on Windows 2463 2464 ## 0.20.0 2465 2466 *June 6th, 2018* 2467 2468 This is the first in a series of breaking releases coming to Tendermint after 2469 soliciting developer feedback and conducting security audits. 2470 2471 This release does not break any blockchain data structures or 2472 protocols other than the ABCI messages between Tendermint and the application. 2473 2474 Applications that upgrade for ABCI v0.11.0 should be able to continue running Tendermint 2475 v0.20.0 on blockchains created with v0.19.X 2476 2477 BREAKING CHANGES 2478 2479 - [abci] Upgrade to 2480 [v0.11.0](https://github.com/tendermint/abci/blob/master/CHANGELOG.md#0110) 2481 - [abci] Change Query path for filtering peers by node ID from 2482 `p2p/filter/pubkey/<id>` to `p2p/filter/id/<id>` 2483 2484 ## 0.19.9 2485 2486 *June 5th, 2018* 2487 2488 BREAKING CHANGES 2489 2490 - [types/priv_validator] Moved to top level `privval` package 2491 2492 FEATURES 2493 2494 - [config] Collapse PeerConfig into P2PConfig 2495 - [docs] Add quick-install script 2496 - [docs/spec] Add table of Amino prefixes 2497 2498 BUG FIXES 2499 2500 - [rpc] Return 404 for unknown endpoints 2501 - [consensus] Flush WAL on stop 2502 - [evidence] Don't send evidence to peers that are behind 2503 - [p2p] Fix memory leak on peer disconnects 2504 - [rpc] Fix panic when `per_page=0` 2505 2506 ## 0.19.8 2507 2508 *June 4th, 2018* 2509 2510 BREAKING: 2511 2512 - [p2p] Remove `auth_enc` config option, peer connections are always auth 2513 encrypted. Technically a breaking change but seems no one was using it and 2514 arguably a bug fix :) 2515 2516 BUG FIXES 2517 2518 - [mempool] Fix deadlock under high load when `skip_timeout_commit=true` and 2519 `create_empty_blocks=false` 2520 2521 ## 0.19.7 2522 2523 *May 31st, 2018* 2524 2525 BREAKING: 2526 2527 - [libs/pubsub] TagMap#Get returns a string value 2528 - [libs/pubsub] NewTagMap accepts a map of strings 2529 2530 FEATURES 2531 2532 - [rpc] the RPC documentation is now published to https://tendermint.github.io/slate 2533 - [p2p] AllowDuplicateIP config option to refuse connections from same IP. 2534 - true by default for now, false by default in next breaking release 2535 - [docs] Add docs for query, tx indexing, events, pubsub 2536 - [docs] Add some notes about running Tendermint in production 2537 2538 IMPROVEMENTS: 2539 2540 - [consensus] Consensus reactor now receives events from a separate synchronous event bus, 2541 which is not dependant on external RPC load 2542 - [consensus/wal] do not look for height in older files if we've seen height - 1 2543 - [docs] Various cleanup and link fixes 2544 2545 ## 0.19.6 2546 2547 *May 29th, 2018* 2548 2549 BUG FIXES 2550 2551 - [blockchain] Fix fast-sync deadlock during high peer turnover 2552 2553 BUG FIX: 2554 2555 - [evidence] Dont send peers evidence from heights they haven't synced to yet 2556 - [p2p] Refuse connections to more than one peer with the same IP 2557 - [docs] Various fixes 2558 2559 ## 0.19.5 2560 2561 *May 20th, 2018* 2562 2563 BREAKING CHANGES 2564 2565 - [rpc/client] TxSearch and UnconfirmedTxs have new arguments (see below) 2566 - [rpc/client] TxSearch returns ResultTxSearch 2567 - [version] Breaking changes to Go APIs will not be reflected in breaking 2568 version change, but will be included in changelog. 2569 2570 FEATURES 2571 2572 - [rpc] `/tx_search` takes `page` (starts at 1) and `per_page` (max 100, default 30) args to paginate results 2573 - [rpc] `/unconfirmed_txs` takes `limit` (max 100, default 30) arg to limit the output 2574 - [config] `mempool.size` and `mempool.cache_size` options 2575 2576 IMPROVEMENTS 2577 2578 - [docs] Lots of updates 2579 - [consensus] Only Fsync() the WAL before executing msgs from ourselves 2580 2581 BUG FIXES 2582 2583 - [mempool] Enforce upper bound on number of transactions 2584 2585 ## 0.19.4 (May 17th, 2018) 2586 2587 IMPROVEMENTS 2588 2589 - [state] Improve tx indexing by using batches 2590 - [consensus, state] Improve logging (more consensus logs, fewer tx logs) 2591 - [spec] Moved to `docs/spec` (TODO cleanup the rest of the docs ...) 