github.com/number571/tendermint@v0.34.11-gost/CHANGELOG.md (about) 1 # Changelog 2 3 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 4 5 ## v0.34.11 6 7 *June 18, 2021* 8 9 This release improves the robustness of statesync; tweaking channel priorities and timeouts and 10 adding two new parameters to the state sync config. 11 12 ### BREAKING CHANGES 13 14 - Apps 15 - [Version] \#6494 `TMCoreSemVer` is not required to be set as a ldflag any longer. 16 17 ### IMPROVEMENTS 18 19 - [statesync] \#6566 Allow state sync fetchers and request timeout to be configurable. (@alexanderbez) 20 - [statesync] \#6378 Retry requests for snapshots and add a minimum discovery time (5s) for new snapshots. (@tychoish) 21 - [statesync] \#6582 Increase chunk priority and add multiple retry chunk requests (@cmwaters) 22 23 ### BUG FIXES 24 25 - [evidence] \#6375 Fix bug with inconsistent LightClientAttackEvidence hashing (@cmwaters) 26 27 ## v0.34.10 28 29 *April 14, 2021* 30 31 This release fixes a bug where peers would sometimes try to send messages 32 on incorrect channels. Special thanks to our friends at Oasis Labs for surfacing 33 this issue! 34 35 - [p2p/node] [\#6339](https://github.com/number571/tendermint/issues/6339) Fix bug with using custom channels (@cmwaters) 36 - [light] [\#6346](https://github.com/number571/tendermint/issues/6346) Correctly handle too high errors to improve client robustness (@cmwaters) 37 38 ## v0.34.9 39 40 *April 8, 2021* 41 42 This release fixes a moderate severity security issue, Security Advisory Alderfly, 43 which impacts all networks that rely on Tendermint light clients. 44 Further details will be released once networks have upgraded. 45 46 This release also includes a small Go API-breaking change, to reduce panics in the RPC layer. 47 48 Special thanks to our external contributors on this release: @gchaincl 49 50 ### BREAKING CHANGES 51 52 - Go API 53 - [rpc/jsonrpc/server] [\#6204](https://github.com/number571/tendermint/issues/6204) Modify `WriteRPCResponseHTTP(Error)` to return an error (@melekes) 54 55 ### FEATURES 56 57 - [rpc] [\#6226](https://github.com/number571/tendermint/issues/6226) Index block events and expose a new RPC method, `/block_search`, to allow querying for blocks by `BeginBlock` and `EndBlock` events (@alexanderbez) 58 59 ### BUG FIXES 60 61 - [rpc/jsonrpc/server] [\#6191](https://github.com/number571/tendermint/issues/6191) Correctly unmarshal `RPCRequest` when data is `null` (@melekes) 62 - [p2p] [\#6289](https://github.com/number571/tendermint/issues/6289) Fix "unknown channels" bug on CustomReactors (@gchaincl) 63 - [light/evidence] Adds logic to handle forward lunatic attacks (@cmwaters) 64 65 ## v0.34.8 66 67 *February 25, 2021* 68 69 This release, in conjunction with [a fix in the Cosmos SDK](https://github.com/cosmos/cosmos-sdk/pull/8641), 70 introduces changes that should mean the logs are much, much quieter. 🎉 71 72 ### IMPROVEMENTS 73 74 - [libs/log] [\#6174](https://github.com/number571/tendermint/issues/6174) Include timestamp (`ts` field; `time.RFC3339Nano` format) in JSON logger output (@melekes) 75 76 ### BUG FIXES 77 78 - [abci] [\#6124](https://github.com/number571/tendermint/issues/6124) Fixes a panic condition during callback execution in `ReCheckTx` during high tx load. (@alexanderbez) 79 80 ## v0.34.7 81 82 *February 18, 2021* 83 84 This release fixes a downstream security issue which impacts Cosmos SDK 85 users who are: 86 87 * Using Cosmos SDK v0.40.0 or later, AND 88 * Running validator nodes, AND 89 * Using the file-based `FilePV` implementation for their consensus keys 90 91 Users who fulfill all the above criteria were susceptible to leaking 92 private key material in the logs. All other users are unaffected. 93 94 The root cause was a discrepancy 95 between the Tendermint Core (untyped) logger and the Cosmos SDK (typed) logger: 96 Tendermint Core's logger automatically stringifies Go interfaces whenever possible; 97 however, the Cosmos SDK's logger uses reflection to log the fields within a Go interface. 98 99 The introduction of the typed logger meant that previously un-logged fields within 100 interfaces are now sometimes logged, including the private key material inside the 101 `FilePV` struct. 102 103 Tendermint Core v0.34.7 fixes this issue; however, we strongly recommend that all validators 104 use remote signer implementations instead of `FilePV` in production. 105 106 Thank you to @joe-bowman for his assistance with this vulnerability and a particular 107 shout-out to @marbar3778 for diagnosing it quickly. 108 109 ### BUG FIXES 110 111 - [consensus] [\#6128](https://github.com/number571/tendermint/pull/6128) Remove privValidator from log call (@tessr) 112 113 ## v0.34.6 114 115 *February 18, 2021* 116 117 _Tendermint Core v0.34.5 and v0.34.6 have been recalled due to release tooling problems._ 118 119 ## v0.34.4 120 121 *February 11, 2021* 122 123 This release includes a fix for a memory leak in the evidence reactor (see #6068, below). 124 All Tendermint clients are recommended to upgrade. 125 Thank you to our friends at Crypto.com for the initial report of this memory leak! 126 127 Special thanks to other external contributors on this release: @yayajacky, @odidev, @laniehei, and @c29r3! 128 129 ### BUG FIXES 130 131 - [light] [\#6022](https://github.com/number571/tendermint/pull/6022) Fix a bug when the number of validators equals 100 (@melekes) 132 - [light] [\#6026](https://github.com/number571/tendermint/pull/6026) Fix a bug when height isn't provided for the rpc calls: `/commit` and `/validators` (@cmwaters) 133 - [evidence] [\#6068](https://github.com/number571/tendermint/pull/6068) Terminate broadcastEvidenceRoutine when peer is stopped (@melekes) 134 135 ## v0.34.3 136 137 *January 19, 2021* 138 139 This release includes a fix for a high-severity security vulnerability, 140 a DoS-vector that impacted Tendermint Core v0.34.0-v0.34.2. For more details, see 141 [Security Advisory Mulberry](https://github.com/number571/tendermint/security/advisories/GHSA-p658-8693-mhvg) 142 or https://nvd.nist.gov/vuln/detail/CVE-2021-21271. 143 144 Tendermint Core v0.34.3 also updates GoGo Protobuf to 1.3.2 in order to pick up the fix for 145 https://nvd.nist.gov/vuln/detail/CVE-2021-3121. 146 147 ### BUG FIXES 148 149 - [evidence] [[security fix]](https://github.com/number571/tendermint/security/advisories/GHSA-p658-8693-mhvg) Use correct source of evidence time (@cmwaters) 150 - [proto] [\#5886](https://github.com/number571/tendermint/pull/5889) Bump gogoproto to 1.3.2 (@marbar3778) 151 152 ## v0.34.2 153 154 *January 12, 2021* 155 156 This release fixes a substantial bug in evidence handling where evidence could 157 sometimes be broadcast before the block containing that evidence was fully committed, 158 resulting in some nodes panicking when trying to verify said evidence. 159 160 ### BREAKING CHANGES 161 162 - Go API 163 - [libs/os] [\#5871](https://github.com/number571/tendermint/issues/5871) `EnsureDir` now propagates IO errors and checks the file type (@erikgrinaker) 164 165 ### BUG FIXES 166 167 - [evidence] [\#5890](https://github.com/number571/tendermint/pull/5890) Add a buffer to evidence from consensus to avoid broadcasting and proposing evidence before the 168 height of such an evidence has finished (@cmwaters) 169 - [statesync] [\#5889](https://github.com/number571/tendermint/issues/5889) Set `LastHeightConsensusParamsChanged` when bootstrapping Tendermint state (@cmwaters) 170 171 ## v0.34.1 172 173 *January 6, 2021* 174 175 Special thanks to external contributors on this release: 176 177 @p4u from vocdoni.io reported that the mempool might behave incorrectly under a 178 high load. The consequences can range from pauses between blocks to the peers 179 disconnecting from this node. As a temporary remedy (until the mempool package 180 is refactored), the `max-batch-bytes` was disabled. Transactions will be sent 181 one by one without batching. 182 183 ### BREAKING CHANGES 184 185 - CLI/RPC/Config 186 - [cli] [\#5786](https://github.com/number571/tendermint/issues/5786) deprecate snake_case commands for hyphen-case (@cmwaters) 187 188 - Go API 189 - [libs/protoio] [\#5868](https://github.com/number571/tendermint/issues/5868) Return number of bytes read in `Reader.ReadMsg()` (@erikgrinaker) 190 191 ### IMPROVEMENTS 192 193 - [mempool] [\#5813](https://github.com/number571/tendermint/issues/5813) Add `keep-invalid-txs-in-cache` config option. When set to true, mempool will keep invalid transactions in the cache (@p4u) 194 195 ### BUG FIXES 196 197 - [crypto] [\#5707](https://github.com/number571/tendermint/issues/5707) Fix infinite recursion in string formatting of Secp256k1 keys (@erikgrinaker) 198 - [mempool] [\#5800](https://github.com/number571/tendermint/issues/5800) Disable `max-batch-bytes` (@melekes) 199 - [p2p] [\#5868](https://github.com/number571/tendermint/issues/5868) Fix inbound traffic statistics and rate limiting in `MConnection` (@erikgrinaker) 200 201 ## v0.34.0 202 203 *November 19, 2020* 204 205 Holy smokes, this is a big one! For a more reader-friendly overview of the changes in 0.34.0 206 (and of the changes you need to accommodate as a user), check out [UPGRADING.md](UPGRADING.md). 207 208 Special thanks to external contributors on this release: @james-ray, @fedekunze, @favadi, @alessio, 209 @joe-bowman, @cuonglm, @SadPencil and @dongsam. 210 211 ### BREAKING CHANGES 212 213 - CLI/RPC/Config 214 215 - [config] [\#5315](https://github.com/number571/tendermint/pull/5315) Rename `prof_laddr` to `pprof_laddr` and move it to `rpc` section (@melekes) 216 - [evidence] [\#4959](https://github.com/number571/tendermint/pull/4959) Add JSON tags to `DuplicateVoteEvidence` (@marbar3778) 217 - [light] [\#4946](https://github.com/number571/tendermint/pull/4946) `tendermint lite` command has been renamed to `tendermint light` (@marbar3778) 218 - [privval] [\#4582](https://github.com/number571/tendermint/pull/4582) `round` in private_validator_state.json is no longer JSON string; instead it is a number (@marbar3778) 219 - [rpc] [\#4792](https://github.com/number571/tendermint/pull/4792) `/validators` are now sorted by voting power (@melekes) 220 - [rpc] [\#4947](https://github.com/number571/tendermint/pull/4947) Return an error when `page` pagination param is 0 in `/validators`, `tx_search` (@melekes) 221 - [rpc] [\#5137](https://github.com/number571/tendermint/pull/5137) JSON tags of `gasWanted` and `gasUsed` in `ResponseCheckTx` and `ResponseDeliverTx` have been made snake_case (`gas_wanted` and `gas_used`) (@marbar3778) 222 - [rpc] [\#5315](https://github.com/number571/tendermint/pull/5315) Remove `/unsafe_start_cpu_profiler`, `/unsafe_stop_cpu_profiler` and `/unsafe_write_heap_profile`. Please use pprof functionality instead (@melekes) 223 - [rpc/client, rpc/jsonrpc/client] [\#5347](https://github.com/number571/tendermint/pull/5347) All client methods now accept `context.Context` as 1st param (@melekes) 224 225 - Apps 226 227 - [abci] [\#4704](https://github.com/number571/tendermint/pull/4704) Add ABCI methods `ListSnapshots`, `LoadSnapshotChunk`, `OfferSnapshot`, and `ApplySnapshotChunk` for state sync snapshots. `ABCIVersion` bumped to 0.17.0. (@erikgrinaker) 228 - [abci] [\#4989](https://github.com/number571/tendermint/pull/4989) `Proof` within `ResponseQuery` has been renamed to `ProofOps` (@marbar3778) 229 - [abci] [\#5096](https://github.com/number571/tendermint/pull/5096) `CheckTxType` Protobuf enum names are now uppercase, to follow Protobuf style guide (@erikgrinaker) 230 - [abci] [\#5324](https://github.com/number571/tendermint/pull/5324) ABCI evidence type is now an enum with two types of possible evidence (@cmwaters) 231 232 - P2P Protocol 233 234 - [blockchain] [\#4637](https://github.com/number571/tendermint/pull/4637) Migrate blockchain reactor(s) to Protobuf encoding (@marbar3778) 235 - [evidence] [\#4949](https://github.com/number571/tendermint/pull/4949) Migrate evidence reactor to Protobuf encoding (@marbar3778) 236 - [mempool] [\#4940](https://github.com/number571/tendermint/pull/4940) Migrate mempool from to Protobuf encoding (@marbar3778) 237 - [mempool] [\#5321](https://github.com/number571/tendermint/pull/5321) Batch transactions when broadcasting them to peers (@melekes) 238 - `MaxBatchBytes` new config setting defines the max size of one batch. 239 - [p2p/pex] [\#4973](https://github.com/number571/tendermint/pull/4973) Migrate `p2p/pex` reactor to Protobuf encoding (@marbar3778) 240 - [statesync] [\#4943](https://github.com/number571/tendermint/pull/4943) Migrate state sync reactor to Protobuf encoding (@marbar3778) 241 242 - Blockchain Protocol 243 244 - [evidence] [\#4725](https://github.com/number571/tendermint/pull/4725) Remove `Pubkey` from `DuplicateVoteEvidence` (@marbar3778) 245 - [evidence] [\#5499](https://github.com/number571/tendermint/pull/5449) Cap evidence to a maximum number of bytes (supercedes [\#4780](https://github.com/number571/tendermint/pull/4780)) (@cmwaters) 246 - [merkle] [\#5193](https://github.com/number571/tendermint/pull/5193) Header hashes are no longer empty for empty inputs, notably `DataHash`, `EvidenceHash`, and `LastResultsHash` (@erikgrinaker) 247 - [state] [\#4845](https://github.com/number571/tendermint/pull/4845) Include `GasWanted` and `GasUsed` into `LastResultsHash` (@melekes) 248 - [types] [\#4792](https://github.com/number571/tendermint/pull/4792) Sort validators by voting power to enable faster commit verification (@melekes) 249 250 - On-disk serialization 251 252 - [state] [\#4679](https://github.com/number571/tendermint/pull/4679) Migrate state module to Protobuf encoding (@marbar3778) 253 - `BlockStoreStateJSON` is now `BlockStoreState` and is encoded as binary in the database 254 - [store] [\#4778](https://github.com/number571/tendermint/pull/4778) Migrate store module to Protobuf encoding (@marbar3778) 255 256 - Light client, private validator 257 258 - [light] [\#4964](https://github.com/number571/tendermint/pull/4964) Migrate light module migration to Protobuf encoding (@marbar3778) 259 - [privval] [\#4985](https://github.com/number571/tendermint/pull/4985) Migrate `privval` module to Protobuf encoding (@marbar3778) 260 261 - Go API 262 263 - [consensus] [\#4582](https://github.com/number571/tendermint/pull/4582) RoundState: `Round`, `LockedRound` & `CommitRound` are now `int32` (@marbar3778) 264 - [consensus] [\#4582](https://github.com/number571/tendermint/pull/4582) HeightVoteSet: `round` is now `int32` (@marbar3778) 265 - [crypto] [\#4721](https://github.com/number571/tendermint/pull/4721) Remove `SimpleHashFromMap()` and `SimpleProofsFromMap()` (@erikgrinaker) 266 - [crypto] [\#4940](https://github.com/number571/tendermint/pull/4940) All keys have become `[]byte` instead of `[<size>]byte`. The byte method no longer returns the marshaled value but just the `[]byte` form of the data. (@marbar3778) 267 - [crypto] [\#4988](https://github.com/number571/tendermint/pull/4988) Removal of key type multisig (@marbar3778) 268 - The key has been moved to the [Cosmos-SDK](https://github.com/cosmos/cosmos-sdk/blob/master/crypto/types/multisig/multisignature.go) 269 - [crypto] [\#4989](https://github.com/number571/tendermint/pull/4989) Remove `Simple` prefixes from `SimpleProof`, `SimpleValueOp` & `SimpleProofNode`. (@marbar3778) 270 - `merkle.Proof` has been renamed to `ProofOps`. 271 - Protobuf messages `Proof` & `ProofOp` has been moved to `proto/crypto/merkle` 272 - `SimpleHashFromByteSlices` has been renamed to `HashFromByteSlices` 273 - `SimpleHashFromByteSlicesIterative` has been renamed to `HashFromByteSlicesIterative` 274 - `SimpleProofsFromByteSlices` has been renamed to `ProofsFromByteSlices` 275 - [crypto] [\#4941](https://github.com/number571/tendermint/pull/4941) Remove suffixes from all keys. (@marbar3778) 276 - ed25519: type `PrivKeyEd25519` is now `PrivKey` 277 - ed25519: type `PubKeyEd25519` is now `PubKey` 278 - secp256k1: type`PrivKeySecp256k1` is now `PrivKey` 279 - secp256k1: type`PubKeySecp256k1` is now `PubKey` 280 - sr25519: type `PrivKeySr25519` is now `PrivKey` 281 - sr25519: type `PubKeySr25519` is now `PubKey` 282 - [crypto] [\#5214](https://github.com/number571/tendermint/pull/5214) Change `GenPrivKeySecp256k1` to `GenPrivKeyFromSecret` to be consistent with other keys (@marbar3778) 283 - [crypto] [\#5236](https://github.com/number571/tendermint/pull/5236) `VerifyBytes` is now `VerifySignature` on the `crypto.PubKey` interface (@marbar3778) 284 - [evidence] [\#5361](https://github.com/number571/tendermint/pull/5361) Add LightClientAttackEvidence and change evidence interface (@cmwaters) 285 - [libs] [\#4831](https://github.com/number571/tendermint/pull/4831) Remove `Bech32` pkg from Tendermint. This pkg now lives in the [cosmos-sdk](https://github.com/cosmos/cosmos-sdk/tree/4173ea5ebad906dd9b45325bed69b9c655504867/types/bech32) (@marbar3778) 286 - [light] [\#4946](https://github.com/number571/tendermint/pull/4946) Rename `lite2` pkg to `light`. Remove `lite` implementation. (@marbar3778) 287 - [light] [\#5347](https://github.com/number571/tendermint/pull/5347) `NewClient`, `NewHTTPClient`, `VerifyHeader` and `VerifyLightBlockAtHeight` now accept `context.Context` as 1st param (@melekes) 288 - [merkle] [\#5193](https://github.com/number571/tendermint/pull/5193) `HashFromByteSlices` and `ProofsFromByteSlices` now return a hash for empty inputs, following RFC6962 (@erikgrinaker) 289 - [proto] [\#5025](https://github.com/number571/tendermint/pull/5025) All proto files have been moved to `/proto` directory. (@marbar3778) 290 - Using the recommended the file layout from buf, [see here for more info](https://buf.build/docs/lint-checkers#file_layout) 291 - [rpc/client] [\#4947](https://github.com/number571/tendermint/pull/4947) `Validators`, `TxSearch` `page`/`per_page` params become pointers (@melekes) 292 - `UnconfirmedTxs` `limit` param is a pointer 293 - [rpc/jsonrpc/server] [\#5141](https://github.com/number571/tendermint/pull/5141) Remove `WriteRPCResponseArrayHTTP` (use `WriteRPCResponseHTTP` instead) (@melekes) 294 - [state] [\#4679](https://github.com/number571/tendermint/pull/4679) `TxResult` is a Protobuf type defined in `abci` types directory (@marbar3778) 295 - [state] [\#5191](https://github.com/number571/tendermint/pull/5191) Add `State.InitialHeight` field to record initial block height, must be `1` (not `0`) to start from 1 (@erikgrinaker) 296 - [state] [\#5231](https://github.com/number571/tendermint/pull/5231) `LoadStateFromDBOrGenesisFile()` and `LoadStateFromDBOrGenesisDoc()` no longer saves the state in the database if not found, the genesis state is simply returned (@erikgrinaker) 297 - [state] [\#5348](https://github.com/number571/tendermint/pull/5348) Define an Interface for the state store. (@marbar3778) 298 - [types] [\#4939](https://github.com/number571/tendermint/pull/4939) `SignedMsgType` has moved to a Protobuf enum types (@marbar3778) 299 - [types] [\#4962](https://github.com/number571/tendermint/pull/4962) `ConsensusParams`, `BlockParams`, `EvidenceParams`, `ValidatorParams` & `HashedParams` are now Protobuf types (@marbar3778) 300 - [types] [\#4852](https://github.com/number571/tendermint/pull/4852) Vote & Proposal `SignBytes` is now func `VoteSignBytes` & `ProposalSignBytes` (@marbar3778) 301 - [types] [\#4798](https://github.com/number571/tendermint/pull/4798) Simplify `VerifyCommitTrusting` func + remove extra validation (@melekes) 302 - [types] [\#4845](https://github.com/number571/tendermint/pull/4845) Remove `ABCIResult` (@melekes) 303 - [types] [\#5029](https://github.com/number571/tendermint/pull/5029) Rename all values from `PartsHeader` to `PartSetHeader` to have consistency (@marbar3778) 304 - [types] [\#4939](https://github.com/number571/tendermint/pull/4939) `Total` in `Parts` & `PartSetHeader` has been changed from a `int` to a `uint32` (@marbar3778) 305 - [types] [\#4939](https://github.com/number571/tendermint/pull/4939) Vote: `ValidatorIndex` & `Round` are now `int32` (@marbar3778) 306 - [types] [\#4939](https://github.com/number571/tendermint/pull/4939) Proposal: `POLRound` & `Round` are now `int32` (@marbar3778) 307 - [types] [\#4939](https://github.com/number571/tendermint/pull/4939) Block: `Round` is now `int32` (@marbar3778) 308 309 ### FEATURES 310 311 - [abci] [\#5031](https://github.com/number571/tendermint/pull/5031) Add `AppVersion` to consensus parameters (@james-ray) 312 - This makes it possible to update your ABCI application version via `EndBlock` response 313 - [abci] [\#5174](https://github.com/number571/tendermint/pull/5174) Remove `MockEvidence` in favor of testing with actual evidence types (`DuplicateVoteEvidence` & `LightClientAttackEvidence`) (@cmwaters) 314 - [abci] [\#5191](https://github.com/number571/tendermint/pull/5191) Add `InitChain.InitialHeight` field giving the initial block height (@erikgrinaker) 315 - [abci] [\#5227](https://github.com/number571/tendermint/pull/5227) Add `ResponseInitChain.app_hash` which is recorded in genesis block (@erikgrinaker) 316 - [config] [\#5147](https://github.com/number571/tendermint/pull/5147) Add `--consensus.double_sign_check_height` flag and `DoubleSignCheckHeight` config variable. See [ADR-51](https://github.com/number571/tendermint/blob/master/docs/architecture/adr-051-double-signing-risk-reduction.md) (@dongsam) 317 - [db] [\#5233](https://github.com/number571/tendermint/pull/5233) Add support for `badgerdb` database backend (@erikgrinaker) 318 - [evidence] [\#4532](https://github.com/number571/tendermint/pull/4532) Handle evidence from light clients (@melekes) 319 - [evidence] [#4821](https://github.com/number571/tendermint/pull/4821) Amnesia (light client attack) evidence can be detected, verified and committed (@cmwaters) 320 - [genesis] [\#5191](https://github.com/number571/tendermint/pull/5191) Add `initial_height` field to specify the initial chain height (defaults to `1`) (@erikgrinaker) 321 - [libs/math] [\#5665](https://github.com/number571/tendermint/pull/5665) Make fractions unsigned integers (uint64) (@cmwaters) 322 - [light] [\#5298](https://github.com/number571/tendermint/pull/5298) Morph validator set and signed header into light block (@cmwaters) 323 - [p2p] [\#4981](https://github.com/number571/tendermint/pull/4981) Expose `SaveAs` func on NodeKey (@melekes) 324 - [privval] [\#5239](https://github.com/number571/tendermint/pull/5239) Add `chainID` to requests from client. (@marbar3778) 325 - [rpc] [\#4532](https://github.com/number571/tendermint/pull/4923) Support `BlockByHash` query (@fedekunze) 326 - [rpc] [\#4979](https://github.com/number571/tendermint/pull/4979) Support EXISTS operator in `/tx_search` query (@melekes) 327 - [rpc] [\#5017](https://github.com/number571/tendermint/pull/5017) Add `/check_tx` endpoint to check transactions without executing them or adding them to the mempool (@melekes) 328 - [rpc] [\#5108](https://github.com/number571/tendermint/pull/5108) Subscribe using the websocket for new evidence events (@cmwaters) 329 - [statesync] Add state sync support, where a new node can be rapidly bootstrapped by fetching state snapshots from peers instead of replaying blocks. See the `[statesync]` config section. 330 - [evidence] [\#5361](https://github.com/number571/tendermint/pull/5361) Add LightClientAttackEvidence and refactor evidence lifecycle - for more information see [ADR-059](https://github.com/number571/tendermint/blob/master/docs/architecture/adr-059-evidence-composition-and-lifecycle.md) (@cmwaters) 331 332 ### IMPROVEMENTS 333 334 - [blockchain] [\#5278](https://github.com/number571/tendermint/pull/5278) Verify only +2/3 of the signatures in a block when fast syncing. (@marbar3778) 335 - [consensus] [\#4578](https://github.com/number571/tendermint/pull/4578) Attempt to repair the consensus WAL file (`data/cs.wal/wal`) automatically in case of corruption (@alessio) 336 - The original WAL file will be backed up to `data/cs.wal/wal.CORRUPTED`. 337 - [consensus] [\#5143](https://github.com/number571/tendermint/pull/5143) Only call `privValidator.GetPubKey` once per block (@melekes) 338 - [evidence] [\#4722](https://github.com/number571/tendermint/pull/4722) Consolidate evidence store and pool types to improve evidence DB (@cmwaters) 339 - [evidence] [\#4839](https://github.com/number571/tendermint/pull/4839) Reject duplicate evidence from being proposed (@cmwaters) 340 - [evidence] [\#5219](https://github.com/number571/tendermint/pull/5219) Change the source of evidence time to block time (@cmwaters) 341 - [libs] [\#5126](https://github.com/number571/tendermint/pull/5126) Add a sync package which wraps sync.(RW)Mutex & deadlock.