github.com/pokt-network/tendermint@v0.32.11-0.20230426215212-59310158d3e9/CHANGELOG.md (about) 1 # Changelog 2 3 ## v0.33.8 4 5 April 2022 6 7 - [security/p2p: prevent peers who errored being added to the peer_set ](https://github.com/pokt-network/tendermint/pull/75) 8 - [update dependencies](https://github.com/pokt-network/tendermint/pull/74) 9 - [minor fixes](https://github.com/pokt-network/tendermint/pull/73) 10 11 ## v0.33.7 12 13 _August 4, 2020_ 14 15 ### BUG FIXES: 16 17 - [go] Build release binary using Go 1.14.4, to avoid halt caused by Go 1.14.1 (https://github.com/golang/go/issues/38223) 18 - [privval] [\#5140](https://github.com/tendermint/tendermint/pull/5140) `RemoteSignerError` from remote signers are no longer retried (@melekes) 19 20 ## v0.33.6 21 22 _July 2, 2020_ 23 24 This security release fixes: 25 26 ### Denial of service 27 28 Tendermint 0.33.0 and above allow block proposers to include signatures for the 29 wrong block. This may happen naturally if you start a network, have it run for 30 some time and restart it **without changing the chainID**. (It is a 31 [misconfiguration](https://docs.tendermint.com/master/tendermint-core/using-tendermint.html) 32 to reuse chainIDs.) Correct block proposers will accidentally include signatures 33 for the wrong block if they see these signatures, and then commits won't validate, 34 making all proposed blocks invalid. A malicious validator (even with a minimal 35 amount of stake) can use this vulnerability to completely halt the network. 36 37 Tendermint 0.33.6 checks all the signatures are for the block with +2/3 38 majority before creating a commit. 39 40 ### False Witness 41 42 Tendermint 0.33.1 and above are no longer fully verifying commit signatures 43 during block execution - they stop after +2/3. This means proposers can propose 44 blocks that contain valid +2/3 signatures and then the rest of the signatures 45 can be whatever they want. They can claim that all the other validators signed 46 just by including a CommitSig with arbitrary signature data. While this doesn't 47 seem to impact safety of Tendermint per se, it means that Commits may contain a 48 lot of invalid data. 49 50 _This was already true of blocks, since they could include invalid txs filled 51 with garbage, but in that case the application knew that they are invalid and 52 could punish the proposer. But since applications didn't--and don't-- 53 verify commit signatures directly (they trust Tendermint to do that), 54 they won't be able to detect it._ 55 56 This can impact incentivization logic in the application that depends on the 57 LastCommitInfo sent in BeginBlock, which includes which validators signed. For 58 instance, Gaia incentivizes proposers with a bonus for including more than +2/3 59 of the signatures. But a proposer can now claim that bonus just by including 60 arbitrary data for the final -1/3 of validators without actually waiting for 61 their signatures. There may be other tricks that can be played because of this. 62 63 Tendermint 0.33.6 verifies all the signatures during block execution. 64 65 _Please note that the light client does not check nil votes and exits as soon 66 as 2/3+ of the signatures are checked._ 67 68 **All clients are recommended to upgrade.** 69 70 Special thanks to @njmurarka at Bluzelle Networks for reporting this. 71 72 Friendly reminder, we have a [bug bounty 73 program](https://hackerone.com/tendermint). 74 75 ### SECURITY: 76 77 - [consensus] Do not allow signatures for a wrong block in commits (@ebuchman) 78 - [consensus] Verify all the signatures during block execution (@melekes) 79 80 ## v.0.33.5 81 82 Special thanks to our external contributor on this release: @tau3 83 84 Friendly reminder: We have a [bug bounty program](https://hackerone.com/tendermint). 85 86 ### BREAKING CHANGES: 87 88 - Go API 89 90 - [privval] [\#4744](https://github.com/tendermint/tendermint/pull/4744) Remove deprecated `OldFilePV` (@melekes) 91 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Modify `Mempool#InitWAL` to return an error (@melekes) 92 - [node] [\#4832](https://github.com/tendermint/tendermint/pull/4832) `ConfigureRPC` returns an error (@melekes) 93 - [rpc] [\#4836](https://github.com/tendermint/tendermint/pull/4836) Overhaul `lib` folder (@melekes) 94 Move lib/ folder to jsonrpc/. 95 Rename: 96 rpc package -> jsonrpc package 97 rpcclient package -> client package 98 rpcserver package -> server package 99 JSONRPCClient to Client 100 JSONRPCRequestBatch to RequestBatch 101 JSONRPCCaller to Caller 102 StartHTTPServer to Serve 103 StartHTTPAndTLSServer to ServeTLS 104 NewURIClient to NewURI 105 NewJSONRPCClient to New 106 NewJSONRPCClientWithHTTPClient to NewWithHTTPClient 107 NewWSClient to NewWS 108 Unexpose ResponseWriterWrapper 109 Remove unused http_params.go 110 111 ### FEATURES: 112 113 - [pex] [\#4439](https://github.com/tendermint/tendermint/pull/4439) Use highwayhash for pex buckets (@tau3) 114 115 ### IMPROVEMENTS: 116 117 - [abci/server] [\#4719](https://github.com/tendermint/tendermint/pull/4719) Print panic & stack trace to STDERR if logger is not set (@melekes) 118 - [types] [\#4638](https://github.com/tendermint/tendermint/pull/4638) Implement `Header#ValidateBasic` (@alexanderbez) 119 - [buildsystem] [\#4378](https://github.com/tendermint/tendermint/pull/4738) Replace build_c and install_c with TENDERMINT_BUILD_OPTIONS parsing. The following options are available: 120 - nostrip: don't strip debugging symbols nor DWARF tables. 121 - cleveldb: use cleveldb as db backend instead of goleveldb. 122 - race: pass -race to go build and enable data race detection. 123 - [mempool] [\#4759](https://github.com/tendermint/tendermint/pull/4759) Allow ReapX and CheckTx functions to run in parallel (@melekes) 124 - [rpc/core] [\#4844](https://github.com/tendermint/tendermint/pull/4844) Do not lock consensus state in `/validators`, `/consensus_params` and `/status` (@melekes) 125 126 ### BUG FIXES: 127 128 - [blockchain/v2] [\#4761](https://github.com/tendermint/tendermint/pull/4761) Fix excessive CPU usage caused by spinning on closed channels (@erikgrinaker) 129 - [blockchain/v2] Respect `fast_sync` option (@erikgrinaker) 130 - [light] [\#4741](https://github.com/tendermint/tendermint/pull/4741) Correctly return `ErrSignedHeaderNotFound` and `ErrValidatorSetNotFound` on corresponding RPC errors (@erikgrinaker) 131 - [rpc] [\#4805](https://github.com/tendermint/tendermint/issues/4805) Attempt to handle panics during panic recovery (@erikgrinaker) 132 - [types] [\#4764](https://github.com/tendermint/tendermint/pull/4764) Return an error if voting power overflows in `VerifyCommitTrusting` (@melekes) 133 - [privval] [\#4812](https://github.com/tendermint/tendermint/pull/4812) Retry `GetPubKey/SignVote/SignProposal` a few times before returning an error (@melekes) 134 - [p2p] [\#4847](https://github.com/tendermint/tendermint/pull/4847) Return masked IP (not the actual IP) in addrbook#groupKey (@melekes) 135 136 ## v0.33.4 137 138 - Nodes are no longer guaranteed to contain all blocks up to the latest height. The ABCI app can now control which blocks to retain through the ABCI field `ResponseCommit.retain_height`, all blocks and associated data below this height will be removed. 139 140 _April 21, 2020_ 141 142 Special thanks to external contributors on this release: @whylee259, @greg-szabo 143 144 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 145 146 ### BREAKING CHANGES: 147 148 - Go API 149 150 - [lite2] [\#4616](https://github.com/tendermint/tendermint/pull/4616) Make `maxClockDrift` an option `Verify/VerifyAdjacent/VerifyNonAdjacent` now accept `maxClockDrift time.Duration` (@melekes). 151 - [rpc/client] [\#4628](https://github.com/tendermint/tendermint/pull/4628) Split out HTTP and local clients into `http` and `local` packages (@erikgrinaker). 152 153 ### FEATURES: 154 155 - [abci] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `ResponseCommit.retain_height` field, which will automatically remove blocks below this height. This bumps the ABCI version to 0.16.2 (@erikgrinaker). 156 - [cmd] [\#4665](https://github.com/tendermint/tendermint/pull/4665) New `tendermint completion` command to generate Bash/Zsh completion scripts (@alessio). 157 - [rpc] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `/status` response fields for the earliest block available on the node (@erikgrinaker). 158 - [rpc] [\#4611](https://github.com/tendermint/tendermint/pull/4611) Add `codespace` to `ResultBroadcastTx` (@whylee259). 159 160 ### IMPROVEMENTS: 161 162 - [all] [\#4608](https://github.com/tendermint/tendermint/pull/4608) Give reactors descriptive names when they're initialized (@tessr). 163 - [blockchain] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `Base` to blockchain reactor P2P messages `StatusRequest` and `StatusResponse` (@erikgrinaker). 164 - [Docker] [\#4569](https://github.com/tendermint/tendermint/issues/4569) Default configuration added to docker image (you can still mount your own config the same way) (@greg-szabo). 165 - [example/kvstore] [\#4588](https://github.com/tendermint/tendermint/issues/4588) Add `RetainBlocks` option to control block retention (@erikgrinaker). 166 - [evidence] [\#4632](https://github.com/tendermint/tendermint/pull/4632) Inbound evidence checked if already existing (@cmwaters). 167 - [lite2] [\#4575](https://github.com/tendermint/tendermint/pull/4575) Use bisection for within-range verification (@cmwaters). 168 - [lite2] [\#4562](https://github.com/tendermint/tendermint/pull/4562) Cache headers when using bisection (@cmwaters). 169 - [p2p] [\#4548](https://github.com/tendermint/tendermint/pull/4548) Add ban list to address book (@cmwaters). 170 - [privval] [\#4534](https://github.com/tendermint/tendermint/issues/4534) Add `error` as a return value on`GetPubKey()` (@marbar3778). 171 - [p2p] [\#4621](https://github.com/tendermint/tendermint/issues/4621) Ban peers when messages are unsolicited or too frequent (@cmwaters). 172 - [rpc] [\#4703](https://github.com/tendermint/tendermint/pull/4703) Add `count` and `total` to `/validators` response (@melekes). 173 - [tools] [\#4615](https://github.com/tendermint/tendermint/issues/4615) Allow developers to use Docker to generate proto stubs, via `make proto-gen-docker` (@erikgrinaker). 174 175 ### BUG FIXES: 176 177 - [rpc] [\#4568](https://github.com/tendermint/tendermint/issues/4568) Fix panic when `Subscribe` is called, but HTTP client is not running. `Subscribe`, `Unsubscribe(All)` methods return an error now (@melekes). 178 179 ## v0.33.3 180 181 _April 6, 2020_ 182 183 This security release fixes: 184 185 ### Denial of service 1 186 187 Tendermint 0.33.2 and earlier does not limit P2P connection requests number. 188 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 189 memory is garbage collected once the connection is terminated (due to duplicate 190 IP or reaching a maximum number of inbound peers), temporary memory spikes can 191 lead to OOM (Out-Of-Memory) exceptions. 192 193 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 194 connection requests to to `p2p.max_num_inbound_peers + 195 len(p2p.unconditional_peer_ids)`. 196 197 Notes: 198 199 - Tendermint does not rate limit P2P connection requests per IP (an attacker 200 can saturate all the inbound slots); 201 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 202 endpoints to the public, please make sure to put in place some protection 203 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 204 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 205 206 ### Denial of service 2 207 208 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 209 removed in `Mempool` reactor. This does not happen all the time. It only 210 happens when a connection fails (for any reason) before the Peer is created and 211 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 212 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 213 maximum size of 65535 and the node will panic if this map reaches the maximum. 214 An attacker can create a lot of connection attempts (exploiting Denial of 215 service 1), which ultimately will lead to the node panicking. 216 217 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 218 which is executed before `MConnection` is started. 219 220 Notes: 221 222 - `InitPeer` function was added to all reactors to combat a similar issue - 223 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 224 - Denial of service 2 is independent of Denial of service 1 and can be executed 225 without it. 226 227 **All clients are recommended to upgrade** 228 229 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 230 and reporting this. 231 232 Friendly reminder, we have a [bug bounty 233 program](https://hackerone.com/tendermint). 