2592 2593 BUG FIXES 2594 2595 - [consensus] Fix issue #1575 where a late proposer can get stuck 2596 2597 ## 0.19.3 (May 14th, 2018) 2598 2599 FEATURES 2600 2601 - [rpc] New `/consensus_state` returns just the votes seen at the current height 2602 2603 IMPROVEMENTS 2604 2605 - [rpc] Add stringified votes and fraction of power voted to `/dump_consensus_state` 2606 - [rpc] Add PeerStateStats to `/dump_consensus_state` 2607 2608 BUG FIXES 2609 2610 - [cmd] Set GenesisTime during `tendermint init` 2611 - [consensus] fix ValidBlock rules 2612 2613 ## 0.19.2 (April 30th, 2018) 2614 2615 FEATURES: 2616 2617 - [p2p] Allow peers with different Minor versions to connect 2618 - [rpc] `/net_info` includes `n_peers` 2619 2620 IMPROVEMENTS: 2621 2622 - [p2p] Various code comments, cleanup, error types 2623 - [p2p] Change some Error logs to Debug 2624 2625 BUG FIXES: 2626 2627 - [p2p] Fix reconnect to persistent peer when first dial fails 2628 - [p2p] Validate NodeInfo.ListenAddr 2629 - [p2p] Only allow (MaxNumPeers - MaxNumOutboundPeers) inbound peers 2630 - [p2p/pex] Limit max msg size to 64kB 2631 - [p2p] Fix panic when pex=false 2632 - [p2p] Allow multiple IPs per ID in AddrBook 2633 - [p2p] Fix before/after bugs in addrbook isBad() 2634 2635 ## 0.19.1 (April 27th, 2018) 2636 2637 Note this release includes some small breaking changes in the RPC and one in the 2638 config that are really bug fixes. v0.19.1 will work with existing chains, and make Tendermint 2639 easier to use and debug. With <3 2640 2641 BREAKING (MINOR) 2642 2643 - [config] Removed `wal_light` setting. If you really needed this, let us know 2644 2645 FEATURES: 2646 2647 - [networks] moved in tooling from devops repo: terraform and ansible scripts for deploying testnets ! 2648 - [cmd] Added `gen_node_key` command 2649 2650 BUG FIXES 2651 2652 Some of these are breaking in the RPC response, but they're really bugs! 2653 2654 - [spec] Document address format and pubkey encoding pre and post Amino 2655 - [rpc] Lower case JSON field names 2656 - [rpc] Fix missing entries, improve, and lower case the fields in `/dump_consensus_state` 2657 - [rpc] Fix NodeInfo.Channels format to hex 2658 - [rpc] Add Validator address to `/status` 2659 - [rpc] Fix `prove` in ABCIQuery 2660 - [cmd] MarshalJSONIndent on init 2661 2662 ## 0.19.0 (April 13th, 2018) 2663 2664 BREAKING: 2665 - [cmd] improved `testnet` command; now it can fill in `persistent_peers` for you in the config file and much more (see `tendermint testnet --help` for details) 2666 - [cmd] `show_node_id` now returns an error if there is no node key 2667 - [rpc]: changed the output format for the `/status` endpoint (see https://godoc.org/github.com/tendermint/tendermint/rpc/core#Status) 2668 2669 Upgrade from go-wire to go-amino. This is a sweeping change that breaks everything that is 2670 serialized to disk or over the network. 2671 2672 See github.com/tendermint/go-amino for details on the new format. 2673 2674 See `scripts/wire2amino.go` for a tool to upgrade 2675 genesis/priv_validator/node_key JSON files. 2676 2677 FEATURES 2678 2679 - [test] docker-compose for local testnet setup (thanks Greg!) 2680 2681 ## 0.18.0 (April 6th, 2018) 2682 2683 BREAKING: 2684 2685 - [types] Merkle tree uses different encoding for varints (see tmlibs v0.8.0) 2686 - [types] ValidtorSet.GetByAddress returns -1 if no validator found 2687 - [p2p] require all addresses come with an ID no matter what 2688 - [rpc] Listening address must contain tcp:// or unix:// prefix 2689 2690 FEATURES: 2691 2692 - [rpc] StartHTTPAndTLSServer (not used yet) 2693 - [rpc] Include validator's voting power in `/status` 2694 - [rpc] `/tx` and `/tx_search` responses now include the transaction hash 2695 - [rpc] Include peer NodeIDs in `/net_info` 2696 2697 IMPROVEMENTS: 2698 - [config] trim whitespace from elements of lists (like `persistent_peers`) 2699 - [rpc] `/tx_search` results are sorted by height 2700 - [p2p] do not try to connect to ourselves (ok, maybe only once) 2701 - [p2p] seeds respond with a bias towards good peers 2702 2703 BUG FIXES: 2704 - [rpc] fix subscribing using an abci.ResponseDeliverTx tag 2705 - [rpc] fix tx_indexers matchRange 2706 - [rpc] fix unsubscribing (see tmlibs v0.8.0) 2707 2708 ## 0.17.1 (March 27th, 2018) 2709 2710 BUG FIXES: 2711 - [types] Actually support `app_state` in genesis as `AppStateJSON` 2712 2713 ## 0.17.0 (March 27th, 2018) 2714 2715 BREAKING: 2716 - [types] WriteSignBytes -> SignBytes 2717 2718 IMPROVEMENTS: 2719 - [all] renamed `dummy` (`persistent_dummy`) to `kvstore` (`persistent_kvstore`) (name "dummy" is deprecated and will not work in the next breaking release) 2720 - [docs] note on determinism (docs/determinism.rst) 2721 - [genesis] `app_options` field is deprecated. please rename it to `app_state` in your genesis file(s). `app_options` will