(RW)Mutex and use a build flag (deadlock) in order to enable deadlock checking (@marbar3778) 342 - [light] [\#4935](https://github.com/number571/tendermint/pull/4935) Fetch and compare a new header with witnesses in parallel (@melekes) 343 - [light] [\#4929](https://github.com/number571/tendermint/pull/4929) Compare header with witnesses only when doing bisection (@melekes) 344 - [light] [\#4916](https://github.com/number571/tendermint/pull/4916) Validate basic for inbound validator sets and headers before further processing them (@cmwaters) 345 - [mempool] Add RemoveTxByKey() exported function for custom mempool cleaning (@p4u) 346 - [p2p/conn] [\#4795](https://github.com/number571/tendermint/pull/4795) Return err on `signChallenge()` instead of panic 347 - [privval] [\#5437](https://github.com/number571/tendermint/pull/5437) `NewSignerDialerEndpoint` can now be given `SignerServiceEndpointOption` (@erikgrinaker) 348 - [rpc] [\#4968](https://github.com/number571/tendermint/pull/4968) JSON encoding is now handled by `libs/json`, not Amino (@erikgrinaker) 349 - [rpc] [\#5293](https://github.com/number571/tendermint/pull/5293) `/dial_peers` has added `private` and `unconditional` as parameters. (@marbar3778) 350 - [state] [\#4781](https://github.com/number571/tendermint/pull/4781) Export `InitStateVersion` for the initial state version (@erikgrinaker) 351 - [txindex] [\#4466](https://github.com/number571/tendermint/pull/4466) Allow to index an event at runtime (@favadi) 352 - `abci.EventAttribute` replaces `KV.Pair` 353 - [types] [\#4905](https://github.com/number571/tendermint/pull/4905) Add `ValidateBasic` to validator and validator set (@cmwaters) 354 - [types] [\#5340](https://github.com/number571/tendermint/pull/5340) Add check in `Header.ValidateBasic()` for block protocol version (@marbar3778) 355 - [types] [\#5490](https://github.com/number571/tendermint/pull/5490) Use `Commit` and `CommitSig` max sizes instead of vote max size to calculate the maximum block size. (@cmwaters) 356 357 358 ### BUG FIXES 359 360 - [abci/grpc] [\#5520](https://github.com/number571/tendermint/pull/5520) Return async responses in order, to avoid mempool panics. (@erikgrinaker) 361 - [blockchain/v2] [\#4971](https://github.com/number571/tendermint/pull/4971) Correctly set block store base in status responses (@erikgrinaker) 362 - [blockchain/v2] [\#5499](https://github.com/number571/tendermint/pull/5499) Fix "duplicate block enqueued by processor" panic (@melekes) 363 - [blockchain/v2] [\#5530](https://github.com/number571/tendermint/pull/5530) Fix out of order block processing panic (@melekes) 364 - [blockchain/v2] [\#5553](https://github.com/number571/tendermint/pull/5553) Make the removal of an already removed peer a noop (@melekes) 365 - [consensus] [\#4895](https://github.com/number571/tendermint/pull/4895) Cache the address of the validator to reduce querying a remote KMS (@joe-bowman) 366 - [consensus] [\#4970](https://github.com/number571/tendermint/pull/4970) Don't allow `LastCommitRound` to be negative (@cuonglm) 367 - [consensus] [\#5329](https://github.com/number571/tendermint/pull/5329) Fix wrong proposer schedule for validators returned by `InitChain` (@erikgrinaker) 368 - [docker] [\#5385](https://github.com/number571/tendermint/pull/5385) Fix incorrect `time_iota_ms` default setting causing block timestamp drift (@erikgrinaker) 369 - [evidence] [\#5170](https://github.com/number571/tendermint/pull/5170) Change ABCI evidence time to the time the infraction happened not the time the evidence was committed on the block (@cmwaters) 370 - [evidence] [\#5610](https://github.com/number571/tendermint/pull/5610) Make it possible for ABCI evidence to be formed from Tendermint evidence (@cmwaters) 371 - [libs/rand] [\#5215](https://github.com/number571/tendermint/pull/5215) Fix out-of-memory error on unexpected argument of Str() (@SadPencil) 372 - [light] [\#5307](https://github.com/number571/tendermint/pull/5307) Persist correct proposer priority in light client validator sets (@cmwaters) 373 - [p2p] [\#5136](https://github.com/number571/tendermint/pull/5136) Fix error for peer with the same ID but different IPs (@valardragon) 374 - [privval] [\#5638](https://github.com/number571/tendermint/pull/5638) Increase read/write timeout to 5s and calculate ping interval based on it (@JoeKash) 375 - [proxy] [\#5078](https://github.com/number571/tendermint/pull/5078) Force Tendermint to exit when ABCI app crashes (@melekes) 376 - [rpc] [\#5660](https://github.com/number571/tendermint/pull/5660) Set `application/json` as the `Content-Type` header in RPC responses. (@alexanderbez) 377 - [store] [\#5382](https://github.com/number571/tendermint/pull/5382) Fix race conditions when loading/saving/pruning blocks (@erikgrinaker) 378 379 ## v0.33.8 380 381 *August 11, 2020* 382 383 ### Go security update 384 385 Go reported a security vulnerability that affected the `encoding/binary` package. The most recent binary for tendermint is using 1.14.6, for this 386 reason the Tendermint engineering team has opted to conduct a release to aid users in using the correct version of Go. Read more about the security issue [here](https://github.com/golang/go/issues/40618). 387 388 389 ## v0.33.7 390 391 *August 4, 2020* 392 393 ### BUG FIXES: 394 395 - [go] Build release binary using Go 1.14.4, to avoid halt caused by Go 1.14.1 (https://github.com/golang/go/issues/38223) 396 - [privval] [\#5140](https://github.com/number571/tendermint/pull/5140) `RemoteSignerError` from remote signers are no longer retried (@melekes) 397 398 399 ## v0.33.6 400 401 *July 2, 2020* 402 403 This security release fixes: 404 405 ### Denial of service 406 407 Tendermint 0.33.0 and above allow block proposers to include signatures for the 408 wrong block. This may happen naturally if you start a network, have it run for 409 some time and restart it **without changing the chainID**. (It is a 410 [misconfiguration](https://docs.tendermint.com/master/tendermint-core/using-tendermint.html) 411 to reuse chainIDs.) Correct block proposers will accidentally include signatures 412 for the wrong block if they see these signatures, and then commits won't validate, 413 making all proposed blocks invalid. A malicious validator (even with a minimal 414 amount of stake) can use this vulnerability to completely halt the network. 415 416 Tendermint 0.33.6 checks all the signatures are for the block with +2/3 417 majority before creating a commit. 418 419 ### False Witness 420 421 Tendermint 0.33.1 and above are no longer fully verifying commit signatures 422 during block execution - they stop after +2/3. This means proposers can propose 423 blocks that contain valid +2/3 signatures and then the rest of the signatures 424 can be whatever they want. They can claim that all the other validators signed 425 just by including a CommitSig with arbitrary signature data. While this doesn't 426 seem to impact safety of Tendermint per se, it means that Commits may contain a 427 lot of invalid data. 428 429 _This was already true of blocks, since they could include invalid txs filled 430 with garbage, but in that case the application knew that they are invalid and 431 could punish the proposer. But since applications didn't--and don't-- 432 verify commit signatures directly (they trust Tendermint to do that), 433 they won't be able to detect it._ 434 435 This can impact incentivization logic in the application that depends on the 436 LastCommitInfo sent in BeginBlock, which includes which validators signed. For 437 instance, Gaia incentivizes proposers with a bonus for including more than +2/3 438 of the signatures. But a proposer can now claim that bonus just by including 439 arbitrary data for the final -1/3 of validators without actually waiting for 440 their signatures. There may be other tricks that can be played because of this. 441 442 Tendermint 0.33.6 verifies all the signatures during block execution. 443 444 _Please note that the light client does not check nil votes and exits as soon 445 as 2/3+ of the signatures are checked._ 446 447 **All clients are recommended to upgrade.** 448 449 Special thanks to @njmurarka at Bluzelle Networks for reporting this. 450 451 ### SECURITY: 452 453 - [consensus] Do not allow signatures for a wrong block in commits (@ebuchman) 454 - [consensus] Verify all the signatures during block execution (@melekes) 455 456 **Please note that the fix for the False Witness issue renames the `VerifyCommitTrusting` 457 function to `VerifyCommitLightTrusting`. If you were relying on the light client, you may 458 need to update your code.** 459 460 ## v0.33.5 461 462 *May 28, 2020* 463 464 Special thanks to external contributors on this release: @tau3, 465 466 ### BREAKING CHANGES: 467 468 - Go API 469 470 - [privval] [\#4744](https://github.com/number571/tendermint/pull/4744) Remove deprecated `OldFilePV` (@melekes) 471 - [mempool] [\#4759](https://github.com/number571/tendermint/pull/4759) Modify `Mempool#InitWAL` to return an error (@melekes) 472 - [node] [\#4832](https://github.com/number571/tendermint/pull/4832) `ConfigureRPC` returns an error (@melekes) 473 - [rpc] [\#4836](https://github.com/number571/tendermint/pull/4836) Overhaul `lib` folder (@melekes) 474 Move lib/ folder to jsonrpc/. 475 Rename: 476 rpc package -> jsonrpc package 477 rpcclient package -> client package 478 rpcserver package -> server package 479 JSONRPCClient to Client 480 JSONRPCRequestBatch to RequestBatch 481 JSONRPCCaller to Caller 482 StartHTTPServer to Serve 483 StartHTTPAndTLSServer to ServeTLS 484 NewURIClient to NewURI 485 NewJSONRPCClient to New 486 NewJSONRPCClientWithHTTPClient to NewWithHTTPClient 487 NewWSClient to NewWS 488 Unexpose ResponseWriterWrapper 489 Remove unused http_params.go 490 491 492 ### FEATURES: 493 494 - [pex] [\#4439](https://github.com/number571/tendermint/pull/4439) Use highwayhash for pex buckets (@tau3) 495 496 ### IMPROVEMENTS: 497 498 - [abci/server] [\#4719](https://github.com/number571/tendermint/pull/4719) Print panic & stack trace to STDERR if logger is not set (@melekes) 499 - [types] [\#4638](https://github.com/number571/tendermint/pull/4638) Implement `Header#ValidateBasic` (@alexanderbez) 500 - [buildsystem] [\#4378](https://github.com/number571/tendermint/pull/4738) Replace build_c and install_c with TENDERMINT_BUILD_OPTIONS parsing. The following options are available: 501 - nostrip: don't strip debugging symbols nor DWARF tables. 502 - cleveldb: use cleveldb as db backend instead of goleveldb. 503 - race: pass -race to go build and enable data race detection. 504 - [mempool] [\#4759](https://github.com/number571/tendermint/pull/4759) Allow ReapX and CheckTx functions to run in parallel (@melekes) 505 - [rpc/core] [\#4844](https://github.com/number571/tendermint/pull/4844) Do not lock consensus state in `/validators`, `/consensus_params` and `/status` (@melekes) 506 507 ### BUG FIXES: 508 509 - [blockchain/v2] [\#4761](https://github.com/number571/tendermint/pull/4761) Fix excessive CPU usage caused by spinning on closed channels (@erikgrinaker) 510 - [blockchain/v2] Respect `fast_sync` option (@erikgrinaker) 511 - [light] [\#4741](https://github.com/number571/tendermint/pull/4741) Correctly return `ErrSignedHeaderNotFound` and `ErrValidatorSetNotFound` on corresponding RPC errors (@erikgrinaker) 512 - [rpc] [\#4805](https://github.com/number571/tendermint/issues/4805) Attempt to handle panics during panic recovery (@erikgrinaker) 513 - [types] [\#4764](https://github.com/number571/tendermint/pull/4764) Return an error if voting power overflows in `VerifyCommitTrusting` (@melekes) 514 - [privval] [\#4812](https://github.com/number571/tendermint/pull/4812) Retry `GetPubKey/SignVote/SignProposal` a few times before returning an error (@melekes) 515 - [p2p] [\#4847](https://github.com/number571/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 516 517 ## v0.33.4 518 519 - Nodes are no longer guaranteed to contain all blocks up to the latest height. The ABCI app can now control which blocks to retain through the ABCI field `ResponseCommit.retain_height`, all blocks and associated data below this height will be removed. 520 521 *April 21, 2020* 522 523 Special thanks to external contributors on this release: @whylee259, @greg-szabo 524 525 ### BREAKING CHANGES: 526 527 - Go API 528 529 - [lite2] [\#4616](https://github.com/number571/tendermint/pull/4616) Make `maxClockDrift` an option `Verify/VerifyAdjacent/VerifyNonAdjacent` now accept `maxClockDrift time.Duration` (@melekes). 530 - [rpc/client] [\#4628](https://github.com/number571/tendermint/pull/4628) Split out HTTP and local clients into `http` and `local` packages (@erikgrinaker). 531 532 ### FEATURES: 533 534 - [abci] [\#4588](https://github.com/number571/tendermint/issues/4588) Add `ResponseCommit.retain_height` field, which will automatically remove blocks below this height. This bumps the ABCI version to 0.16.2 (@erikgrinaker). 535 - [cmd] [\#4665](https://github.com/number571/tendermint/pull/4665) New `tendermint completion` command to generate Bash/Zsh completion scripts (@alessio). 536 - [rpc] [\#4588](https://github.com/number571/tendermint/issues/4588) Add `/status` response fields for the earliest block available on the node (@erikgrinaker). 537 - [rpc] [\#4611](https://github.com/number571/tendermint/pull/4611) Add `codespace` to `ResultBroadcastTx` (@whylee259). 538 539 ### IMPROVEMENTS: 540 541 - [all] [\#4608](https://github.com/number571/tendermint/pull/4608) Give reactors descriptive names when they're initialized (@tessr). 542 - [blockchain] [\#4588](https://github.com/number571/tendermint/issues/4588) Add `Base` to blockchain reactor P2P messages `StatusRequest` and `StatusResponse` (@erikgrinaker). 543 - [Docker] [\#4569](https://github.com/number571/tendermint/issues/4569) Default configuration added to docker image (you can still mount your own config the same way) (@greg-szabo). 544 - [example/kvstore] [\#4588](https://github.com/number571/tendermint/issues/4588) Add `RetainBlocks` option to control block retention (@erikgrinaker). 545 - [evidence] [\#4632](https://github.com/number571/tendermint/pull/4632) Inbound evidence checked if already existing (@cmwaters). 546 - [lite2] [\#4575](https://github.com/number571/tendermint/pull/4575) Use bisection for within-range verification (@cmwaters). 547 - [lite2] [\#4562](https://github.com/number571/tendermint/pull/4562) Cache headers when using bisection (@cmwaters). 548 - [p2p] [\#4548](https://github.com/number571/tendermint/pull/4548) Add ban list to address book (@cmwaters). 549 - [privval] [\#4534](https://github.com/number571/tendermint/issues/4534) Add `error` as a return value on`GetPubKey()` (@marbar3778). 550 - [p2p] [\#4621](https://github.com/number571/tendermint/issues/4621) Ban peers when messages are unsolicited or too frequent (@cmwaters). 551 - [rpc] [\#4703](https://github.com/number571/tendermint/pull/4703) Add `count` and `total` to `/validators` response (@melekes). 552 - [tools] [\#4615](https://github.com/number571/tendermint/issues/4615) Allow developers to use Docker to generate proto stubs, via `make proto-gen-docker` (@erikgrinaker). 553 554 ### BUG FIXES: 555 556 - [rpc] [\#4568](https://github.com/number571/tendermint/issues/4568) Fix panic when `Subscribe` is called, but HTTP client is not running. `Subscribe`, `Unsubscribe(All)` methods return an error now (@melekes). 557 558 ## v0.33.3 559 560 *April 6, 2020* 561 562 This security release fixes: 563 564 ### Denial of service 1 565 566 Tendermint 0.33.2 and earlier does not limit P2P connection requests number. 567 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 568 memory is garbage collected once the connection is terminated (due to duplicate 569 IP or reaching a maximum number of inbound peers), temporary memory spikes can 570 lead to OOM (Out-Of-Memory) exceptions. 571 572 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 573 connection requests to to `p2p.max_num_inbound_peers + 574 len(p2p.unconditional_peer_ids)`. 575 576 Notes: 577 578 - Tendermint does not rate limit P2P connection requests per IP (an attacker 579 can saturate all the inbound slots); 580 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 581 endpoints to the public, please make sure to put in place some protection 582 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 583 the future ([\#1696](https://github.com/number571/tendermint/issues/1696)). 584 585 ### Denial of service 2 586 587 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 588 removed in `Mempool` reactor. This does not happen all the time. It only 589 happens when a connection fails (for any reason) before the Peer is created and 590 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 591 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 592 maximum size of 65535 and the node will panic if this map reaches the maximum. 593 An attacker can create a lot of connection attempts (exploiting Denial of 594 service 1), which ultimately will lead to the node panicking. 595 596 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 597 which is executed before `MConnection` is started. 598 599 Notes: 600 601 - `InitPeer` function was added to all reactors to combat a similar issue - 602 [\#3338](https://github.com/number571/tendermint/issues/3338); 603 - Denial of service 2 is independent of Denial of service 1 and can be executed 604 without it. 605 606 **All clients are recommended to upgrade** 607 608 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 609 and reporting this. 610 611 ### SECURITY: 612 613 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 614 - [p2p] Limit the number of incoming connections (@melekes) 615 616 ## v0.33.2 617 618 *March 11, 2020* 619 620 Special thanks to external contributors on this release: 621 @antho1404, @michaelfig, @gterzian, @tau3, @Shivani912 622 623 ### BREAKING CHANGES: 624 625 - CLI/RPC/Config 626 - [cli] [\#4505](https://github.com/number571/tendermint/pull/4505) `tendermint lite` sub-command new syntax (@melekes): 627 `lite cosmoshub-3 -p 52.57.29.196:26657 -w public-seed-node.cosmoshub.certus.one:26657 628 --height 962118 --hash 28B97BE9F6DE51AC69F70E0B7BFD7E5C9CD1A595B7DC31AFF27C50D4948` 629 630 - Go API 631 - [lite2] [\#4535](https://github.com/number571/tendermint/pull/4535) Remove `Start/Stop` (@melekes) 632 - [lite2] [\#4469](https://github.com/number571/tendermint/issues/4469) Remove `RemoveNoLongerTrustedHeaders` and `RemoveNoLongerTrustedHeadersPeriod` option (@cmwaters) 633 - [lite2] [\#4473](https://github.com/number571/tendermint/issues/4473) Return height as a 2nd param in `TrustedValidatorSet` (@melekes) 634 - [lite2] [\#4536](https://github.com/number571/tendermint/pull/4536) `Update` returns a signed header (1st param) (@melekes) 635 636 637 ### IMPROVEMENTS: 638 639 - [blockchain/v2] [\#4361](https://github.com/number571/tendermint/pull/4361) Add reactor (@brapse) 640 - [cmd] [\#4515](https://github.com/number571/tendermint/issues/4515) Change `tendermint debug dump` sub-command archives filename's format (@melekes) 641 - [consensus] [\#3583](https://github.com/number571/tendermint/issues/3583) Reduce `non-deterministic signature` log noise (@tau3) 642 - [examples/kvstore] [\#4507](https://github.com/number571/tendermint/issues/4507) ABCI query now returns the proper height (@erikgrinaker) 643 - [lite2] [\#4462](https://github.com/number571/tendermint/issues/4462) Add `NewHTTPClient` and `NewHTTPClientFromTrustedStore` (@cmwaters) 644 - [lite2] [\#4329](https://github.com/number571/tendermint/issues/4329) modified bisection to loop (@cmwaters) 645 - [lite2] [\#4385](https://github.com/number571/tendermint/issues/4385) Disconnect from bad nodes (@melekes) 646 - [lite2] [\#4398](https://github.com/number571/tendermint/issues/4398) Add `VerifyAdjacent` and `VerifyNonAdjacent` funcs (@cmwaters) 647 - [lite2] [\#4426](https://github.com/number571/tendermint/issues/4426) Don't save intermediate headers (@cmwaters) 648 - [lite2] [\#4464](https://github.com/number571/tendermint/issues/4464) Cross-check first header (@cmwaters) 649 - [lite2] [\#4470](https://github.com/number571/tendermint/issues/4470) Fix inconsistent header-validatorset pairing (@melekes) 650 - [lite2] [\#4488](https://github.com/number571/tendermint/issues/4488) Allow local clock drift -10 sec. (@melekes) 651 - [p2p] [\#4449](https://github.com/number571/tendermint/pull/4449) Use `curve25519.X25519()` instead of `ScalarMult` (@erikgrinaker) 652 - [types] [\#4417](https://github.com/number571/tendermint/issues/4417) **VerifyCommitX() functions should return as soon as +2/3 threshold is reached** (@alessio). 653 - [libs/kv] [\#4542](https://github.com/number571/tendermint/pull/4542) remove unused type KI64Pair (@tessr) 654 655 ### BUG FIXES: 656 657 - [cmd] [\#4303](https://github.com/number571/tendermint/issues/4303) Show useful error when Tendermint is not initialized (@melekes) 658 - [cmd] [\#4515](https://github.com/number571/tendermint/issues/4515) **Fix `tendermint debug kill` sub-command** (@melekes) 659 - [rpc] [\#3935](https://github.com/number571/tendermint/issues/3935) **Create buffered subscriptions on `/subscribe`** (@melekes) 660 - [rpc] [\#4375](https://github.com/number571/tendermint/issues/4375) Stop searching for txs in `/tx_search` upon client timeout (@gterzian) 661 - [rpc] [\#4406](https://github.com/number571/tendermint/pull/4406) Fix issue with multiple subscriptions on the websocket (@antho1404) 662 - [rpc] [\#4432](https://github.com/number571/tendermint/issues/4432) Fix `/tx_search` pagination with ordered results (@erikgrinaker) 663 - [rpc] [\#4492](https://github.com/number571/tendermint/issues/4492) Keep the original subscription "id" field when new RPCs come in (@michaelfig) 664 665 666 ## v0.33.1 667 668 *Feburary 13, 2020* 669 670 Special thanks to external contributors on this release: 671 @princesinha19 672 673 ### FEATURES: 674 675 - [rpc] [\#3333](https://github.com/number571/tendermint/issues/3333) Add `order_by` to `/tx_search` endpoint, allowing to change default ordering from asc to desc (@princesinha19) 676 677 ### IMPROVEMENTS: 678 679 - [proto] [\#4369](https://github.com/number571/tendermint/issues/4369) Add [buf](https://buf.build/) for usage with linting and checking if there are breaking changes with the master branch. 680 - [proto] [\#4369](https://github.com/number571/tendermint/issues/4369) Add `make proto-gen` cmd to generate proto stubs outside of GOPATH. 681 682 ### BUG FIXES: 683 684 - [node] [\#4311](https://github.com/number571/tendermint/issues/4311) Use `GRPCMaxOpenConnections` when creating the gRPC server, not `MaxOpenConnections` 685 - [rpc] [\#4319](https://github.com/number571/tendermint/issues/4319) Check `BlockMeta` is not nil in `/block` & `/block_by_hash` 686 687 ## v0.33 688 689 Special thanks to external contributors on this release: @mrekucci, @PSalant726, @princesinha19, @greg-szabo, @dongsam, @cuonglm, @jgimeno, @yenkhoon 690 691 *January 14, 2020* 692 693 This release contains breaking changes to the `Block#Header`, specifically 694 `NumTxs` and `TotalTxs` were removed (\#2521). Here's how this change affects 695 different modules: 696 697 - apps: it breaks the ABCI header field numbering 698 - state: it breaks the format of `State` on disk 699 - RPC: all RPC requests which expose the header broke 700 - Go API: the `Header` broke 701 - P2P: since blocks go over the wire, technically the P2P protocol broke 702 703 Also, blocks are significantly smaller 🔥 because we got rid of the redundant 704 information in `Block#LastCommit`. `Commit` now mainly consists of a signature 705 and a validator address plus a timestamp. Note we may remove the validator 706 address & timestamp fields in the future (see ADR-25). 707 708 `lite2` package has been added to solve `lite` issues and introduce weak 709 subjectivity interface. Refer to the [spec](https://github.com/tendermint/spec/blob/master/spec/consensus/light-client.md) for complete details. 710 `lite` package is now deprecated and will be removed in v0.34 release. 711 712 ### BREAKING CHANGES: 713 714 - CLI/RPC/Config 715 716 - [rpc] [\#3471](https://github.com/number571/tendermint/issues/3471) Paginate `/validators` response (default: 30 vals per page) 717 - [rpc] [\#3188](https://github.com/number571/tendermint/issues/3188) Remove `BlockMeta` in `ResultBlock` in favor of `BlockId` for `/block` 718 - [rpc] `/block_results` response format updated (see RPC docs for details) 719 ``` 720 { 721 "jsonrpc": "2.0", 722 "id": "", 723 "result": { 724 "height": "2109", 725 "txs_results": null, 726 "begin_block_events": null, 727 "end_block_events": null, 728 "validator_updates": null, 729 "consensus_param_updates": null 730 } 731 } 732 ``` 733 - [rpc] [\#4141](https://github.com/number571/tendermint/pull/4141) Remove `#event` suffix from the ID in event responses. 734 `{"jsonrpc": "2.0", "id": 0, "result": ...}` 735 - [rpc] [\#4141](https://github.com/number571/tendermint/pull/4141) Switch to integer IDs instead of `json-client-XYZ` 736 ``` 737 id=0 method=/subscribe 738 id=0 result=... 739 id=1 method=/abci_query 740 id=1 result=... 741 ``` 742 - ID is unique for each request; 743 - Request.ID is now optional. Notification is a Request without an ID. Previously ID="" or ID=0 were considered as notifications. 744 745 - [config] [\#4046](https://github.com/number571/tendermint/issues/4046) Rename tag(s) to CompositeKey & places where tag is still present it was renamed to event or events. Find how a compositeKey is constructed [here](https://github.com/number571/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md) 746 - You will have to generate a new config for your Tendermint node(s) 747 - [genesis] [\#2565](https://github.com/number571/tendermint/issues/2565) Add `consensus_params.evidence.max_age_duration`. Rename 748 `consensus_params.evidence.max_age` to `max_age_num_blocks`. 