234 235 ### SECURITY: 236 237 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 238 - [p2p] Limit the number of incoming connections (@melekes) 239 240 ## v0.33.2 241 242 _March 11, 2020_ 243 244 Special thanks to external contributors on this release: 245 @antho1404, @michaelfig, @gterzian, @tau3, @Shivani912 246 247 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 248 249 ### BREAKING CHANGES: 250 251 - CLI/RPC/Config 252 253 - [cli] [\#4505](https://github.com/tendermint/tendermint/pull/4505) `tendermint lite` sub-command new syntax (@melekes): 254 `lite cosmoshub-3 -p 52.57.29.196:26657 -w public-seed-node.cosmoshub.certus.one:26657 255 --height 962118 --hash 28B97BE9F6DE51AC69F70E0B7BFD7E5C9CD1A595B7DC31AFF27C50D4948` 256 257 - Go API 258 - [lite2] [\#4535](https://github.com/tendermint/tendermint/pull/4535) Remove `Start/Stop` (@melekes) 259 - [lite2] [\#4469](https://github.com/tendermint/tendermint/issues/4469) Remove `RemoveNoLongerTrustedHeaders` and `RemoveNoLongerTrustedHeadersPeriod` option (@cmwaters) 260 - [lite2] [\#4473](https://github.com/tendermint/tendermint/issues/4473) Return height as a 2nd param in `TrustedValidatorSet` (@melekes) 261 - [lite2] [\#4536](https://github.com/tendermint/tendermint/pull/4536) `Update` returns a signed header (1st param) (@melekes) 262 263 ### IMPROVEMENTS: 264 265 - [blockchain/v2] [\#4361](https://github.com/tendermint/tendermint/pull/4361) Add reactor (@brapse) 266 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) Change `tendermint debug dump` sub-command archives filename's format (@melekes) 267 - [consensus] [\#3583](https://github.com/tendermint/tendermint/issues/3583) Reduce `non-deterministic signature` log noise (@tau3) 268 - [examples/kvstore] [\#4507](https://github.com/tendermint/tendermint/issues/4507) ABCI query now returns the proper height (@erikgrinaker) 269 - [lite2] [\#4462](https://github.com/tendermint/tendermint/issues/4462) Add `NewHTTPClient` and `NewHTTPClientFromTrustedStore` (@cmwaters) 270 - [lite2] [\#4329](https://github.com/tendermint/tendermint/issues/4329) modified bisection to loop (@cmwaters) 271 - [lite2] [\#4385](https://github.com/tendermint/tendermint/issues/4385) Disconnect from bad nodes (@melekes) 272 - [lite2] [\#4398](https://github.com/tendermint/tendermint/issues/4398) Add `VerifyAdjacent` and `VerifyNonAdjacent` funcs (@cmwaters) 273 - [lite2] [\#4426](https://github.com/tendermint/tendermint/issues/4426) Don't save intermediate headers (@cmwaters) 274 - [lite2] [\#4464](https://github.com/tendermint/tendermint/issues/4464) Cross-check first header (@cmwaters) 275 - [lite2] [\#4470](https://github.com/tendermint/tendermint/issues/4470) Fix inconsistent header-validatorset pairing (@melekes) 276 - [lite2] [\#4488](https://github.com/tendermint/tendermint/issues/4488) Allow local clock drift -10 sec. (@melekes) 277 - [p2p] [\#4449](https://github.com/tendermint/tendermint/pull/4449) Use `curve25519.X25519()` instead of `ScalarMult` (@erikgrinaker) 278 - [types] [\#4417](https://github.com/tendermint/tendermint/issues/4417) **VerifyCommitX() functions should return as soon as +2/3 threshold is reached** (@alessio). 279 - [libs/kv] [\#4542](https://github.com/tendermint/tendermint/pull/4542) remove unused type KI64Pair (@tessr) 280 281 ### BUG FIXES: 282 283 - [cmd] [\#4303](https://github.com/tendermint/tendermint/issues/4303) Show useful error when Tendermint is not initialized (@melekes) 284 - [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) **Fix `tendermint debug kill` sub-command** (@melekes) 285 - [rpc] [\#3935](https://github.com/tendermint/tendermint/issues/3935) **Create buffered subscriptions on `/subscribe`** (@melekes) 286 - [rpc] [\#4375](https://github.com/tendermint/tendermint/issues/4375) Stop searching for txs in `/tx_search` upon client timeout (@gterzian) 287 - [rpc] [\#4406](https://github.com/tendermint/tendermint/pull/4406) Fix issue with multiple subscriptions on the websocket (@antho1404) 288 - [rpc] [\#4432](https://github.com/tendermint/tendermint/issues/4432) Fix `/tx_search` pagination with ordered results (@erikgrinaker) 289 - [rpc] [\#4492](https://github.com/tendermint/tendermint/issues/4492) Keep the original subscription "id" field when new RPCs come in (@michaelfig) 290 291 ## v0.33.1 292 293 _Feburary 13, 2020_ 294 295 Special thanks to external contributors on this release: 296 @princesinha19 297 298 Friendly reminder, we have a [bug bounty 299 program](https://hackerone.com/tendermint). 300 301 ### FEATURES: 302 303 - [rpc] [\#3333](https://github.com/tendermint/tendermint/issues/3333) Add `order_by` to `/tx_search` endpoint, allowing to change default ordering from asc to desc (@princesinha19) 304 305 ### IMPROVEMENTS: 306 307 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add [buf](https://buf.build/) for usage with linting and checking if there are breaking changes with the master branch. 308 - [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add `make proto-gen` cmd to generate proto stubs outside of GOPATH. 309 310 ### BUG FIXES: 311 312 - [node] [\#4311](https://github.com/tendermint/tendermint/issues/4311) Use `GRPCMaxOpenConnections` when creating the gRPC server, not `MaxOpenConnections` 313 - [rpc] [\#4319](https://github.com/tendermint/tendermint/issues/4319) Check `BlockMeta` is not nil in `/block` & `/block_by_hash` 314 315 ## v0.33 316 317 Special thanks to external contributors on this release: @mrekucci, @PSalant726, @princesinha19, @greg-szabo, @dongsam, @cuonglm, @jgimeno, @yenkhoon 318 319 Friendly reminder, we have a [bug bounty 320 program.](https://hackerone.com/tendermint). 321 322 _January 14, 2020_ 323 324 This release contains breaking changes to the `Block#Header`, specifically 325 `NumTxs` and `TotalTxs` were removed (\#2521). Here's how this change affects 326 different modules: 327 328 - apps: it breaks the ABCI header field numbering 329 - state: it breaks the format of `State` on disk 330 - RPC: all RPC requests which expose the header broke 331 - Go API: the `Header` broke 332 - P2P: since blocks go over the wire, technically the P2P protocol broke 333 334 Also, blocks are significantly smaller 🔥 because we got rid of the redundant 335 information in `Block#LastCommit`. `Commit` now mainly consists of a signature 336 and a validator address plus a timestamp. Note we may remove the validator 337 address & timestamp fields in the future (see ADR-25). 338 339 `lite2` package has been added to solve `lite` issues and introduce weak 340 subjectivity interface. Refer to the [spec](https://github.com/tendermint/spec/blob/master/spec/consensus/light-client.md) for complete details. 341 `lite` package is now deprecated and will be removed in v0.34 release. 342 343 ### BREAKING CHANGES: 344 345 - CLI/RPC/Config 346 347 - [rpc] [\#3471](https://github.com/tendermint/tendermint/issues/3471) Paginate `/validators` response (default: 30 vals per page) 348 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Remove `BlockMeta` in `ResultBlock` in favor of `BlockId` for `/block` 349 - [rpc] `/block_results` response format updated (see RPC docs for details) 350 ``` 351 { 352 "jsonrpc": "2.0", 353 "id": "", 354 "result": { 355 "height": "2109", 356 "txs_results": null, 357 "begin_block_events": null, 358 "end_block_events": null, 359 "validator_updates": null, 360 "consensus_param_updates": null 361 } 362 } 363 ``` 364 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Remove `#event` suffix from the ID in event responses. 365 `{"jsonrpc": "2.0", "id": 0, "result": ...}` 366 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) Switch to integer IDs instead of `json-client-XYZ` 367 368 ``` 369 id=0 method=/subscribe 370 id=0 result=... 371 id=1 method=/abci_query 372 id=1 result=... 373 ``` 374 375 - ID is unique for each request; 376 - Request.ID is now optional. Notification is a Request without an ID. Previously ID="" or ID=0 were considered as notifications. 377 378 - [config] [\#4046](https://github.com/tendermint/tendermint/issues/4046) Rename tag(s) to CompositeKey & places where tag is still present it was renamed to event or events. Find how a compositeKey is constructed [here](https://github.com/tendermint/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md) 379 - You will have to generate a new config for your Tendermint node(s) 380 - [genesis] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Add `consensus_params.evidence.max_age_duration`. Rename 381 `consensus_params.evidence.max_age` to `max_age_num_blocks`. 382 - [cli] [\#1771](https://github.com/tendermint/tendermint/issues/1771) `tendermint lite` now uses new light client package (`lite2`) 383 and has 3 more flags: `--trusting-period`, `--trusted-height` and 384 `--trusted-hash` 385 386 - Apps 387 388 - [tm-bench] Removed tm-bench in favor of [tm-load-test](https://github.com/informalsystems/tm-load-test) 389 390 - Go API 391 392 - [rpc] [\#3953](https://github.com/tendermint/tendermint/issues/3953) Modify NewHTTP, NewXXXClient functions to return an error on invalid remote instead of panicking (@mrekucci) 393 - [rpc/client] [\#3471](https://github.com/tendermint/tendermint/issues/3471) `Validators` now requires two more args: `page` and `perPage` 394 - [libs/common] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Make error the last parameter of `Task` (@PSalant726) 395 - [cs/types] [\#3262](https://github.com/tendermint/tendermint/issues/3262) Rename `GotVoteFromUnwantedRoundError` to `ErrGotVoteFromUnwantedRound` (@PSalant726) 396 - [libs/common] [\#3862](https://github.com/tendermint/tendermint/issues/3862) Remove `errors.go` from `libs/common` 397 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Move `KV` out of common to its own pkg 398 - [libs/common] [\#4230](https://github.com/tendermint/tendermint/issues/4230) Rename `cmn.KVPair(s)` to `kv.Pair(s)`s 399 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `Service` & `BaseService` from `libs/common` to `libs/service` 400 - [libs/common] [\#4232](https://github.com/tendermint/tendermint/issues/4232) Move `common/nil.go` to `types/utils.go` & make the functions private 401 - [libs/common] [\#4231](https://github.com/tendermint/tendermint/issues/4231) Move random functions from `libs/common` into pkg `rand` 402 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move byte functions from `libs/common` into pkg `bytes` 403 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move throttletimer functions from `libs/common` into pkg `timer` 404 - [libs/common] [\#4237](https://github.com/tendermint/tendermint/issues/4237) Move tempfile functions from `libs/common` into pkg `tempfile` 405 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move os functions from `libs/common` into pkg `os` 406 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move net functions from `libs/common` into pkg `net` 407 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move mathematical functions and types out of `libs/common` to `math` pkg 408 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move string functions out of `libs/common` to `strings` pkg 409 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move async functions out of `libs/common` to `async` pkg 410 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move bit functions out of `libs/common` to `bits` pkg 411 - [libs/common] [\#4240](https://github.com/tendermint/tendermint/issues/4240) Move cmap functions out of `libs/common` to `cmap` pkg 412 - [libs/common] [\#4258](https://github.com/tendermint/tendermint/issues/4258) Remove `Rand` from all `rand` pkg functions 413 - [types] [\#2565](https://github.com/tendermint/tendermint/issues/2565) Remove `MockBadEvidence` & `MockGoodEvidence` in favor of `MockEvidence` 414 415 - Blockchain Protocol 416 417 - [abci] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Remove `TotalTxs` and `NumTxs` from `Header` 418 - [types] [\#4151](https://github.com/tendermint/tendermint/pull/4151) Enforce ordering of votes in DuplicateVoteEvidence to be lexicographically sorted on BlockID 419 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) Change `Commit` to consist of just signatures 420 421 - P2P Protocol 422 423 - [p2p] [\#3668](https://github.com/tendermint/tendermint/pull/3668) Make `SecretConnection` non-malleable 424 425 - [proto] [\#3986](https://github.com/tendermint/tendermint/pull/3986) Prefix protobuf types to avoid name conflicts. 426 - ABCI becomes `tendermint.abci.types` with the new API endpoint `/tendermint.abci.types.ABCIApplication/` 427 - core_grpc becomes `tendermint.rpc.grpc` with the new API endpoint `/tendermint.rpc.grpc.BroadcastAPI/` 428 - merkle becomes `tendermint.crypto.merkle` 429 - libs.common becomes `tendermint.libs.common` 430 - proto3 becomes `tendermint.types.proto3` 431 432 ### FEATURES: 433 434 - [p2p] [\#4053](https://github.com/tendermint/tendermint/issues/4053) Add `unconditional_peer_ids` and `persistent_peers_max_dial_period` config variables (see ADR-050) (@dongsam) 435 - [tools] [\#4227](https://github.com/tendermint/tendermint/pull/4227) Implement `tendermint debug kill` and 436 `tendermint debug dump` commands for Tendermint node debugging functionality. See `--help` in both 437 commands for further documentation and usage. 