not work in the next breaking release 2722 - [p2p] dial seeds directly without potential peers 2723 - [p2p] exponential backoff for addrs in the address book 2724 - [p2p] mark peer as good if it contributed enough votes or block parts 2725 - [p2p] stop peer if it sends incorrect data, msg to unknown channel, msg we did not expect 2726 - [p2p] when `auth_enc` is true, all dialed peers must have a node ID in their address 2727 - [spec] various improvements 2728 - switched from glide to dep internally for package management 2729 - [wire] prep work for upgrading to new go-wire (which is now called go-amino) 2730 2731 FEATURES: 2732 - [config] exposed `auth_enc` flag to enable/disable encryption 2733 - [config] added the `--p2p.private_peer_ids` flag and `PrivatePeerIDs` config variable (see config for description) 2734 - [rpc] added `/health` endpoint, which returns empty result for now 2735 - [types/priv_validator] new format and socket client, allowing for remote signing 2736 2737 BUG FIXES: 2738 - [consensus] fix liveness bug by introducing ValidBlock mechanism 2739 2740 ## 0.16.0 (February 20th, 2018) 2741 2742 BREAKING CHANGES: 2743 - [config] use $TMHOME/config for all config and json files 2744 - [p2p] old `--p2p.seeds` is now `--p2p.persistent_peers` (persistent peers to which TM will always connect to) 2745 - [p2p] now `--p2p.seeds` only used for getting addresses (if addrbook is empty; not persistent) 2746 - [p2p] NodeInfo: remove RemoteAddr and add Channels 2747 - we must have at least one overlapping channel with peer 2748 - we only send msgs for channels the peer advertised 2749 - [p2p/conn] pong timeout 2750 - [lite] comment out IAVL related code 2751 2752 FEATURES: 2753 - [p2p] added new `/dial_peers&persistent=_` **unsafe** endpoint 2754 - [p2p] persistent node key in `$THMHOME/config/node_key.json` 2755 - [p2p] introduce peer ID and authenticate peers by ID using addresses like `ID@IP:PORT` 2756 - [p2p/pex] new seed mode crawls the network and serves as a seed. 2757 - [config] MempoolConfig.CacheSize 2758 - [config] P2P.SeedMode (`--p2p.seed_mode`) 2759 2760 IMPROVEMENT: 2761 - [p2p/pex] stricter rules in the PEX reactor for better handling of abuse 2762 - [p2p] various improvements to code structure including subpackages for `pex` and `conn` 2763 - [docs] new spec! 2764 - [all] speed up the tests! 2765 2766 BUG FIX: 2767 - [blockchain] StopPeerForError on timeout 2768 - [consensus] StopPeerForError on a bad Maj23 message 2769 - [state] flush mempool conn before calling commit 2770 - [types] fix priv val signing things that only differ by timestamp 2771 - [mempool] fix memory leak causing zombie peers 2772 - [p2p/conn] fix potential deadlock 2773 2774 ## 0.15.0 (December 29, 2017) 2775 2776 BREAKING CHANGES: 2777 - [p2p] enable the Peer Exchange reactor by default 2778 - [types] add Timestamp field to Proposal/Vote 2779 - [types] add new fields to Header: TotalTxs, ConsensusParamsHash, LastResultsHash, EvidenceHash 2780 - [types] add Evidence to Block 2781 - [types] simplify ValidateBasic 2782 - [state] updates to support changes to the header 2783 - [state] Enforce <1/3 of validator set can change at a time 2784 2785 FEATURES: 2786 - [state] Send indices of absent validators and addresses of byzantine validators in BeginBlock 2787 - [state] Historical ConsensusParams and ABCIResponses 2788 - [docs] Specification for the base Tendermint data structures. 2789 - [evidence] New evidence reactor for gossiping and managing evidence 2790 - [rpc] `/block_results?height=X` returns the DeliverTx results for a given height. 2791 2792 IMPROVEMENTS: 2793 - [consensus] Better handling of corrupt WAL file 2794 2795 BUG FIXES: 2796 - [lite] fix race 2797 - [state] validate block.Header.ValidatorsHash 2798 - [p2p] allow seed addresses to be prefixed with eg. `tcp://` 2799 - [p2p] use consistent key to refer to peers so we dont try to connect to existing peers 2800 - [cmd] fix `tendermint init` to ignore files that are there and generate files that aren't. 2801 2802 ## 0.14.0 (December 11, 2017) 2803 2804 BREAKING CHANGES: 2805 - consensus/wal: removed separator 2806 - rpc/client: changed Subscribe/Unsubscribe/UnsubscribeAll funcs signatures to be identical to event bus. 2807 2808 FEATURES: 2809 - new `tendermint lite` command (and `lite/proxy` pkg) for running a light-client RPC proxy. 2810 NOTE it is currently insecure and its APIs are not yet covered by semver 2811 2812 IMPROVEMENTS: 2813 - rpc/client: can act as event bus subscriber (See https://github.com/tendermint/tendermint/issues/945). 