749 - [cli] [\#1771](https://github.com/number571/tendermint/issues/1771) `tendermint lite` now uses new light client package (`lite2`) 750 and has 3 more flags: `--trusting-period`, `--trusted-height` and 751 `--trusted-hash` 752 753 - Apps 754 755 - [tm-bench] Removed tm-bench in favor of [tm-load-test](https://github.com/informalsystems/tm-load-test) 756 757 - Go API 758 759 - [rpc] [\#3953](https://github.com/number571/tendermint/issues/3953) Modify NewHTTP, NewXXXClient functions to return an error on invalid remote instead of panicking (@mrekucci) 760 - [rpc/client] [\#3471](https://github.com/number571/tendermint/issues/3471) `Validators` now requires two more args: `page` and `perPage` 761 - [libs/common] [\#3262](https://github.com/number571/tendermint/issues/3262) Make error the last parameter of `Task` (@PSalant726) 762 - [cs/types] [\#3262](https://github.com/number571/tendermint/issues/3262) Rename `GotVoteFromUnwantedRoundError` to `ErrGotVoteFromUnwantedRound` (@PSalant726) 763 - [libs/common] [\#3862](https://github.com/number571/tendermint/issues/3862) Remove `errors.go` from `libs/common` 764 - [libs/common] [\#4230](https://github.com/number571/tendermint/issues/4230) Move `KV` out of common to its own pkg 765 - [libs/common] [\#4230](https://github.com/number571/tendermint/issues/4230) Rename `cmn.KVPair(s)` to `kv.Pair(s)`s 766 - [libs/common] [\#4232](https://github.com/number571/tendermint/issues/4232) Move `Service` & `BaseService` from `libs/common` to `libs/service` 767 - [libs/common] [\#4232](https://github.com/number571/tendermint/issues/4232) Move `common/nil.go` to `types/utils.go` & make the functions private 768 - [libs/common] [\#4231](https://github.com/number571/tendermint/issues/4231) Move random functions from `libs/common` into pkg `rand` 769 - [libs/common] [\#4237](https://github.com/number571/tendermint/issues/4237) Move byte functions from `libs/common` into pkg `bytes` 770 - [libs/common] [\#4237](https://github.com/number571/tendermint/issues/4237) Move throttletimer functions from `libs/common` into pkg `timer` 771 - [libs/common] [\#4237](https://github.com/number571/tendermint/issues/4237) Move tempfile functions from `libs/common` into pkg `tempfile` 772 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move os functions from `libs/common` into pkg `os` 773 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move net functions from `libs/common` into pkg `net` 774 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move mathematical functions and types out of `libs/common` to `math` pkg 775 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move string functions out of `libs/common` to `strings` pkg 776 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move async functions out of `libs/common` to `async` pkg 777 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move bit functions out of `libs/common` to `bits` pkg 778 - [libs/common] [\#4240](https://github.com/number571/tendermint/issues/4240) Move cmap functions out of `libs/common` to `cmap` pkg 779 - [libs/common] [\#4258](https://github.com/number571/tendermint/issues/4258) Remove `Rand` from all `rand` pkg functions 780 - [types] [\#2565](https://github.com/number571/tendermint/issues/2565) Remove `MockBadEvidence` & `MockGoodEvidence` in favor of `MockEvidence` 781 782 - Blockchain Protocol 783 784 - [abci] [\#2521](https://github.com/number571/tendermint/issues/2521) Remove `TotalTxs` and `NumTxs` from `Header` 785 - [types] [\#4151](https://github.com/number571/tendermint/pull/4151) Enforce ordering of votes in DuplicateVoteEvidence to be lexicographically sorted on BlockID 786 - [types] [\#1648](https://github.com/number571/tendermint/issues/1648) Change `Commit` to consist of just signatures 787 788 - P2P Protocol 789 790 - [p2p] [\#3668](https://github.com/number571/tendermint/pull/3668) Make `SecretConnection` non-malleable 791 792 - [proto] [\#3986](https://github.com/number571/tendermint/pull/3986) Prefix protobuf types to avoid name conflicts. 793 - ABCI becomes `tendermint.abci.types` with the new API endpoint `/tendermint.abci.types.ABCIApplication/` 794 - core_grpc becomes `tendermint.rpc.grpc` with the new API endpoint `/tendermint.rpc.grpc.BroadcastAPI/` 795 - merkle becomes `tendermint.crypto.merkle` 796 - libs.common becomes `tendermint.libs.common` 797 - proto3 becomes `tendermint.types.proto3` 798 799 ### FEATURES: 800 801 - [p2p] [\#4053](https://github.com/number571/tendermint/issues/4053) Add `unconditional_peer_ids` and `persistent_peers_max_dial_period` config variables (see ADR-050) (@dongsam) 802 - [tools] [\#4227](https://github.com/number571/tendermint/pull/4227) Implement `tendermint debug kill` and 803 `tendermint debug dump` commands for Tendermint node debugging functionality. See `--help` in both 804 commands for further documentation and usage. 805 - [cli] [\#4234](https://github.com/number571/tendermint/issues/4234) Add `--db_backend and --db_dir` flags (@princesinha19) 806 - [cli] [\#4113](https://github.com/number571/tendermint/issues/4113) Add optional `--genesis_hash` flag to check genesis hash upon startup 807 - [config] [\#3831](https://github.com/number571/tendermint/issues/3831) Add support for [RocksDB](https://rocksdb.org/) (@Stumble) 808 - [rpc] [\#3985](https://github.com/number571/tendermint/issues/3985) Add new `/block_by_hash` endpoint, which allows to fetch a block by its hash (@princesinha19) 809 - [metrics] [\#4263](https://github.com/number571/tendermint/issues/4263) Add 810 - `consensus_validator_power`: track your validators power 811 - `consensus_validator_last_signed_height`: track at which height the validator last signed 812 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 813 as gauges in prometheus for validator specific metrics 814 - [rpc/lib] [\#4248](https://github.com/number571/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 815 - [lite2] [\#1771](https://github.com/number571/tendermint/issues/1771) Light client with weak subjectivity 816 817 ### IMPROVEMENTS: 818 819 - [rpc] [\#3188](https://github.com/number571/tendermint/issues/3188) Added `block_size` to `BlockMeta` this is reflected in `/blockchain` 820 - [types] [\#2521](https://github.com/number571/tendermint/issues/2521) Add `NumTxs` to `BlockMeta` and `EventDataNewBlockHeader` 821 - [p2p] [\#4185](https://github.com/number571/tendermint/pull/4185) Simplify `SecretConnection` handshake with merlin 822 - [cli] [\#4065](https://github.com/number571/tendermint/issues/4065) Add `--consensus.create_empty_blocks_interval` flag (@jgimeno) 823 - [docs] [\#4065](https://github.com/number571/tendermint/issues/4065) Document `--consensus.create_empty_blocks_interval` flag (@jgimeno) 824 - [crypto] [\#4190](https://github.com/number571/tendermint/pull/4190) Added SR25519 signature scheme 825 - [abci] [\#4177] kvstore: Return `LastBlockHeight` and `LastBlockAppHash` in `Info` (@princesinha19) 826 - [rpc] [\#2741](https://github.com/number571/tendermint/issues/2741) Add `proposer` to `/consensus_state` response (@princesinha19) 827 - [deps] [\#4289](https://github.com/number571/tendermint/pull/4289) Update tm-db to 0.4.0, this includes major breaking changes in the dep that change how errors are handled. 828 829 ### BUG FIXES: 830 831 - [rpc/lib][\#4051](https://github.com/number571/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 832 - [rpc] [\#4141](https://github.com/number571/tendermint/pull/4141) JSONRPCClient: validate that Response.ID matches Request.ID 833 - [rpc] [\#4141](https://github.com/number571/tendermint/pull/4141) WSClient: check for unsolicited responses 834 - [types] [\4164](https://github.com/number571/tendermint/pull/4164) Prevent temporary power overflows on validator updates 835 - [cs] [\#4069](https://github.com/number571/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 836 - [types] [\#4164](https://github.com/number571/tendermint/issues/4164) Prevent temporary power overflows on validator updates (joint 837 efforts of @gchaincl and @ancazamfir) 838 - [p2p] [\#4140](https://github.com/number571/tendermint/issues/4140) `SecretConnection`: use the transcript solely for authentication (i.e. MAC) 839 - [consensus/types] [\#4243](https://github.com/number571/tendermint/issues/4243) fix BenchmarkRoundStateDeepCopy panics (@cuonglm) 840 - [rpc] [\#4256](https://github.com/number571/tendermint/issues/4256) Pass `outCapacity` to `eventBus#Subscribe` when subscribing using a local client 841 842 ## v0.32.13 843 844 *August 5, 2020* 845 846 ### BUG FIXES 847 848 - [privval] [\#5112](https://github.com/number571/tendermint/issues/5112) If remote signer errors, don't retry (@melekes) 849 850 ## v0.32.12 851 852 *May 19, 2020* 853 854 ### BUG FIXES 855 856 - [p2p] [\#4847](https://github.com/number571/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 857 858 ## v0.32.11 859 860 *April 29, 2020* 861 862 ### BUG FIXES: 863 864 - [privval] [\#4275](https://github.com/number571/tendermint/issues/4275) Fix consensus failure when remote signer drops (@melekes) 865 866 ## v0.32.10 867 868 *April 6, 2020* 869 870 This security release fixes: 871 872 ### Denial of Service 1 873 874 Tendermint 0.33.2 and earlier does not limit the number of P2P connection 875 requests. For each p2p connection, Tendermint allocates ~0.5MB. Even though 876 this memory is garbage collected once the connection is terminated (due to 877 duplicate IP or reaching a maximum number of inbound peers), temporary memory 878 spikes can lead to OOM (Out-Of-Memory) exceptions. 879 880 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 881 connection requests to to `p2p.max_num_inbound_peers + 882 len(p2p.unconditional_peer_ids)`. 883 884 Notes: 885 886 - Tendermint does not rate limit P2P connection requests per IP (an attacker 887 can saturate all the inbound slots); 888 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 889 endpoints to the public, please make sure to put in place some protection 890 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 891 the future ([\#1696](https://github.com/number571/tendermint/issues/1696)). 892 893 ### Denial of Service 2 894 895 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 896 removed in `Mempool` reactor. This does not happen all the time. It only 897 happens when a connection fails (for any reason) before the Peer is created and 898 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 899 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 900 maximum size of 65535 and the node will panic if this map reaches the maximum. 901 An attacker can create a lot of connection attempts (exploiting Denial of 902 Service 1), which ultimately will lead to the node panicking. 903 904 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 905 which is executed before `MConnection` is started. 906 907 Notes: 908 909 - `InitPeer` function was added to all reactors to combat a similar issue - 910 [\#3338](https://github.com/number571/tendermint/issues/3338); 911 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 912 without it. 913 914 **All clients are recommended to upgrade** 915 916 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 917 and reporting this. 918 919 ### SECURITY: 920 921 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 922 - [p2p] Limit the number of incoming connections (@melekes) 923 924 ## v0.32.9 925 926 _January, 9, 2020_ 927 928 Special thanks to external contributors on this release: @greg-szabo, @gregzaitsev, @yenkhoon 929 930 ### FEATURES: 931 932 - [rpc/lib] [\#4248](https://github.com/number571/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 933 934 - [metrics] [\#4294](https://github.com/number571/tendermint/pull/4294) Add 935 - `consensus_validator_power`: track your validators power 936 - `consensus_validator_last_signed_height`: track at which height the validator last signed 937 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 938 as gauges in prometheus for validator specific metrics 939 940 ### BUG FIXES: 941 942 - [rpc/lib] [\#4131](https://github.com/number571/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 943 - [cs] [\#4069](https://github.com/number571/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 944 945 ## v0.32.8 946 947 *November 19, 2019* 948 949 Special thanks to external contributors on this release: @erikgrinaker, @guagualvcha, @hsyis, @cosmostuba, @whunmr, @austinabell 950 951 952 ### BREAKING CHANGES: 953 954 - Go API 955 956 - [libs/pubsub] [\#4070](https://github.com/number571/tendermint/pull/4070) `Query#(Matches|Conditions)` returns an error. 957 958 ### IMPROVEMENTS: 959 960 - [mempool] [\#4083](https://github.com/number571/tendermint/pull/4083) Added TxInfo parameter to CheckTx(), and removed CheckTxWithInfo() (@erikgrinaker) 961 - [mempool] [\#4057](https://github.com/number571/tendermint/issues/4057) Include peer ID when logging rejected txns (@erikgrinaker) 962 - [tools] [\#4023](https://github.com/number571/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker) 963 - [p2p] [\#3991](https://github.com/number571/tendermint/issues/3991) Log "has been established or dialed" as debug log instead of Error for connected peers (@whunmr) 964 - [rpc] [\#4077](https://github.com/number571/tendermint/pull/4077) Added support for `EXISTS` clause to the Websocket query interface. 965 - [privval] Add `SignerDialerEndpointRetryWaitInterval` option (@cosmostuba) 966 - [crypto] Add `RegisterKeyType` to amino to allow external key types registration (@austinabell) 967 968 ### BUG FIXES: 969 970 - [libs/pubsub] [\#4070](https://github.com/number571/tendermint/pull/4070) Strip out non-numeric characters when attempting to match numeric values. 971 - [libs/pubsub] [\#4070](https://github.com/number571/tendermint/pull/4070) No longer panic in Query#(Matches|Conditions) preferring to return an error instead. 972 - [tools] [\#4023](https://github.com/number571/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker) 973 - [state] [\#4104](https://github.com/number571/tendermint/pull/4104) txindex/kv: Fsync data to disk immediately after receiving it (@guagualvcha) 974 - [state] [\#4095](https://github.com/number571/tendermint/pull/4095) txindex/kv: Return an error if there's one when the user searches for a tx (hash=X) (@hsyis) 975 976 ## v0.32.7 977 978 *October 18, 2019* 979 980 This security release fixes a vulnerability found in the `consensus` package, 981 where an attacker could construct a `BlockPartMessage` message in such a way 982 that it will lead to consensus failure. A few similar issues have been 983 identified and fixed here. 984 985 **All clients are recommended to upgrade** 986 987 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 988 and reporting this. 989 990 ### BREAKING CHANGES: 991 992 - Go API 993 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 994 they fail to write a message 995 996 ### SECURITY: 997 998 - [consensus] Validate incoming messages more throughly 999 1000 ## v0.32.6 1001 1002 *October 8, 2019* 1003 1004 The previous patch was insufficient because the attacker could still find a way 1005 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 1006 with `nil` subpubkeys for example. 1007 1008 This release provides multiple fixes, which include recovering from panics when 1009 accepting new peers and only allowing `ed25519` pubkeys. 1010 1011 **All clients are recommended to upgrade** 1012 1013 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 1014 this out. 1015 1016 ### SECURITY: 1017 1018 - [p2p] [\#4030](https://github.com/number571/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 1019 1020 ## v0.32.5 1021 1022 *October 1, 2019* 1023 1024 This release fixes a major security vulnerability found in the `p2p` package. 1025 All clients are recommended to upgrade. See 1026 [\#4030](https://github.com/number571/tendermint/issues/4030) for details. 1027 1028 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 1029 and reporting this issue. 1030 1031 ### SECURITY: 1032 1033 - [p2p] [\#4030](https://github.com/number571/tendermint/issues/4030) Fix for panic on nil public key send to a peer 1034 1035 ## v0.32.4 1036 1037 *September 19, 2019* 1038 1039 Special thanks to external contributors on this release: @jon-certik, @gracenoah, @PSalant726, @gchaincl 1040 1041 ### BREAKING CHANGES: 1042 1043 - CLI/RPC/Config 1044 - [rpc] [\#3984](https://github.com/number571/tendermint/issues/3984) Add `MempoolClient` interface to `Client` interface 1045 1046 ### IMPROVEMENTS: 1047 1048 - [rpc] [\#2010](https://github.com/number571/tendermint/issues/2010) Add NewHTTPWithClient and NewJSONRPCClientWithHTTPClient (note these and NewHTTP, NewJSONRPCClient functions panic if remote is invalid) (@gracenoah) 1049 - [rpc] [\#3882](https://github.com/number571/tendermint/issues/3882) Add custom marshalers to proto messages to disable `omitempty` 1050 - [deps] [\#3952](https://github.com/number571/tendermint/pull/3952) bump github.com/go-kit/kit from 0.6.0 to 0.9.0 1051 - [deps] [\#3951](https://github.com/number571/tendermint/pull/3951) bump github.com/stretchr/testify from 1.3.0 to 1.4.0 1052 - [deps] [\#3945](https://github.com/number571/tendermint/pull/3945) bump github.com/gorilla/websocket from 1.2.0 to 1.4.1 1053 - [deps] [\#3948](https://github.com/number571/tendermint/pull/3948) bump github.com/libp2p/go-buffer-pool from 0.0.1 to 0.0.2 1054 - [deps] [\#3943](https://github.com/number571/tendermint/pull/3943) bump github.com/fortytw2/leaktest from 1.2.0 to 1.3.0 1055 - [deps] [\#3939](https://github.com/number571/tendermint/pull/3939) bump github.com/rs/cors from 1.6.0 to 1.7.0 1056 - [deps] [\#3937](https://github.com/number571/tendermint/pull/3937) bump github.com/magiconair/properties from 1.8.0 to 1.8.1 1057 - [deps] [\#3947](https://github.com/number571/tendermint/pull/3947) update gogo/protobuf version from v1.2.1 to v1.3.0 1058 - [deps] [\#4001](https://github.com/number571/tendermint/pull/4001) bump github.com/tendermint/tm-db from 0.1.1 to 0.2.0 1059 1060 ### BUG FIXES: 1061 1062 - [consensus] [\#3908](https://github.com/number571/tendermint/issues/3908) Wait `timeout_commit` to pass even if `create_empty_blocks` is `false` 1063 - [mempool] [\#3968](https://github.com/number571/tendermint/issues/3968) Fix memory loading error on 32-bit machines (@jon-certik) 1064 1065 ## v0.32.3 1066 1067 *August 28, 2019* 1068 1069 @climber73 wrote the [Writing a Tendermint Core application in Java 1070 (gRPC)](https://github.com/number571/tendermint/blob/master/docs/guides/java.md) 1071 guide. 1072 1073 Special thanks to external contributors on this release: 1074 @gchaincl, @bluele, @climber73 1075 1076 ### IMPROVEMENTS: 1077 1078 - [consensus] [\#3839](https://github.com/number571/tendermint/issues/3839) Reduce "Error attempting to add vote" message severity (Error -> Info) 1079 - [mempool] [\#3877](https://github.com/number571/tendermint/pull/3877) Make `max_tx_bytes` configurable instead of `max_msg_bytes` (@bluele) 1080 - [privval] [\#3370](https://github.com/number571/tendermint/issues/3370) Refactor and simplify validator/kms connection handling. Please refer to [this comment](https://github.com/number571/tendermint/pull/3370#issue-257360971) for details 1081 - [rpc] [\#3880](https://github.com/number571/tendermint/issues/3880) Document endpoints with `swagger`, introduce contract tests of implementation against documentation 1082 1083 ### BUG FIXES: 1084 1085 - [config] [\#3868](https://github.com/number571/tendermint/issues/3868) Move misplaced `max_msg_bytes` into mempool section (@bluele) 1086 - [rpc] [\#3910](https://github.com/number571/tendermint/pull/3910) Fix DATA RACE in HTTP client (@gchaincl) 1087 - [store] [\#3893](https://github.com/number571/tendermint/issues/3893) Fix "Unregistered interface types.Evidence" panic 1088 1089 ## v0.32.2 1090 1091 *July 31, 2019* 1092 1093 Special thanks to external contributors on this release: 1094 @ruseinov, @bluele, @guagualvcha 1095 1096 ### BREAKING CHANGES: 1097 1098 - Go API 1099 - [libs] [\#3811](https://github.com/number571/tendermint/issues/3811) Remove `db` from libs in favor of `https://github.com/tendermint/tm-db` 1100 1101 ### FEATURES: 1102 1103 - [blockchain] [\#3561](https://github.com/number571/tendermint/issues/3561) Add early version of the new blockchain reactor, which is supposed to be more modular and testable compared to the old version. To try it, you'll have to change `version` in the config file, [here](https://github.com/number571/tendermint/blob/master/config/toml.go#L303) NOTE: It's not ready for a production yet. For further information, see [ADR-40](https://github.com/number571/tendermint/blob/master/docs/architecture/adr-040-blockchain-reactor-refactor.md) & [ADR-43](https://github.com/number571/tendermint/blob/master/docs/architecture/adr-043-blockchain-riri-org.md) 1104 - [mempool] [\#3826](https://github.com/number571/tendermint/issues/3826) Make `max_msg_bytes` configurable(@bluele) 1105 - [node] [\#3846](https://github.com/number571/tendermint/pull/3846) Allow replacing existing p2p.Reactor(s) using [`CustomReactors` 1106 option](https://godoc.org/github.com/number571/tendermint/node#CustomReactors). 1107 Warning: beware of accidental name clashes. Here is the list of existing 1108 reactors: MEMPOOL, BLOCKCHAIN, CONSENSUS, EVIDENCE, PEX. 1109 - [rpc] [\#3818](https://github.com/number571/tendermint/issues/3818) Make `max_body_bytes` and `max_header_bytes` configurable(@bluele) 1110 - [rpc] [\#2252](https://github.com/number571/tendermint/issues/2252) Add `/broadcast_evidence` endpoint to submit double signing and other types of evidence 1111 1112 ### IMPROVEMENTS: 1113 1114 - [abci] [\#3809](https://github.com/number571/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 1115 - [p2p] [\#3664](https://github.com/number571/tendermint/issues/3664) p2p/conn: reuse buffer when write/read from secret connection(@guagualvcha) 1116 - [p2p] [\#3834](https://github.com/number571/tendermint/issues/3834) Do not write 'Couldn't connect to any seeds' error log if there are no seeds in config file 1117 - [rpc] [\#3076](https://github.com/number571/tendermint/issues/3076) Improve transaction search performance 1118 1119 ### BUG FIXES: 1120 1121 - [p2p] [\#3644](https://github.com/number571/tendermint/issues/3644) Fix error logging for connection stop (@defunctzombie) 1122 - [rpc] [\#3813](https://github.com/number571/tendermint/issues/3813) Return err if page is incorrect (less than 0 or greater than total pages) 1123 1124 ## v0.32.1 1125 1126 *July 15, 2019* 1127 1128 Special thanks to external contributors on this release: 1129 @ParthDesai, @climber73, @jim380, @ashleyvega 1130 1131 This release contains a minor enhancement to the ABCI and some breaking changes to our libs folder, namely: 1132 - CheckTx requests include a `CheckTxType` enum that can be set to `Recheck` to indicate to the application that this transaction was already checked/validated and certain expensive operations (like checking signatures) can be skipped 1133 - Removed various functions from `libs` pkgs 1134 1135 ### BREAKING CHANGES: 1136 1137 - Go API 1138 1139 - [abci] [\#2127](https://github.com/number571/tendermint/issues/2127) The CheckTx and DeliverTx methods in the ABCI `Application` interface now take structs as arguments (RequestCheckTx and RequestDeliverTx, respectively), instead of just the raw tx bytes. This allows more information to be passed to these methods, for instance, indicating whether a tx has already been checked. 1140 - [libs] Remove unused `db/debugDB` and `common/colors.go` & `errors/errors.go` files (@marbar3778) 1141 - [libs] [\#2432](https://github.com/number571/tendermint/issues/2432) Remove unused `common/heap.go` file (@marbar3778) 1142 - [libs] Remove unused `date.go`, `io.go`. Remove `GoPath()`, `Prompt()` and `IsDirEmpty()` functions from `os.go` (@marbar3778) 1143 - [libs] Remove unused `FailRand()` func and minor clean up to `fail.go`(@marbar3778) 1144 1145 ### FEATURES: 1146 1147 - [node] Add variadic argument to `NewNode` to support functional options, allowing the Node to be more easily customized. 1148 - [node][\#3730](https://github.com/number571/tendermint/pull/3730) Add `CustomReactors` option to `NewNode` allowing caller to pass 1149 custom reactors to run inside Tendermint node (@ParthDesai) 1150 - [abci] [\#2127](https://github.com/number571/tendermint/issues/2127)RequestCheckTx has a new field, `CheckTxType`, which can take values of `CheckTxType_New` and `CheckTxType_Recheck`, indicating whether this is a new tx being checked for the first time or whether this tx is being rechecked after a block commit. This allows applications to skip certain expensive operations, like signature checking, if they've already been done once. see [docs](https://github.com/number571/tendermint/blob/eddb433d7c082efbeaf8974413a36641519ee895/docs/spec/abci/apps.md#mempool-connection) 1151 1152 ### IMPROVEMENTS: 1153 1154 - [rpc] [\#3700](https://github.com/number571/tendermint/issues/3700) Make possible to set absolute paths for TLS cert and key (@climber73) 1155 - [abci] [\#3513](https://github.com/number571/tendermint/issues/3513) Call the reqRes callback after the resCb so they always happen in the same order 1156 1157 ### BUG FIXES: 1158 1159 - [p2p] [\#3338](https://github.com/number571/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 1160 ensurePeers outside of ensurePeersRoutine 1161 - [behaviour] [\3772](https://github.com/number571/tendermint/pull/3772) Return correct reason in MessageOutOfOrder (@jim380) 1162 - [config] [\#3723](https://github.com/number571/tendermint/issues/3723) Add consensus_params to testnet config generation; document time_iota_ms (@ashleyvega) 1163 1164 1165 ## v0.32.0 1166 1167 *June 25, 2019* 1168 1169 Special thanks to external contributors on this release: 1170 @needkane, @SebastianElvis, @andynog, @Yawning, @wooparadog 1171 1172 This release contains breaking changes to our build and release processes, ABCI, 1173 and the RPC, namely: 1174 - Use Go modules instead of dep 1175 - Bring active development to the `master` Github branch 1176 - ABCI Tags are now Events - see 1177 [docs](https://github.com/number571/tendermint/blob/60827f75623b92eff132dc0eff5b49d2025c591e/docs/spec/abci/abci.md#events) 1178 - Bind RPC to localhost by default, not to the public interface [UPGRADING/RPC_Changes](./UPGRADING.md#rpc_changes) 1179 1180 ### BREAKING CHANGES: 1181 1182 * CLI/RPC/Config 1183 - [cli] [\#3613](https://github.com/number571/tendermint/issues/3613) Switch from golang/dep to Go Modules to resolve dependencies: 1184 It is recommended to switch to Go Modules if your project has tendermint as 1185 a dependency. Read more on Modules here: 1186 https://github.com/golang/go/wiki/Modules 1187 - [config] [\#3632](https://github.com/number571/tendermint/pull/3632) Removed `leveldb` as generic 1188 option for `db_backend`. Must be `goleveldb` or `cleveldb`. 