438 - [cli] [\#4234](https://github.com/tendermint/tendermint/issues/4234) Add `--db_backend and --db_dir` flags (@princesinha19) 439 - [cli] [\#4113](https://github.com/tendermint/tendermint/issues/4113) Add optional `--genesis_hash` flag to check genesis hash upon startup 440 - [config] [\#3831](https://github.com/tendermint/tendermint/issues/3831) Add support for [RocksDB](https://rocksdb.org/) (@Stumble) 441 - [rpc] [\#3985](https://github.com/tendermint/tendermint/issues/3985) Add new `/block_by_hash` endpoint, which allows to fetch a block by its hash (@princesinha19) 442 - [metrics] [\#4263](https://github.com/tendermint/tendermint/issues/4263) Add 443 - `consensus_validator_power`: track your validators power 444 - `consensus_validator_last_signed_height`: track at which height the validator last signed 445 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 446 as gauges in prometheus for validator specific metrics 447 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 448 - [lite2] [\#1771](https://github.com/tendermint/tendermint/issues/1771) Light client with weak subjectivity 449 450 ### IMPROVEMENTS: 451 452 - [rpc] [\#3188](https://github.com/tendermint/tendermint/issues/3188) Added `block_size` to `BlockMeta` this is reflected in `/blockchain` 453 - [types] [\#2521](https://github.com/tendermint/tendermint/issues/2521) Add `NumTxs` to `BlockMeta` and `EventDataNewBlockHeader` 454 - [p2p] [\#4185](https://github.com/tendermint/tendermint/pull/4185) Simplify `SecretConnection` handshake with merlin 455 - [cli] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Add `--consensus.create_empty_blocks_interval` flag (@jgimeno) 456 - [docs] [\#4065](https://github.com/tendermint/tendermint/issues/4065) Document `--consensus.create_empty_blocks_interval` flag (@jgimeno) 457 - [crypto] [\#4190](https://github.com/tendermint/tendermint/pull/4190) Added SR25519 signature scheme 458 - [abci] [\#4177] kvstore: Return `LastBlockHeight` and `LastBlockAppHash` in `Info` (@princesinha19) 459 - [rpc] [\#2741](https://github.com/tendermint/tendermint/issues/2741) Add `proposer` to `/consensus_state` response (@princesinha19) 460 - [deps] [\#4289](https://github.com/tendermint/tendermint/pull/4289) Update tm-db to 0.4.0, this includes major breaking changes in the dep that change how errors are handled. 461 462 ### BUG FIXES: 463 464 - [rpc/lib][\#4051](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 465 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) JSONRPCClient: validate that Response.ID matches Request.ID 466 - [rpc] [\#4141](https://github.com/tendermint/tendermint/pull/4141) WSClient: check for unsolicited responses 467 - [types] [\4164](https://github.com/tendermint/tendermint/pull/4164) Prevent temporary power overflows on validator updates 468 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 469 - [types] [\#4164](https://github.com/tendermint/tendermint/issues/4164) Prevent temporary power overflows on validator updates (joint 470 efforts of @gchaincl and @ancazamfir) 471 - [p2p] [\#4140](https://github.com/tendermint/tendermint/issues/4140) `SecretConnection`: use the transcript solely for authentication (i.e. MAC) 472 - [consensus/types] [\#4243](https://github.com/tendermint/tendermint/issues/4243) fix BenchmarkRoundStateDeepCopy panics (@cuonglm) 473 - [rpc] [\#4256](https://github.com/tendermint/tendermint/issues/4256) Pass `outCapacity` to `eventBus#Subscribe` when subscribing using a local client 474 475 ## v0.32.11 476 477 ### BUG FIXES: 478 479 - [privval] [\#4275](https://github.com/tendermint/tendermint/issues/4275) Fix consensus failure when remote signer drops (@melekes) 480 481 ## v0.32.10 482 483 _April 6, 2020_ 484 485 This security release fixes: 486 487 ### Denial of Service 1 488 489 Tendermint 0.33.2 and earlier does not limit the number of P2P connection 490 requests. For each p2p connection, Tendermint allocates ~0.5MB. Even though 491 this memory is garbage collected once the connection is terminated (due to 492 duplicate IP or reaching a maximum number of inbound peers), temporary memory 493 spikes can lead to OOM (Out-Of-Memory) exceptions. 494 495 Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming 496 connection requests to to `p2p.max_num_inbound_peers + 497 len(p2p.unconditional_peer_ids)`. 498 499 Notes: 500 501 - Tendermint does not rate limit P2P connection requests per IP (an attacker 502 can saturate all the inbound slots); 503 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 504 endpoints to the public, please make sure to put in place some protection 505 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 506 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 507 508 ### Denial of Service 2 509 510 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 511 removed in `Mempool` reactor. This does not happen all the time. It only 512 happens when a connection fails (for any reason) before the Peer is created and 513 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 514 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 515 maximum size of 65535 and the node will panic if this map reaches the maximum. 516 An attacker can create a lot of connection attempts (exploiting Denial of 517 Service 1), which ultimately will lead to the node panicking. 518 519 Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`, 520 which is executed before `MConnection` is started. 521 522 Notes: 523 524 - `InitPeer` function was added to all reactors to combat a similar issue - 525 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 526 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 527 without it. 528 529 **All clients are recommended to upgrade** 530 531 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 532 and reporting this. 533 534 Friendly reminder, we have a [bug bounty 535 program](https://hackerone.com/tendermint). 536 537 ### SECURITY: 538 539 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 540 - [p2p] Limit the number of incoming connections (@melekes) 541 542 ## v0.32.9 543 544 _January, 9, 2020_ 545 546 Special thanks to external contributors on this release: @greg-szabo, @gregzaitsev, @yenkhoon 547 548 Friendly reminder, we have a [bug bounty 549 program](https://hackerone.com/tendermint). 550 551 ### FEATURES: 552 553 - [rpc/lib] [\#4248](https://github.com/tendermint/tendermint/issues/4248) RPC client basic authentication support (@greg-szabo) 554 555 - [metrics] [\#4294](https://github.com/tendermint/tendermint/pull/4294) Add 556 - `consensus_validator_power`: track your validators power 557 - `consensus_validator_last_signed_height`: track at which height the validator last signed 558 - `consensus_validator_missed_blocks`: total amount of missed blocks for a validator 559 as gauges in prometheus for validator specific metrics 560 561 ### BUG FIXES: 562 563 - [rpc/lib] [\#4131](https://github.com/tendermint/tendermint/pull/4131) Fix RPC client, which was previously resolving https protocol to http (@yenkhoon) 564 - [cs] [\#4069](https://github.com/tendermint/tendermint/issues/4069) Don't panic when block meta is not found in store (@gregzaitsev) 565 566 ## v0.32.8 567 568 _November 19, 2019_ 569 570 Special thanks to external contributors on this release: @erikgrinaker, @guagualvcha, @hsyis, @cosmostuba, @whunmr, @austinabell 571 572 Friendly reminder, we have a [bug bounty 573 program.](https://hackerone.com/tendermint). 574 575 ### BREAKING CHANGES: 576 577 - Go API 578 579 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) `Query#(Matches|Conditions)` returns an error. 580 581 ### IMPROVEMENTS: 582 583 - [mempool] [\#4083](https://github.com/tendermint/tendermint/pull/4083) Added TxInfo parameter to CheckTx(), and removed CheckTxWithInfo() (@erikgrinaker) 584 - [mempool] [\#4057](https://github.com/tendermint/tendermint/issues/4057) Include peer ID when logging rejected txns (@erikgrinaker) 585 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker) 586 - [p2p] [\#3991](https://github.com/tendermint/tendermint/issues/3991) Log "has been established or dialed" as debug log instead of Error for connected peers (@whunmr) 587 - [rpc] [\#4077](https://github.com/tendermint/tendermint/pull/4077) Added support for `EXISTS` clause to the Websocket query interface. 588 - [privval] Add `SignerDialerEndpointRetryWaitInterval` option (@cosmostuba) 589 - [crypto] Add `RegisterKeyType` to amino to allow external key types registration (@austinabell) 590 591 ### BUG FIXES: 592 593 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) Strip out non-numeric characters when attempting to match numeric values. 594 - [libs/pubsub] [\#4070](https://github.com/tendermint/tendermint/pull/4070) No longer panic in Query#(Matches|Conditions) preferring to return an error instead. 595 - [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker) 596 - [state] [\#4104](https://github.com/tendermint/tendermint/pull/4104) txindex/kv: Fsync data to disk immediately after receiving it (@guagualvcha) 597 - [state] [\#4095](https://github.com/tendermint/tendermint/pull/4095) txindex/kv: Return an error if there's one when the user searches for a tx (hash=X) (@hsyis) 598 599 ## v0.32.7 600 601 _October 18, 2019_ 602 603 This security release fixes a vulnerability found in the `consensus` package, 604 where an attacker could construct a `BlockPartMessage` message in such a way 605 that it will lead to consensus failure. A few similar issues have been 606 identified and fixed here. 607 608 **All clients are recommended to upgrade** 609 610 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 611 and reporting this. 612 613 Friendly reminder, we have a [bug bounty 614 program](https://hackerone.com/tendermint). 615 616 ### BREAKING CHANGES: 617 618 - Go API 619 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 620 they fail to write a message 621 622 ### SECURITY: 623 624 - [consensus] Validate incoming messages more throughly 625 626 ## v0.32.6 627 628 _October 8, 2019_ 629 630 The previous patch was insufficient because the attacker could still find a way 631 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 632 with `nil` subpubkeys for example. 633 634 This release provides multiple fixes, which include recovering from panics when 635 accepting new peers and only allowing `ed25519` pubkeys. 636 637 **All clients are recommended to upgrade** 638 639 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 640 this out. 641 642 Friendly reminder, we have a [bug bounty 643 program](https://hackerone.com/tendermint). 644 645 ### SECURITY: 646 647 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 648 649 ## v0.32.5 650 651 _October 1, 2019_ 652 653 This release fixes a major security vulnerability found in the `p2p` package. 654 All clients are recommended to upgrade. See 655 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 656 657 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 658 and reporting this issue. 659 660 Friendly reminder, we have a [bug bounty 661 program](https://hackerone.com/tendermint). 662 663 ### SECURITY: 664 665 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 666 667 ## v0.32.4 668 669 _September 19, 2019_ 670 671 Special thanks to external contributors on this release: @jon-certik, @gracenoah, @PSalant726, @gchaincl 672 673 Friendly reminder, we have a [bug bounty 674 program](https://hackerone.com/tendermint). 675 676 ### BREAKING CHANGES: 677 678 - CLI/RPC/Config 679 - [rpc] [\#3984](https://github.com/tendermint/tendermint/issues/3984) Add `MempoolClient` interface to `Client` interface 680 681 ### IMPROVEMENTS: 682 683 - [rpc] [\#2010](https://github.com/tendermint/tendermint/issues/2010) Add NewHTTPWithClient and NewJSONRPCClientWithHTTPClient (note these and NewHTTP, NewJSONRPCClient functions panic if remote is invalid) (@gracenoah) 684 - [rpc] [\#3882](https://github.com/tendermint/tendermint/issues/3882) Add custom marshalers to proto messages to disable `omitempty` 685 - [deps] [\#3952](https://github.com/tendermint/tendermint/pull/3952) bump github.com/go-kit/kit from 0.6.0 to 0.9.0 686 - [deps] [\#3951](https://github.com/tendermint/tendermint/pull/3951) bump github.com/stretchr/testify from 1.3.0 to 1.4.0 687 - [deps] [\#3945](https://github.com/tendermint/tendermint/pull/3945) bump github.com/gorilla/websocket from 1.2.0 to 1.4.1 688 - [deps] [\#3948](https://github.com/tendermint/tendermint/pull/3948) bump github.com/libp2p/go-buffer-pool from 0.0.1 to 0.0.2 689 - [deps] [\#3943](https://github.com/tendermint/tendermint/pull/3943) bump github.com/fortytw2/leaktest from 1.2.0 to 1.3.0 690 - [deps] [\#3939](https://github.com/tendermint/tendermint/pull/3939) bump github.com/rs/cors from 1.6.0 to 1.7.0 691 - [deps] [\#3937](https://github.com/tendermint/tendermint/pull/3937) bump github.com/magiconair/properties from 1.8.0 to 1.8.1 692 - [deps] [\#3947](https://github.com/tendermint/tendermint/pull/3947) update gogo/protobuf version from v1.2.1 to v1.3.0 693 - [deps] [\#4001](https://github.com/tendermint/tendermint/pull/4001) bump github.com/tendermint/tm-db from 0.1.1 to 0.2.0 694 695 ### BUG FIXES: 696 697 - [consensus] [\#3908](https://github.com/tendermint/tendermint/issues/3908) Wait `timeout_commit` to pass even if `create_empty_blocks` is `false` 698 - [mempool] [\#3968](https://github.com/tendermint/tendermint/issues/3968) Fix memory loading error on 32-bit machines (@jon-certik) 699 700 ## v0.32.3 701 702 _August 28, 2019_ 703 704 @climber73 wrote the [Writing a Tendermint Core application in Java 705 (gRPC)](https://github.com/tendermint/tendermint/blob/master/docs/guides/java.md) 706 guide. 707 708 Special thanks to external contributors on this release: 709 @gchaincl, @bluele, @climber73 710 711 Friendly reminder, we have a [bug bounty 712 program](https://hackerone.com/tendermint). 