2814 - p2p: use exponential backoff from seconds to hours when attempting to reconnect to persistent peer 2815 - config: moniker defaults to the machine's hostname instead of "anonymous" 2816 2817 BUG FIXES: 2818 - p2p: no longer exit if one of the seed addresses is incorrect 2819 2820 ## 0.13.0 (December 6, 2017) 2821 2822 BREAKING CHANGES: 2823 - abci: update to v0.8 using gogo/protobuf; includes tx tags, vote info in RequestBeginBlock, data.Bytes everywhere, use int64, etc. 2824 - types: block heights are now `int64` everywhere 2825 - types & node: EventSwitch and EventCache have been replaced by EventBus and EventBuffer; event types have been overhauled 2826 - node: EventSwitch methods now refer to EventBus 2827 - rpc/lib/types: RPCResponse is no longer a pointer; WSRPCConnection interface has been modified 2828 - rpc/client: WaitForOneEvent takes an EventsClient instead of types.EventSwitch 2829 - rpc/client: Add/RemoveListenerForEvent are now Subscribe/Unsubscribe 2830 - rpc/core/types: ResultABCIQuery wraps an abci.ResponseQuery 2831 - rpc: `/subscribe` and `/unsubscribe` take `query` arg instead of `event` 2832 - rpc: `/status` returns the LatestBlockTime in human readable form instead of in nanoseconds 2833 - mempool: cached transactions return an error instead of an ABCI response with BadNonce 2834 2835 FEATURES: 2836 - rpc: new `/unsubscribe_all` WebSocket RPC endpoint 2837 - rpc: new `/tx_search` endpoint for filtering transactions by more complex queries 2838 - p2p/trust: new trust metric for tracking peers. See ADR-006 2839 - config: TxIndexConfig allows to set what DeliverTx tags to index 2840 2841 IMPROVEMENTS: 2842 - New asynchronous events system using `tmlibs/pubsub` 2843 - logging: Various small improvements 2844 - consensus: Graceful shutdown when app crashes 2845 - tests: Fix various non-deterministic errors 2846 - p2p: more defensive programming 2847 2848 BUG FIXES: 2849 - consensus: fix panic where prs.ProposalBlockParts is not initialized 2850 - p2p: fix panic on bad channel 2851 2852 ## 0.12.1 (November 27, 2017) 2853 2854 BUG FIXES: 2855 - upgrade tmlibs dependency to enable Windows builds for Tendermint 2856 2857 ## 0.12.0 (October 27, 2017) 2858 2859 BREAKING CHANGES: 2860 - rpc/client: websocket ResultsCh and ErrorsCh unified in ResponsesCh. 2861 - rpc/client: ABCIQuery no longer takes `prove` 2862 - state: remove GenesisDoc from state. 2863 - consensus: new binary WAL format provides efficiency and uses checksums to detect corruption 2864 - use scripts/wal2json to convert to json for debugging 2865 2866 FEATURES: 2867 - new `Verifiers` pkg contains the tendermint light-client library (name subject to change)! 2868 - rpc: `/genesis` includes the `app_options` . 2869 - rpc: `/abci_query` takes an additional `height` parameter to support historical queries. 2870 - rpc/client: new ABCIQueryWithOptions supports options like `trusted` (set false to get a proof) and `height` to query a historical height. 2871 2872 IMPROVEMENTS: 2873 - rpc: `/genesis` result includes `app_options` 2874 - rpc/lib/client: add jitter to reconnects. 2875 - rpc/lib/types: `RPCError` satisfies the `error` interface. 2876 2877 BUG FIXES: 2878 - rpc/client: fix ws deadlock after stopping 2879 - blockchain: fix panic on AddBlock when peer is nil 2880 - mempool: fix sending on TxsAvailable when a tx has been invalidated 2881 - consensus: dont run WAL catchup if we fast synced 2882 2883 ## 0.11.1 (October 10, 2017) 2884 2885 IMPROVEMENTS: 2886 - blockchain/reactor: respondWithNoResponseMessage for missing height 2887 2888 BUG FIXES: 2889 - rpc: fixed client WebSocket timeout 2890 - rpc: client now resubscribes on reconnection 2891 - rpc: fix panics on missing params 2892 - rpc: fix `/dump_consensus_state` to have normal json output (NOTE: technically breaking, but worth a bug fix label) 2893 - types: fixed out of range error in VoteSet.addVote 2894 - consensus: fix wal autofile via https://github.com/tendermint/tmlibs/blob/master/CHANGELOG.md#032-october-2-2017 2895 2896 ## 0.11.0 (September 22, 2017) 2897 2898 BREAKING: 2899 - genesis file: validator `amount` is now `power` 2900 - abci: Info, BeginBlock, InitChain all take structs 2901 - rpc: various changes to match JSONRPC spec (http://www.jsonrpc.org/specification), including breaking ones: 2902 - requests that previously returned HTTP code 4XX now return 200 with an error code in the JSONRPC. 