1189 - [rpc] [\#3616](https://github.com/number571/tendermint/issues/3616) Fix field names for `/block_results` response (eg. `results.DeliverTx` 1190 -> `results.deliver_tx`). See docs for details. 1191 - [rpc] [\#3724](https://github.com/number571/tendermint/issues/3724) RPC now binds to `127.0.0.1` by default instead of `0.0.0.0` 1192 1193 * Apps 1194 - [abci] [\#1859](https://github.com/number571/tendermint/issues/1859) `ResponseCheckTx`, `ResponseDeliverTx`, `ResponseBeginBlock`, 1195 and `ResponseEndBlock` now include `Events` instead of `Tags`. Each `Event` 1196 contains a `type` and a list of `attributes` (list of key-value pairs) 1197 allowing for inclusion of multiple distinct events in each response. 1198 1199 * Go API 1200 - [abci] [\#3193](https://github.com/number571/tendermint/issues/3193) Use RequestDeliverTx and RequestCheckTx in the ABCI 1201 Application interface 1202 - [libs/db] [\#3632](https://github.com/number571/tendermint/pull/3632) Removed deprecated `LevelDBBackend` const 1203 If you have `db_backend` set to `leveldb` in your config file, please 1204 change it to `goleveldb` or `cleveldb`. 1205 - [p2p] [\#3521](https://github.com/number571/tendermint/issues/3521) Remove NewNetAddressStringWithOptionalID 1206 1207 * Blockchain Protocol 1208 1209 * P2P Protocol 1210 1211 ### FEATURES: 1212 1213 ### IMPROVEMENTS: 1214 - [abci/examples] [\#3659](https://github.com/number571/tendermint/issues/3659) Change validator update tx format in the `persistent_kvstore` to use base64 for pubkeys instead of hex (@needkane) 1215 - [consensus] [\#3656](https://github.com/number571/tendermint/issues/3656) Exit if SwitchToConsensus fails 1216 - [p2p] [\#3666](https://github.com/number571/tendermint/issues/3666) Add per channel telemetry to improve reactor observability 1217 - [rpc] [\#3686](https://github.com/number571/tendermint/pull/3686) `HTTPClient#Call` returns wrapped errors, so a caller could use `errors.Cause` to retrieve an error code. (@wooparadog) 1218 1219 ### BUG FIXES: 1220 - [libs/db] [\#3717](https://github.com/number571/tendermint/issues/3717) Fixed the BoltDB backend's Batch.Delete implementation (@Yawning) 1221 - [libs/db] [\#3718](https://github.com/number571/tendermint/issues/3718) Fixed the BoltDB backend's Get and Iterator implementation (@Yawning) 1222 - [node] [\#3716](https://github.com/number571/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 1223 - [node] [\#3741](https://github.com/number571/tendermint/issues/3741) Fix profiler blocking the entire node 1224 1225 *Tendermint 0.31 release series has reached End-Of-Life and is no longer supported.* 1226 1227 ## v0.31.12 1228 1229 *April 6, 2020* 1230 1231 This security release fixes: 1232 1233 ### Denial of Service 1 1234 1235 Tendermint 0.33.2 and earlier does not limit the number of P2P connection requests. 1236 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 1237 memory is garbage collected once the connection is terminated (due to duplicate 1238 IP or reaching a maximum number of inbound peers), temporary memory spikes can 1239 lead to OOM (Out-Of-Memory) exceptions. 1240 1241 Tendermint 0.33.3, 0.32.10, and 0.31.12 limit the total number of P2P incoming 1242 connection requests to to `p2p.max_num_inbound_peers + 1243 len(p2p.unconditional_peer_ids)`. 1244 1245 Notes: 1246 1247 - Tendermint does not rate limit P2P connection requests per IP (an attacker 1248 can saturate all the inbound slots); 1249 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 1250 endpoints to the public, please make sure to put in place some protection 1251 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 1252 the future ([\#1696](https://github.com/number571/tendermint/issues/1696)). 1253 1254 ### Denial of Service 2 1255 1256 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 1257 removed in `Mempool` reactor. This does not happen all the time. It only 1258 happens when a connection fails (for any reason) before the Peer is created and 1259 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 1260 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 1261 maximum size of 65535 and the node will panic if this map reaches the maximum. 1262 An attacker can create a lot of connection attempts (exploiting Denial of 1263 Service 1), which ultimately will lead to the node panicking. 1264 1265 Tendermint 0.33.3, 0.32.10, and 0.31.12 claim `activeID` for a peer in `InitPeer`, 1266 which is executed before `MConnection` is started. 1267 1268 Notes: 1269 1270 - `InitPeer` function was added to all reactors to combat a similar issue - 1271 [\#3338](https://github.com/number571/tendermint/issues/3338); 1272 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 1273 without it. 1274 1275 **All clients are recommended to upgrade** 1276 1277 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 1278 and reporting this. 1279 1280 1281 ### SECURITY: 1282 1283 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 1284 - [p2p] Limit the number of incoming connections (@melekes) 1285 1286 ## v0.31.11 1287 1288 *October 18, 2019* 1289 1290 This security release fixes a vulnerability found in the `consensus` package, 1291 where an attacker could construct a `BlockPartMessage` message in such a way 1292 that it will lead to consensus failure. A few similar issues have been 1293 identified and fixed here. 1294 1295 **All clients are recommended to upgrade** 1296 1297 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 1298 and reporting this. 1299 1300 1301 ### BREAKING CHANGES: 1302 1303 - Go API 1304 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 1305 they fail to write a message 1306 1307 ### SECURITY: 1308 1309 - [consensus] Validate incoming messages more throughly 1310 1311 ## v0.31.10 1312 1313 *October 8, 2019* 1314 1315 The previous patch was insufficient because the attacker could still find a way 1316 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 1317 with `nil` subpubkeys for example. 1318 1319 This release provides multiple fixes, which include recovering from panics when 1320 accepting new peers and only allowing `ed25519` pubkeys. 1321 1322 **All clients are recommended to upgrade** 1323 1324 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 1325 this out. 1326 1327 1328 ### SECURITY: 1329 1330 - [p2p] [\#4030](https://github.com/number571/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 1331 1332 ## v0.31.9 1333 1334 *October 1, 2019* 1335 1336 This release fixes a major security vulnerability found in the `p2p` package. 1337 All clients are recommended to upgrade. See 1338 [\#4030](https://github.com/number571/tendermint/issues/4030) for details. 1339 1340 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 1341 and reporting this issue. 1342 1343 1344 ### SECURITY: 1345 1346 - [p2p] [\#4030](https://github.com/number571/tendermint/issues/4030) Fix for panic on nil public key send to a peer 1347 1348 ### BUG FIXES: 1349 1350 - [node] [\#3716](https://github.com/number571/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 1351 - [node] [\#3741](https://github.com/number571/tendermint/issues/3741) Fix profiler blocking the entire node 1352 1353 ## v0.31.8 1354 1355 *July 29, 2019* 1356 1357 This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's 1358 ABCI server, which allows it to properly cleanup. 1359 1360 ### IMPROVEMENTS: 1361 - [abci] [\#3809](https://github.com/number571/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 1362 1363 ### BUG FIXES: 1364 - [p2p] [\#3338](https://github.com/number571/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 1365 ensurePeers outside of ensurePeersRoutine 1366 1367 ## v0.31.7 1368 1369 *June 3, 2019* 1370 1371 This releases fixes a regression in the mempool introduced in v0.31.6. 1372 The regression caused the invalid committed txs to be proposed in blocks over and 1373 over again. 1374 1375 ### BUG FIXES: 1376 - [mempool] [\#3699](https://github.com/number571/tendermint/issues/3699) Remove all committed txs from the mempool. 1377 This reverts the change from v0.31.6 where we only remove valid txs from the mempool. 1378 Note this means malicious proposals can cause txs to be dropped from the 1379 mempools of other nodes by including them in blocks before they are valid. 1380 See [\#3322](https://github.com/number571/tendermint/issues/3322). 1381 1382 ## v0.31.6 1383 1384 *May 31st, 2019* 1385 1386 This release contains many fixes and improvements, primarily for p2p functionality. 1387 It also fixes a security issue in the mempool package. 1388 1389 With this release, Tendermint now supports [boltdb](https://github.com/etcd-io/bbolt), although 1390 in experimental mode. Feel free to try and report to us any findings/issues. 1391 Note also that the build tags for compiling CLevelDB have changed. 1392 1393 Special thanks to external contributors on this release: 1394 @guagualvcha, @james-ray, @gregdhill, @climber73, @yutianwu, 1395 @carlosflrs, @defunctzombie, @leoluk, @needkane, @CrocdileChan 1396 1397 ### BREAKING CHANGES: 1398 1399 * Go API 1400 - [libs/common] Removed deprecated `PanicSanity`, `PanicCrisis`, 1401 `PanicConsensus` and `PanicQ` 1402 - [mempool, state] [\#2659](https://github.com/number571/tendermint/issues/2659) `Mempool` now an interface that lives in the mempool package. 1403 See issue and PR for more details. 1404 - [p2p] [\#3346](https://github.com/number571/tendermint/issues/3346) `Reactor#InitPeer` method is added to `Reactor` interface 1405 - [types] [\#1648](https://github.com/number571/tendermint/issues/1648) `Commit#VoteSignBytes` signature was changed 1406 1407 ### FEATURES: 1408 - [node] [\#2659](https://github.com/number571/tendermint/issues/2659) Add `node.Mempool()` method, which allows you to access mempool 1409 - [libs/db] [\#3604](https://github.com/number571/tendermint/pull/3604) Add experimental support for bolt db (etcd's fork of bolt) (@CrocdileChan) 1410 1411 ### IMPROVEMENTS: 1412 - [cli] [\#3585](https://github.com/number571/tendermint/issues/3585) Add `--keep-addr-book` option to `unsafe_reset_all` cmd to not 1413 clear the address book (@climber73) 1414 - [cli] [\#3160](https://github.com/number571/tendermint/issues/3160) Add 1415 `--config=<path-to-config>` option to `testnet` cmd (@gregdhill) 1416 - [cli] [\#3661](https://github.com/number571/tendermint/pull/3661) Add 1417 `--hostname-suffix`, `--hostname` and `--random-monikers` options to `testnet` 1418 cmd for greater peer address/identity generation flexibility. 1419 - [crypto] [\#3672](https://github.com/number571/tendermint/issues/3672) Return more info in the `AddSignatureFromPubKey` error 1420 - [cs/replay] [\#3460](https://github.com/number571/tendermint/issues/3460) Check appHash for each block 1421 - [libs/db] [\#3611](https://github.com/number571/tendermint/issues/3611) Conditional compilation 1422 * Use `cleveldb` tag instead of `gcc` to compile Tendermint with CLevelDB or 1423 use `make build_c` / `make install_c` (full instructions can be found at 1424 https://docs.tendermint.com/master/introduction/install.html#compile-with-cleveldb-support) 1425 * Use `boltdb` tag to compile Tendermint with bolt db 1426 - [node] [\#3362](https://github.com/number571/tendermint/issues/3362) Return an error if `persistent_peers` list is invalid (except 1427 when IP lookup fails) 1428 - [p2p] [\#3463](https://github.com/number571/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer (@guagualvcha) 1429 - [p2p] [\#3531](https://github.com/number571/tendermint/issues/3531) Terminate session on nonce wrapping (@climber73) 1430 - [pex] [\#3647](https://github.com/number571/tendermint/pull/3647) Dial seeds, if any, instead of crawling peers first (@defunctzombie) 1431 - [rpc] [\#3534](https://github.com/number571/tendermint/pull/3534) Add support for batched requests/responses in JSON RPC 1432 - [rpc] [\#3362](https://github.com/number571/tendermint/issues/3362) `/dial_seeds` & `/dial_peers` return errors if addresses are 1433 incorrect (except when IP lookup fails) 1434 1435 ### BUG FIXES: 1436 - [consensus] [\#3067](https://github.com/number571/tendermint/issues/3067) Fix replay from appHeight==0 with validator set changes (@james-ray) 1437 - [consensus] [\#3304](https://github.com/number571/tendermint/issues/3304) Create a peer state in consensus reactor before the peer 1438 is started (@guagualvcha) 1439 - [lite] [\#3669](https://github.com/number571/tendermint/issues/3669) Add context parameter to RPC Handlers in proxy routes (@yutianwu) 1440 - [mempool] [\#3322](https://github.com/number571/tendermint/issues/3322) When a block is committed, only remove committed txs from the mempool 1441 that were valid (ie. `ResponseDeliverTx.Code == 0`) 1442 - [p2p] [\#3338](https://github.com/number571/tendermint/issues/3338) Ensure `RemovePeer` is always called before `InitPeer` (upon a peer 1443 reconnecting to our node) 1444 - [p2p] [\#3532](https://github.com/number571/tendermint/issues/3532) Limit the number of attempts to connect to a peer in seed mode 1445 to 16 (as a result, the node will stop retrying after a 35 hours time window) 1446 - [p2p] [\#3362](https://github.com/number571/tendermint/issues/3362) Allow inbound peers to be persistent, including for seed nodes. 1447 - [pex] [\#3603](https://github.com/number571/tendermint/pull/3603) Dial seeds when addrbook needs more addresses (@defunctzombie) 1448 1449 ### OTHERS: 1450 - [networks] fixes ansible integration script (@carlosflrs) 1451 1452 ## v0.31.5 1453 1454 *April 16th, 2019* 1455 1456 This release fixes a regression from v0.31.4 where, in existing chains that 1457 were upgraded, `/validators` could return an empty validator set. This is true 1458 for almost all heights, given the validator set remains the same. 1459 1460 Special thanks to external contributors on this release: 1461 @brapse, @guagualvcha, @dongsam, @phucc 1462 1463 ### IMPROVEMENTS: 1464 1465 - [libs/common] `CMap`: slight optimization in `Keys()` and `Values()` (@phucc) 1466 - [gitignore] gitignore: add .vendor-new (@dongsam) 1467 1468 ### BUG FIXES: 1469 1470 - [state] [\#3537](https://github.com/number571/tendermint/pull/3537#issuecomment-482711833) 1471 `LoadValidators`: do not return an empty validator set 1472 - [blockchain] [\#3457](https://github.com/number571/tendermint/issues/3457) 1473 Fix "peer did not send us anything" in `fast_sync` mode when under high pressure 1474 1475 ## v0.31.4 1476 1477 *April 12th, 2019* 1478 1479 This release fixes a regression from v0.31.3 which used the peer's `SocketAddr` to add the peer to 1480 the address book. This swallowed the peer's self-reported port which is important in case of reconnect. 1481 It brings back `NetAddress()` to `NodeInfo` and uses it instead of `SocketAddr` for adding peers. 1482 Additionally, it improves response time on the `/validators` or `/status` RPC endpoints. 1483 As a side-effect it makes these RPC endpoint more difficult to DoS and fixes a performance degradation in `ExecCommitBlock`. 1484 Also, it contains an [ADR](https://github.com/number571/tendermint/pull/3539) that proposes decoupling the 1485 responsibility for peer behaviour from the `p2p.Switch` (by @brapse). 1486 1487 Special thanks to external contributors on this release: 1488 @brapse, @guagualvcha, @mydring 1489 1490 ### IMPROVEMENTS: 1491 1492 - [p2p] [\#3463](https://github.com/number571/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer 1493 - [p2p] [\#3547](https://github.com/number571/tendermint/pull/3547) Fix a couple of annoying typos (@mdyring) 1494 1495 ### BUG FIXES: 1496 1497 - [docs] [\#3514](https://github.com/number571/tendermint/issues/3514) Fix block.Header.Time description (@melekes) 1498 - [p2p] [\#2716](https://github.com/number571/tendermint/issues/2716) Check if we're already connected to peer right before dialing it (@melekes) 1499 - [p2p] [\#3545](https://github.com/number571/tendermint/issues/3545) Add back `NetAddress()` to `NodeInfo` and use it instead of peer's `SocketAddr()` when adding a peer to the `PEXReactor` (potential fix for [\#3532](https://github.com/number571/tendermint/issues/3532)) 1500 - [state] [\#3438](https://github.com/number571/tendermint/pull/3438) 1501 Persist validators every 100000 blocks even if no changes to the set 1502 occurred (@guagualvcha). This 1503 1) Prevents possible DoS attack using `/validators` or `/status` RPC 1504 endpoints. Before response time was growing linearly with height if no 1505 changes were made to the validator set. 1506 2) Fixes performance degradation in `ExecCommitBlock` where we call 1507 `LoadValidators` for each `Evidence` in the block. 1508 1509 ## v0.31.3 1510 1511 *April 1st, 2019* 1512 1513 This release includes two security sensitive fixes: it ensures generated private 1514 keys are valid, and it prevents certain DNS lookups that would cause the node to 1515 panic if the lookup failed. 1516 1517 ### BREAKING CHANGES: 1518 * Go API 1519 - [crypto/secp256k1] [\#3439](https://github.com/number571/tendermint/issues/3439) 1520 The `secp256k1.GenPrivKeySecp256k1` function has changed to guarantee that it returns a valid key, which means it 1521 will return a different private key than in previous versions for the same secret. 1522 1523 ### BUG FIXES: 1524 1525 - [crypto/secp256k1] [\#3439](https://github.com/number571/tendermint/issues/3439) 1526 Ensure generated private keys are valid by randomly sampling until a valid key is found. 1527 Previously, it was possible (though rare!) to generate keys that exceeded the curve order. 1528 Such keys would lead to invalid signatures. 1529 - [p2p] [\#3522](https://github.com/number571/tendermint/issues/3522) Memoize 1530 socket address in peer connections to avoid DNS lookups. Previously, failed 1531 DNS lookups could cause the node to panic. 1532 1533 ## v0.31.2 1534 1535 *March 30th, 2019* 1536 1537 This release fixes a regression from v0.31.1 where Tendermint panics under 1538 mempool load for external ABCI apps. 1539 1540 Special thanks to external contributors on this release: 1541 @guagualvcha 1542 1543 ### BREAKING CHANGES: 1544 1545 * CLI/RPC/Config 1546 1547 * Apps 1548 1549 * Go API 1550 - [libs/autofile] [\#3504](https://github.com/number571/tendermint/issues/3504) Remove unused code in autofile package. Deleted functions: `Group.Search`, `Group.FindLast`, `GroupReader.ReadLine`, `GroupReader.PushLine`, `MakeSimpleSearchFunc` (@guagualvcha) 1551 1552 * Blockchain Protocol 1553 1554 * P2P Protocol 1555 1556 ### FEATURES: 1557 1558 ### IMPROVEMENTS: 1559 1560 - [circle] [\#3497](https://github.com/number571/tendermint/issues/3497) Move release management to CircleCI 1561 1562 ### BUG FIXES: 1563 1564 - [mempool] [\#3512](https://github.com/number571/tendermint/issues/3512) Fix panic from concurrent access to txsMap, a regression for external ABCI apps introduced in v0.31.1 1565 1566 ## v0.31.1 1567 1568 *March 27th, 2019* 1569 1570 This release contains a major improvement for the mempool that reduce the amount of sent data by about 30% 1571 (see some numbers below). 1572 It also fixes a memory leak in the mempool and adds TLS support to the RPC server by providing a certificate and key in the config. 1573 1574 Special thanks to external contributors on this release: 1575 @brapse, @guagualvcha, @HaoyangLiu, @needkane, @TraceBundy 1576 1577 ### BREAKING CHANGES: 1578 1579 * CLI/RPC/Config 1580 1581 * Apps 1582 1583 * Go API 1584 - [crypto] [\#3426](https://github.com/number571/tendermint/pull/3426) Remove `Ripemd160` helper method (@needkane) 1585 - [libs/common] [\#3429](https://github.com/number571/tendermint/pull/3429) Remove `RepeatTimer` (also `TimerMaker` and `Ticker` interface) 1586 - [rpc/client] [\#3458](https://github.com/number571/tendermint/issues/3458) Include `NetworkClient` interface into `Client` interface 1587 - [types] [\#3448](https://github.com/number571/tendermint/issues/3448) Remove method `PB2TM.ConsensusParams` 1588 1589 * Blockchain Protocol 1590 1591 * P2P Protocol 1592 1593 ### FEATURES: 1594 1595 - [rpc] [\#3419](https://github.com/number571/tendermint/issues/3419) Start HTTPS server if `rpc.tls_cert_file` and `rpc.tls_key_file` are provided in the config (@guagualvcha) 1596 1597 ### IMPROVEMENTS: 1598 1599 - [docs] [\#3140](https://github.com/number571/tendermint/issues/3140) Formalize proposer election algorithm properties 1600 - [docs] [\#3482](https://github.com/number571/tendermint/issues/3482) Fix broken links (@brapse) 1601 - [mempool] [\#2778](https://github.com/number571/tendermint/issues/2778) No longer send txs back to peers who sent it to you. 1602 Also, limit to 65536 active peers. 1603 This vastly improves the bandwidth consumption of nodes. 1604 For instance, for a 4 node localnet, in a test sending 250byte txs for 120 sec. at 500 txs/sec (total of 15MB): 1605 - total bytes received from 1st node: 1606 - before: 42793967 (43MB) 1607 - after: 30003256 (30MB) 1608 - total bytes sent to 1st node: 1609 - before: 30569339 (30MB) 1610 - after: 19304964 (19MB) 1611 - [p2p] [\#3475](https://github.com/number571/tendermint/issues/3475) Simplify `GetSelectionWithBias` for addressbook (@guagualvcha) 1612 - [rpc/lib/client] [\#3430](https://github.com/number571/tendermint/issues/3430) Disable compression for HTTP client to prevent GZIP-bomb DoS attacks (@guagualvcha) 1613 1614 ### BUG FIXES: 1615 1616 - [blockchain] [\#2699](https://github.com/number571/tendermint/issues/2699) Update the maxHeight when a peer is removed 1617 - [mempool] [\#3478](https://github.com/number571/tendermint/issues/3478) Fix memory-leak related to `broadcastTxRoutine` (@HaoyangLiu) 1618 1619 1620 ## v0.31.0 1621 1622 *March 16th, 2019* 1623 1624 Special thanks to external contributors on this release: 1625 @danil-lashin, @guagualvcha, @siburu, @silasdavis, @srmo, @Stumble, @svenstaro 1626 1627 This release is primarily about the new pubsub implementation, dubbed `pubsub 2.0`, and related changes, 1628 like configurable limits on the number of active RPC subscriptions at a time (`max_subscription_clients`). 1629 Pubsub 2.0 is an improved version of the older pubsub that is non-blocking and has a nicer API. 1630 Note the improved pubsub API also resulted in some improvements to the HTTPClient interface and the API for WebSocket subscriptions. 1631 This release also adds a configurable limit to the mempool size (`max_txs_bytes`, default 1GB) 1632 and a configurable timeout for the `/broadcast_tx_commit` endpoint. 1633 1634 See the [v0.31.0 1635 Milestone](https://github.com/number571/tendermint/milestone/19?closed=1) for 1636 more details. 1637 1638 1639 ### BREAKING CHANGES: 1640 1641 * CLI/RPC/Config 1642 - [config] [\#2920](https://github.com/number571/tendermint/issues/2920) Remove `consensus.blocktime_iota` parameter 1643 - [rpc] [\#3227](https://github.com/number571/tendermint/issues/3227) New PubSub design does not block on clients when publishing 1644 messages. Slow clients may miss messages and receive an error, terminating 1645 the subscription. 1646 - [rpc] [\#3269](https://github.com/number571/tendermint/issues/2826) Limit number of unique clientIDs with open subscriptions. Configurable via `rpc.max_subscription_clients` 1647 - [rpc] [\#3269](https://github.com/number571/tendermint/issues/2826) Limit number of unique queries a given client can subscribe to at once. Configurable via `rpc.max_subscriptions_per_client`. 1648 - [rpc] [\#3435](https://github.com/number571/tendermint/issues/3435) Default ReadTimeout and WriteTimeout changed to 10s. WriteTimeout can increased by setting `rpc.timeout_broadcast_tx_commit` in the config. 1649 - [rpc/client] [\#3269](https://github.com/number571/tendermint/issues/3269) Update `EventsClient` interface to reflect new pubsub/eventBus API [ADR-33](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md). This includes `Subscribe`, `Unsubscribe`, and `UnsubscribeAll` methods. 