713 714 ### IMPROVEMENTS: 715 716 - [consensus] [\#3839](https://github.com/tendermint/tendermint/issues/3839) Reduce "Error attempting to add vote" message severity (Error -> Info) 717 - [mempool] [\#3877](https://github.com/tendermint/tendermint/pull/3877) Make `max_tx_bytes` configurable instead of `max_msg_bytes` (@bluele) 718 - [privval] [\#3370](https://github.com/tendermint/tendermint/issues/3370) Refactor and simplify validator/kms connection handling. Please refer to [this comment](https://github.com/tendermint/tendermint/pull/3370#issue-257360971) for details 719 - [rpc] [\#3880](https://github.com/tendermint/tendermint/issues/3880) Document endpoints with `swagger`, introduce contract tests of implementation against documentation 720 721 ### BUG FIXES: 722 723 - [config] [\#3868](https://github.com/tendermint/tendermint/issues/3868) Move misplaced `max_msg_bytes` into mempool section (@bluele) 724 - [rpc] [\#3910](https://github.com/tendermint/tendermint/pull/3910) Fix DATA RACE in HTTP client (@gchaincl) 725 - [store] [\#3893](https://github.com/tendermint/tendermint/issues/3893) Fix "Unregistered interface types.Evidence" panic 726 727 ## v0.32.2 728 729 _July 31, 2019_ 730 731 Special thanks to external contributors on this release: 732 @ruseinov, @bluele, @guagualvcha 733 734 Friendly reminder, we have a [bug bounty 735 program](https://hackerone.com/tendermint). 736 737 ### BREAKING CHANGES: 738 739 - Go API 740 - [libs] [\#3811](https://github.com/tendermint/tendermint/issues/3811) Remove `db` from libs in favor of `https://github.com/tendermint/tm-db` 741 742 ### FEATURES: 743 744 - [blockchain] [\#3561](https://github.com/tendermint/tendermint/issues/3561) Add early version of the new blockchain reactor, which is supposed to be more modular and testable compared to the old version. To try it, you'll have to change `version` in the config file, [here](https://github.com/tendermint/tendermint/blob/master/config/toml.go#L303) NOTE: It's not ready for a production yet. For further information, see [ADR-40](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-040-blockchain-reactor-refactor.md) & [ADR-43](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-043-blockchain-riri-org.md) 745 - [mempool] [\#3826](https://github.com/tendermint/tendermint/issues/3826) Make `max_msg_bytes` configurable(@bluele) 746 - [node] [\#3846](https://github.com/tendermint/tendermint/pull/3846) Allow replacing existing p2p.Reactor(s) using [`CustomReactors` 747 option](https://godoc.org/github.com/tendermint/tendermint/node#CustomReactors). 748 Warning: beware of accidental name clashes. Here is the list of existing 749 reactors: MEMPOOL, BLOCKCHAIN, CONSENSUS, EVIDENCE, PEX. 750 - [rpc] [\#3818](https://github.com/tendermint/tendermint/issues/3818) Make `max_body_bytes` and `max_header_bytes` configurable(@bluele) 751 - [rpc] [\#2252](https://github.com/tendermint/tendermint/issues/2252) Add `/broadcast_evidence` endpoint to submit double signing and other types of evidence 752 753 ### IMPROVEMENTS: 754 755 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 756 - [p2p] [\#3664](https://github.com/tendermint/tendermint/issues/3664) p2p/conn: reuse buffer when write/read from secret connection(@guagualvcha) 757 - [p2p] [\#3834](https://github.com/tendermint/tendermint/issues/3834) Do not write 'Couldn't connect to any seeds' error log if there are no seeds in config file 758 - [rpc] [\#3076](https://github.com/tendermint/tendermint/issues/3076) Improve transaction search performance 759 760 ### BUG FIXES: 761 762 - [p2p] [\#3644](https://github.com/tendermint/tendermint/issues/3644) Fix error logging for connection stop (@defunctzombie) 763 - [rpc] [\#3813](https://github.com/tendermint/tendermint/issues/3813) Return err if page is incorrect (less than 0 or greater than total pages) 764 765 ## v0.32.1 766 767 _July 15, 2019_ 768 769 Special thanks to external contributors on this release: 770 @ParthDesai, @climber73, @jim380, @ashleyvega 771 772 This release contains a minor enhancement to the ABCI and some breaking changes to our libs folder, namely: 773 774 - CheckTx requests include a `CheckTxType` enum that can be set to `Recheck` to indicate to the application that this transaction was already checked/validated and certain expensive operations (like checking signatures) can be skipped 775 - Removed various functions from `libs` pkgs 776 777 Friendly reminder, we have a [bug bounty 778 program](https://hackerone.com/tendermint). 779 780 ### BREAKING CHANGES: 781 782 - Go API 783 784 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127) The CheckTx and DeliverTx methods in the ABCI `Application` interface now take structs as arguments (RequestCheckTx and RequestDeliverTx, respectively), instead of just the raw tx bytes. This allows more information to be passed to these methods, for instance, indicating whether a tx has already been checked. 785 - [libs] Remove unused `db/debugDB` and `common/colors.go` & `errors/errors.go` files (@marbar3778) 786 - [libs] [\#2432](https://github.com/tendermint/tendermint/issues/2432) Remove unused `common/heap.go` file (@marbar3778) 787 - [libs] Remove unused `date.go`, `io.go`. Remove `GoPath()`, `Prompt()` and `IsDirEmpty()` functions from `os.go` (@marbar3778) 788 - [libs] Remove unused `FailRand()` func and minor clean up to `fail.go`(@marbar3778) 789 790 ### FEATURES: 791 792 - [node] Add variadic argument to `NewNode` to support functional options, allowing the Node to be more easily customized. 793 - [node][\#3730](https://github.com/tendermint/tendermint/pull/3730) Add `CustomReactors` option to `NewNode` allowing caller to pass 794 custom reactors to run inside Tendermint node (@ParthDesai) 795 - [abci] [\#2127](https://github.com/tendermint/tendermint/issues/2127)RequestCheckTx has a new field, `CheckTxType`, which can take values of `CheckTxType_New` and `CheckTxType_Recheck`, indicating whether this is a new tx being checked for the first time or whether this tx is being rechecked after a block commit. This allows applications to skip certain expensive operations, like signature checking, if they've already been done once. see [docs](https://github.com/tendermint/tendermint/blob/eddb433d7c082efbeaf8974413a36641519ee895/docs/spec/abci/apps.md#mempool-connection) 796 797 ### IMPROVEMENTS: 798 799 - [rpc] [\#3700](https://github.com/tendermint/tendermint/issues/3700) Make possible to set absolute paths for TLS cert and key (@climber73) 800 - [abci] [\#3513](https://github.com/tendermint/tendermint/issues/3513) Call the reqRes callback after the resCb so they always happen in the same order 801 802 ### BUG FIXES: 803 804 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 805 ensurePeers outside of ensurePeersRoutine 806 - [behaviour] [\3772](https://github.com/tendermint/tendermint/pull/3772) Return correct reason in MessageOutOfOrder (@jim380) 807 - [config] [\#3723](https://github.com/tendermint/tendermint/issues/3723) Add consensus_params to testnet config generation; document time_iota_ms (@ashleyvega) 808 809 ## v0.32.0 810 811 _June 25, 2019_ 812 813 Special thanks to external contributors on this release: 814 @needkane, @SebastianElvis, @andynog, @Yawning, @wooparadog 815 816 This release contains breaking changes to our build and release processes, ABCI, 817 and the RPC, namely: 818 819 - Use Go modules instead of dep 820 - Bring active development to the `master` Github branch 821 - ABCI Tags are now Events - see 822 [docs](https://github.com/tendermint/tendermint/blob/60827f75623b92eff132dc0eff5b49d2025c591e/docs/spec/abci/abci.md#events) 823 - Bind RPC to localhost by default, not to the public interface [UPGRADING/RPC_Changes](./UPGRADING.md#rpc_changes) 824 825 Friendly reminder, we have a [bug bounty 826 program](https://hackerone.com/tendermint). 827 828 ### BREAKING CHANGES: 829 830 - CLI/RPC/Config 831 832 - [cli] [\#3613](https://github.com/tendermint/tendermint/issues/3613) Switch from golang/dep to Go Modules to resolve dependencies: 833 It is recommended to switch to Go Modules if your project has tendermint as 834 a dependency. Read more on Modules here: 835 https://github.com/golang/go/wiki/Modules 836 - [config] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed `leveldb` as generic 837 option for `db_backend`. Must be `goleveldb` or `cleveldb`. 838 - [rpc] [\#3616](https://github.com/tendermint/tendermint/issues/3616) Fix field names for `/block_results` response (eg. `results.DeliverTx` 839 -> `results.deliver_tx`). See docs for details. 840 - [rpc] [\#3724](https://github.com/tendermint/tendermint/issues/3724) RPC now binds to `127.0.0.1` by default instead of `0.0.0.0` 841 842 - Apps 843 844 - [abci] [\#1859](https://github.com/tendermint/tendermint/issues/1859) `ResponseCheckTx`, `ResponseDeliverTx`, `ResponseBeginBlock`, 845 and `ResponseEndBlock` now include `Events` instead of `Tags`. Each `Event` 846 contains a `type` and a list of `attributes` (list of key-value pairs) 847 allowing for inclusion of multiple distinct events in each response. 848 849 - Go API 850 851 - [abci] [\#3193](https://github.com/tendermint/tendermint/issues/3193) Use RequestDeliverTx and RequestCheckTx in the ABCI 852 Application interface 853 - [libs/db] [\#3632](https://github.com/tendermint/tendermint/pull/3632) Removed deprecated `LevelDBBackend` const 854 If you have `db_backend` set to `leveldb` in your config file, please 855 change it to `goleveldb` or `cleveldb`. 856 - [p2p] [\#3521](https://github.com/tendermint/tendermint/issues/3521) Remove NewNetAddressStringWithOptionalID 857 858 - Blockchain Protocol 859 860 - P2P Protocol 861 862 ### FEATURES: 863 864 ### IMPROVEMENTS: 865 866 - [abci/examples] [\#3659](https://github.com/tendermint/tendermint/issues/3659) Change validator update tx format in the `persistent_kvstore` to use base64 for pubkeys instead of hex (@needkane) 867 - [consensus] [\#3656](https://github.com/tendermint/tendermint/issues/3656) Exit if SwitchToConsensus fails 868 - [p2p] [\#3666](https://github.com/tendermint/tendermint/issues/3666) Add per channel telemetry to improve reactor observability 869 - [rpc] [\#3686](https://github.com/tendermint/tendermint/pull/3686) `HTTPClient#Call` returns wrapped errors, so a caller could use `errors.Cause` to retrieve an error code. (@wooparadog) 870 871 ### BUG FIXES: 872 873 - [libs/db] [\#3717](https://github.com/tendermint/tendermint/issues/3717) Fixed the BoltDB backend's Batch.Delete implementation (@Yawning) 874 - [libs/db] [\#3718](https://github.com/tendermint/tendermint/issues/3718) Fixed the BoltDB backend's Get and Iterator implementation (@Yawning) 875 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 876 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 877 878 _Tendermint 0.31 release series has reached End-Of-Life and is no longer supported._ 879 880 ## v0.31.12 881 882 _April 6, 2020_ 883 884 This security release fixes: 885 886 ### Denial of Service 1 887 888 Tendermint 0.33.2 and earlier does not limit the number of P2P connection requests. 889 For each p2p connection, Tendermint allocates ~0.5MB. Even though this 890 memory is garbage collected once the connection is terminated (due to duplicate 891 IP or reaching a maximum number of inbound peers), temporary memory spikes can 892 lead to OOM (Out-Of-Memory) exceptions. 893 894 Tendermint 0.33.3, 0.32.10, and 0.31.12 limit the total number of P2P incoming 895 connection requests to to `p2p.max_num_inbound_peers + 896 len(p2p.unconditional_peer_ids)`. 897 898 Notes: 899 900 - Tendermint does not rate limit P2P connection requests per IP (an attacker 901 can saturate all the inbound slots); 902 - Tendermint does not rate limit HTTP(S) requests. If you expose any RPC 903 endpoints to the public, please make sure to put in place some protection 904 (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in 905 the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)). 906 907 ### Denial of Service 2 908 909 Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's 910 removed in `Mempool` reactor. This does not happen all the time. It only 911 happens when a connection fails (for any reason) before the Peer is created and 912 added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which 913 leads to always growing memory (`activeIDs` map). The `activeIDs` map has a 914 maximum size of 65535 and the node will panic if this map reaches the maximum. 915 An attacker can create a lot of connection attempts (exploiting Denial of 916 Service 1), which ultimately will lead to the node panicking. 917 918 Tendermint 0.33.3, 0.32.10, and 0.31.12 claim `activeID` for a peer in `InitPeer`, 919 which is executed before `MConnection` is started. 920 921 Notes: 922 923 - `InitPeer` function was added to all reactors to combat a similar issue - 924 [\#3338](https://github.com/tendermint/tendermint/issues/3338); 925 - Denial of Service 2 is independent of Denial of Service 1 and can be executed 926 without it. 927 928 **All clients are recommended to upgrade** 929 930 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding 931 and reporting this. 932 933 Friendly reminder, we have a [bug bounty 934 program](https://hackerone.com/tendermint). 