2903 - `rpctypes.RPCResponse` uses new `RPCError` type instead of `string`. 2904 2905 - cmd: if there is no genesis, exit immediately instead of waiting around for one to show. 2906 - types: `Signer.Sign` returns an error. 2907 - state: every validator set change is persisted to disk, which required some changes to the `State` structure. 2908 - p2p: new `p2p.Peer` interface used for all reactor methods (instead of `*p2p.Peer` struct). 2909 2910 FEATURES: 2911 - rpc: `/validators?height=X` allows querying of validators at previous heights. 2912 - rpc: Leaving the `height` param empty for `/block`, `/validators`, and `/commit` will return the value for the latest height. 2913 2914 IMPROVEMENTS: 2915 - docs: Moved all docs from the website and tools repo in, converted to `.rst`, and cleaned up for presentation on `tendermint.readthedocs.io` 2916 2917 BUG FIXES: 2918 - fix WAL openning issue on Windows 2919 2920 ## 0.10.4 (September 5, 2017) 2921 2922 IMPROVEMENTS: 2923 - docs: Added Slate docs to each rpc function (see rpc/core) 2924 - docs: Ported all website docs to Read The Docs 2925 - config: expose some p2p params to tweak performance: RecvRate, SendRate, and MaxMsgPacketPayloadSize 2926 - rpc: Upgrade the websocket client and server, including improved auto reconnect, and proper ping/pong 2927 2928 BUG FIXES: 2929 - consensus: fix panic on getVoteBitArray 2930 - consensus: hang instead of panicking on byzantine consensus failures 2931 - cmd: dont load config for version command 2932 2933 ## 0.10.3 (August 10, 2017) 2934 2935 FEATURES: 2936 - control over empty block production: 2937 - new flag, `--consensus.create_empty_blocks`; when set to false, blocks are only created when there are txs or when the AppHash changes. 2938 - new config option, `consensus.create_empty_blocks_interval`; an empty block is created after this many seconds. 2939 - in normal operation, `create_empty_blocks = true` and `create_empty_blocks_interval = 0`, so blocks are being created all the time (as in all previous versions of tendermint). The number of empty blocks can be reduced by increasing `create_empty_blocks_interval` or by setting `create_empty_blocks = false`. 2940 - new `TxsAvailable()` method added to Mempool that returns a channel which fires when txs are available. 2941 - new heartbeat message added to consensus reactor to notify peers that a node is waiting for txs before entering propose step. 2942 - rpc: Add `syncing` field to response returned by `/status`. Is `true` while in fast-sync mode. 2943 2944 IMPROVEMENTS: 2945 - various improvements to documentation and code comments 2946 2947 BUG FIXES: 2948 - mempool: pass height into constructor so it doesn't always start at 0 2949 2950 ## 0.10.2 (July 10, 2017) 2951 2952 FEATURES: 2953 - Enable lower latency block commits by adding consensus reactor sleep durations and p2p flush throttle timeout to the config 2954 2955 IMPROVEMENTS: 2956 - More detailed logging in the consensus reactor and state machine 2957 - More in-code documentation for many exposed functions, especially in consensus/reactor.go and p2p/switch.go 2958 - Improved readability for some function definitions and code blocks with long lines 2959 2960 ## 0.10.1 (June 28, 2017) 2961 2962 FEATURES: 2963 - Use `--trace` to get stack traces for logged errors 2964 - types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set 2965 - types: GenesisDocFromFile parses a GenesiDoc from a JSON file 2966 2967 IMPROVEMENTS: 2968 - Add a Code of Conduct 2969 - Variety of improvements as suggested by `megacheck` tool 2970 - rpc: deduplicate tests between rpc/client and rpc/tests 2971 - rpc: addresses without a protocol prefix default to `tcp://`. `http://` is also accepted as an alias for `tcp://` 2972 - cmd: commands are more easily reuseable from other tools 2973 - DOCKER: automate build/push 2974 2975 BUG FIXES: 2976 - Fix log statements using keys with spaces (logger does not currently support spaces) 2977 - rpc: set logger on websocket connection 2978 - rpc: fix ws connection stability by setting write deadline on pings 2979 2980 ## 0.10.0 (June 2, 2017) 2981 2982 Includes major updates to configuration, logging, and json serialization. 2983 Also includes the Grand Repo-Merge of 2017. 