1650 1651 * Apps 1652 - [abci] [\#3403](https://github.com/number571/tendermint/issues/3403) Remove `time_iota_ms` from BlockParams. This is a 1653 ConsensusParam but need not be exposed to the app for now. 1654 - [abci] [\#2920](https://github.com/number571/tendermint/issues/2920) Rename `consensus_params.block_size` to `consensus_params.block` in ABCI ConsensusParams 1655 1656 * Go API 1657 - [libs/common] TrapSignal accepts logger as a first parameter and does not block anymore 1658 * previously it was dumping "captured ..." msg to os.Stdout 1659 * TrapSignal should not be responsible for blocking thread of execution 1660 - [libs/db] [\#3397](https://github.com/number571/tendermint/pull/3397) Add possibility to `Close()` `Batch` to prevent memory leak when using ClevelDB. (@Stumble) 1661 - [types] [\#3354](https://github.com/number571/tendermint/issues/3354) Remove RoundState from EventDataRoundState 1662 - [rpc] [\#3435](https://github.com/number571/tendermint/issues/3435) `StartHTTPServer` / `StartHTTPAndTLSServer` now require a Config (use `rpcserver.DefaultConfig`) 1663 1664 * Blockchain Protocol 1665 1666 * P2P Protocol 1667 1668 ### FEATURES: 1669 - [config] [\#3269](https://github.com/number571/tendermint/issues/2826) New configuration values for controlling RPC subscriptions: 1670 - `rpc.max_subscription_clients` sets the maximum number of unique clients 1671 with open subscriptions 1672 - `rpc.max_subscriptions_per_client`sets the maximum number of unique 1673 subscriptions from a given client 1674 - `rpc.timeout_broadcast_tx_commit` sets the time to wait for a tx to be committed during `/broadcast_tx_commit` 1675 - [types] [\#2920](https://github.com/number571/tendermint/issues/2920) Add `time_iota_ms` to block's consensus parameters (not exposed to the application) 1676 - [lite] [\#3269](https://github.com/number571/tendermint/issues/3269) Add `/unsubscribe_all` endpoint to unsubscribe from all events 1677 - [mempool] [\#3079](https://github.com/number571/tendermint/issues/3079) Bound mempool memory usage via the `mempool.max_txs_bytes` configuration value. Set to 1GB by default. The mempool's current `txs_total_bytes` is exposed via `total_bytes` field in 1678 `/num_unconfirmed_txs` and `/unconfirmed_txs` RPC endpoints. 1679 1680 ### IMPROVEMENTS: 1681 - [all] [\#3385](https://github.com/number571/tendermint/issues/3385), [\#3386](https://github.com/number571/tendermint/issues/3386) Various linting improvements 1682 - [crypto] [\#3371](https://github.com/number571/tendermint/issues/3371) Copy in secp256k1 package from go-ethereum instead of importing 1683 go-ethereum (@silasdavis) 1684 - [deps] [\#3382](https://github.com/number571/tendermint/issues/3382) Don't pin repos without releases 1685 - [deps] [\#3357](https://github.com/number571/tendermint/issues/3357), [\#3389](https://github.com/number571/tendermint/issues/3389), [\#3392](https://github.com/number571/tendermint/issues/3392) Update gogo/protobuf, golang/protobuf, levigo, golang.org/x/crypto 1686 - [libs/common] [\#3238](https://github.com/number571/tendermint/issues/3238) exit with zero (0) code upon receiving SIGTERM/SIGINT 1687 - [libs/db] [\#3378](https://github.com/number571/tendermint/issues/3378) CLevelDB#Stats now returns the following properties: 1688 - leveldb.num-files-at-level{n} 1689 - leveldb.stats 1690 - leveldb.sstables 1691 - leveldb.blockpool 1692 - leveldb.cachedblock 1693 - leveldb.openedtables 1694 - leveldb.alivesnaps 1695 - leveldb.aliveiters 1696 - [privval] [\#3351](https://github.com/number571/tendermint/pull/3351) First part of larger refactoring that clarifies and separates concerns in the privval package. 1697 1698 ### BUG FIXES: 1699 - [blockchain] [\#3358](https://github.com/number571/tendermint/pull/3358) Fix timer leak in `BlockPool` (@guagualvcha) 1700 - [cmd] [\#3408](https://github.com/number571/tendermint/issues/3408) Fix `testnet` command's panic when creating non-validator configs (using `--n` flag) (@srmo) 1701 - [libs/db/remotedb/grpcdb] [\#3402](https://github.com/number571/tendermint/issues/3402) Close Iterator/ReverseIterator after use 1702 - [libs/pubsub] [\#951](https://github.com/number571/tendermint/issues/951), [\#1880](https://github.com/number571/tendermint/issues/1880) Use non-blocking send when dispatching messages [ADR-33](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md) 1703 - [lite] [\#3364](https://github.com/number571/tendermint/issues/3364) Fix `/validators` and `/abci_query` proxy endpoints 1704 (@guagualvcha) 1705 - [p2p/conn] [\#3347](https://github.com/number571/tendermint/issues/3347) Reject all-zero shared secrets in the Diffie-Hellman step of secret-connection 1706 - [p2p] [\#3369](https://github.com/number571/tendermint/issues/3369) Do not panic when filter times out 1707 - [p2p] [\#3359](https://github.com/number571/tendermint/pull/3359) Fix reconnecting report duplicate ID error due to race condition between adding peer to peerSet and starting it (@guagualvcha) 1708 1709 ## v0.30.2 1710 1711 *March 10th, 2019* 1712 1713 This release fixes a CLevelDB memory leak. It was happening because we were not 1714 closing the WriteBatch object after use. See [levigo's 1715 godoc](https://godoc.org/github.com/jmhodges/levigo#WriteBatch.Close) for the 1716 Close method. Special thanks goes to @Stumble who both reported an issue in 1717 [cosmos-sdk](https://github.com/cosmos/cosmos-sdk/issues/3842) and provided a 1718 fix here. 1719 1720 ### BREAKING CHANGES: 1721 1722 * Go API 1723 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Add Close() method to Batch interface (@Stumble) 1724 1725 ### BUG FIXES: 1726 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Fix CLevelDB memory leak (@Stumble) 1727 1728 ## v0.30.1 1729 1730 *February 20th, 2019* 1731 1732 This release fixes a consensus halt and a DataCorruptionError after restart 1733 discovered in `game_of_stakes_6`. It also fixes a security issue in the p2p 1734 handshake by authenticating the NetAddress.ID of the peer we're dialing. 1735 1736 ### IMPROVEMENTS: 1737 1738 * [config] [\#3291](https://github.com/number571/tendermint/issues/3291) Make 1739 config.ResetTestRootWithChainID() create concurrency-safe test directories. 1740 1741 ### BUG FIXES: 1742 1743 * [consensus] [\#3295](https://github.com/number571/tendermint/issues/3295) 1744 Flush WAL on stop to prevent data corruption during graceful shutdown. 1745 * [consensus] [\#3302](https://github.com/number571/tendermint/issues/3302) 1746 Fix possible halt by resetting TriggeredTimeoutPrecommit before starting next height. 1747 * [rpc] [\#3251](https://github.com/number571/tendermint/issues/3251) Fix 1748 `/net_info#peers#remote_ip` format. New format spec: 1749 * dotted decimal ("192.0.2.1"), if ip is an IPv4 or IP4-mapped IPv6 address 1750 * IPv6 ("2001:db8::1"), if ip is a valid IPv6 address 1751 * [cmd] [\#3314](https://github.com/number571/tendermint/issues/3314) Return 1752 an error on `show_validator` when the private validator file does not exist. 1753 * [p2p] [\#3010](https://github.com/number571/tendermint/issues/3010#issuecomment-464287627) 1754 Authenticate a peer against its NetAddress.ID when dialing. 1755 1756 ## v0.30.0 1757 1758 *February 8th, 2019* 1759 1760 This release fixes yet another issue with the proposer selection algorithm. 1761 We hope it's the last one, but we won't be surprised if it's not. 1762 We plan to one day expose the selection algorithm more directly to 1763 the application ([\#3285](https://github.com/number571/tendermint/issues/3285)), and even to support randomness ([\#763](https://github.com/number571/tendermint/issues/763)). 1764 For more, see issues marked 1765 [proposer-selection](https://github.com/number571/tendermint/labels/proposer-selection). 1766 1767 This release also includes a fix to prevent Tendermint from including the same 1768 piece of evidence in more than one block. This issue was reported by @chengwenxi in our 1769 [bug bounty program](https://hackerone.com/tendermint). 1770 1771 ### BREAKING CHANGES: 1772 1773 * Apps 1774 - [state] [\#3222](https://github.com/number571/tendermint/issues/3222) 1775 Duplicate updates for the same validator are forbidden. Apps must ensure 1776 that a given `ResponseEndBlock.ValidatorUpdates` contains only one entry per pubkey. 1777 1778 * Go API 1779 - [types] [\#3222](https://github.com/number571/tendermint/issues/3222) 1780 Remove `Add` and `Update` methods from `ValidatorSet` in favor of new 1781 `UpdateWithChangeSet`. This allows updates to be applied as a set, instead of 1782 one at a time. 1783 1784 * Block Protocol 1785 - [state] [\#3286](https://github.com/number571/tendermint/issues/3286) Blocks that include already committed evidence are invalid. 1786 1787 * P2P Protocol 1788 - [consensus] [\#3222](https://github.com/number571/tendermint/issues/3222) 1789 Validator updates are applied as a set, instead of one at a time, thus 1790 impacting the proposer priority calculation. This ensures that the proposer 1791 selection algorithm does not depend on the order of updates in 1792 `ResponseEndBlock.ValidatorUpdates`. 1793 1794 ### IMPROVEMENTS: 1795 - [crypto] [\#3279](https://github.com/number571/tendermint/issues/3279) Use `btcec.S256().N` directly instead of hard coding a copy. 1796 1797 ### BUG FIXES: 1798 - [state] [\#3222](https://github.com/number571/tendermint/issues/3222) Fix validator set updates so they are applied as a set, rather 1799 than one at a time. This makes the proposer selection algorithm independent of 1800 the order of updates in `ResponseEndBlock.ValidatorUpdates`. 1801 - [evidence] [\#3286](https://github.com/number571/tendermint/issues/3286) Don't add committed evidence to evidence pool. 1802 1803 ## v0.29.2 1804 1805 *February 7th, 2019* 1806 1807 Special thanks to external contributors on this release: 1808 @ackratos, @rickyyangz 1809 1810 **Note**: This release contains security sensitive patches in the `p2p` and 1811 `crypto` packages: 1812 - p2p: 1813 - Partial fix for MITM attacks on the p2p connection. MITM conditions may 1814 still exist. See [\#3010](https://github.com/number571/tendermint/issues/3010). 1815 - crypto: 1816 - Eliminate our fork of `btcd` and use the `btcd/btcec` library directly for 1817 native secp256k1 signing. Note we still modify the signature encoding to 1818 prevent malleability. 1819 - Support the libsecp256k1 library via CGo through the `go-ethereum/crypto/secp256k1` package. 1820 - Eliminate MixEntropy functions 1821 1822 ### BREAKING CHANGES: 1823 1824 * Go API 1825 - [crypto] [\#3278](https://github.com/number571/tendermint/issues/3278) Remove 1826 MixEntropy functions 1827 - [types] [\#3245](https://github.com/number571/tendermint/issues/3245) Commit uses `type CommitSig Vote` instead of `Vote` directly. 1828 In preparation for removing redundant fields from the commit [\#1648](https://github.com/number571/tendermint/issues/1648) 1829 1830 ### IMPROVEMENTS: 1831 - [consensus] [\#3246](https://github.com/number571/tendermint/issues/3246) Better logging and notes on recovery for corrupted WAL file 1832 - [crypto] [\#3163](https://github.com/number571/tendermint/issues/3163) Use ethereum's libsecp256k1 go-wrapper for signatures when cgo is available 1833 - [crypto] [\#3162](https://github.com/number571/tendermint/issues/3162) Wrap btcd instead of forking it to keep up with fixes (used if cgo is not available) 1834 - [makefile] [\#3233](https://github.com/number571/tendermint/issues/3233) Use golangci-lint instead of go-metalinter 1835 - [tools] [\#3218](https://github.com/number571/tendermint/issues/3218) Add go-deadlock tool to help detect deadlocks 1836 - [tools] [\#3106](https://github.com/number571/tendermint/issues/3106) Add tm-signer-harness test harness for remote signers 1837 - [tests] [\#3258](https://github.com/number571/tendermint/issues/3258) Fixed a bunch of non-deterministic test failures 1838 1839 ### BUG FIXES: 1840 - [node] [\#3186](https://github.com/number571/tendermint/issues/3186) EventBus and indexerService should be started before first block (for replay last block on handshake) execution (@ackratos) 1841 - [p2p] [\#3232](https://github.com/number571/tendermint/issues/3232) Fix infinite loop leading to addrbook deadlock for seed nodes 1842 - [p2p] [\#3247](https://github.com/number571/tendermint/issues/3247) Fix panic in SeedMode when calling FlushStop and OnStop 1843 concurrently 1844 - [p2p] [\#3040](https://github.com/number571/tendermint/issues/3040) Fix MITM on secret connection by checking low-order points 1845 - [privval] [\#3258](https://github.com/number571/tendermint/issues/3258) Fix race between sign requests and ping requests in socket that was causing messages to be corrupted 1846 1847 ## v0.29.1 1848 1849 *January 24, 2019* 1850 1851 Special thanks to external contributors on this release: 1852 @infinytum, @gauthamzz 1853 1854 This release contains two important fixes: one for p2p layer where we sometimes 1855 were not closing connections and one for consensus layer where consensus with 1856 no empty blocks (`create_empty_blocks = false`) could halt. 1857 1858 1859 ### IMPROVEMENTS: 1860 - [pex] [\#3037](https://github.com/number571/tendermint/issues/3037) Only log "Reached max attempts to dial" once 1861 - [rpc] [\#3159](https://github.com/number571/tendermint/issues/3159) Expose 1862 `triggered_timeout_commit` in the `/dump_consensus_state` 1863 1864 ### BUG FIXES: 1865 - [consensus] [\#3199](https://github.com/number571/tendermint/issues/3199) Fix consensus halt with no empty blocks from not resetting triggeredTimeoutCommit 1866 - [p2p] [\#2967](https://github.com/number571/tendermint/issues/2967) Fix file descriptor leak 1867 1868 ## v0.29.0 1869 1870 *January 21, 2019* 1871 1872 Special thanks to external contributors on this release: 1873 @bradyjoestar, @kunaldhariwal, @gauthamzz, @hrharder 1874 1875 This release is primarily about making some breaking changes to 1876 the Block protocol version before Cosmos launch, and to fixing more issues 1877 in the proposer selection algorithm discovered on Cosmos testnets. 1878 1879 The Block protocol changes include using a standard Merkle tree format (RFC 6962), 1880 fixing some inconsistencies between field orders in Vote and Proposal structs, 1881 and constraining the hash of the ConsensusParams to include only a few fields. 1882 1883 The proposer selection algorithm saw significant progress, 1884 including a [formal proof by @cwgoes for the base-case in Idris](https://github.com/cwgoes/tm-proposer-idris) 1885 and a [much more detailed specification (still in progress) by 1886 @ancazamfir](https://github.com/number571/tendermint/pull/3140). 1887 1888 Fixes to the proposer selection algorithm include normalizing the proposer 1889 priorities to mitigate the effects of large changes to the validator set. 1890 That said, we just discovered [another bug](https://github.com/number571/tendermint/issues/3181), 1891 which will be fixed in the next breaking release. 1892 1893 While we are trying to stabilize the Block protocol to preserve compatibility 1894 with old chains, there may be some final changes yet to come before Cosmos 1895 launch as we continue to audit and test the software. 1896 1897 1898 ### BREAKING CHANGES: 1899 1900 * CLI/RPC/Config 1901 1902 * Apps 1903 - [state] [\#3049](https://github.com/number571/tendermint/issues/3049) Total voting power of the validator set is upper bounded by 1904 `MaxInt64 / 8`. Apps must ensure they do not return changes to the validator 1905 set that cause this maximum to be exceeded. 1906 1907 * Go API 1908 - [node] [\#3082](https://github.com/number571/tendermint/issues/3082) MetricsProvider now requires you to pass a chain ID 1909 - [types] [\#2713](https://github.com/number571/tendermint/issues/2713) Rename `TxProof.LeafHash` to `TxProof.Leaf` 1910 - [crypto/merkle] [\#2713](https://github.com/number571/tendermint/issues/2713) `SimpleProof.Verify` takes a `leaf` instead of a 1911 `leafHash` and performs the hashing itself 1912 1913 * Blockchain Protocol 1914 * [crypto/merkle] [\#2713](https://github.com/number571/tendermint/issues/2713) Merkle trees now match the RFC 6962 specification 1915 * [types] [\#3078](https://github.com/number571/tendermint/issues/3078) Re-order Timestamp and BlockID in CanonicalVote so it's 1916 consistent with CanonicalProposal (BlockID comes 1917 first) 1918 * [types] [\#3165](https://github.com/number571/tendermint/issues/3165) Hash of ConsensusParams only includes BlockSize.MaxBytes and 1919 BlockSize.MaxGas 1920 1921 * P2P Protocol 1922 - [consensus] [\#3049](https://github.com/number571/tendermint/issues/3049) Normalize priorities to not exceed `2*TotalVotingPower` to mitigate unfair proposer selection 1923 heavily preferring earlier joined validators in the case of an early bonded large validator unbonding 1924 1925 ### FEATURES: 1926 1927 ### IMPROVEMENTS: 1928 - [rpc] [\#3065](https://github.com/number571/tendermint/issues/3065) Return maxPerPage (100), not defaultPerPage (30) if `per_page` is greater than the max 100. 1929 - [instrumentation] [\#3082](https://github.com/number571/tendermint/issues/3082) Add `chain_id` label for all metrics 1930 1931 ### BUG FIXES: 1932 - [crypto] [\#3164](https://github.com/number571/tendermint/issues/3164) Update `btcd` fork for rare signRFC6979 bug 1933 - [lite] [\#3171](https://github.com/number571/tendermint/issues/3171) Fix verifying large validator set changes 1934 - [log] [\#3125](https://github.com/number571/tendermint/issues/3125) Fix year format 1935 - [mempool] [\#3168](https://github.com/number571/tendermint/issues/3168) Limit tx size to fit in the max reactor msg size 1936 - [scripts] [\#3147](https://github.com/number571/tendermint/issues/3147) Fix json2wal for large block parts (@bradyjoestar) 1937 1938 ## v0.28.1 1939 1940 *January 18th, 2019* 1941 1942 Special thanks to external contributors on this release: 1943 @HaoyangLiu 1944 1945 1946 ### BUG FIXES: 1947 - [consensus] Fix consensus halt from proposing blocks with too much evidence 1948 1949 ## v0.28.0 1950 1951 *January 16th, 2019* 1952 1953 Special thanks to external contributors on this release: 1954 @fmauricios, @gianfelipe93, @husio, @needkane, @srmo, @yutianwu 1955 1956 This release is primarily about upgrades to the `privval` system - 1957 separating the `priv_validator.json` into distinct config and data files, and 1958 refactoring the socket validator to support reconnections. 1959 1960 **Note:** Please backup your existing `priv_validator.json` before using this 1961 version. 1962 1963 See [UPGRADING.md](UPGRADING.md) for more details. 1964 1965 ### BREAKING CHANGES: 1966 1967 * CLI/RPC/Config 1968 - [cli] Removed `--proxy_app=dummy` option. Use `kvstore` (`persistent_kvstore`) instead. 1969 - [cli] Renamed `--proxy_app=nilapp` to `--proxy_app=noop`. 1970 - [config] [\#2992](https://github.com/number571/tendermint/issues/2992) `allow_duplicate_ip` is now set to false 1971 - [privval] [\#1181](https://github.com/number571/tendermint/issues/1181) Split `priv_validator.json` into immutable (`config/priv_validator_key.json`) and mutable (`data/priv_validator_state.json`) parts (@yutianwu) 1972 - [privval] [\#2926](https://github.com/number571/tendermint/issues/2926) Split up `PubKeyMsg` into `PubKeyRequest` and `PubKeyResponse` to be consistent with other message types 1973 - [privval] [\#2923](https://github.com/number571/tendermint/issues/2923) Listen for unix socket connections instead of dialing them 1974 1975 * Apps 1976 1977 * Go API 1978 - [types] [\#2981](https://github.com/number571/tendermint/issues/2981) Remove `PrivValidator.GetAddress()` 1979 1980 * Blockchain Protocol 1981 1982 * P2P Protocol 1983 1984 ### FEATURES: 1985 - [rpc] [\#3052](https://github.com/number571/tendermint/issues/3052) Include peer's remote IP in `/net_info` 1986 1987 ### IMPROVEMENTS: 1988 - [consensus] [\#3086](https://github.com/number571/tendermint/issues/3086) Log peerID on ignored votes (@srmo) 1989 - [docs] [\#3061](https://github.com/number571/tendermint/issues/3061) Added specification for signing consensus msgs at 1990 ./docs/spec/consensus/signing.md 1991 - [privval] [\#2948](https://github.com/number571/tendermint/issues/2948) Memoize pubkey so it's only requested once on startup 1992 - [privval] [\#2923](https://github.com/number571/tendermint/issues/2923) Retry RemoteSigner connections on error 1993 1994 ### BUG FIXES: 1995 1996 - [build] [\#3085](https://github.com/number571/tendermint/issues/3085) Fix `Version` field in build scripts (@husio) 1997 - [crypto/multisig] [\#3102](https://github.com/number571/tendermint/issues/3102) Fix multisig keys address length 1998 - [crypto/encoding] [\#3101](https://github.com/number571/tendermint/issues/3101) Fix `PubKeyMultisigThreshold` unmarshaling into `crypto.PubKey` interface 1999 - [p2p/conn] [\#3111](https://github.com/number571/tendermint/issues/3111) Make SecretConnection thread safe 2000 - [rpc] [\#3053](https://github.com/number571/tendermint/issues/3053) Fix internal error in `/tx_search` when results are empty 2001 (@gianfelipe93) 2002 - [types] [\#2926](https://github.com/number571/tendermint/issues/2926) Do not panic if retrieving the privval's public key fails 2003 2004 ## v0.27.4 2005 2006 *December 21st, 2018* 2007 2008 ### BUG FIXES: 2009 2010 - [mempool] [\#3036](https://github.com/number571/tendermint/issues/3036) Fix 2011 LRU cache by popping the least recently used item when the cache is full, 2012 not the most recently used one! 2013 2014 ## v0.27.3 2015 2016 *December 16th, 2018* 2017 2018 ### BREAKING CHANGES: 2019 2020 * Go API 2021 - [dep] [\#3027](https://github.com/number571/tendermint/issues/3027) Revert to mainline Go crypto library, eliminating the modified 2022 `bcrypt.GenerateFromPassword` 2023 2024 ## v0.27.2 2025 2026 *December 16th, 2018* 2027 2028 ### IMPROVEMENTS: 2029 2030 - [node] [\#3025](https://github.com/number571/tendermint/issues/3025) Validate NodeInfo addresses on startup. 2031 2032 ### BUG FIXES: 2033 2034 - [p2p] [\#3025](https://github.com/number571/tendermint/pull/3025) Revert to using defers in addrbook. Fixes deadlocks in pex and consensus upon invalid ExternalAddr/ListenAddr configuration. 2035 2036 ## v0.27.1 2037 2038 *December 15th, 2018* 2039 2040 Special thanks to external contributors on this release: 2041 @danil-lashin, @hleb-albau, @james-ray, @leo-xinwang 2042 2043 ### FEATURES: 2044 - [rpc] [\#2964](https://github.com/number571/tendermint/issues/2964) Add `UnconfirmedTxs(limit)` and `NumUnconfirmedTxs()` methods to HTTP/Local clients (@danil-lashin) 2045 - [docs] [\#3004](https://github.com/number571/tendermint/issues/3004) Enable full-text search on docs pages 2046 2047 ### IMPROVEMENTS: 2048 - [consensus] [\#2971](https://github.com/number571/tendermint/issues/2971) Return error if ValidatorSet is empty after InitChain 2049 (@leo-xinwang) 2050 - [ci/cd] [\#3005](https://github.com/number571/tendermint/issues/3005) Updated CircleCI job to trigger website build when docs are updated 2051 - [docs] Various updates 2052 2053 ### BUG FIXES: 2054 - [cmd] [\#2983](https://github.com/number571/tendermint/issues/2983) `testnet` command always sets `addr_book_strict = false` 2055 - [config] [\#2980](https://github.com/number571/tendermint/issues/2980) Fix CORS options formatting 2056 - [kv indexer] [\#2912](https://github.com/number571/tendermint/issues/2912) Don't ignore key when executing CONTAINS 2057 - [mempool] [\#2961](https://github.com/number571/tendermint/issues/2961) Call `notifyTxsAvailable` if there're txs left after committing a block, but recheck=false 2058 - [mempool] [\#2994](https://github.com/number571/tendermint/issues/2994) Reject txs with negative GasWanted 2059 - [p2p] [\#2990](https://github.com/number571/tendermint/issues/2990) Fix a bug where seeds don't disconnect from a peer after 3h 2060 - [consensus] [\#3006](https://github.com/number571/tendermint/issues/3006) Save state after InitChain only when stateHeight is also 0 (@james-ray) 2061 2062 ## v0.27.0 2063 2064 *December 5th, 2018* 2065 2066 Special thanks to external contributors on this release: 2067 @danil-lashin, @srmo 2068 2069 Special thanks to @dlguddus for discovering a [major 2070 issue](https://github.com/number571/tendermint/issues/2718#issuecomment-440888677) 2071 in the proposer selection algorithm. 2072 2073 2074 This release is primarily about fixes to the proposer selection algorithm 2075 in preparation for the [Cosmos Game of 2076 Stakes](https://blog.cosmos.network/the-game-of-stakes-is-open-for-registration-83a404746ee6). 2077 It also makes use of the `ConsensusParams.Validator.PubKeyTypes` to restrict the 2078 key types that can be used by validators, and removes the `Heartbeat` consensus 2079 message. 2080 2081 ### BREAKING CHANGES: 2082 2083 * CLI/RPC/Config 2084 - [rpc] [\#2932](https://github.com/number571/tendermint/issues/2932) Rename `accum` to `proposer_priority` 2085 2086 * Go API 2087 - [db] [\#2913](https://github.com/number571/tendermint/pull/2913) 2088 ReverseIterator API change: start < end, and end is exclusive. 