935 936 ### SECURITY: 937 938 - [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr) 939 - [p2p] Limit the number of incoming connections (@melekes) 940 941 ## v0.31.11 942 943 _October 18, 2019_ 944 945 This security release fixes a vulnerability found in the `consensus` package, 946 where an attacker could construct a `BlockPartMessage` message in such a way 947 that it will lead to consensus failure. A few similar issues have been 948 identified and fixed here. 949 950 **All clients are recommended to upgrade** 951 952 Special thanks to [elvishacker](https://hackerone.com/elvishacker) for finding 953 and reporting this. 954 955 Friendly reminder, we have a [bug bounty 956 program](https://hackerone.com/tendermint). 957 958 ### BREAKING CHANGES: 959 960 - Go API 961 - [consensus] Modify `WAL#Write` and `WAL#WriteSync` to return an error if 962 they fail to write a message 963 964 ### SECURITY: 965 966 - [consensus] Validate incoming messages more throughly 967 968 ## v0.31.10 969 970 _October 8, 2019_ 971 972 The previous patch was insufficient because the attacker could still find a way 973 to submit a `nil` pubkey by constructing a `PubKeyMultisigThreshold` pubkey 974 with `nil` subpubkeys for example. 975 976 This release provides multiple fixes, which include recovering from panics when 977 accepting new peers and only allowing `ed25519` pubkeys. 978 979 **All clients are recommended to upgrade** 980 981 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for pointing 982 this out. 983 984 Friendly reminder, we have a [bug bounty 985 program](https://hackerone.com/tendermint). 986 987 ### SECURITY: 988 989 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Only allow ed25519 pubkeys when connecting 990 991 ## v0.31.9 992 993 _October 1, 2019_ 994 995 This release fixes a major security vulnerability found in the `p2p` package. 996 All clients are recommended to upgrade. See 997 [\#4030](https://github.com/tendermint/tendermint/issues/4030) for details. 998 999 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering 1000 and reporting this issue. 1001 1002 Friendly reminder, we have a [bug bounty 1003 program](https://hackerone.com/tendermint). 1004 1005 ### SECURITY: 1006 1007 - [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer 1008 1009 ### BUG FIXES: 1010 1011 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address 1012 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node 1013 1014 ## v0.31.8 1015 1016 _July 29, 2019_ 1017 1018 This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's 1019 ABCI server, which allows it to properly cleanup. 1020 1021 ### IMPROVEMENTS: 1022 1023 - [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov) 1024 1025 ### BUG FIXES: 1026 1027 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling 1028 ensurePeers outside of ensurePeersRoutine 1029 1030 ## v0.31.7 1031 1032 _June 3, 2019_ 1033 1034 This releases fixes a regression in the mempool introduced in v0.31.6. 1035 The regression caused the invalid committed txs to be proposed in blocks over and 1036 over again. 1037 1038 ### BUG FIXES: 1039 1040 - [mempool] [\#3699](https://github.com/tendermint/tendermint/issues/3699) Remove all committed txs from the mempool. 1041 This reverts the change from v0.31.6 where we only remove valid txs from the mempool. 1042 Note this means malicious proposals can cause txs to be dropped from the 1043 mempools of other nodes by including them in blocks before they are valid. 1044 See [\#3322](https://github.com/tendermint/tendermint/issues/3322). 1045 1046 ## v0.31.6 1047 1048 _May 31st, 2019_ 1049 1050 This release contains many fixes and improvements, primarily for p2p functionality. 1051 It also fixes a security issue in the mempool package. 1052 1053 With this release, Tendermint now supports [boltdb](https://github.com/etcd-io/bbolt), although 1054 in experimental mode. Feel free to try and report to us any findings/issues. 1055 Note also that the build tags for compiling CLevelDB have changed. 1056 1057 Special thanks to external contributors on this release: 1058 @guagualvcha, @james-ray, @gregdhill, @climber73, @yutianwu, 1059 @carlosflrs, @defunctzombie, @leoluk, @needkane, @CrocdileChan 1060 1061 ### BREAKING CHANGES: 1062 1063 - Go API 1064 - [libs/common] Removed deprecated `PanicSanity`, `PanicCrisis`, 1065 `PanicConsensus` and `PanicQ` 1066 - [mempool, state] [\#2659](https://github.com/tendermint/tendermint/issues/2659) `Mempool` now an interface that lives in the mempool package. 1067 See issue and PR for more details. 1068 - [p2p] [\#3346](https://github.com/tendermint/tendermint/issues/3346) `Reactor#InitPeer` method is added to `Reactor` interface 1069 - [types] [\#1648](https://github.com/tendermint/tendermint/issues/1648) `Commit#VoteSignBytes` signature was changed 1070 1071 ### FEATURES: 1072 1073 - [node] [\#2659](https://github.com/tendermint/tendermint/issues/2659) Add `node.Mempool()` method, which allows you to access mempool 1074 - [libs/db] [\#3604](https://github.com/tendermint/tendermint/pull/3604) Add experimental support for bolt db (etcd's fork of bolt) (@CrocdileChan) 1075 1076 ### IMPROVEMENTS: 1077 1078 - [cli] [\#3585](https://github.com/tendermint/tendermint/issues/3585) Add `--keep-addr-book` option to `unsafe_reset_all` cmd to not 1079 clear the address book (@climber73) 1080 - [cli] [\#3160](https://github.com/tendermint/tendermint/issues/3160) Add 1081 `--config=<path-to-config>` option to `testnet` cmd (@gregdhill) 1082 - [cli] [\#3661](https://github.com/tendermint/tendermint/pull/3661) Add 1083 `--hostname-suffix`, `--hostname` and `--random-monikers` options to `testnet` 1084 cmd for greater peer address/identity generation flexibility. 1085 - [crypto] [\#3672](https://github.com/tendermint/tendermint/issues/3672) Return more info in the `AddSignatureFromPubKey` error 1086 - [cs/replay] [\#3460](https://github.com/tendermint/tendermint/issues/3460) Check appHash for each block 1087 - [libs/db] [\#3611](https://github.com/tendermint/tendermint/issues/3611) Conditional compilation 1088 - Use `cleveldb` tag instead of `gcc` to compile Tendermint with CLevelDB or 1089 use `make build_c` / `make install_c` (full instructions can be found at 1090 https://docs.tendermint.com/master/introduction/install.html#compile-with-cleveldb-support) 1091 - Use `boltdb` tag to compile Tendermint with bolt db 1092 - [node] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Return an error if `persistent_peers` list is invalid (except 1093 when IP lookup fails) 1094 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer (@guagualvcha) 1095 - [p2p] [\#3531](https://github.com/tendermint/tendermint/issues/3531) Terminate session on nonce wrapping (@climber73) 1096 - [pex] [\#3647](https://github.com/tendermint/tendermint/pull/3647) Dial seeds, if any, instead of crawling peers first (@defunctzombie) 1097 - [rpc] [\#3534](https://github.com/tendermint/tendermint/pull/3534) Add support for batched requests/responses in JSON RPC 1098 - [rpc] [\#3362](https://github.com/tendermint/tendermint/issues/3362) `/dial_seeds` & `/dial_peers` return errors if addresses are 1099 incorrect (except when IP lookup fails) 1100 1101 ### BUG FIXES: 1102 1103 - [consensus] [\#3067](https://github.com/tendermint/tendermint/issues/3067) Fix replay from appHeight==0 with validator set changes (@james-ray) 1104 - [consensus] [\#3304](https://github.com/tendermint/tendermint/issues/3304) Create a peer state in consensus reactor before the peer 1105 is started (@guagualvcha) 1106 - [lite] [\#3669](https://github.com/tendermint/tendermint/issues/3669) Add context parameter to RPC Handlers in proxy routes (@yutianwu) 1107 - [mempool] [\#3322](https://github.com/tendermint/tendermint/issues/3322) When a block is committed, only remove committed txs from the mempool 1108 that were valid (ie. `ResponseDeliverTx.Code == 0`) 1109 - [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Ensure `RemovePeer` is always called before `InitPeer` (upon a peer 1110 reconnecting to our node) 1111 - [p2p] [\#3532](https://github.com/tendermint/tendermint/issues/3532) Limit the number of attempts to connect to a peer in seed mode 1112 to 16 (as a result, the node will stop retrying after a 35 hours time window) 1113 - [p2p] [\#3362](https://github.com/tendermint/tendermint/issues/3362) Allow inbound peers to be persistent, including for seed nodes. 1114 - [pex] [\#3603](https://github.com/tendermint/tendermint/pull/3603) Dial seeds when addrbook needs more addresses (@defunctzombie) 1115 1116 ### OTHERS: 1117 1118 - [networks] fixes ansible integration script (@carlosflrs) 1119 1120 ## v0.31.5 1121 1122 _April 16th, 2019_ 1123 1124 This release fixes a regression from v0.31.4 where, in existing chains that 1125 were upgraded, `/validators` could return an empty validator set. This is true 1126 for almost all heights, given the validator set remains the same. 1127 1128 Special thanks to external contributors on this release: 1129 @brapse, @guagualvcha, @dongsam, @phucc 1130 1131 ### IMPROVEMENTS: 1132 1133 - [libs/common] `CMap`: slight optimization in `Keys()` and `Values()` (@phucc) 1134 - [gitignore] gitignore: add .vendor-new (@dongsam) 1135 1136 ### BUG FIXES: 1137 1138 - [state] [\#3537](https://github.com/tendermint/tendermint/pull/3537#issuecomment-482711833) 1139 `LoadValidators`: do not return an empty validator set 1140 - [blockchain] [\#3457](https://github.com/tendermint/tendermint/issues/3457) 1141 Fix "peer did not send us anything" in `fast_sync` mode when under high pressure 1142 1143 ## v0.31.4 1144 1145 _April 12th, 2019_ 1146 1147 This release fixes a regression from v0.31.3 which used the peer's `SocketAddr` to add the peer to 1148 the address book. This swallowed the peer's self-reported port which is important in case of reconnect. 1149 It brings back `NetAddress()` to `NodeInfo` and uses it instead of `SocketAddr` for adding peers. 1150 Additionally, it improves response time on the `/validators` or `/status` RPC endpoints. 1151 As a side-effect it makes these RPC endpoint more difficult to DoS and fixes a performance degradation in `ExecCommitBlock`. 1152 Also, it contains an [ADR](https://github.com/tendermint/tendermint/pull/3539) that proposes decoupling the 1153 responsibility for peer behaviour from the `p2p.Switch` (by @brapse). 1154 1155 Special thanks to external contributors on this release: 1156 @brapse, @guagualvcha, @mydring 1157 1158 ### IMPROVEMENTS: 1159 1160 - [p2p] [\#3463](https://github.com/tendermint/tendermint/pull/3463) Do not log "Can't add peer's address to addrbook" error for a private peer 1161 - [p2p] [\#3547](https://github.com/tendermint/tendermint/pull/3547) Fix a couple of annoying typos (@mdyring) 1162 1163 ### BUG FIXES: 1164 1165 - [docs] [\#3514](https://github.com/tendermint/tendermint/issues/3514) Fix block.Header.Time description (@melekes) 1166 - [p2p] [\#2716](https://github.com/tendermint/tendermint/issues/2716) Check if we're already connected to peer right before dialing it (@melekes) 1167 - [p2p] [\#3545](https://github.com/tendermint/tendermint/issues/3545) Add back `NetAddress()` to `NodeInfo` and use it instead of peer's `SocketAddr()` when adding a peer to the `PEXReactor` (potential fix for [\#3532](https://github.com/tendermint/tendermint/issues/3532)) 1168 - [state] [\#3438](https://github.com/tendermint/tendermint/pull/3438) 1169 Persist validators every 100000 blocks even if no changes to the set 1170 occurred (@guagualvcha). This 1171 1. Prevents possible DoS attack using `/validators` or `/status` RPC 1172 endpoints. Before response time was growing linearly with height if no 1173 changes were made to the validator set. 1174 2. Fixes performance degradation in `ExecCommitBlock` where we call 1175 `LoadValidators` for each `Evidence` in the block. 1176 1177 ## v0.31.3 1178 1179 _April 1st, 2019_ 1180 1181 This release includes two security sensitive fixes: it ensures generated private 1182 keys are valid, and it prevents certain DNS lookups that would cause the node to 1183 panic if the lookup failed. 1184 1185 ### BREAKING CHANGES: 1186 1187 - Go API 1188 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1189 The `secp256k1.GenPrivKeySecp256k1` function has changed to guarantee that it returns a valid key, which means it 1190 will return a different private key than in previous versions for the same secret. 1191 1192 ### BUG FIXES: 1193 1194 - [crypto/secp256k1] [\#3439](https://github.com/tendermint/tendermint/issues/3439) 1195 Ensure generated private keys are valid by randomly sampling until a valid key is found. 1196 Previously, it was possible (though rare!) to generate keys that exceeded the curve order. 1197 Such keys would lead to invalid signatures. 1198 - [p2p] [\#3522](https://github.com/tendermint/tendermint/issues/3522) Memoize 1199 socket address in peer connections to avoid DNS lookups. Previously, failed 1200 DNS lookups could cause the node to panic. 