2984 2985 BREAKING CHANGES: 2986 2987 - Config and Flags: 2988 - The `config` map is replaced with a [`Config` struct](https://github.com/tendermint/tendermint/blob/master/config/config.go#L11), 2989 containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusConfig`, `RPCConfig` 2990 - This affects the following flags: 2991 - `--seeds` is now `--p2p.seeds` 2992 - `--node_laddr` is now `--p2p.laddr` 2993 - `--pex` is now `--p2p.pex` 2994 - `--skip_upnp` is now `--p2p.skip_upnp` 2995 - `--rpc_laddr` is now `--rpc.laddr` 2996 - `--grpc_laddr` is now `--rpc.grpc_laddr` 2997 - Any configuration option now within a substract must come under that heading in the `config.toml`, for instance: 2998 ``` 2999 [p2p] 3000 laddr="tcp://1.2.3.4:46656" 3001 3002 [consensus] 3003 timeout_propose=1000 3004 ``` 3005 - Use viper and `DefaultConfig() / TestConfig()` functions to handle defaults, and remove `config/tendermint` and `config/tendermint_test` 3006 - Change some function and method signatures to 3007 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) accomodate new config 3008 3009 - Logger 3010 - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`. 3011 See our new [logging library](https://github.com/tendermint/tmlibs/log) and [blog post](https://tendermint.com/blog/abstracting-the-logger-interface-in-go) for more details 3012 - Levels `warn` and `notice` are removed (you may need to change them in your `config.toml`!) 3013 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) to accept a logger 3014 3015 - JSON serialization: 3016 - Replace `[TypeByte, Xxx]` with `{"type": "some-type", "data": Xxx}` in RPC and all `.json` files by using `go-wire/data`. For instance, a public key is now: 3017 ``` 3018 "pub_key": { 3019 "type": "ed25519", 3020 "data": "83DDF8775937A4A12A2704269E2729FCFCD491B933C4B0A7FFE37FE41D7760D0" 3021 } 3022 ``` 3023 - Remove type information about RPC responses, so `[TypeByte, {"jsonrpc": "2.0", ... }]` is now just `{"jsonrpc": "2.0", ... }` 3024 - Change `[]byte` to `data.Bytes` in all serialized types (for hex encoding) 3025 - Lowercase the JSON tags in `ValidatorSet` fields 3026 - Introduce `EventDataInner` for serializing events 3027 3028 - Other: 3029 - Send InitChain message in handshake if `appBlockHeight == 0` 3030 - Do not include the `Accum` field when computing the validator hash. This makes the ValidatorSetHash unique for a given validator set, rather than changing with every block (as the Accum changes) 3031 - Unsafe RPC calls are not enabled by default. This includes `/dial_seeds`, and all calls prefixed with `unsafe`. Use the `--rpc.unsafe` flag to enable. 3032 3033 3034 FEATURES: 3035 3036 - Per-module log levels. For instance, the new default is `state:info,*:error`, which means the `state` package logs at `info` level, and everything else logs at `error` level 3037 - Log if a node is validator or not in every consensus round 3038 - Use ldflags to set git hash as part of the version 3039 - Ignore `address` and `pub_key` fields in `priv_validator.json` and overwrite them with the values derrived from the `priv_key` 3040 3041 IMPROVEMENTS: 3042 3043 - Merge `tendermint/go-p2p -> tendermint/tendermint/p2p` and `tendermint/go-rpc -> tendermint/tendermint/rpc/lib` 3044 - Update paths for grand repo merge: 3045 - `go-common -> tmlibs/common` 3046 - `go-data -> go-wire/data` 3047 - All other `go-` libs, except `go-crypto` and `go-wire`, are merged under `tmlibs` 3048 - No global loggers (loggers are passed into constructors, or preferably set with a SetLogger method) 3049 - Return HTTP status codes with errors for RPC responses 3050 - Limit `/blockchain_info` call to return a maximum of 20 blocks 3051 - Use `.Wrap()` and `.Unwrap()` instead of eg. `PubKeyS` for `go-crypto` types 3052 - RPC JSON responses use pretty printing (via `json.MarshalIndent`) 3053 - Color code different instances of the consensus for tests 3054 - Isolate viper to `cmd/tendermint/commands` and do not read config from file for tests 3055 3056 3057 ## 0.9.2 (April 26, 2017) 3058 3059 BUG FIXES: 3060 3061 - Fix bug in `ResetPrivValidator` where we were using the global config and log (causing external consumers, eg. basecoin, to fail). 