2089 - [types] [\#2932](https://github.com/number571/tendermint/issues/2932) Rename `Validator.Accum` to `Validator.ProposerPriority` 2090 2091 * Blockchain Protocol 2092 - [state] [\#2714](https://github.com/number571/tendermint/issues/2714) Validators can now only use pubkeys allowed within 2093 ConsensusParams.Validator.PubKeyTypes 2094 2095 * P2P Protocol 2096 - [consensus] [\#2871](https://github.com/number571/tendermint/issues/2871) 2097 Remove *ProposalHeartbeat* message as it serves no real purpose (@srmo) 2098 - [state] Fixes for proposer selection: 2099 - [\#2785](https://github.com/number571/tendermint/issues/2785) Accum for new validators is `-1.125*totalVotingPower` instead of 0 2100 - [\#2941](https://github.com/number571/tendermint/issues/2941) val.Accum is preserved during ValidatorSet.Update to avoid being 2101 reset to 0 2102 2103 ### IMPROVEMENTS: 2104 2105 - [state] [\#2929](https://github.com/number571/tendermint/issues/2929) Minor refactor of updateState logic (@danil-lashin) 2106 - [node] [\#2959](https://github.com/number571/tendermint/issues/2959) Allow node to start even if software's BlockProtocol is 2107 different from state's BlockProtocol 2108 - [pex] [\#2959](https://github.com/number571/tendermint/issues/2959) Pex reactor logger uses `module=pex` 2109 2110 ### BUG FIXES: 2111 2112 - [p2p] [\#2968](https://github.com/number571/tendermint/issues/2968) Panic on transport error rather than continuing to run but not 2113 accept new connections 2114 - [p2p] [\#2969](https://github.com/number571/tendermint/issues/2969) Fix mismatch in peer count between `/net_info` and the prometheus 2115 metrics 2116 - [rpc] [\#2408](https://github.com/number571/tendermint/issues/2408) `/broadcast_tx_commit`: Fix "interface conversion: interface {} in nil, not EventDataTx" panic (could happen if somebody sent a tx using `/broadcast_tx_commit` while Tendermint was being stopped) 2117 - [state] [\#2785](https://github.com/number571/tendermint/issues/2785) Fix accum for new validators to be `-1.125*totalVotingPower` 2118 instead of 0, forcing them to wait before becoming the proposer. Also: 2119 - do not batch clip 2120 - keep accums averaged near 0 2121 - [txindex/kv] [\#2925](https://github.com/number571/tendermint/issues/2925) Don't return false positives when range searching for a prefix of a tag value 2122 - [types] [\#2938](https://github.com/number571/tendermint/issues/2938) Fix regression in v0.26.4 where we panic on empty 2123 genDoc.Validators 2124 - [types] [\#2941](https://github.com/number571/tendermint/issues/2941) Preserve val.Accum during ValidatorSet.Update to avoid it being 2125 reset to 0 every time a validator is updated 2126 2127 ## v0.26.4 2128 2129 *November 27th, 2018* 2130 2131 Special thanks to external contributors on this release: 2132 @ackratos, @goolAdapter, @james-ray, @joe-bowman, @kostko, 2133 @nagarajmanjunath, @tomtau 2134 2135 2136 ### FEATURES: 2137 2138 - [rpc] [\#2747](https://github.com/number571/tendermint/issues/2747) Enable subscription to tags emitted from `BeginBlock`/`EndBlock` (@kostko) 2139 - [types] [\#2747](https://github.com/number571/tendermint/issues/2747) Add `ResultBeginBlock` and `ResultEndBlock` fields to `EventDataNewBlock` 2140 and `EventDataNewBlockHeader` to support subscriptions (@kostko) 2141 - [types] [\#2918](https://github.com/number571/tendermint/issues/2918) Add Marshal, MarshalTo, Unmarshal methods to various structs 2142 to support Protobuf compatibility (@nagarajmanjunath) 2143 2144 ### IMPROVEMENTS: 2145 2146 - [config] [\#2877](https://github.com/number571/tendermint/issues/2877) Add `blocktime_iota` to the config.toml (@ackratos) 2147 - NOTE: this should be a ConsensusParam, not part of the config, and will be 2148 removed from the config at a later date 2149 ([\#2920](https://github.com/number571/tendermint/issues/2920). 2150 - [mempool] [\#2882](https://github.com/number571/tendermint/issues/2882) Add txs from Update to cache 2151 - [mempool] [\#2891](https://github.com/number571/tendermint/issues/2891) Remove local int64 counter from being stored in every tx 2152 - [node] [\#2866](https://github.com/number571/tendermint/issues/2866) Add ability to instantiate IPCVal (@joe-bowman) 2153 2154 ### BUG FIXES: 2155 2156 - [blockchain] [\#2731](https://github.com/number571/tendermint/issues/2731) Retry both blocks if either is bad to avoid getting stuck during fast sync (@goolAdapter) 2157 - [consensus] [\#2893](https://github.com/number571/tendermint/issues/2893) Use genDoc.Validators instead of state.NextValidators on replay when appHeight==0 (@james-ray) 2158 - [log] [\#2868](https://github.com/number571/tendermint/issues/2868) Fix `module=main` setting overriding all others 2159 - NOTE: this changes the default logging behaviour to be much less verbose. 2160 Set `log_level="info"` to restore the previous behaviour. 2161 - [rpc] [\#2808](https://github.com/number571/tendermint/issues/2808) Fix `accum` field in `/validators` by calling `IncrementAccum` if necessary 2162 - [rpc] [\#2811](https://github.com/number571/tendermint/issues/2811) Allow integer IDs in JSON-RPC requests (@tomtau) 2163 - [txindex/kv] [\#2759](https://github.com/number571/tendermint/issues/2759) Fix tx.height range queries 2164 - [txindex/kv] [\#2775](https://github.com/number571/tendermint/issues/2775) Order tx results by index if height is the same 2165 - [txindex/kv] [\#2908](https://github.com/number571/tendermint/issues/2908) Don't return false positives when searching for a prefix of a tag value 2166 2167 ## v0.26.3 2168 2169 *November 17th, 2018* 2170 2171 Special thanks to external contributors on this release: 2172 @danil-lashin, @kevlubkcm, @krhubert, @srmo 2173 2174 2175 ### BREAKING CHANGES: 2176 2177 * Go API 2178 - [rpc] [\#2791](https://github.com/number571/tendermint/issues/2791) Functions that start HTTP servers are now blocking: 2179 - Impacts `StartHTTPServer`, `StartHTTPAndTLSServer`, and `StartGRPCServer` 2180 - These functions now take a `net.Listener` instead of an address 2181 - [rpc] [\#2767](https://github.com/number571/tendermint/issues/2767) Subscribing to events 2182 `NewRound` and `CompleteProposal` return new types `EventDataNewRound` and 2183 `EventDataCompleteProposal`, respectively, instead of the generic `EventDataRoundState`. (@kevlubkcm) 2184 2185 ### FEATURES: 2186 2187 - [log] [\#2843](https://github.com/number571/tendermint/issues/2843) New `log_format` config option, which can be set to 'plain' for colored 2188 text or 'json' for JSON output 2189 - [types] [\#2767](https://github.com/number571/tendermint/issues/2767) New event types EventDataNewRound (with ProposerInfo) and EventDataCompleteProposal (with BlockID). (@kevlubkcm) 2190 2191 ### IMPROVEMENTS: 2192 2193 - [dep] [\#2844](https://github.com/number571/tendermint/issues/2844) Dependencies are no longer pinned to an exact version in the 2194 Gopkg.toml: 2195 - Serialization libs are allowed to vary by patch release 2196 - Other libs are allowed to vary by minor release 2197 - [p2p] [\#2857](https://github.com/number571/tendermint/issues/2857) "Send failed" is logged at debug level instead of error. 2198 - [rpc] [\#2780](https://github.com/number571/tendermint/issues/2780) Add read and write timeouts to HTTP servers 2199 - [state] [\#2848](https://github.com/number571/tendermint/issues/2848) Make "Update to validators" msg value pretty (@danil-lashin) 2200 2201 ### BUG FIXES: 2202 - [consensus] [\#2819](https://github.com/number571/tendermint/issues/2819) Don't send proposalHearbeat if not a validator 2203 - [docs] [\#2859](https://github.com/number571/tendermint/issues/2859) Fix ConsensusParams details in spec 2204 - [libs/autofile] [\#2760](https://github.com/number571/tendermint/issues/2760) Comment out autofile permissions check - should fix 2205 running Tendermint on Windows 2206 - [p2p] [\#2869](https://github.com/number571/tendermint/issues/2869) Set connection config properly instead of always using default 2207 - [p2p/pex] [\#2802](https://github.com/number571/tendermint/issues/2802) Seed mode fixes: 2208 - Only disconnect from inbound peers 2209 - Use FlushStop instead of Sleep to ensure all messages are sent before 2210 disconnecting 2211 2212 ## v0.26.2 2213 2214 *November 15th, 2018* 2215 2216 Special thanks to external contributors on this release: @hleb-albau, @zhuzeyu 2217 2218 ### FEATURES: 2219 2220 - [rpc] [\#2582](https://github.com/number571/tendermint/issues/2582) Enable CORS on RPC API (@hleb-albau) 2221 2222 ### BUG FIXES: 2223 2224 - [abci] [\#2748](https://github.com/number571/tendermint/issues/2748) Unlock mutex in localClient so even when app panics (e.g. during CheckTx), consensus continue working 2225 - [abci] [\#2748](https://github.com/number571/tendermint/issues/2748) Fix DATA RACE in localClient 2226 - [amino] [\#2822](https://github.com/number571/tendermint/issues/2822) Update to v0.14.1 to support compiling on 32-bit platforms 2227 - [rpc] [\#2748](https://github.com/number571/tendermint/issues/2748) Drain channel before calling Unsubscribe(All) in `/broadcast_tx_commit` 2228 2229 ## v0.26.1 2230 2231 *November 11, 2018* 2232 2233 Special thanks to external contributors on this release: @katakonst 2234 2235 ### IMPROVEMENTS: 2236 2237 - [consensus] [\#2704](https://github.com/number571/tendermint/issues/2704) Simplify valid POL round logic 2238 - [docs] [\#2749](https://github.com/number571/tendermint/issues/2749) Deduplicate some ABCI docs 2239 - [mempool] More detailed log messages 2240 - [\#2724](https://github.com/number571/tendermint/issues/2724) 2241 - [\#2762](https://github.com/number571/tendermint/issues/2762) 2242 2243 ### BUG FIXES: 2244 2245 - [autofile] [\#2703](https://github.com/number571/tendermint/issues/2703) Do not panic when checking Head size 2246 - [crypto/merkle] [\#2756](https://github.com/number571/tendermint/issues/2756) Fix crypto/merkle ProofOperators.Verify to check bounds on keypath parts. 2247 - [mempool] fix a bug where we create a WAL despite `wal_dir` being empty 2248 - [p2p] [\#2771](https://github.com/number571/tendermint/issues/2771) Fix `peer-id` label name to `peer_id` in prometheus metrics 2249 - [p2p] [\#2797](https://github.com/number571/tendermint/pull/2797) Fix IDs in peer NodeInfo and require them for addresses 2250 in AddressBook 2251 - [p2p] [\#2797](https://github.com/number571/tendermint/pull/2797) Do not close conn immediately after sending pex addrs in seed mode. Partial fix for [\#2092](https://github.com/number571/tendermint/issues/2092). 2252 2253 ## v0.26.0 2254 2255 *November 2, 2018* 2256 2257 Special thanks to external contributors on this release: 2258 @bradyjoestar, @connorwstein, @goolAdapter, @HaoyangLiu, 2259 @james-ray, @overbool, @phymbert, @Slamper, @Uzair1995, @yutianwu. 2260 2261 Special thanks to @Slamper for a series of bug reports in our [bug bounty 2262 program](https://hackerone.com/tendermint) which are fixed in this release. 2263 2264 This release is primarily about adding Version fields to various data structures, 2265 optimizing consensus messages for signing and verification in 2266 restricted environments (like HSMs and the Ethereum Virtual Machine), and 2267 aligning the consensus code with the [specification](https://arxiv.org/abs/1807.04938). 2268 It also includes our first take at a generalized merkle proof system, and 2269 changes the length of hashes used for hashing data structures from 20 to 32 2270 bytes. 2271 2272 See the [UPGRADING.md](UPGRADING.md#v0.26.0) for details on upgrading to the new 2273 version. 2274 2275 Please note that we are still making breaking changes to the protocols. 2276 While the new Version fields should help us to keep the software backwards compatible 2277 even while upgrading the protocols, we cannot guarantee that new releases will 2278 be compatible with old chains just yet. We expect there will be another breaking 2279 release or two before the Cosmos Hub launch, but we will otherwise be paying 2280 increasing attention to backwards compatibility. Thanks for bearing with us! 2281 2282 ### BREAKING CHANGES: 2283 2284 * CLI/RPC/Config 2285 * [config] [\#2232](https://github.com/number571/tendermint/issues/2232) Timeouts are now strings like "3s" and "100ms", not ints 2286 * [config] [\#2505](https://github.com/number571/tendermint/issues/2505) Remove Mempool.RecheckEmpty (it was effectively useless anyways) 2287 * [config] [\#2490](https://github.com/number571/tendermint/issues/2490) `mempool.wal` is disabled by default 2288 * [privval] [\#2459](https://github.com/number571/tendermint/issues/2459) Split `SocketPVMsg`s implementations into Request and Response, where the Response may contain a error message (returned by the remote signer) 2289 * [state] [\#2644](https://github.com/number571/tendermint/issues/2644) Add Version field to State, breaking the format of State as 2290 encoded on disk. 2291 * [rpc] [\#2298](https://github.com/number571/tendermint/issues/2298) `/abci_query` takes `prove` argument instead of `trusted` and switches the default 2292 behaviour to `prove=false` 2293 * [rpc] [\#2654](https://github.com/number571/tendermint/issues/2654) Remove all `node_info.other.*_version` fields in `/status` and 2294 `/net_info` 2295 * [rpc] [\#2636](https://github.com/number571/tendermint/issues/2636) Remove 2296 `_params` suffix from fields in `consensus_params`. 2297 2298 * Apps 2299 * [abci] [\#2298](https://github.com/number571/tendermint/issues/2298) ResponseQuery.Proof is now a structured merkle.Proof, not just 2300 arbitrary bytes 2301 * [abci] [\#2644](https://github.com/number571/tendermint/issues/2644) Add Version to Header and shift all fields by one 2302 * [abci] [\#2662](https://github.com/number571/tendermint/issues/2662) Bump the field numbers for some `ResponseInfo` fields to make room for 2303 `AppVersion` 2304 * [abci] [\#2636](https://github.com/number571/tendermint/issues/2636) Updates to ConsensusParams 2305 * Remove `Params` suffix from field names 2306 * Add `Params` suffix to message types 2307 * Add new field and type, `Validator ValidatorParams`, to control what types of validator keys are allowed. 2308 2309 * Go API 2310 * [config] [\#2232](https://github.com/number571/tendermint/issues/2232) Timeouts are time.Duration, not ints 2311 * [crypto/merkle & lite] [\#2298](https://github.com/number571/tendermint/issues/2298) Various changes to accomodate General Merkle trees 2312 * [crypto/merkle] [\#2595](https://github.com/number571/tendermint/issues/2595) Remove all Hasher objects in favor of byte slices 2313 * [crypto/merkle] [\#2635](https://github.com/number571/tendermint/issues/2635) merkle.SimpleHashFromTwoHashes is no longer exported 2314 * [node] [\#2479](https://github.com/number571/tendermint/issues/2479) Remove node.RunForever 2315 * [rpc/client] [\#2298](https://github.com/number571/tendermint/issues/2298) `ABCIQueryOptions.Trusted` -> `ABCIQueryOptions.Prove` 2316 * [types] [\#2298](https://github.com/number571/tendermint/issues/2298) Remove `Index` and `Total` fields from `TxProof`. 2317 * [types] [\#2598](https://github.com/number571/tendermint/issues/2598) 2318 `VoteTypeXxx` are now of type `SignedMsgType byte` and named `XxxType`, eg. 2319 `PrevoteType`, `PrecommitType`. 2320 * [types] [\#2636](https://github.com/number571/tendermint/issues/2636) Rename fields in ConsensusParams to remove `Params` suffixes 2321 * [types] [\#2735](https://github.com/number571/tendermint/issues/2735) Simplify Proposal message to align with spec 2322 2323 * Blockchain Protocol 2324 * [crypto/tmhash] [\#2732](https://github.com/number571/tendermint/issues/2732) TMHASH is now full 32-byte SHA256 2325 * All hashes in the block header and Merkle trees are now 32-bytes 2326 * PubKey Addresses are still only 20-bytes 2327 * [state] [\#2587](https://github.com/number571/tendermint/issues/2587) Require block.Time of the fist block to be genesis time 2328 * [state] [\#2644](https://github.com/number571/tendermint/issues/2644) Require block.Version to match state.Version 2329 * [types] Update SignBytes for `Vote`/`Proposal`/`Heartbeat`: 2330 * [\#2459](https://github.com/number571/tendermint/issues/2459) Use amino encoding instead of JSON in `SignBytes`. 2331 * [\#2598](https://github.com/number571/tendermint/issues/2598) Reorder fields and use fixed sized encoding. 2332 * [\#2598](https://github.com/number571/tendermint/issues/2598) Change `Type` field from `string` to `byte` and use new 2333 `SignedMsgType` to enumerate. 2334 * [types] [\#2730](https://github.com/number571/tendermint/issues/2730) Use 2335 same order for fields in `Vote` as in the SignBytes 2336 * [types] [\#2732](https://github.com/number571/tendermint/issues/2732) Remove the address field from the validator hash 2337 * [types] [\#2644](https://github.com/number571/tendermint/issues/2644) Add Version struct to Header 2338 * [types] [\#2609](https://github.com/number571/tendermint/issues/2609) ConsensusParams.Hash() is the hash of the amino encoded 2339 struct instead of the Merkle tree of the fields 2340 * [types] [\#2670](https://github.com/number571/tendermint/issues/2670) Header.Hash() builds Merkle tree out of fields in the same 2341 order they appear in the header, instead of sorting by field name 2342 * [types] [\#2682](https://github.com/number571/tendermint/issues/2682) Use proto3 `varint` encoding for ints that are usually unsigned (instead of zigzag encoding). 2343 * [types] [\#2636](https://github.com/number571/tendermint/issues/2636) Add Validator field to ConsensusParams 2344 (Used to control which pubkey types validators can use, by abci type). 2345 2346 * P2P Protocol 2347 * [consensus] [\#2652](https://github.com/number571/tendermint/issues/2652) 2348 Replace `CommitStepMessage` with `NewValidBlockMessage` 2349 * [consensus] [\#2735](https://github.com/number571/tendermint/issues/2735) Simplify `Proposal` message to align with spec 2350 * [consensus] [\#2730](https://github.com/number571/tendermint/issues/2730) 2351 Add `Type` field to `Proposal` and use same order of fields as in the 2352 SignBytes for both `Proposal` and `Vote` 2353 * [p2p] [\#2654](https://github.com/number571/tendermint/issues/2654) Add `ProtocolVersion` struct with protocol versions to top of 2354 DefaultNodeInfo and require `ProtocolVersion.Block` to match during peer handshake 2355 2356 2357 ### FEATURES: 2358 - [abci] [\#2557](https://github.com/number571/tendermint/issues/2557) Add `Codespace` field to `Response{CheckTx, DeliverTx, Query}` 2359 - [abci] [\#2662](https://github.com/number571/tendermint/issues/2662) Add `BlockVersion` and `P2PVersion` to `RequestInfo` 2360 - [crypto/merkle] [\#2298](https://github.com/number571/tendermint/issues/2298) General Merkle Proof scheme for chaining various types of Merkle trees together 2361 - [docs/architecture] [\#1181](https://github.com/number571/tendermint/issues/1181) S 2362 plit immutable and mutable parts of priv_validator.json 2363 2364 ### IMPROVEMENTS: 2365 - Additional Metrics 2366 - [consensus] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2367 - [p2p] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2368 - [config] [\#2232](https://github.com/number571/tendermint/issues/2232) Added ValidateBasic method, which performs basic checks 2369 - [crypto/ed25519] [\#2558](https://github.com/number571/tendermint/issues/2558) Switch to use latest `golang.org/x/crypto` through our fork at 2370 github.com/tendermint/crypto 2371 - [libs/log] [\#2707](https://github.com/number571/tendermint/issues/2707) Add year to log format (@yutianwu) 2372 - [tools] [\#2238](https://github.com/number571/tendermint/issues/2238) Binary dependencies are now locked to a specific git commit 2373 2374 ### BUG FIXES: 2375 - [\#2711](https://github.com/number571/tendermint/issues/2711) Validate all incoming reactor messages. Fixes various bugs due to negative ints. 2376 - [autofile] [\#2428](https://github.com/number571/tendermint/issues/2428) Group.RotateFile need call Flush() before rename (@goolAdapter) 2377 - [common] [\#2533](https://github.com/number571/tendermint/issues/2533) Fixed a bug in the `BitArray.Or` method 2378 - [common] [\#2506](https://github.com/number571/tendermint/issues/2506) Fixed a bug in the `BitArray.Sub` method (@james-ray) 2379 - [common] [\#2534](https://github.com/number571/tendermint/issues/2534) Fix `BitArray.PickRandom` to choose uniformly from true bits 2380 - [consensus] [\#1690](https://github.com/number571/tendermint/issues/1690) Wait for 2381 timeoutPrecommit before starting next round 2382 - [consensus] [\#1745](https://github.com/number571/tendermint/issues/1745) Wait for 2383 Proposal or timeoutProposal before entering prevote 2384 - [consensus] [\#2642](https://github.com/number571/tendermint/issues/2642) Only propose ValidBlock, not LockedBlock 2385 - [consensus] [\#2642](https://github.com/number571/tendermint/issues/2642) Initialized ValidRound and LockedRound to -1 2386 - [consensus] [\#1637](https://github.com/number571/tendermint/issues/1637) Limit the amount of evidence that can be included in a 2387 block 2388 - [consensus] [\#2652](https://github.com/number571/tendermint/issues/2652) Ensure valid block property with faulty proposer 2389 - [evidence] [\#2515](https://github.com/number571/tendermint/issues/2515) Fix db iter leak (@goolAdapter) 2390 - [libs/event] [\#2518](https://github.com/number571/tendermint/issues/2518) Fix event concurrency flaw (@goolAdapter) 2391 - [node] [\#2434](https://github.com/number571/tendermint/issues/2434) Make node respond to signal interrupts while sleeping for genesis time 2392 - [state] [\#2616](https://github.com/number571/tendermint/issues/2616) Pass nil to NewValidatorSet() when genesis file's Validators field is nil 2393 - [p2p] [\#2555](https://github.com/number571/tendermint/issues/2555) Fix p2p switch FlushThrottle value (@goolAdapter) 2394 - [p2p] [\#2668](https://github.com/number571/tendermint/issues/2668) Reconnect to originally dialed address (not self-reported address) for persistent peers 2395 2396 ## v0.25.0 2397 2398 *September 22, 2018* 2399 2400 Special thanks to external contributors on this release: 2401 @scriptionist, @bradyjoestar, @WALL-E 2402 2403 This release is mostly about the ConsensusParams - removing fields and enforcing MaxGas. 2404 It also addresses some issues found via security audit, removes various unused 2405 functions from `libs/common`, and implements 2406 [ADR-012](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-012-peer-transport.md). 2407 2408 BREAKING CHANGES: 2409 2410 * CLI/RPC/Config 2411 * [rpc] [\#2391](https://github.com/number571/tendermint/issues/2391) /status `result.node_info.other` became a map 2412 * [types] [\#2364](https://github.com/number571/tendermint/issues/2364) Remove `TxSize` and `BlockGossip` from `ConsensusParams` 2413 * Maximum tx size is now set implicitly via the `BlockSize.MaxBytes` 2414 * The size of block parts in the consensus is now fixed to 64kB 2415 2416 * Apps 2417 * [mempool] [\#2360](https://github.com/number571/tendermint/issues/2360) Mempool tracks the `ResponseCheckTx.GasWanted` and 2418 `ConsensusParams.BlockSize.MaxGas` and enforces: 2419 - `GasWanted <= MaxGas` for every tx 2420 - `(sum of GasWanted in block) <= MaxGas` for block proposal 2421 2422 * Go API 2423 * [libs/common] [\#2431](https://github.com/number571/tendermint/issues/2431) Remove Word256 due to lack of use 2424 * [libs/common] [\#2452](https://github.com/number571/tendermint/issues/2452) Remove the following functions due to lack of use: 2425 * byteslice.go: cmn.IsZeros, cmn.RightPadBytes, cmn.LeftPadBytes, cmn.PrefixEndBytes 2426 * strings.go: cmn.IsHex, cmn.StripHex 2427 * int.go: Uint64Slice, all put/get int64 methods 2428 2429 FEATURES: 2430 - [rpc] [\#2415](https://github.com/number571/tendermint/issues/2415) New `/consensus_params?height=X` endpoint to query the consensus 2431 params at any height (@scriptonist) 2432 - [types] [\#1714](https://github.com/number571/tendermint/issues/1714) Add Address to GenesisValidator 2433 - [metrics] [\#2337](https://github.com/number571/tendermint/issues/2337) `consensus.block_interval_metrics` is now gauge, not histogram (you will be able to see spikes, if any) 2434 - [libs] [\#2286](https://github.com/number571/tendermint/issues/2286) Panic if `autofile` or `db/fsdb` permissions change from 0600. 2435 2436 IMPROVEMENTS: 2437 - [libs/db] [\#2371](https://github.com/number571/tendermint/issues/2371) Output error instead of panic when the given `db_backend` is not initialized (@bradyjoestar) 2438 - [mempool] [\#2399](https://github.com/number571/tendermint/issues/2399) Make mempool cache a proper LRU (@bradyjoestar) 2439 - [p2p] [\#2126](https://github.com/number571/tendermint/issues/2126) Introduce PeerTransport interface to improve isolation of concerns 2440 - [libs/common] [\#2326](https://github.com/number571/tendermint/issues/2326) Service returns ErrNotStarted 2441 2442 BUG FIXES: 2443 - [node] [\#2294](https://github.com/number571/tendermint/issues/2294) Delay starting node until Genesis time 2444 - [consensus] [\#2048](https://github.com/number571/tendermint/issues/2048) Correct peer statistics for marking peer as good 2445 - [rpc] [\#2460](https://github.com/number571/tendermint/issues/2460) StartHTTPAndTLSServer() now passes StartTLS() errors back to the caller rather than hanging forever. 2446 - [p2p] [\#2047](https://github.com/number571/tendermint/issues/2047) Accept new connections asynchronously 2447 - [tm-bench] [\#2410](https://github.com/number571/tendermint/issues/2410) Enforce minimum transaction size (@WALL-E) 2448 2449 ## 0.24.0 2450 2451 *September 6th, 2018* 2452 2453 Special thanks to external contributors with PRs included in this release: ackratos, james-ray, bradyjoestar, 2454 peerlink, Ahmah2009, bluele, b00f. 2455 2456 This release includes breaking upgrades in the block header, 2457 including the long awaited changes for delaying validator set updates by one 2458 block to better support light clients. 2459 It also fixes enforcement on the maximum size of blocks, and includes a BFT 2460 timestamp in each block that can be safely used by applications. 2461 There are also some minor breaking changes to the rpc, config, and ABCI. 2462 2463 See the [UPGRADING.md](UPGRADING.md#v0.24.0) for details on upgrading to the new 2464 version. 2465 2466 From here on, breaking changes will be broken down to better reflect how users 2467 are affected by a change. 2468 2469 A few more breaking changes are in the works - each will come with a clear 2470 Architecture Decision Record (ADR) explaining the change. You can review ADRs 2471 [here](https://github.com/number571/tendermint/tree/develop/docs/architecture) 2472 or in the [open Pull Requests](https://github.com/number571/tendermint/pulls). 2473 You can also check in on the [issues marked as 2474 breaking](https://github.com/number571/tendermint/issues?q=is%3Aopen+is%3Aissue+label%3Abreaking). 