1201 1202 ## v0.31.2 1203 1204 _March 30th, 2019_ 1205 1206 This release fixes a regression from v0.31.1 where Tendermint panics under 1207 mempool load for external ABCI apps. 1208 1209 Special thanks to external contributors on this release: 1210 @guagualvcha 1211 1212 ### BREAKING CHANGES: 1213 1214 - CLI/RPC/Config 1215 1216 - Apps 1217 1218 - Go API 1219 1220 - [libs/autofile] [\#3504](https://github.com/tendermint/tendermint/issues/3504) Remove unused code in autofile package. Deleted functions: `Group.Search`, `Group.FindLast`, `GroupReader.ReadLine`, `GroupReader.PushLine`, `MakeSimpleSearchFunc` (@guagualvcha) 1221 1222 - Blockchain Protocol 1223 1224 - P2P Protocol 1225 1226 ### FEATURES: 1227 1228 ### IMPROVEMENTS: 1229 1230 - [circle] [\#3497](https://github.com/tendermint/tendermint/issues/3497) Move release management to CircleCI 1231 1232 ### BUG FIXES: 1233 1234 - [mempool] [\#3512](https://github.com/tendermint/tendermint/issues/3512) Fix panic from concurrent access to txsMap, a regression for external ABCI apps introduced in v0.31.1 1235 1236 ## v0.31.1 1237 1238 _March 27th, 2019_ 1239 1240 This release contains a major improvement for the mempool that reduce the amount of sent data by about 30% 1241 (see some numbers below). 1242 It also fixes a memory leak in the mempool and adds TLS support to the RPC server by providing a certificate and key in the config. 1243 1244 Special thanks to external contributors on this release: 1245 @brapse, @guagualvcha, @HaoyangLiu, @needkane, @TraceBundy 1246 1247 ### BREAKING CHANGES: 1248 1249 - CLI/RPC/Config 1250 1251 - Apps 1252 1253 - Go API 1254 1255 - [crypto] [\#3426](https://github.com/tendermint/tendermint/pull/3426) Remove `Ripemd160` helper method (@needkane) 1256 - [libs/common] [\#3429](https://github.com/tendermint/tendermint/pull/3429) Remove `RepeatTimer` (also `TimerMaker` and `Ticker` interface) 1257 - [rpc/client] [\#3458](https://github.com/tendermint/tendermint/issues/3458) Include `NetworkClient` interface into `Client` interface 1258 - [types] [\#3448](https://github.com/tendermint/tendermint/issues/3448) Remove method `PB2TM.ConsensusParams` 1259 1260 - Blockchain Protocol 1261 1262 - P2P Protocol 1263 1264 ### FEATURES: 1265 1266 - [rpc] [\#3419](https://github.com/tendermint/tendermint/issues/3419) Start HTTPS server if `rpc.tls_cert_file` and `rpc.tls_key_file` are provided in the config (@guagualvcha) 1267 1268 ### IMPROVEMENTS: 1269 1270 - [docs] [\#3140](https://github.com/tendermint/tendermint/issues/3140) Formalize proposer election algorithm properties 1271 - [docs] [\#3482](https://github.com/tendermint/tendermint/issues/3482) Fix broken links (@brapse) 1272 - [mempool] [\#2778](https://github.com/tendermint/tendermint/issues/2778) No longer send txs back to peers who sent it to you. 1273 Also, limit to 65536 active peers. 1274 This vastly improves the bandwidth consumption of nodes. 1275 For instance, for a 4 node localnet, in a test sending 250byte txs for 120 sec. at 500 txs/sec (total of 15MB): 1276 - total bytes received from 1st node: 1277 - before: 42793967 (43MB) 1278 - after: 30003256 (30MB) 1279 - total bytes sent to 1st node: 1280 - before: 30569339 (30MB) 1281 - after: 19304964 (19MB) 1282 - [p2p] [\#3475](https://github.com/tendermint/tendermint/issues/3475) Simplify `GetSelectionWithBias` for addressbook (@guagualvcha) 1283 - [rpc/lib/client] [\#3430](https://github.com/tendermint/tendermint/issues/3430) Disable compression for HTTP client to prevent GZIP-bomb DoS attacks (@guagualvcha) 1284 1285 ### BUG FIXES: 1286 1287 - [blockchain] [\#2699](https://github.com/tendermint/tendermint/issues/2699) Update the maxHeight when a peer is removed 1288 - [mempool] [\#3478](https://github.com/tendermint/tendermint/issues/3478) Fix memory-leak related to `broadcastTxRoutine` (@HaoyangLiu) 1289 1290 ## v0.31.0 1291 1292 _March 16th, 2019_ 1293 1294 Special thanks to external contributors on this release: 1295 @danil-lashin, @guagualvcha, @siburu, @silasdavis, @srmo, @Stumble, @svenstaro 1296 1297 This release is primarily about the new pubsub implementation, dubbed `pubsub 2.0`, and related changes, 1298 like configurable limits on the number of active RPC subscriptions at a time (`max_subscription_clients`). 1299 Pubsub 2.0 is an improved version of the older pubsub that is non-blocking and has a nicer API. 1300 Note the improved pubsub API also resulted in some improvements to the HTTPClient interface and the API for WebSocket subscriptions. 1301 This release also adds a configurable limit to the mempool size (`max_txs_bytes`, default 1GB) 1302 and a configurable timeout for the `/broadcast_tx_commit` endpoint. 1303 1304 See the [v0.31.0 1305 Milestone](https://github.com/tendermint/tendermint/milestone/19?closed=1) for 1306 more details. 1307 1308 Friendly reminder, we have a [bug bounty 1309 program](https://hackerone.com/tendermint). 1310 1311 ### BREAKING CHANGES: 1312 1313 - CLI/RPC/Config 1314 1315 - [config] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Remove `consensus.blocktime_iota` parameter 1316 - [rpc] [\#3227](https://github.com/tendermint/tendermint/issues/3227) New PubSub design does not block on clients when publishing 1317 messages. Slow clients may miss messages and receive an error, terminating 1318 the subscription. 1319 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique clientIDs with open subscriptions. Configurable via `rpc.max_subscription_clients` 1320 - [rpc] [\#3269](https://github.com/tendermint/tendermint/issues/2826) Limit number of unique queries a given client can subscribe to at once. Configurable via `rpc.max_subscriptions_per_client`. 1321 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) Default ReadTimeout and WriteTimeout changed to 10s. WriteTimeout can increased by setting `rpc.timeout_broadcast_tx_commit` in the config. 1322 - [rpc/client] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Update `EventsClient` interface to reflect new pubsub/eventBus API [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md). This includes `Subscribe`, `Unsubscribe`, and `UnsubscribeAll` methods. 1323 1324 - Apps 1325 1326 - [abci] [\#3403](https://github.com/tendermint/tendermint/issues/3403) Remove `time_iota_ms` from BlockParams. This is a 1327 ConsensusParam but need not be exposed to the app for now. 1328 - [abci] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Rename `consensus_params.block_size` to `consensus_params.block` in ABCI ConsensusParams 1329 1330 - Go API 1331 1332 - [libs/common] TrapSignal accepts logger as a first parameter and does not block anymore 1333 - previously it was dumping "captured ..." msg to os.Stdout 1334 - TrapSignal should not be responsible for blocking thread of execution 1335 - [libs/db] [\#3397](https://github.com/tendermint/tendermint/pull/3397) Add possibility to `Close()` `Batch` to prevent memory leak when using ClevelDB. (@Stumble) 1336 - [types] [\#3354](https://github.com/tendermint/tendermint/issues/3354) Remove RoundState from EventDataRoundState 1337 - [rpc] [\#3435](https://github.com/tendermint/tendermint/issues/3435) `StartHTTPServer` / `StartHTTPAndTLSServer` now require a Config (use `rpcserver.DefaultConfig`) 1338 1339 - Blockchain Protocol 1340 1341 - P2P Protocol 1342 1343 ### FEATURES: 1344 1345 - [config] [\#3269](https://github.com/tendermint/tendermint/issues/2826) New configuration values for controlling RPC subscriptions: 1346 - `rpc.max_subscription_clients` sets the maximum number of unique clients 1347 with open subscriptions 1348 - `rpc.max_subscriptions_per_client`sets the maximum number of unique 1349 subscriptions from a given client 1350 - `rpc.timeout_broadcast_tx_commit` sets the time to wait for a tx to be committed during `/broadcast_tx_commit` 1351 - [types] [\#2920](https://github.com/tendermint/tendermint/issues/2920) Add `time_iota_ms` to block's consensus parameters (not exposed to the application) 1352 - [lite] [\#3269](https://github.com/tendermint/tendermint/issues/3269) Add `/unsubscribe_all` endpoint to unsubscribe from all events 1353 - [mempool] [\#3079](https://github.com/tendermint/tendermint/issues/3079) Bound mempool memory usage via the `mempool.max_txs_bytes` configuration value. Set to 1GB by default. The mempool's current `txs_total_bytes` is exposed via `total_bytes` field in 1354 `/num_unconfirmed_txs` and `/unconfirmed_txs` RPC endpoints. 1355 1356 ### IMPROVEMENTS: 1357 1358 - [all] [\#3385](https://github.com/tendermint/tendermint/issues/3385), [\#3386](https://github.com/tendermint/tendermint/issues/3386) Various linting improvements 1359 - [crypto] [\#3371](https://github.com/tendermint/tendermint/issues/3371) Copy in secp256k1 package from go-ethereum instead of importing 1360 go-ethereum (@silasdavis) 1361 - [deps] [\#3382](https://github.com/tendermint/tendermint/issues/3382) Don't pin repos without releases 1362 - [deps] [\#3357](https://github.com/tendermint/tendermint/issues/3357), [\#3389](https://github.com/tendermint/tendermint/issues/3389), [\#3392](https://github.com/tendermint/tendermint/issues/3392) Update gogo/protobuf, golang/protobuf, levigo, golang.org/x/crypto 1363 - [libs/common] [\#3238](https://github.com/tendermint/tendermint/issues/3238) exit with zero (0) code upon receiving SIGTERM/SIGINT 1364 - [libs/db] [\#3378](https://github.com/tendermint/tendermint/issues/3378) CLevelDB#Stats now returns the following properties: 1365 - leveldb.num-files-at-level{n} 1366 - leveldb.stats 1367 - leveldb.sstables 1368 - leveldb.blockpool 1369 - leveldb.cachedblock 1370 - leveldb.openedtables 1371 - leveldb.alivesnaps 1372 - leveldb.aliveiters 1373 - [privval] [\#3351](https://github.com/tendermint/tendermint/pull/3351) First part of larger refactoring that clarifies and separates concerns in the privval package. 1374 1375 ### BUG FIXES: 1376 1377 - [blockchain] [\#3358](https://github.com/tendermint/tendermint/pull/3358) Fix timer leak in `BlockPool` (@guagualvcha) 1378 - [cmd] [\#3408](https://github.com/tendermint/tendermint/issues/3408) Fix `testnet` command's panic when creating non-validator configs (using `--n` flag) (@srmo) 1379 - [libs/db/remotedb/grpcdb] [\#3402](https://github.com/tendermint/tendermint/issues/3402) Close Iterator/ReverseIterator after use 1380 - [libs/pubsub] [\#951](https://github.com/tendermint/tendermint/issues/951), [\#1880](https://github.com/tendermint/tendermint/issues/1880) Use non-blocking send when dispatching messages [ADR-33](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-033-pubsub.md) 1381 - [lite] [\#3364](https://github.com/tendermint/tendermint/issues/3364) Fix `/validators` and `/abci_query` proxy endpoints 1382 (@guagualvcha) 1383 - [p2p/conn] [\#3347](https://github.com/tendermint/tendermint/issues/3347) Reject all-zero shared secrets in the Diffie-Hellman step of secret-connection 1384 - [p2p] [\#3369](https://github.com/tendermint/tendermint/issues/3369) Do not panic when filter times out 1385 - [p2p] [\#3359](https://github.com/tendermint/tendermint/pull/3359) Fix reconnecting report duplicate ID error due to race condition between adding peer to peerSet and starting it (@guagualvcha) 1386 1387 ## v0.30.2 1388 1389 _March 10th, 2019_ 1390 1391 This release fixes a CLevelDB memory leak. It was happening because we were not 1392 closing the WriteBatch object after use. See [levigo's 1393 godoc](https://godoc.org/github.com/jmhodges/levigo#WriteBatch.Close) for the 1394 Close method. Special thanks goes to @Stumble who both reported an issue in 1395 [cosmos-sdk](https://github.com/cosmos/cosmos-sdk/issues/3842) and provided a 1396 fix here. 1397 1398 ### BREAKING CHANGES: 1399 1400 - Go API 1401 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Add Close() method to Batch interface (@Stumble) 1402 1403 ### BUG FIXES: 1404 1405 - [libs/db] [\#3842](https://github.com/cosmos/cosmos-sdk/issues/3842) Fix CLevelDB memory leak (@Stumble) 1406 1407 ## v0.30.1 1408 1409 _February 20th, 2019_ 1410 1411 This release fixes a consensus halt and a DataCorruptionError after restart 1412 discovered in `game_of_stakes_6`. It also fixes a security issue in the p2p 1413 handshake by authenticating the NetAddress.ID of the peer we're dialing. 1414 1415 ### IMPROVEMENTS: 1416 1417 - [config] [\#3291](https://github.com/tendermint/tendermint/issues/3291) Make 1418 config.ResetTestRootWithChainID() create concurrency-safe test directories. 1419 1420 ### BUG FIXES: 1421 1422 - [consensus] [\#3295](https://github.com/tendermint/tendermint/issues/3295) 1423 Flush WAL on stop to prevent data corruption during graceful shutdown. 1424 - [consensus] [\#3302](https://github.com/tendermint/tendermint/issues/3302) 1425 Fix possible halt by resetting TriggeredTimeoutPrecommit before starting next height. 1426 - [rpc] [\#3251](https://github.com/tendermint/tendermint/issues/3251) Fix 1427 `/net_info#peers#remote_ip` format. New format spec: 1428 - dotted decimal ("192.0.2.1"), if ip is an IPv4 or IP4-mapped IPv6 address 1429 - IPv6 ("2001:db8::1"), if ip is a valid IPv6 address 1430 - [cmd] [\#3314](https://github.com/tendermint/tendermint/issues/3314) Return 1431 an error on `show_validator` when the private validator file does not exist. 1432 - [p2p] [\#3010](https://github.com/tendermint/tendermint/issues/3010#issuecomment-464287627) 1433 Authenticate a peer against its NetAddress.ID when dialing. 1434 1435 ## v0.30.0 1436 1437 _February 8th, 2019_ 1438 1439 This release fixes yet another issue with the proposer selection algorithm. 1440 We hope it's the last one, but we won't be surprised if it's not. 1441 We plan to one day expose the selection algorithm more directly to 1442 the application ([\#3285](https://github.com/tendermint/tendermint/issues/3285)), and even to support randomness ([\#763](https://github.com/tendermint/tendermint/issues/763)). 