3062 3063 ## 0.9.1 (April 21, 2017) 3064 3065 FEATURES: 3066 3067 - Transaction indexing - txs are indexed by their hash using a simple key-value store; easily extended to more advanced indexers 3068 - New `/tx?hash=X` endpoint to query for transactions and their DeliverTx result by hash. Optionally returns a proof of the tx's inclusion in the block 3069 - `tendermint testnet` command initializes files for a testnet 3070 3071 IMPROVEMENTS: 3072 3073 - CLI now uses Cobra framework 3074 - TMROOT is now TMHOME (TMROOT will stop working in 0.10.0) 3075 - `/broadcast_tx_XXX` also returns the Hash (can be used to query for the tx) 3076 - `/broadcast_tx_commit` also returns the height the block was committed in 3077 - ABCIResponses struct persisted to disk before calling Commit; makes handshake replay much cleaner 3078 - WAL uses #ENDHEIGHT instead of #HEIGHT (#HEIGHT will stop working in 0.10.0) 3079 - Peers included via `--seeds`, under `seeds` in the config, or in `/dial_seeds` are now persistent, and will be reconnected to if the connection breaks 3080 3081 BUG FIXES: 3082 3083 - Fix bug in fast-sync where we stop syncing after a peer is removed, even if they're re-added later 3084 - Fix handshake replay to handle validator set changes and results of DeliverTx when we crash after app.Commit but before state.Save() 3085 3086 ## 0.9.0 (March 6, 2017) 3087 3088 BREAKING CHANGES: 3089 3090 - Update ABCI to v0.4.0, where Query is now `Query(RequestQuery) ResponseQuery`, enabling precise proofs at particular heights: 3091 3092 ``` 3093 message RequestQuery{ 3094 bytes data = 1; 3095 string path = 2; 3096 uint64 height = 3; 3097 bool prove = 4; 3098 } 3099 3100 message ResponseQuery{ 3101 CodeType code = 1; 3102 int64 index = 2; 3103 bytes key = 3; 3104 bytes value = 4; 3105 bytes proof = 5; 3106 uint64 height = 6; 3107 string log = 7; 3108 } 3109 ``` 3110 3111 3112 - `BlockMeta` data type unifies its Hash and PartSetHash under a `BlockID`: 3113 3114 ``` 3115 type BlockMeta struct { 3116 BlockID BlockID `json:"block_id"` // the block hash and partsethash 3117 Header *Header `json:"header"` // The block's Header 3118 } 3119 ``` 3120 3121 - `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes. 3122 3123 - `tendermint gen_validator` command output is now pure JSON 3124 3125 FEATURES: 3126 3127 - New RPC endpoint `/commit?height=X` returns header and commit for block at height `X` 3128 - Client API for each endpoint, including mocks for testing 3129 3130 IMPROVEMENTS: 3131 3132 - `Node` is now a `BaseService` 3133 - Simplified starting Tendermint in-process from another application 3134 - Better organized Makefile 3135 - Scripts for auto-building binaries across platforms 3136 - Docker image improved, slimmed down (using Alpine), and changed from tendermint/tmbase to tendermint/tendermint 3137 - New repo files: `CONTRIBUTING.md`, Github `ISSUE_TEMPLATE`, `CHANGELOG.md` 3138 - Improvements on CircleCI for managing build/test artifacts 3139 - Handshake replay is doen through the consensus package, possibly using a mockApp 3140 - Graceful shutdown of RPC listeners 3141 - Tests for the PEX reactor and DialSeeds 3142 3143 BUG FIXES: 3144 3145 - Check peer.Send for failure before updating PeerState in consensus 3146 - Fix panic in `/dial_seeds` with invalid addresses 3147 - Fix proposer selection logic in ValidatorSet by taking the address into account in the `accumComparable` 3148 - Fix inconcistencies with `ValidatorSet.Proposer` across restarts by persisting it in the `State` 3149 3150 3151 ## 0.8.0 (January 13, 2017) 3152 3153 BREAKING CHANGES: 3154 3155 - New data type `BlockID` to represent blocks: 3156 3157 ``` 3158 type BlockID struct { 3159 Hash []byte `json:"hash"` 3160 PartsHeader PartSetHeader `json:"parts"` 3161 } 3162 ``` 3163 3164 - `Vote` data type now includes validator address and index: 3165 3166 ``` 3167 type Vote struct { 3168 ValidatorAddress []byte `json:"validator_address"` 3169 ValidatorIndex int `json:"validator_index"` 3170 Height int `json:"height"` 3171 Round int `json:"round"` 3172 Type byte `json:"type"` 3173 BlockID BlockID `json:"block_id"` // zero if vote is nil. 3174 Signature crypto.Signature `json:"signature"` 3175 } 3176 ``` 3177 3178 - Update TMSP to v0.3.0, where it is now called ABCI and AppendTx is DeliverTx 3179 - Hex strings in the RPC are now "0x" prefixed 3180 3181 3182 FEATURES: 3183 3184 - New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23, 3185 in order to track and handle conflicting votes intelligently to prevent Byzantine faults from causing halts: 3186 3187 ``` 3188 type VoteSetMaj23Message struct { 3189 Height int 3190 Round int 3191 Type byte 3192 BlockID types.BlockID 3193 } 3194 ``` 3195 3196 - Configurable block part set size 3197 - Validator set changes 3198 - Optionally skip TimeoutCommit if we have all the votes 3199 - Handshake between Tendermint and App on startup