2475 2476 BREAKING CHANGES: 2477 2478 * CLI/RPC/Config 2479 - [config] [\#2169](https://github.com/number571/tendermint/issues/2169) Replace MaxNumPeers with MaxNumInboundPeers and MaxNumOutboundPeers 2480 - [config] [\#2300](https://github.com/number571/tendermint/issues/2300) Reduce default mempool size from 100k to 5k, until ABCI rechecking is implemented. 2481 - [rpc] [\#1815](https://github.com/number571/tendermint/issues/1815) `/commit` returns a `signed_header` field instead of everything being top-level 2482 2483 * Apps 2484 - [abci] Added address of the original proposer of the block to Header 2485 - [abci] Change ABCI Header to match Tendermint exactly 2486 - [abci] [\#2159](https://github.com/number571/tendermint/issues/2159) Update use of `Validator` (see 2487 [ADR-018](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-018-ABCI-Validators.md)): 2488 - Remove PubKey from `Validator` (so it's just Address and Power) 2489 - Introduce `ValidatorUpdate` (with just PubKey and Power) 2490 - InitChain and EndBlock use ValidatorUpdate 2491 - Update field names and types in BeginBlock 2492 - [state] [\#1815](https://github.com/number571/tendermint/issues/1815) Validator set changes are now delayed by one block 2493 - updates returned in ResponseEndBlock for block H will be included in RequestBeginBlock for block H+2 2494 2495 * Go API 2496 - [lite] [\#1815](https://github.com/number571/tendermint/issues/1815) Complete refactor of the package 2497 - [node] [\#2212](https://github.com/number571/tendermint/issues/2212) NewNode now accepts a `*p2p.NodeKey` (@bradyjoestar) 2498 - [libs/common] [\#2199](https://github.com/number571/tendermint/issues/2199) Remove Fmt, in favor of fmt.Sprintf 2499 - [libs/common] SplitAndTrim was deleted 2500 - [libs/common] [\#2274](https://github.com/number571/tendermint/issues/2274) Remove unused Math functions like MaxInt, MaxInt64, 2501 MinInt, MinInt64 (@Ahmah2009) 2502 - [libs/clist] Panics if list extends beyond MaxLength 2503 - [crypto] [\#2205](https://github.com/number571/tendermint/issues/2205) Rename AminoRoute variables to no longer be prefixed by signature type. 2504 2505 * Blockchain Protocol 2506 - [state] [\#1815](https://github.com/number571/tendermint/issues/1815) Validator set changes are now delayed by one block (!) 2507 - Add NextValidatorSet to State, changes on-disk representation of state 2508 - [state] [\#2184](https://github.com/number571/tendermint/issues/2184) Enforce ConsensusParams.BlockSize.MaxBytes (See 2509 [ADR-020](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-020-block-size.md)). 2510 - Remove ConsensusParams.BlockSize.MaxTxs 2511 - Introduce maximum sizes for all components of a block, including ChainID 2512 - [types] Updates to the block Header: 2513 - [\#1815](https://github.com/number571/tendermint/issues/1815) NextValidatorsHash - hash of the validator set for the next block, 2514 so the current validators actually sign over the hash for the new 2515 validators 2516 - [\#2106](https://github.com/number571/tendermint/issues/2106) ProposerAddress - address of the block's original proposer 2517 - [consensus] [\#2203](https://github.com/number571/tendermint/issues/2203) Implement BFT time 2518 - Timestamp in block must be monotonic and equal the median of timestamps in block's LastCommit 2519 - [crypto] [\#2239](https://github.com/number571/tendermint/issues/2239) Secp256k1 signature changes (See 2520 [ADR-014](https://github.com/number571/tendermint/blob/develop/docs/architecture/adr-014-secp-malleability.md)): 2521 - format changed from DER to `r || s`, both little endian encoded as 32 bytes. 2522 - malleability removed by requiring `s` to be in canonical form. 2523 2524 * P2P Protocol 2525 - [p2p] [\#2263](https://github.com/number571/tendermint/issues/2263) Update secret connection to use a little endian encoded nonce 2526 - [blockchain] [\#2213](https://github.com/number571/tendermint/issues/2213) Fix Amino routes for blockchain reactor messages 2527 (@peerlink) 2528 2529 2530 FEATURES: 2531 - [types] [\#2015](https://github.com/number571/tendermint/issues/2015) Allow genesis file to have 0 validators (@b00f) 2532 - Initial validator set can be determined by the app in ResponseInitChain 2533 - [rpc] [\#2161](https://github.com/number571/tendermint/issues/2161) New event `ValidatorSetUpdates` for when the validator set changes 2534 - [crypto/multisig] [\#2164](https://github.com/number571/tendermint/issues/2164) Introduce multisig pubkey and signature format 2535 - [libs/db] [\#2293](https://github.com/number571/tendermint/issues/2293) Allow passing options through when creating instances of leveldb dbs 2536 2537 IMPROVEMENTS: 2538 - [docs] Lint documentation with `write-good` and `stop-words`. 2539 - [docs] [\#2249](https://github.com/number571/tendermint/issues/2249) Refactor, deduplicate, and improve the ABCI docs and spec (with thanks to @ttmc). 2540 - [scripts] [\#2196](https://github.com/number571/tendermint/issues/2196) Added json2wal tool, which is supposed to help our users restore (@bradyjoestar) 2541 corrupted WAL files and compose test WAL files (@bradyjoestar) 2542 - [mempool] [\#2234](https://github.com/number571/tendermint/issues/2234) Now stores txs by hash inside of the cache, to mitigate memory leakage 2543 - [mempool] [\#2166](https://github.com/number571/tendermint/issues/2166) Set explicit capacity for map when updating txs (@bluele) 2544 2545 BUG FIXES: 2546 - [config] [\#2284](https://github.com/number571/tendermint/issues/2284) Replace `db_path` with `db_dir` from automatically generated configuration files. 2547 - [mempool] [\#2188](https://github.com/number571/tendermint/issues/2188) Fix OOM issue from cache map and list getting out of sync 2548 - [state] [\#2051](https://github.com/number571/tendermint/issues/2051) KV store index supports searching by `tx.height` (@ackratos) 2549 - [rpc] [\#2327](https://github.com/number571/tendermint/issues/2327) `/dial_peers` does not try to dial existing peers 2550 - [node] [\#2323](https://github.com/number571/tendermint/issues/2323) Filter empty strings from config lists (@james-ray) 2551 - [abci/client] [\#2236](https://github.com/number571/tendermint/issues/2236) Fix closing GRPC connection (@bradyjoestar) 2552 2553 ## 0.23.1 2554 2555 *August 22nd, 2018* 2556 2557 BUG FIXES: 2558 - [libs/autofile] [\#2261](https://github.com/number571/tendermint/issues/2261) Fix log rotation so it actually happens. 2559 - Fixes issues with consensus WAL growing unbounded ala [\#2259](https://github.com/number571/tendermint/issues/2259) 2560 2561 ## 0.23.0 2562 2563 *August 5th, 2018* 2564 2565 This release includes breaking upgrades in our P2P encryption, 2566 some ABCI messages, and how we encode time and signatures. 2567 2568 A few more changes are still coming to the Header, ABCI, 2569 and validator set handling to better support light clients, BFT time, and 2570 upgrades. Most notably, validator set changes will be delayed by one block (see 2571 [#1815][i1815]). 2572 2573 We also removed `make ensure_deps` in favour of `make get_vendor_deps`. 2574 2575 BREAKING CHANGES: 2576 - [abci] Changed time format from int64 to google.protobuf.Timestamp 2577 - [abci] Changed Validators to LastCommitInfo in RequestBeginBlock 2578 - [abci] Removed Fee from ResponseDeliverTx and ResponseCheckTx 2579 - [crypto] Switch crypto.Signature from interface to []byte for space efficiency 2580 [#2128](https://github.com/number571/tendermint/pull/2128) 2581 - NOTE: this means signatures no longer have the prefix bytes in Amino 2582 binary nor the `type` field in Amino JSON. They're just bytes. 2583 - [p2p] Remove salsa and ripemd primitives, in favor of using chacha as a stream cipher, and hkdf [#2054](https://github.com/number571/tendermint/pull/2054) 2584 - [tools] Removed `make ensure_deps` in favor of `make get_vendor_deps` 2585 - [types] CanonicalTime uses nanoseconds instead of clipping to ms 2586 - breaks serialization/signing of all messages with a timestamp 2587 2588 FEATURES: 2589 - [tools] Added `make check_dep` 2590 - ensures gopkg.lock is synced with gopkg.toml 2591 - ensures no branches are used in the gopkg.toml 2592 2593 IMPROVEMENTS: 2594 - [blockchain] Improve fast-sync logic 2595 [#1805](https://github.com/number571/tendermint/pull/1805) 2596 - tweak params 2597 - only process one block at a time to avoid starving 2598 - [common] bit array functions which take in another parameter are now thread safe 2599 - [crypto] Switch hkdfchachapoly1305 to xchachapoly1305 2600 - [p2p] begin connecting to peers as soon a seed node provides them to you ([#2093](https://github.com/number571/tendermint/issues/2093)) 2601 2602 BUG FIXES: 2603 - [common] Safely handle cases where atomic write files already exist [#2109](https://github.com/number571/tendermint/issues/2109) 2604 - [privval] fix a deadline for accepting new connections in socket private 2605 validator. 2606 - [p2p] Allow startup if a configured seed node's IP can't be resolved ([#1716](https://github.com/number571/tendermint/issues/1716)) 2607 - [node] Fully exit when CTRL-C is pressed even if consensus state panics [#2072](https://github.com/number571/tendermint/issues/2072) 2608 2609 [i1815]: https://github.com/number571/tendermint/pull/1815 2610 2611 ## 0.22.8 2612 2613 *July 26th, 2018* 2614 2615 BUG FIXES 2616 2617 - [consensus, blockchain] Fix 0.22.7 below. 2618 2619 ## 0.22.7 2620 2621 *July 26th, 2018* 2622 2623 BUG FIXES 2624 2625 - [consensus, blockchain] Register the Evidence interface so it can be 2626 marshalled/unmarshalled by the blockchain and consensus reactors 2627 2628 ## 0.22.6 2629 2630 *July 24th, 2018* 2631 2632 BUG FIXES 2633 2634 - [rpc] Fix `/blockchain` endpoint 2635 - (#2049) Fix OOM attack by returning error on negative input 2636 - Fix result length to have max 20 (instead of 21) block metas 2637 - [rpc] Validate height is non-negative in `/abci_query` 2638 - [consensus] (#2050) Include evidence in proposal block parts (previously evidence was 2639 not being included in blocks!) 2640 - [p2p] (#2046) Close rejected inbound connections so file descriptor doesn't 2641 leak 2642 - [Gopkg] (#2053) Fix versions in the toml 2643 2644 ## 0.22.5 2645 2646 *July 23th, 2018* 2647 2648 BREAKING CHANGES: 2649 - [crypto] Refactor `tendermint/crypto` into many subpackages 2650 - [libs/common] remove exponentially distributed random numbers 2651 2652 IMPROVEMENTS: 2653 - [abci, libs/common] Generated gogoproto static marshaller methods 2654 - [config] Increase default send/recv rates to 5 mB/s 2655 - [p2p] reject addresses coming from private peers 2656 - [p2p] allow persistent peers to be private 2657 2658 BUG FIXES: 2659 - [mempool] fixed a race condition when `create_empty_blocks=false` where a 2660 transaction is published at an old height. 2661 - [p2p] dial external IP setup by `persistent_peers`, not internal NAT IP 2662 - [rpc] make `/status` RPC endpoint resistant to consensus halt 2663 2664 ## 0.22.4 2665 2666 *July 14th, 2018* 2667 2668 BREAKING CHANGES: 2669 - [genesis] removed deprecated `app_options` field. 2670 - [types] Genesis.AppStateJSON -> Genesis.AppState 2671 2672 FEATURES: 2673 - [tools] Merged in from github.com/tendermint/tools 2674 2675 BUG FIXES: 2676 - [tools/tm-bench] Various fixes 2677 - [consensus] Wait for WAL to stop on shutdown 2678 - [abci] Fix #1891, pending requests cannot hang when abci server dies. 2679 Previously a crash in BeginBlock could leave tendermint in broken state. 2680 2681 ## 0.22.3 2682 2683 *July 10th, 2018* 2684 2685 IMPROVEMENTS 2686 - Update dependencies 2687 * pin all values in Gopkg.toml to version or commit 2688 * update golang/protobuf to v1.1.0 2689 2690 ## 0.22.2 2691 2692 *July 10th, 2018* 2693 2694 IMPROVEMENTS 2695 - More cleanup post repo merge! 2696 - [docs] Include `ecosystem.json` and `tendermint-bft.md` from deprecated `aib-data` repository. 2697 - [config] Add `instrumentation.max_open_connections`, which limits the number 2698 of requests in flight to Prometheus server (if enabled). Default: 3. 2699 2700 2701 BUG FIXES 2702 - [rpc] Allow unquoted integers in requests 2703 - NOTE: this is only for URI requests. JSONRPC requests and all responses 2704 will use quoted integers (the proto3 JSON standard). 2705 - [consensus] Fix halt on shutdown 2706 2707 ## 0.22.1 2708 2709 *July 5th, 2018* 2710 2711 IMPROVEMENTS 2712 2713 * Cleanup post repo-merge. 2714 * [docs] Various improvements. 2715 2716 BUG FIXES 2717 2718 * [state] Return error when EndBlock returns a 0-power validator that isn't 2719 already in the validator set. 2720 * [consensus] Shut down WAL properly. 2721 2722 2723 ## 0.22.0 2724 2725 *July 2nd, 2018* 2726 2727 BREAKING CHANGES: 2728 - [config] 2729 * Remove `max_block_size_txs` and `max_block_size_bytes` in favor of 2730 consensus params from the genesis file. 2731 * Rename `skip_upnp` to `upnp`, and turn it off by default. 2732 * Change `max_packet_msg_size` back to `max_packet_msg_payload_size` 2733 - [rpc] 2734 * All integers are encoded as strings (part of the update for Amino v0.10.1) 2735 * `syncing` is now called `catching_up` 2736 - [types] Update Amino to v0.10.1 2737 * Amino is now fully proto3 compatible for the basic types 2738 * JSON-encoded types now use the type name instead of the prefix bytes 2739 * Integers are encoded as strings 2740 - [crypto] Update go-crypto to v0.10.0 and merge into `crypto` 2741 * privKey.Sign returns error. 2742 * ed25519 address changed to the first 20-bytes of the SHA256 of the raw pubkey bytes 2743 * `tmlibs/merkle` -> `crypto/merkle`. Uses SHA256 instead of RIPEMD160 2744 - [tmlibs] Update to v0.9.0 and merge into `libs` 2745 * remove `merkle` package (moved to `crypto/merkle`) 2746 2747 FEATURES 2748 - [cmd] Added metrics (served under `/metrics` using a Prometheus client; 2749 disabled by default). See the new `instrumentation` section in the config and 2750 [metrics](https://tendermint.readthedocs.io/projects/tools/en/develop/metrics.html) 2751 guide. 2752 - [p2p] Add IPv6 support to peering. 2753 - [p2p] Add `external_address` to config to allow specifying the address for 2754 peers to dial 2755 2756 IMPROVEMENT 2757 - [rpc/client] Supports https and wss now. 2758 - [crypto] Make public key size into public constants 2759 - [mempool] Log tx hash, not entire tx 2760 - [abci] Merged in github.com/tendermint/abci 2761 - [crypto] Merged in github.com/tendermint/go-crypto 2762 - [libs] Merged in github.com/tendermint/tmlibs 2763 - [docs] Move from .rst to .md 2764 2765 BUG FIXES: 2766 - [rpc] Limit maximum number of HTTP/WebSocket connections 2767 (`rpc.max_open_connections`) and gRPC connections 2768 (`rpc.grpc_max_open_connections`). Check out "Running In Production" guide if 2769 you want to increase them. 2770 - [rpc] Limit maximum request body size to 1MB (header is limited to 1MB). 2771 - [consensus] Fix a halting bug where `create_empty_blocks=false` 2772 - [p2p] Fix panic in seed mode 2773 2774 ## 0.21.0 2775 2776 *June 21th, 2018* 2777 2778 BREAKING CHANGES 2779 2780 - [config] Change default ports from 4665X to 2665X. Ports over 32768 are 2781 ephemeral and reserved for use by the kernel. 2782 - [cmd] `unsafe_reset_all` removes the addrbook.json 2783 2784 IMPROVEMENT 2785 2786 - [pubsub] Set default capacity to 0 2787 - [docs] Various improvements 2788 2789 BUG FIXES 2790 2791 - [consensus] Fix an issue where we don't make blocks after `fast_sync` when `create_empty_blocks=false` 2792 - [mempool] Fix #1761 where we don't process txs if `cache_size=0` 2793 - [rpc] Fix memory leak in Websocket (when using `/subscribe` method) 2794 - [config] Escape paths in config - fixes config paths on Windows 2795 2796 ## 0.20.0 2797 2798 *June 6th, 2018* 2799 2800 This is the first in a series of breaking releases coming to Tendermint after 2801 soliciting developer feedback and conducting security audits. 2802 2803 This release does not break any blockchain data structures or 2804 protocols other than the ABCI messages between Tendermint and the application. 2805 2806 Applications that upgrade for ABCI v0.11.0 should be able to continue running Tendermint 2807 v0.20.0 on blockchains created with v0.19.X 2808 2809 BREAKING CHANGES 2810 2811 - [abci] Upgrade to 2812 [v0.11.0](https://github.com/tendermint/abci/blob/master/CHANGELOG.md#0110) 2813 - [abci] Change Query path for filtering peers by node ID from 2814 `p2p/filter/pubkey/<id>` to `p2p/filter/id/<id>` 2815 2816 ## 0.19.9 2817 2818 *June 5th, 2018* 2819 2820 BREAKING CHANGES 2821 2822 - [types/priv_validator] Moved to top level `privval` package 2823 2824 FEATURES 2825 2826 - [config] Collapse PeerConfig into P2PConfig 2827 - [docs] Add quick-install script 2828 - [docs/spec] Add table of Amino prefixes 2829 2830 BUG FIXES 2831 2832 - [rpc] Return 404 for unknown endpoints 2833 - [consensus] Flush WAL on stop 2834 - [evidence] Don't send evidence to peers that are behind 2835 - [p2p] Fix memory leak on peer disconnects 2836 - [rpc] Fix panic when `per_page=0` 2837 2838 ## 0.19.8 2839 2840 *June 4th, 2018* 2841 2842 BREAKING: 2843 2844 - [p2p] Remove `auth_enc` config option, peer connections are always auth 2845 encrypted. Technically a breaking change but seems no one was using it and 2846 arguably a bug fix :) 2847 2848 BUG FIXES 2849 2850 - [mempool] Fix deadlock under high load when `skip_timeout_commit=true` and 2851 `create_empty_blocks=false` 2852 2853 ## 0.19.7 2854 2855 *May 31st, 2018* 2856 2857 BREAKING: 2858 2859 - [libs/pubsub] TagMap#Get returns a string value 2860 - [libs/pubsub] NewTagMap accepts a map of strings 2861 2862 FEATURES 2863 2864 - [rpc] the RPC documentation is now published to https://tendermint.github.io/slate 2865 - [p2p] AllowDuplicateIP config option to refuse connections from same IP. 2866 - true by default for now, false by default in next breaking release 2867 - [docs] Add docs for query, tx indexing, events, pubsub 2868 - [docs] Add some notes about running Tendermint in production 2869 2870 IMPROVEMENTS: 2871 2872 - [consensus] Consensus reactor now receives events from a separate synchronous event bus, 2873 which is not dependant on external RPC load 2874 - [consensus/wal] do not look for height in older files if we've seen height - 1 2875 - [docs] Various cleanup and link fixes 2876 2877 ## 0.19.6 2878 2879 *May 29th, 2018* 2880 2881 BUG FIXES 2882 2883 - [blockchain] Fix fast-sync deadlock during high peer turnover 2884 2885 BUG FIX: 2886 2887 - [evidence] Dont send peers evidence from heights they haven't synced to yet 2888 - [p2p] Refuse connections to more than one peer with the same IP 2889 - [docs] Various fixes 2890 2891 ## 0.19.5 2892 2893 *May 20th, 2018* 2894 2895 BREAKING CHANGES 2896 2897 - [rpc/client] TxSearch and UnconfirmedTxs have new arguments (see below) 2898 - [rpc/client] TxSearch returns ResultTxSearch 2899 - [version] Breaking changes to Go APIs will not be reflected in breaking 2900 version change, but will be included in changelog. 2901 2902 FEATURES 2903 2904 - [rpc] `/tx_search` takes `page` (starts at 1) and `per_page` (max 100, default 30) args to paginate results 2905 - [rpc] `/unconfirmed_txs` takes `limit` (max 100, default 30) arg to limit the output 2906 - [config] `mempool.size` and `mempool.cache_size` options 2907 2908 IMPROVEMENTS 2909 2910 - [docs] Lots of updates 2911 - [consensus] Only Fsync() the WAL before executing msgs from ourselves 2912 2913 BUG FIXES 2914 2915 - [mempool] Enforce upper bound on number of transactions 2916 2917 ## 0.19.4 (May 17th, 2018) 2918 2919 IMPROVEMENTS 2920 2921 - [state] Improve tx indexing by using batches 2922 - [consensus, state] Improve logging (more consensus logs, fewer tx logs) 2923 - [spec] Moved to `docs/spec` (TODO cleanup the rest of the docs ...) 2924 2925 BUG FIXES 2926 2927 - [consensus] Fix issue #1575 where a late proposer can get stuck 2928 2929 ## 0.19.3 (May 14th, 2018) 2930 2931 FEATURES 2932 2933 - [rpc] New `/consensus_state` returns just the votes seen at the current height 2934 2935 IMPROVEMENTS 2936 2937 - [rpc] Add stringified votes and fraction of power voted to `/dump_consensus_state` 2938 - [rpc] Add PeerStateStats to `/dump_consensus_state` 2939 2940 BUG FIXES 2941 2942 - [cmd] Set GenesisTime during `tendermint init` 2943 - [consensus] fix ValidBlock rules 2944 2945 ## 0.19.2 (April 30th, 2018) 2946 2947 FEATURES: 2948 2949 - [p2p] Allow peers with different Minor versions to connect 2950 - [rpc] `/net_info` includes `n_peers` 2951 2952 IMPROVEMENTS: 2953 2954 - [p2p] Various code comments, cleanup, error types 2955 - [p2p] Change some Error logs to Debug 2956 2957 BUG FIXES: 2958 2959 - [p2p] Fix reconnect to persistent peer when first dial fails 2960 - [p2p] Validate NodeInfo.ListenAddr 2961 - [p2p] Only allow (MaxNumPeers - MaxNumOutboundPeers) inbound peers 2962 - [p2p/pex] Limit max msg size to 64kB 2963 - [p2p] Fix panic when pex=false 2964 - [p2p] Allow multiple IPs per ID in AddrBook 2965 - [p2p] Fix before/after bugs in addrbook isBad() 2966 2967 ## 0.19.1 (April 27th, 2018) 2968 2969 Note this release includes some small breaking changes in the RPC and one in the 2970 config that are really bug fixes. v0.19.1 will work with existing chains, and make Tendermint 2971 easier to use and debug. With <3 2972 2973 BREAKING (MINOR) 2974 2975 - [config] Removed `wal_light` setting. If you really needed this, let us know 2976 2977 FEATURES: 2978 2979 - [networks] moved in tooling from devops repo: terraform and ansible scripts for deploying testnets ! 2980 - [cmd] Added `gen_node_key` command 2981 2982 BUG FIXES 2983 2984 Some of these are breaking in the RPC response, but they're really bugs! 2985 2986 - [spec] Document address format and pubkey encoding pre and post Amino 2987 - [rpc] Lower case JSON field names 2988 - [rpc] Fix missing entries, improve, and lower case the fields in `/dump_consensus_state` 2989 - [rpc] Fix NodeInfo.Channels format to hex 2990 - [rpc] Add Validator address to `/status` 2991 - [rpc] Fix `prove` in ABCIQuery 2992 - [cmd] MarshalJSONIndent on init 2993 2994 ## 0.19.0 (April 13th, 2018) 2995 2996 BREAKING: 2997 - [cmd] improved `testnet` command; now it can fill in `persistent_peers` for you in the config file and much more (see `tendermint testnet --help` for details) 2998 - [cmd] `show_node_id` now returns an error if there is no node key 2999 - [rpc]: changed the output format for the `/status` endpoint (see https://godoc.org/github.com/number571/tendermint/rpc/core#Status) 3000 3001 Upgrade from go-wire to go-amino. This is a sweeping change that breaks everything that is 3002 serialized to disk or over the network. 3003 3004 See github.com/tendermint/go-amino for details on the new format. 3005 3006 See `scripts/wire2amino.go` for a tool to upgrade 3007 genesis/priv_validator/node_key JSON files. 3008 3009 FEATURES 3010 3011 - [test] docker-compose for local testnet setup (thanks Greg!) 3012 3013 ## 0.18.0 (April 6th, 2018) 3014 3015 BREAKING: 3016 3017 - [types] Merkle tree uses different encoding for varints (see tmlibs v0.8.0) 3018 - [types] ValidtorSet.GetByAddress returns -1 if no validator found 3019 - [p2p] require all addresses come with an ID no matter what 3020 - [rpc] Listening address must contain tcp:// or unix:// prefix 3021 3022 FEATURES: 3023 3024 - [rpc] StartHTTPAndTLSServer (not used yet) 3025 - [rpc] Include validator's voting power in `/status` 3026 - [rpc] `/tx` and `/tx_search` responses now include the transaction hash 3027 - [rpc] Include peer NodeIDs in `/net_info` 3028 3029 IMPROVEMENTS: 3030 - [config] trim whitespace from elements of lists (like `persistent_peers`) 3031 - [rpc] `/tx_search` results are sorted by height 3032 - [p2p] do not try to connect to ourselves (ok, maybe only once) 3033 - [p2p] seeds respond with a bias towards good peers 3034 3035 BUG FIXES: 3036 - [rpc] fix subscribing using an abci.ResponseDeliverTx tag 3037 - [rpc] fix tx_indexers matchRange 3038 - [rpc] fix unsubscribing (see tmlibs v0.8.0) 3039 3040 ## 0.17.1 (March 27th, 2018) 3041 3042 BUG FIXES: 3043 - [types] Actually support `app_state` in genesis as `AppStateJSON` 3044 3045 ## 0.17.0 (March 27th, 2018) 3046 3047 BREAKING: 3048 - [types] WriteSignBytes -> SignBytes 3049 3050 IMPROVEMENTS: 3051 - [all] renamed `dummy` (`persistent_dummy`) to `kvstore` (`persistent_kvstore`) (name "dummy" is deprecated and will not work in the next breaking release) 3052 - [docs] note on determinism (docs/determinism.rst) 3053 - [genesis] `app_options` field is deprecated. please rename it to `app_state` in your genesis file(s). `app_options` will not work in the next breaking release 3054 - [p2p] dial seeds directly without potential peers 3055 - [p2p] exponential backoff for addrs in the address book 3056 - [p2p] mark peer as good if it contributed enough votes or block parts 3057 - [p2p] stop peer if it sends incorrect data, msg to unknown channel, msg we did not expect 3058 - [p2p] when `auth_enc` is true, all dialed peers must have a node ID in their address 3059 - [spec] various improvements 3060 - switched from glide to dep internally for package management 3061 - [wire] prep work for upgrading to new go-wire (which is now called go-amino) 3062 3063 FEATURES: 3064 - [config] exposed `auth_enc` flag to enable/disable encryption 3065 - [config] added the `--p2p.private_peer_ids` flag and `PrivatePeerIDs` config variable (see config for description) 3066 - [rpc] added `/health` endpoint, which returns empty result for now 3067 - [types/priv_validator] new format and socket client, allowing for remote signing 3068 3069 BUG FIXES: 3070 - [consensus] fix liveness bug by introducing ValidBlock mechanism 3071 3072 ## 0.16.0 (February 20th, 2018) 3073 3074 BREAKING CHANGES: 3075 - [config] use $TMHOME/config for all config and json files 3076 - [p2p] old `--p2p.seeds` is now `--p2p.persistent_peers` (persistent peers to which TM will always connect to) 3077 - [p2p] now `--p2p.seeds` only used for getting addresses (if addrbook is empty; not persistent) 3078 - [p2p] NodeInfo: remove RemoteAddr and add Channels 3079 - we must have at least one overlapping channel with peer 3080 - we only send msgs for channels the peer advertised 3081 - [p2p/conn] pong timeout 3082 - [lite] comment out IAVL related code 3083 3084 FEATURES: 3085 - [p2p] added new `/dial_peers&persistent=_` **unsafe** endpoint 3086 - [p2p] persistent node key in `$THMHOME/config/node_key.json` 3087 - [p2p] introduce peer ID and authenticate peers by ID using addresses like `ID@IP:PORT` 3088 - [p2p/pex] new seed mode crawls the network and serves as a seed. 3089 - [config] MempoolConfig.CacheSize 3090 - [config] P2P.SeedMode (`--p2p.seed_mode`) 3091 3092 IMPROVEMENT: 3093 - [p2p/pex] stricter rules in the PEX reactor for better handling of abuse 3094 - [p2p] various improvements to code structure including subpackages for `pex` and `conn` 3095 - [docs] new spec! 3096 - [all] speed up the tests! 