1443 For more, see issues marked 1444 [proposer-selection](https://github.com/tendermint/tendermint/labels/proposer-selection). 1445 1446 This release also includes a fix to prevent Tendermint from including the same 1447 piece of evidence in more than one block. This issue was reported by @chengwenxi in our 1448 [bug bounty program](https://hackerone.com/tendermint). 1449 1450 ### BREAKING CHANGES: 1451 1452 - Apps 1453 1454 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1455 Duplicate updates for the same validator are forbidden. Apps must ensure 1456 that a given `ResponseEndBlock.ValidatorUpdates` contains only one entry per pubkey. 1457 1458 - Go API 1459 1460 - [types] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1461 Remove `Add` and `Update` methods from `ValidatorSet` in favor of new 1462 `UpdateWithChangeSet`. This allows updates to be applied as a set, instead of 1463 one at a time. 1464 1465 - Block Protocol 1466 1467 - [state] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Blocks that include already committed evidence are invalid. 1468 1469 - P2P Protocol 1470 - [consensus] [\#3222](https://github.com/tendermint/tendermint/issues/3222) 1471 Validator updates are applied as a set, instead of one at a time, thus 1472 impacting the proposer priority calculation. This ensures that the proposer 1473 selection algorithm does not depend on the order of updates in 1474 `ResponseEndBlock.ValidatorUpdates`. 1475 1476 ### IMPROVEMENTS: 1477 1478 - [crypto] [\#3279](https://github.com/tendermint/tendermint/issues/3279) Use `btcec.S256().N` directly instead of hard coding a copy. 1479 1480 ### BUG FIXES: 1481 1482 - [state] [\#3222](https://github.com/tendermint/tendermint/issues/3222) Fix validator set updates so they are applied as a set, rather 1483 than one at a time. This makes the proposer selection algorithm independent of 1484 the order of updates in `ResponseEndBlock.ValidatorUpdates`. 1485 - [evidence] [\#3286](https://github.com/tendermint/tendermint/issues/3286) Don't add committed evidence to evidence pool. 1486 1487 ## v0.29.2 1488 1489 _February 7th, 2019_ 1490 1491 Special thanks to external contributors on this release: 1492 @ackratos, @rickyyangz 1493 1494 **Note**: This release contains security sensitive patches in the `p2p` and 1495 `crypto` packages: 1496 1497 - p2p: 1498 - Partial fix for MITM attacks on the p2p connection. MITM conditions may 1499 still exist. See [\#3010](https://github.com/tendermint/tendermint/issues/3010). 1500 - crypto: 1501 - Eliminate our fork of `btcd` and use the `btcd/btcec` library directly for 1502 native secp256k1 signing. Note we still modify the signature encoding to 1503 prevent malleability. 1504 - Support the libsecp256k1 library via CGo through the `go-ethereum/crypto/secp256k1` package. 1505 - Eliminate MixEntropy functions 1506 1507 ### BREAKING CHANGES: 1508 1509 - Go API 1510 - [crypto] [\#3278](https://github.com/tendermint/tendermint/issues/3278) Remove 1511 MixEntropy functions 1512 - [types] [\#3245](https://github.com/tendermint/tendermint/issues/3245) Commit uses `type CommitSig Vote` instead of `Vote` directly. 1513 In preparation for removing redundant fields from the commit [\#1648](https://github.com/tendermint/tendermint/issues/1648) 1514 1515 ### IMPROVEMENTS: 1516 1517 - [consensus] [\#3246](https://github.com/tendermint/tendermint/issues/3246) Better logging and notes on recovery for corrupted WAL file 1518 - [crypto] [\#3163](https://github.com/tendermint/tendermint/issues/3163) Use ethereum's libsecp256k1 go-wrapper for signatures when cgo is available 1519 - [crypto] [\#3162](https://github.com/tendermint/tendermint/issues/3162) Wrap btcd instead of forking it to keep up with fixes (used if cgo is not available) 1520 - [makefile] [\#3233](https://github.com/tendermint/tendermint/issues/3233) Use golangci-lint instead of go-metalinter 1521 - [tools] [\#3218](https://github.com/tendermint/tendermint/issues/3218) Add go-deadlock tool to help detect deadlocks 1522 - [tools] [\#3106](https://github.com/tendermint/tendermint/issues/3106) Add tm-signer-harness test harness for remote signers 1523 - [tests] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fixed a bunch of non-deterministic test failures 1524 1525 ### BUG FIXES: 1526 1527 - [node] [\#3186](https://github.com/tendermint/tendermint/issues/3186) EventBus and indexerService should be started before first block (for replay last block on handshake) execution (@ackratos) 1528 - [p2p] [\#3232](https://github.com/tendermint/tendermint/issues/3232) Fix infinite loop leading to addrbook deadlock for seed nodes 1529 - [p2p] [\#3247](https://github.com/tendermint/tendermint/issues/3247) Fix panic in SeedMode when calling FlushStop and OnStop 1530 concurrently 1531 - [p2p] [\#3040](https://github.com/tendermint/tendermint/issues/3040) Fix MITM on secret connection by checking low-order points 1532 - [privval] [\#3258](https://github.com/tendermint/tendermint/issues/3258) Fix race between sign requests and ping requests in socket that was causing messages to be corrupted 1533 1534 ## v0.29.1 1535 1536 _January 24, 2019_ 1537 1538 Special thanks to external contributors on this release: 1539 @infinytum, @gauthamzz 1540 1541 This release contains two important fixes: one for p2p layer where we sometimes 1542 were not closing connections and one for consensus layer where consensus with 1543 no empty blocks (`create_empty_blocks = false`) could halt. 1544 1545 Friendly reminder, we have a [bug bounty 1546 program](https://hackerone.com/tendermint). 1547 1548 ### IMPROVEMENTS: 1549 1550 - [pex] [\#3037](https://github.com/tendermint/tendermint/issues/3037) Only log "Reached max attempts to dial" once 1551 - [rpc] [\#3159](https://github.com/tendermint/tendermint/issues/3159) Expose 1552 `triggered_timeout_commit` in the `/dump_consensus_state` 1553 1554 ### BUG FIXES: 1555 1556 - [consensus] [\#3199](https://github.com/tendermint/tendermint/issues/3199) Fix consensus halt with no empty blocks from not resetting triggeredTimeoutCommit 1557 - [p2p] [\#2967](https://github.com/tendermint/tendermint/issues/2967) Fix file descriptor leak 1558 1559 ## v0.29.0 1560 1561 _January 21, 2019_ 1562 1563 Special thanks to external contributors on this release: 1564 @bradyjoestar, @kunaldhariwal, @gauthamzz, @hrharder 1565 1566 This release is primarily about making some breaking changes to 1567 the Block protocol version before Cosmos launch, and to fixing more issues 1568 in the proposer selection algorithm discovered on Cosmos testnets. 1569 1570 The Block protocol changes include using a standard Merkle tree format (RFC 6962), 1571 fixing some inconsistencies between field orders in Vote and Proposal structs, 1572 and constraining the hash of the ConsensusParams to include only a few fields. 1573 1574 The proposer selection algorithm saw significant progress, 1575 including a [formal proof by @cwgoes for the base-case in Idris](https://github.com/cwgoes/tm-proposer-idris) 1576 and a [much more detailed specification (still in progress) by 1577 @ancazamfir](https://github.com/tendermint/tendermint/pull/3140). 1578 1579 Fixes to the proposer selection algorithm include normalizing the proposer 1580 priorities to mitigate the effects of large changes to the validator set. 1581 That said, we just discovered [another bug](https://github.com/tendermint/tendermint/issues/3181), 1582 which will be fixed in the next breaking release. 1583 1584 While we are trying to stabilize the Block protocol to preserve compatibility 1585 with old chains, there may be some final changes yet to come before Cosmos 1586 launch as we continue to audit and test the software. 1587 1588 Friendly reminder, we have a [bug bounty 1589 program](https://hackerone.com/tendermint). 1590 1591 ### BREAKING CHANGES: 1592 1593 - CLI/RPC/Config 1594 1595 - Apps 1596 1597 - [state] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Total voting power of the validator set is upper bounded by 1598 `MaxInt64 / 8`. Apps must ensure they do not return changes to the validator 1599 set that cause this maximum to be exceeded. 1600 1601 - Go API 1602 1603 - [node] [\#3082](https://github.com/tendermint/tendermint/issues/3082) MetricsProvider now requires you to pass a chain ID 1604 - [types] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Rename `TxProof.LeafHash` to `TxProof.Leaf` 1605 - [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) `SimpleProof.Verify` takes a `leaf` instead of a 1606 `leafHash` and performs the hashing itself 1607 1608 - Blockchain Protocol 1609 1610 - [crypto/merkle] [\#2713](https://github.com/tendermint/tendermint/issues/2713) Merkle trees now match the RFC 6962 specification 1611 - [types] [\#3078](https://github.com/tendermint/tendermint/issues/3078) Re-order Timestamp and BlockID in CanonicalVote so it's 1612 consistent with CanonicalProposal (BlockID comes 1613 first) 1614 - [types] [\#3165](https://github.com/tendermint/tendermint/issues/3165) Hash of ConsensusParams only includes BlockSize.MaxBytes and 1615 BlockSize.MaxGas 1616 1617 - P2P Protocol 1618 - [consensus] [\#3049](https://github.com/tendermint/tendermint/issues/3049) Normalize priorities to not exceed `2*TotalVotingPower` to mitigate unfair proposer selection 1619 heavily preferring earlier joined validators in the case of an early bonded large validator unbonding 1620 1621 ### FEATURES: 1622 1623 ### IMPROVEMENTS: 1624 1625 - [rpc] [\#3065](https://github.com/tendermint/tendermint/issues/3065) Return maxPerPage (100), not defaultPerPage (30) if `per_page` is greater than the max 100. 1626 - [instrumentation] [\#3082](https://github.com/tendermint/tendermint/issues/3082) Add `chain_id` label for all metrics 1627 1628 ### BUG FIXES: 1629 1630 - [crypto] [\#3164](https://github.com/tendermint/tendermint/issues/3164) Update `btcd` fork for rare signRFC6979 bug 1631 - [lite] [\#3171](https://github.com/tendermint/tendermint/issues/3171) Fix verifying large validator set changes 1632 - [log] [\#3125](https://github.com/tendermint/tendermint/issues/3125) Fix year format 1633 - [mempool] [\#3168](https://github.com/tendermint/tendermint/issues/3168) Limit tx size to fit in the max reactor msg size 1634 - [scripts] [\#3147](https://github.com/tendermint/tendermint/issues/3147) Fix json2wal for large block parts (@bradyjoestar) 1635 1636 ## v0.28.1 1637 1638 _January 18th, 2019_ 1639 1640 Special thanks to external contributors on this release: 1641 @HaoyangLiu 1642 1643 Friendly reminder, we have a [bug bounty 1644 program](https://hackerone.com/tendermint). 1645 1646 ### BUG FIXES: 1647 1648 - [consensus] Fix consensus halt from proposing blocks with too much evidence 1649 1650 ## v0.28.0 1651 1652 _January 16th, 2019_ 1653 1654 Special thanks to external contributors on this release: 1655 @fmauricios, @gianfelipe93, @husio, @needkane, @srmo, @yutianwu 1656 1657 This release is primarily about upgrades to the `privval` system - 1658 separating the `priv_validator.json` into distinct config and data files, and 1659 refactoring the socket validator to support reconnections. 1660 1661 **Note:** Please backup your existing `priv_validator.json` before using this 1662 version. 1663 1664 See [UPGRADING.md](UPGRADING.md) for more details. 1665 1666 ### BREAKING CHANGES: 1667 1668 - CLI/RPC/Config 1669 1670 - [cli] Removed `--proxy_app=dummy` option. Use `kvstore` (`persistent_kvstore`) instead. 1671 - [cli] Renamed `--proxy_app=nilapp` to `--proxy_app=noop`. 1672 - [config] [\#2992](https://github.com/tendermint/tendermint/issues/2992) `allow_duplicate_ip` is now set to false 1673 - [privval] [\#1181](https://github.com/tendermint/tendermint/issues/1181) Split `priv_validator.json` into immutable (`config/priv_validator_key.json`) and mutable (`data/priv_validator_state.json`) parts (@yutianwu) 1674 - [privval] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Split up `PubKeyMsg` into `PubKeyRequest` and `PubKeyResponse` to be consistent with other message types 1675 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Listen for unix socket connections instead of dialing them 1676 1677 - Apps 1678 1679 - Go API 1680 1681 - [types] [\#2981](https://github.com/tendermint/tendermint/issues/2981) Remove `PrivValidator.GetAddress()` 1682 1683 - Blockchain Protocol 1684 1685 - P2P Protocol 1686 1687 ### FEATURES: 1688 1689 - [rpc] [\#3052](https://github.com/tendermint/tendermint/issues/3052) Include peer's remote IP in `/net_info` 1690 1691 ### IMPROVEMENTS: 1692 1693 - [consensus] [\#3086](https://github.com/tendermint/tendermint/issues/3086) Log peerID on ignored votes (@srmo) 1694 - [docs] [\#3061](https://github.com/tendermint/tendermint/issues/3061) Added specification for signing consensus msgs at 1695 ./docs/spec/consensus/signing.md 1696 - [privval] [\#2948](https://github.com/tendermint/tendermint/issues/2948) Memoize pubkey so it's only requested once on startup 1697 - [privval] [\#2923](https://github.com/tendermint/tendermint/issues/2923) Retry RemoteSigner connections on error 1698 1699 ### BUG FIXES: 1700 1701 - [build] [\#3085](https://github.com/tendermint/tendermint/issues/3085) Fix `Version` field in build scripts (@husio) 1702 - [crypto/multisig] [\#3102](https://github.com/tendermint/tendermint/issues/3102) Fix multisig keys address length 1703 - [crypto/encoding] [\#3101](https://github.com/tendermint/tendermint/issues/3101) Fix `PubKeyMultisigThreshold` unmarshalling into `crypto.PubKey` interface 1704 - [p2p/conn] [\#3111](https://github.com/tendermint/tendermint/issues/3111) Make SecretConnection thread safe 1705 - [rpc] [\#3053](https://github.com/tendermint/tendermint/issues/3053) Fix internal error in `/tx_search` when results are empty 1706 (@gianfelipe93) 1707 - [types] [\#2926](https://github.com/tendermint/tendermint/issues/2926) Do not panic if retrieving the privval's public key fails 1708 1709 ## v0.27.4 1710 1711 _December 21st, 2018_ 1712 1713 ### BUG FIXES: 1714 1715 - [mempool] [\#3036](https://github.com/tendermint/tendermint/issues/3036) Fix 1716 LRU cache by popping the least recently used item when the cache is full, 1717 not the most recently used one! 1718 1719 ## v0.27.3 1720 1721 _December 16th, 2018_ 1722 1723 ### BREAKING CHANGES: 1724 1725 - Go API 1726 - [dep] [\#3027](https://github.com/tendermint/tendermint/issues/3027) Revert to mainline Go crypto library, eliminating the modified 1727 `bcrypt.GenerateFromPassword` 1728 1729 ## v0.27.2 1730 1731 _December 16th, 2018_ 1732 1733 ### IMPROVEMENTS: 1734 1735 - [node] [\#3025](https://github.com/tendermint/tendermint/issues/3025) Validate NodeInfo addresses on startup. 