to sync latest state and ensure consistent recovery from crashes 3200 - GRPC server for BroadcastTx endpoint 3201 3202 IMPROVEMENTS: 3203 3204 - Less verbose logging 3205 - Better test coverage (37% -> 49%) 3206 - Canonical SignBytes for signable types 3207 - Write-Ahead Log for Mempool and Consensus via tmlibs/autofile 3208 - Better in-process testing for the consensus reactor and byzantine faults 3209 - Better crash/restart testing for individual nodes at preset failure points, and of networks at arbitrary points 3210 - Better abstraction over timeout mechanics 3211 3212 BUG FIXES: 3213 3214 - Fix memory leak in mempool peer 3215 - Fix panic on POLRound=-1 3216 - Actually set the CommitTime 3217 - Actually send BeginBlock message 3218 - Fix a liveness issues caused by Byzantine proposals/votes. Uses the new `Maj23Msg`. 3219 3220 3221 ## 0.7.4 (December 14, 2016) 3222 3223 FEATURES: 3224 3225 - Enable the Peer Exchange reactor with the `--pex` flag for more resilient gossip network (feature still in development, beware dragons) 3226 3227 IMPROVEMENTS: 3228 3229 - Remove restrictions on RPC endpoint `/dial_seeds` to enable manual network configuration 3230 3231 ## 0.7.3 (October 20, 2016) 3232 3233 IMPROVEMENTS: 3234 3235 - Type safe FireEvent 3236 - More WAL/replay tests 3237 - Cleanup some docs 3238 3239 BUG FIXES: 3240 3241 - Fix deadlock in mempool for synchronous apps 3242 - Replay handles non-empty blocks 3243 - Fix race condition in HeightVoteSet 3244 3245 ## 0.7.2 (September 11, 2016) 3246 3247 BUG FIXES: 3248 3249 - Set mustConnect=false so tendermint will retry connecting to the app 3250 3251 ## 0.7.1 (September 10, 2016) 3252 3253 FEATURES: 3254 3255 - New TMSP connection for Query/Info 3256 - New RPC endpoints: 3257 - `tmsp_query` 3258 - `tmsp_info` 3259 - Allow application to filter peers through Query (off by default) 3260 3261 IMPROVEMENTS: 3262 3263 - TMSP connection type enforced at compile time 3264 - All listen/client urls use a "tcp://" or "unix://" prefix 3265 3266 BUG FIXES: 3267 3268 - Save LastSignature/LastSignBytes to `priv_validator.json` for recovery 3269 - Fix event unsubscribe 3270 - Fix fastsync/blockchain reactor 3271 3272 ## 0.7.0 (August 7, 2016) 3273 3274 BREAKING CHANGES: 3275 3276 - Strict SemVer starting now! 3277 - Update to ABCI v0.2.0 3278 - Validation types now called Commit 3279 - NewBlock event only returns the block header 3280 3281 3282 FEATURES: 3283 3284 - TMSP and RPC support TCP and UNIX sockets 3285 - Addition config options including block size and consensus parameters 3286 - New WAL mode `cswal_light`; logs only the validator's own votes 3287 - New RPC endpoints: 3288 - for starting/stopping profilers, and for updating config 3289 - `/broadcast_tx_commit`, returns when tx is included in a block, else an error 3290 - `/unsafe_flush_mempool`, empties the mempool 3291 3292 3293 IMPROVEMENTS: 3294 3295 - Various optimizations 3296 - Remove bad or invalidated transactions from the mempool cache (allows later duplicates) 3297 - More elaborate testing using CircleCI including benchmarking throughput on 4 digitalocean droplets 3298 3299 BUG FIXES: 3300 3301 - Various fixes to WAL and replay logic 3302 - Various race conditions 3303 3304 ## PreHistory 3305 3306 Strict versioning only began with the release of v0.7.0, in late summer 2016. 3307 The project itself began in early summer 2014 and was workable decentralized cryptocurrency software by the end of that year. 3308 Through the course of 2015, in collaboration with Eris Industries (now Monax Industries), 3309 many additional features were integrated, including an implementation from scratch of the Ethereum Virtual Machine. 3310 That implementation now forms the heart of [Burrow](https://github.com/hyperledger/burrow). 3311 In the later half of 2015, the consensus algorithm was upgraded with a more asynchronous design and a more deterministic and robust implementation. 3312 3313 By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the 3314 invention of the Application Blockchain Interface (ABCI), then called the Tendermint Socket Protocol (TMSP). 3315 The Ethereum Virtual Machine and various other transaction features were removed, and Tendermint was whittled down to a core consensus engine 3316 driving an application running in another process. 3317 The ABCI interface and implementation were iterated on and improved over the course of 2016, 3318 until versioned history kicked in with v0.7.0.