3097 3098 BUG FIX: 3099 - [blockchain] StopPeerForError on timeout 3100 - [consensus] StopPeerForError on a bad Maj23 message 3101 - [state] flush mempool conn before calling commit 3102 - [types] fix priv val signing things that only differ by timestamp 3103 - [mempool] fix memory leak causing zombie peers 3104 - [p2p/conn] fix potential deadlock 3105 3106 ## 0.15.0 (December 29, 2017) 3107 3108 BREAKING CHANGES: 3109 - [p2p] enable the Peer Exchange reactor by default 3110 - [types] add Timestamp field to Proposal/Vote 3111 - [types] add new fields to Header: TotalTxs, ConsensusParamsHash, LastResultsHash, EvidenceHash 3112 - [types] add Evidence to Block 3113 - [types] simplify ValidateBasic 3114 - [state] updates to support changes to the header 3115 - [state] Enforce <1/3 of validator set can change at a time 3116 3117 FEATURES: 3118 - [state] Send indices of absent validators and addresses of byzantine validators in BeginBlock 3119 - [state] Historical ConsensusParams and ABCIResponses 3120 - [docs] Specification for the base Tendermint data structures. 3121 - [evidence] New evidence reactor for gossiping and managing evidence 3122 - [rpc] `/block_results?height=X` returns the DeliverTx results for a given height. 3123 3124 IMPROVEMENTS: 3125 - [consensus] Better handling of corrupt WAL file 3126 3127 BUG FIXES: 3128 - [lite] fix race 3129 - [state] validate block.Header.ValidatorsHash 3130 - [p2p] allow seed addresses to be prefixed with eg. `tcp://` 3131 - [p2p] use consistent key to refer to peers so we dont try to connect to existing peers 3132 - [cmd] fix `tendermint init` to ignore files that are there and generate files that aren't. 3133 3134 ## 0.14.0 (December 11, 2017) 3135 3136 BREAKING CHANGES: 3137 - consensus/wal: removed separator 3138 - rpc/client: changed Subscribe/Unsubscribe/UnsubscribeAll funcs signatures to be identical to event bus. 3139 3140 FEATURES: 3141 - new `tendermint lite` command (and `lite/proxy` pkg) for running a light-client RPC proxy. 3142 NOTE it is currently insecure and its APIs are not yet covered by semver 3143 3144 IMPROVEMENTS: 3145 - rpc/client: can act as event bus subscriber (See https://github.com/number571/tendermint/issues/945). 3146 - p2p: use exponential backoff from seconds to hours when attempting to reconnect to persistent peer 3147 - config: moniker defaults to the machine's hostname instead of "anonymous" 3148 3149 BUG FIXES: 3150 - p2p: no longer exit if one of the seed addresses is incorrect 3151 3152 ## 0.13.0 (December 6, 2017) 3153 3154 BREAKING CHANGES: 3155 - abci: update to v0.8 using gogo/protobuf; includes tx tags, vote info in RequestBeginBlock, data.Bytes everywhere, use int64, etc. 3156 - types: block heights are now `int64` everywhere 3157 - types & node: EventSwitch and EventCache have been replaced by EventBus and EventBuffer; event types have been overhauled 3158 - node: EventSwitch methods now refer to EventBus 3159 - rpc/lib/types: RPCResponse is no longer a pointer; WSRPCConnection interface has been modified 3160 - rpc/client: WaitForOneEvent takes an EventsClient instead of types.EventSwitch 3161 - rpc/client: Add/RemoveListenerForEvent are now Subscribe/Unsubscribe 3162 - rpc/core/types: ResultABCIQuery wraps an abci.ResponseQuery 3163 - rpc: `/subscribe` and `/unsubscribe` take `query` arg instead of `event` 3164 - rpc: `/status` returns the LatestBlockTime in human readable form instead of in nanoseconds 3165 - mempool: cached transactions return an error instead of an ABCI response with BadNonce 3166 3167 FEATURES: 3168 - rpc: new `/unsubscribe_all` WebSocket RPC endpoint 3169 - rpc: new `/tx_search` endpoint for filtering transactions by more complex queries 3170 - p2p/trust: new trust metric for tracking peers. See ADR-006 3171 - config: TxIndexConfig allows to set what DeliverTx tags to index 3172 3173 IMPROVEMENTS: 3174 - New asynchronous events system using `tmlibs/pubsub` 3175 - logging: Various small improvements 3176 - consensus: Graceful shutdown when app crashes 3177 - tests: Fix various non-deterministic errors 3178 - p2p: more defensive programming 3179 3180 BUG FIXES: 3181 - consensus: fix panic where prs.ProposalBlockParts is not initialized 3182 - p2p: fix panic on bad channel 3183 3184 ## 0.12.1 (November 27, 2017) 3185 3186 BUG FIXES: 3187 - upgrade tmlibs dependency to enable Windows builds for Tendermint 3188 3189 ## 0.12.0 (October 27, 2017) 3190 3191 BREAKING CHANGES: 3192 - rpc/client: websocket ResultsCh and ErrorsCh unified in ResponsesCh. 3193 - rpc/client: ABCIQuery no longer takes `prove` 3194 - state: remove GenesisDoc from state. 3195 - consensus: new binary WAL format provides efficiency and uses checksums to detect corruption 3196 - use scripts/wal2json to convert to json for debugging 3197 3198 FEATURES: 3199 - new `Verifiers` pkg contains the tendermint light-client library (name subject to change)! 3200 - rpc: `/genesis` includes the `app_options` . 3201 - rpc: `/abci_query` takes an additional `height` parameter to support historical queries. 3202 - rpc/client: new ABCIQueryWithOptions supports options like `trusted` (set false to get a proof) and `height` to query a historical height. 3203 3204 IMPROVEMENTS: 3205 - rpc: `/genesis` result includes `app_options` 3206 - rpc/lib/client: add jitter to reconnects. 3207 - rpc/lib/types: `RPCError` satisfies the `error` interface. 3208 3209 BUG FIXES: 3210 - rpc/client: fix ws deadlock after stopping 3211 - blockchain: fix panic on AddBlock when peer is nil 3212 - mempool: fix sending on TxsAvailable when a tx has been invalidated 3213 - consensus: dont run WAL catchup if we fast synced 3214 3215 ## 0.11.1 (October 10, 2017) 3216 3217 IMPROVEMENTS: 3218 - blockchain/reactor: respondWithNoResponseMessage for missing height 3219 3220 BUG FIXES: 3221 - rpc: fixed client WebSocket timeout 3222 - rpc: client now resubscribes on reconnection 3223 - rpc: fix panics on missing params 3224 - rpc: fix `/dump_consensus_state` to have normal json output (NOTE: technically breaking, but worth a bug fix label) 3225 - types: fixed out of range error in VoteSet.addVote 3226 - consensus: fix wal autofile via https://github.com/tendermint/tmlibs/blob/master/CHANGELOG.md#032-october-2-2017 3227 3228 ## 0.11.0 (September 22, 2017) 3229 3230 BREAKING: 3231 - genesis file: validator `amount` is now `power` 3232 - abci: Info, BeginBlock, InitChain all take structs 3233 - rpc: various changes to match JSONRPC spec (http://www.jsonrpc.org/specification), including breaking ones: 3234 - requests that previously returned HTTP code 4XX now return 200 with an error code in the JSONRPC. 3235 - `rpctypes.RPCResponse` uses new `RPCError` type instead of `string`. 3236 3237 - cmd: if there is no genesis, exit immediately instead of waiting around for one to show. 3238 - types: `Signer.Sign` returns an error. 3239 - state: every validator set change is persisted to disk, which required some changes to the `State` structure. 3240 - p2p: new `p2p.Peer` interface used for all reactor methods (instead of `*p2p.Peer` struct). 3241 3242 FEATURES: 3243 - rpc: `/validators?height=X` allows querying of validators at previous heights. 3244 - rpc: Leaving the `height` param empty for `/block`, `/validators`, and `/commit` will return the value for the latest height. 3245 3246 IMPROVEMENTS: 3247 - docs: Moved all docs from the website and tools repo in, converted to `.rst`, and cleaned up for presentation on `tendermint.readthedocs.io` 3248 3249 BUG FIXES: 3250 - fix WAL openning issue on Windows 3251 3252 ## 0.10.4 (September 5, 2017) 3253 3254 IMPROVEMENTS: 3255 - docs: Added Slate docs to each rpc function (see rpc/core) 3256 - docs: Ported all website docs to Read The Docs 3257 - config: expose some p2p params to tweak performance: RecvRate, SendRate, and MaxMsgPacketPayloadSize 3258 - rpc: Upgrade the websocket client and server, including improved auto reconnect, and proper ping/pong 3259 3260 BUG FIXES: 3261 - consensus: fix panic on getVoteBitArray 3262 - consensus: hang instead of panicking on byzantine consensus failures 3263 - cmd: dont load config for version command 3264 3265 ## 0.10.3 (August 10, 2017) 3266 3267 FEATURES: 3268 - control over empty block production: 3269 - new flag, `--consensus.create_empty_blocks`; when set to false, blocks are only created when there are txs or when the AppHash changes. 3270 - new config option, `consensus.create_empty_blocks_interval`; an empty block is created after this many seconds. 3271 - in normal operation, `create_empty_blocks = true` and `create_empty_blocks_interval = 0`, so blocks are being created all the time (as in all previous versions of tendermint). The number of empty blocks can be reduced by increasing `create_empty_blocks_interval` or by setting `create_empty_blocks = false`. 3272 - new `TxsAvailable()` method added to Mempool that returns a channel which fires when txs are available. 3273 - new heartbeat message added to consensus reactor to notify peers that a node is waiting for txs before entering propose step. 3274 - rpc: Add `syncing` field to response returned by `/status`. Is `true` while in fast-sync mode. 3275 3276 IMPROVEMENTS: 3277 - various improvements to documentation and code comments 3278 3279 BUG FIXES: 3280 - mempool: pass height into constructor so it doesn't always start at 0 3281 3282 ## 0.10.2 (July 10, 2017) 3283 3284 FEATURES: 3285 - Enable lower latency block commits by adding consensus reactor sleep durations and p2p flush throttle timeout to the config 3286 3287 IMPROVEMENTS: 3288 - More detailed logging in the consensus reactor and state machine 3289 - More in-code documentation for many exposed functions, especially in consensus/reactor.go and p2p/switch.go 3290 - Improved readability for some function definitions and code blocks with long lines 3291 3292 ## 0.10.1 (June 28, 2017) 3293 3294 FEATURES: 3295 - Use `--trace` to get stack traces for logged errors 3296 - types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set 3297 - types: GenesisDocFromFile parses a GenesiDoc from a JSON file 3298 3299 IMPROVEMENTS: 3300 - Add a Code of Conduct 3301 - Variety of improvements as suggested by `megacheck` tool 3302 - rpc: deduplicate tests between rpc/client and rpc/tests 3303 - rpc: addresses without a protocol prefix default to `tcp://`. `http://` is also accepted as an alias for `tcp://` 3304 - cmd: commands are more easily reuseable from other tools 3305 - DOCKER: automate build/push 3306 3307 BUG FIXES: 3308 - Fix log statements using keys with spaces (logger does not currently support spaces) 3309 - rpc: set logger on websocket connection 3310 - rpc: fix ws connection stability by setting write deadline on pings 3311 3312 ## 0.10.0 (June 2, 2017) 3313 3314 Includes major updates to configuration, logging, and json serialization. 3315 Also includes the Grand Repo-Merge of 2017. 3316 3317 BREAKING CHANGES: 3318 3319 - Config and Flags: 3320 - The `config` map is replaced with a [`Config` struct](https://github.com/number571/tendermint/blob/master/config/config.go#L11), 3321 containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusConfig`, `RPCConfig` 3322 - This affects the following flags: 3323 - `--seeds` is now `--p2p.seeds` 3324 - `--node_laddr` is now `--p2p.laddr` 3325 - `--pex` is now `--p2p.pex` 3326 - `--skip_upnp` is now `--p2p.skip_upnp` 3327 - `--rpc_laddr` is now `--rpc.laddr` 3328 - `--grpc_laddr` is now `--rpc.grpc_laddr` 3329 - Any configuration option now within a substract must come under that heading in the `config.toml`, for instance: 3330 ``` 3331 [p2p] 3332 laddr="tcp://1.2.3.4:46656" 3333 3334 [consensus] 3335 timeout_propose=1000 3336 ``` 3337 - Use viper and `DefaultConfig() / TestConfig()` functions to handle defaults, and remove `config/tendermint` and `config/tendermint_test` 3338 - Change some function and method signatures to 3339 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) accomodate new config 3340 3341 - Logger 3342 - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`. 3343 See our new [logging library](https://github.com/tendermint/tmlibs/log) and [blog post](https://tendermint.com/blog/abstracting-the-logger-interface-in-go) for more details 3344 - Levels `warn` and `notice` are removed (you may need to change them in your `config.toml`!) 3345 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) to accept a logger 3346 3347 - JSON serialization: 3348 - Replace `[TypeByte, Xxx]` with `{"type": "some-type", "data": Xxx}` in RPC and all `.json` files by using `go-wire/data`. For instance, a public key is now: 3349 ``` 3350 "pub_key": { 3351 "type": "ed25519", 3352 "data": "83DDF8775937A4A12A2704269E2729FCFCD491B933C4B0A7FFE37FE41D7760D0" 3353 } 3354 ``` 3355 - Remove type information about RPC responses, so `[TypeByte, {"jsonrpc": "2.0", ... }]` is now just `{"jsonrpc": "2.0", ... }` 3356 - Change `[]byte` to `data.Bytes` in all serialized types (for hex encoding) 3357 - Lowercase the JSON tags in `ValidatorSet` fields 3358 - Introduce `EventDataInner` for serializing events 3359 3360 - Other: 3361 - Send InitChain message in handshake if `appBlockHeight == 0` 3362 - Do not include the `Accum` field when computing the validator hash. This makes the ValidatorSetHash unique for a given validator set, rather than changing with every block (as the Accum changes) 3363 - Unsafe RPC calls are not enabled by default. This includes `/dial_seeds`, and all calls prefixed with `unsafe`. Use the `--rpc.unsafe` flag to enable. 3364 3365 3366 FEATURES: 3367 3368 - Per-module log levels. For instance, the new default is `state:info,*:error`, which means the `state` package logs at `info` level, and everything else logs at `error` level 3369 - Log if a node is validator or not in every consensus round 3370 - Use ldflags to set git hash as part of the version 3371 - Ignore `address` and `pub_key` fields in `priv_validator.json` and overwrite them with the values derrived from the `priv_key` 3372 3373 IMPROVEMENTS: 3374 3375 - Merge `tendermint/go-p2p -> tendermint/tendermint/p2p` and `tendermint/go-rpc -> tendermint/tendermint/rpc/lib` 3376 - Update paths for grand repo merge: 3377 - `go-common -> tmlibs/common` 3378 - `go-data -> go-wire/data` 3379 - All other `go-` libs, except `go-crypto` and `go-wire`, are merged under `tmlibs` 3380 - No global loggers (loggers are passed into constructors, or preferably set with a SetLogger method) 3381 - Return HTTP status codes with errors for RPC responses 3382 - Limit `/blockchain_info` call to return a maximum of 20 blocks 3383 - Use `.Wrap()` and `.Unwrap()` instead of eg. `PubKeyS` for `go-crypto` types 3384 - RPC JSON responses use pretty printing (via `json.MarshalIndent`) 3385 - Color code different instances of the consensus for tests 3386 - Isolate viper to `cmd/tendermint/commands` and do not read config from file for tests 3387 3388 3389 ## 0.9.2 (April 26, 2017) 3390 3391 BUG FIXES: 3392 3393 - Fix bug in `ResetPrivValidator` where we were using the global config and log (causing external consumers, eg. basecoin, to fail). 3394 3395 ## 0.9.1 (April 21, 2017) 3396 3397 FEATURES: 3398 3399 - Transaction indexing - txs are indexed by their hash using a simple key-value store; easily extended to more advanced indexers 3400 - New `/tx?hash=X` endpoint to query for transactions and their DeliverTx result by hash. Optionally returns a proof of the tx's inclusion in the block 3401 - `tendermint testnet` command initializes files for a testnet 3402 3403 IMPROVEMENTS: 3404 3405 - CLI now uses Cobra framework 3406 - TMROOT is now TMHOME (TMROOT will stop working in 0.10.0) 3407 - `/broadcast_tx_XXX` also returns the Hash (can be used to query for the tx) 3408 - `/broadcast_tx_commit` also returns the height the block was committed in 3409 - ABCIResponses struct persisted to disk before calling Commit; makes handshake replay much cleaner 3410 - WAL uses #ENDHEIGHT instead of #HEIGHT (#HEIGHT will stop working in 0.10.0) 3411 - Peers included via `--seeds`, under `seeds` in the config, or in `/dial_seeds` are now persistent, and will be reconnected to if the connection breaks 3412 3413 BUG FIXES: 3414 3415 - Fix bug in fast-sync where we stop syncing after a peer is removed, even if they're re-added later 3416 - Fix handshake replay to handle validator set changes and results of DeliverTx when we crash after app.Commit but before state.Save() 3417 3418 ## 0.9.0 (March 6, 2017) 3419 3420 BREAKING CHANGES: 3421 3422 - Update ABCI to v0.4.0, where Query is now `Query(RequestQuery) ResponseQuery`, enabling precise proofs at particular heights: 3423 3424 ``` 3425 message RequestQuery{ 3426 bytes data = 1; 3427 string path = 2; 3428 uint64 height = 3; 3429 bool prove = 4; 3430 } 3431 3432 message ResponseQuery{ 3433 CodeType code = 1; 3434 int64 index = 2; 3435 bytes key = 3; 3436 bytes value = 4; 3437 bytes proof = 5; 3438 uint64 height = 6; 3439 string log = 7; 3440 } 3441 ``` 3442 3443 3444 - `BlockMeta` data type unifies its Hash and PartSetHash under a `BlockID`: 3445 3446 ``` 3447 type BlockMeta struct { 3448 BlockID BlockID `json:"block_id"` // the block hash and partsethash 3449 Header *Header `json:"header"` // The block's Header 3450 } 3451 ``` 3452 3453 - `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes. 3454 3455 - `tendermint gen_validator` command output is now pure JSON 3456 3457 FEATURES: 3458 3459 - New RPC endpoint `/commit?height=X` returns header and commit for block at height `X` 3460 - Client API for each endpoint, including mocks for testing 3461 3462 IMPROVEMENTS: 3463 3464 - `Node` is now a `BaseService` 3465 - Simplified starting Tendermint in-process from another application 3466 - Better organized Makefile 3467 - Scripts for auto-building binaries across platforms 3468 - Docker image improved, slimmed down (using Alpine), and changed from tendermint/tmbase to tendermint/tendermint 3469 - New repo files: `CONTRIBUTING.md`, Github `ISSUE_TEMPLATE`, `CHANGELOG.md` 3470 - Improvements on CircleCI for managing build/test artifacts 3471 - Handshake replay is doen through the consensus package, possibly using a mockApp 3472 - Graceful shutdown of RPC listeners 3473 - Tests for the PEX reactor and DialSeeds 3474 3475 BUG FIXES: 3476 3477 - Check peer.Send for failure before updating PeerState in consensus 3478 - Fix panic in `/dial_seeds` with invalid addresses 3479 - Fix proposer selection logic in ValidatorSet by taking the address into account in the `accumComparable` 3480 - Fix inconcistencies with `ValidatorSet.Proposer` across restarts by persisting it in the `State` 3481 3482 3483 ## 0.8.0 (January 13, 2017) 3484 3485 BREAKING CHANGES: 3486 3487 - New data type `BlockID` to represent blocks: 3488 3489 ``` 3490 type BlockID struct { 3491 Hash []byte `json:"hash"` 3492 PartsHeader PartSetHeader `json:"parts"` 3493 } 3494 ``` 3495 3496 - `Vote` data type now includes validator address and index: 3497 3498 ``` 3499 type Vote struct { 3500 ValidatorAddress []byte `json:"validator_address"` 3501 ValidatorIndex int `json:"validator_index"` 3502 Height int `json:"height"` 3503 Round int `json:"round"` 3504 Type byte `json:"type"` 3505 BlockID BlockID `json:"block_id"` // zero if vote is nil. 3506 Signature crypto.Signature `json:"signature"` 3507 } 3508 ``` 3509 3510 - Update TMSP to v0.3.0, where it is now called ABCI and AppendTx is DeliverTx 3511 - Hex strings in the RPC are now "0x" prefixed 3512 3513 3514 FEATURES: 3515 3516 - New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23, 3517 in order to track and handle conflicting votes intelligently to prevent Byzantine faults from causing halts: 3518 3519 ``` 3520 type VoteSetMaj23Message struct { 3521 Height int 3522 Round int 3523 Type byte 3524 BlockID types.BlockID 3525 } 3526 ``` 3527 3528 - Configurable block part set size 3529 - Validator set changes 3530 - Optionally skip TimeoutCommit if we have all the votes 3531 - Handshake between Tendermint and App on startup to sync latest state and ensure consistent recovery from crashes 3532 - GRPC server for BroadcastTx endpoint 3533 3534 IMPROVEMENTS: 3535 3536 - Less verbose logging 3537 - Better test coverage (37% -> 49%) 3538 - Canonical SignBytes for signable types 3539 - Write-Ahead Log for Mempool and Consensus via tmlibs/autofile 3540 - Better in-process testing for the consensus reactor and byzantine faults 3541 - Better crash/restart testing for individual nodes at preset failure points, and of networks at arbitrary points 3542 - Better abstraction over timeout mechanics 3543 3544 BUG FIXES: 3545 3546 - Fix memory leak in mempool peer 3547 - Fix panic on POLRound=-1 3548 - Actually set the CommitTime 3549 - Actually send BeginBlock message 3550 - Fix a liveness issues caused by Byzantine proposals/votes. Uses the new `Maj23Msg`. 3551 3552 3553 ## 0.7.4 (December 14, 2016) 3554 3555 FEATURES: 3556 3557 - Enable the Peer Exchange reactor with the `--pex` flag for more resilient gossip network (feature still in development, beware dragons) 3558 3559 IMPROVEMENTS: 3560 3561 - Remove restrictions on RPC endpoint `/dial_seeds` to enable manual network configuration 3562 3563 ## 0.7.3 (October 20, 2016) 3564 3565 IMPROVEMENTS: 3566 3567 - Type safe FireEvent 3568 - More WAL/replay tests 3569 - Cleanup some docs 3570 3571 BUG FIXES: 3572 3573 - Fix deadlock in mempool for synchronous apps 3574 - Replay handles non-empty blocks 3575 - Fix race condition in HeightVoteSet 3576 3577 ## 0.7.2 (September 11, 2016) 3578 3579 BUG FIXES: 3580 3581 - Set mustConnect=false so tendermint will retry connecting to the app 3582 3583 ## 0.7.1 (September 10, 2016) 3584 3585 FEATURES: 3586 3587 - New TMSP connection for Query/Info 3588 - New RPC endpoints: 3589 - `tmsp_query` 3590 - `tmsp_info` 3591 - Allow application to filter peers through Query (off by default) 3592 3593 IMPROVEMENTS: 3594 3595 - TMSP connection type enforced at compile time 3596 - All listen/client urls use a "tcp://" or "unix://" prefix 3597 3598 BUG FIXES: 3599 3600 - Save LastSignature/LastSignBytes to `priv_validator.json` for recovery 3601 - Fix event unsubscribe 3602 - Fix fastsync/blockchain reactor 3603 3604 ## 0.7.0 (August 7, 2016) 3605 3606 BREAKING CHANGES: 3607 3608 - Strict SemVer starting now! 3609 - Update to ABCI v0.2.0 3610 - Validation types now called Commit 3611 - NewBlock event only returns the block header 3612 3613 3614 FEATURES: 3615 3616 - TMSP and RPC support TCP and UNIX sockets 3617 - Addition config options including block size and consensus parameters 3618 - New WAL mode `cswal_light`; logs only the validator's own votes 3619 - New RPC endpoints: 3620 - for starting/stopping profilers, and for updating config 3621 - `/broadcast_tx_commit`, returns when tx is included in a block, else an error 3622 - `/unsafe_flush_mempool`, empties the mempool 3623 3624 3625 IMPROVEMENTS: 3626 3627 - Various optimizations 3628 - Remove bad or invalidated transactions from the mempool cache (allows later duplicates) 3629 - More elaborate testing using CircleCI including benchmarking throughput on 4 digitalocean droplets 3630 3631 BUG FIXES: 3632 3633 - Various fixes to WAL and replay logic 3634 - Various race conditions 3635 3636 ## PreHistory 3637 3638 Strict versioning only began with the release of v0.7.0, in late summer 2016. 3639 The project itself began in early summer 2014 and was workable decentralized cryptocurrency software by the end of that year. 3640 Through the course of 2015, in collaboration with Eris Industries (now Monax Industries), 3641 many additional features were integrated, including an implementation from scratch of the Ethereum Virtual Machine. 3642 That implementation now forms the heart of [Burrow](https://github.com/hyperledger/burrow). 3643 In the later half of 2015, the consensus algorithm was upgraded with a more asynchronous design and a more deterministic and robust implementation. 3644 3645 By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the 3646 invention of the Application Blockchain Interface (ABCI), then called the Tendermint Socket Protocol (TMSP). 3647 The Ethereum Virtual Machine and various other transaction features were removed, and Tendermint was whittled down to a core consensus engine 3648 driving an application running in another process. 3649 The ABCI interface and implementation were iterated on and improved over the course of 2016, 3650 until versioned history kicked in with v0.7.0.