1736 1737 ### BUG FIXES: 1738 1739 - [p2p] [\#3025](https://github.com/tendermint/tendermint/pull/3025) Revert to using defers in addrbook. Fixes deadlocks in pex and consensus upon invalid ExternalAddr/ListenAddr configuration. 1740 1741 ## v0.27.1 1742 1743 _December 15th, 2018_ 1744 1745 Special thanks to external contributors on this release: 1746 @danil-lashin, @hleb-albau, @james-ray, @leo-xinwang 1747 1748 ### FEATURES: 1749 1750 - [rpc] [\#2964](https://github.com/tendermint/tendermint/issues/2964) Add `UnconfirmedTxs(limit)` and `NumUnconfirmedTxs()` methods to HTTP/Local clients (@danil-lashin) 1751 - [docs] [\#3004](https://github.com/tendermint/tendermint/issues/3004) Enable full-text search on docs pages 1752 1753 ### IMPROVEMENTS: 1754 1755 - [consensus] [\#2971](https://github.com/tendermint/tendermint/issues/2971) Return error if ValidatorSet is empty after InitChain 1756 (@leo-xinwang) 1757 - [ci/cd] [\#3005](https://github.com/tendermint/tendermint/issues/3005) Updated CircleCI job to trigger website build when docs are updated 1758 - [docs] Various updates 1759 1760 ### BUG FIXES: 1761 1762 - [cmd] [\#2983](https://github.com/tendermint/tendermint/issues/2983) `testnet` command always sets `addr_book_strict = false` 1763 - [config] [\#2980](https://github.com/tendermint/tendermint/issues/2980) Fix CORS options formatting 1764 - [kv indexer] [\#2912](https://github.com/tendermint/tendermint/issues/2912) Don't ignore key when executing CONTAINS 1765 - [mempool] [\#2961](https://github.com/tendermint/tendermint/issues/2961) Call `notifyTxsAvailable` if there're txs left after committing a block, but recheck=false 1766 - [mempool] [\#2994](https://github.com/tendermint/tendermint/issues/2994) Reject txs with negative GasWanted 1767 - [p2p] [\#2990](https://github.com/tendermint/tendermint/issues/2990) Fix a bug where seeds don't disconnect from a peer after 3h 1768 - [consensus] [\#3006](https://github.com/tendermint/tendermint/issues/3006) Save state after InitChain only when stateHeight is also 0 (@james-ray) 1769 1770 ## v0.27.0 1771 1772 _December 5th, 2018_ 1773 1774 Special thanks to external contributors on this release: 1775 @danil-lashin, @srmo 1776 1777 Special thanks to @dlguddus for discovering a [major 1778 issue](https://github.com/tendermint/tendermint/issues/2718#issuecomment-440888677) 1779 in the proposer selection algorithm. 1780 1781 Friendly reminder, we have a [bug bounty 1782 program](https://hackerone.com/tendermint). 1783 1784 This release is primarily about fixes to the proposer selection algorithm 1785 in preparation for the [Cosmos Game of 1786 Stakes](https://blog.cosmos.network/the-game-of-stakes-is-open-for-registration-83a404746ee6). 1787 It also makes use of the `ConsensusParams.Validator.PubKeyTypes` to restrict the 1788 key types that can be used by validators, and removes the `Heartbeat` consensus 1789 message. 1790 1791 ### BREAKING CHANGES: 1792 1793 - CLI/RPC/Config 1794 1795 - [rpc] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `accum` to `proposer_priority` 1796 1797 - Go API 1798 1799 - [db] [\#2913](https://github.com/tendermint/tendermint/pull/2913) 1800 ReverseIterator API change: start < end, and end is exclusive. 1801 - [types] [\#2932](https://github.com/tendermint/tendermint/issues/2932) Rename `Validator.Accum` to `Validator.ProposerPriority` 1802 1803 - Blockchain Protocol 1804 1805 - [state] [\#2714](https://github.com/tendermint/tendermint/issues/2714) Validators can now only use pubkeys allowed within 1806 ConsensusParams.Validator.PubKeyTypes 1807 1808 - P2P Protocol 1809 - [consensus] [\#2871](https://github.com/tendermint/tendermint/issues/2871) 1810 Remove _ProposalHeartbeat_ message as it serves no real purpose (@srmo) 1811 - [state] Fixes for proposer selection: 1812 - [\#2785](https://github.com/tendermint/tendermint/issues/2785) Accum for new validators is `-1.125*totalVotingPower` instead of 0 1813 - [\#2941](https://github.com/tendermint/tendermint/issues/2941) val.Accum is preserved during ValidatorSet.Update to avoid being 1814 reset to 0 1815 1816 ### IMPROVEMENTS: 1817 1818 - [state] [\#2929](https://github.com/tendermint/tendermint/issues/2929) Minor refactor of updateState logic (@danil-lashin) 1819 - [node] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Allow node to start even if software's BlockProtocol is 1820 different from state's BlockProtocol 1821 - [pex] [\#2959](https://github.com/tendermint/tendermint/issues/2959) Pex reactor logger uses `module=pex` 1822 1823 ### BUG FIXES: 1824 1825 - [p2p] [\#2968](https://github.com/tendermint/tendermint/issues/2968) Panic on transport error rather than continuing to run but not 1826 accept new connections 1827 - [p2p] [\#2969](https://github.com/tendermint/tendermint/issues/2969) Fix mismatch in peer count between `/net_info` and the prometheus 1828 metrics 1829 - [rpc] [\#2408](https://github.com/tendermint/tendermint/issues/2408) `/broadcast_tx_commit`: Fix "interface conversion: interface {} in nil, not EventDataTx" panic (could happen if somebody sent a tx using `/broadcast_tx_commit` while Tendermint was being stopped) 1830 - [state] [\#2785](https://github.com/tendermint/tendermint/issues/2785) Fix accum for new validators to be `-1.125*totalVotingPower` 1831 instead of 0, forcing them to wait before becoming the proposer. Also: 1832 - do not batch clip 1833 - keep accums averaged near 0 1834 - [txindex/kv] [\#2925](https://github.com/tendermint/tendermint/issues/2925) Don't return false positives when range searching for a prefix of a tag value 1835 - [types] [\#2938](https://github.com/tendermint/tendermint/issues/2938) Fix regression in v0.26.4 where we panic on empty 1836 genDoc.Validators 1837 - [types] [\#2941](https://github.com/tendermint/tendermint/issues/2941) Preserve val.Accum during ValidatorSet.Update to avoid it being 1838 reset to 0 every time a validator is updated 1839 1840 ## v0.26.4 1841 1842 _November 27th, 2018_ 1843 1844 Special thanks to external contributors on this release: 1845 @ackratos, @goolAdapter, @james-ray, @joe-bowman, @kostko, 1846 @nagarajmanjunath, @tomtau 1847 1848 Friendly reminder, we have a [bug bounty 1849 program](https://hackerone.com/tendermint). 1850 1851 ### FEATURES: 1852 1853 - [rpc] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Enable subscription to tags emitted from `BeginBlock`/`EndBlock` (@kostko) 1854 - [types] [\#2747](https://github.com/tendermint/tendermint/issues/2747) Add `ResultBeginBlock` and `ResultEndBlock` fields to `EventDataNewBlock` 1855 and `EventDataNewBlockHeader` to support subscriptions (@kostko) 1856 - [types] [\#2918](https://github.com/tendermint/tendermint/issues/2918) Add Marshal, MarshalTo, Unmarshal methods to various structs 1857 to support Protobuf compatibility (@nagarajmanjunath) 1858 1859 ### IMPROVEMENTS: 1860 1861 - [config] [\#2877](https://github.com/tendermint/tendermint/issues/2877) Add `blocktime_iota` to the config.toml (@ackratos) 1862 - NOTE: this should be a ConsensusParam, not part of the config, and will be 1863 removed from the config at a later date 1864 ([\#2920](https://github.com/tendermint/tendermint/issues/2920). 1865 - [mempool] [\#2882](https://github.com/tendermint/tendermint/issues/2882) Add txs from Update to cache 1866 - [mempool] [\#2891](https://github.com/tendermint/tendermint/issues/2891) Remove local int64 counter from being stored in every tx 1867 - [node] [\#2866](https://github.com/tendermint/tendermint/issues/2866) Add ability to instantiate IPCVal (@joe-bowman) 1868 1869 ### BUG FIXES: 1870 1871 - [blockchain] [\#2731](https://github.com/tendermint/tendermint/issues/2731) Retry both blocks if either is bad to avoid getting stuck during fast sync (@goolAdapter) 1872 - [consensus] [\#2893](https://github.com/tendermint/tendermint/issues/2893) Use genDoc.Validators instead of state.NextValidators on replay when appHeight==0 (@james-ray) 1873 - [log] [\#2868](https://github.com/tendermint/tendermint/issues/2868) Fix `module=main` setting overriding all others 1874 - NOTE: this changes the default logging behaviour to be much less verbose. 1875 Set `log_level="info"` to restore the previous behaviour. 1876 - [rpc] [\#2808](https://github.com/tendermint/tendermint/issues/2808) Fix `accum` field in `/validators` by calling `IncrementAccum` if necessary 1877 - [rpc] [\#2811](https://github.com/tendermint/tendermint/issues/2811) Allow integer IDs in JSON-RPC requests (@tomtau) 1878 - [txindex/kv] [\#2759](https://github.com/tendermint/tendermint/issues/2759) Fix tx.height range queries 1879 - [txindex/kv] [\#2775](https://github.com/tendermint/tendermint/issues/2775) Order tx results by index if height is the same 1880 - [txindex/kv] [\#2908](https://github.com/tendermint/tendermint/issues/2908) Don't return false positives when searching for a prefix of a tag value 1881 1882 ## v0.26.3 1883 1884 _November 17th, 2018_ 1885 1886 Special thanks to external contributors on this release: 1887 @danil-lashin, @kevlubkcm, @krhubert, @srmo 1888 1889 Friendly reminder, we have a [bug bounty 1890 program](https://hackerone.com/tendermint). 1891 1892 ### BREAKING CHANGES: 1893 1894 - Go API 1895 - [rpc] [\#2791](https://github.com/tendermint/tendermint/issues/2791) Functions that start HTTP servers are now blocking: 1896 - Impacts `StartHTTPServer`, `StartHTTPAndTLSServer`, and `StartGRPCServer` 1897 - These functions now take a `net.Listener` instead of an address 1898 - [rpc] [\#2767](https://github.com/tendermint/tendermint/issues/2767) Subscribing to events 1899 `NewRound` and `CompleteProposal` return new types `EventDataNewRound` and 1900 `EventDataCompleteProposal`, respectively, instead of the generic `EventDataRoundState`. (@kevlubkcm) 1901 1902 ### FEATURES: 1903 1904 - [log] [\#2843](https://github.com/tendermint/tendermint/issues/2843) New `log_format` config option, which can be set to 'plain' for colored 1905 text or 'json' for JSON output 1906 - [types] [\#2767](https://github.com/tendermint/tendermint/issues/2767) New event types EventDataNewRound (with ProposerInfo) and EventDataCompleteProposal (with BlockID). (@kevlubkcm) 1907 1908 ### IMPROVEMENTS: 1909 1910 - [dep] [\#2844](https://github.com/tendermint/tendermint/issues/2844) Dependencies are no longer pinned to an exact version in the 1911 Gopkg.toml: 1912 - Serialization libs are allowed to vary by patch release 1913 - Other libs are allowed to vary by minor release 1914 - [p2p] [\#2857](https://github.com/tendermint/tendermint/issues/2857) "Send failed" is logged at debug level instead of error. 1915 - [rpc] [\#2780](https://github.com/tendermint/tendermint/issues/2780) Add read and write timeouts to HTTP servers 1916 - [state] [\#2848](https://github.com/tendermint/tendermint/issues/2848) Make "Update to validators" msg value pretty (@danil-lashin) 1917 1918 ### BUG FIXES: 1919 1920 - [consensus] [\#2819](https://github.com/tendermint/tendermint/issues/2819) Don't send proposalHearbeat if not a validator 1921 - [docs] [\#2859](https://github.com/tendermint/tendermint/issues/2859) Fix ConsensusParams details in spec 1922 - [libs/autofile] [\#2760](https://github.com/tendermint/tendermint/issues/2760) Comment out autofile permissions check - should fix 1923 running Tendermint on Windows 1924 - [p2p] [\#2869](https://github.com/tendermint/tendermint/issues/2869) Set connection config properly instead of always using default 1925 - [p2p/pex] [\#2802](https://github.com/tendermint/tendermint/issues/2802) Seed mode fixes: 1926 - Only disconnect from inbound peers 1927 - Use FlushStop instead of Sleep to ensure all messages are sent before 1928 disconnecting 1929 1930 ## v0.26.2 1931 1932 _November 15th, 2018_ 1933 1934 Special thanks to external contributors on this release: @hleb-albau, @zhuzeyu 1935 1936 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1937 1938 ### FEATURES: 1939 1940 - [rpc] [\#2582](https://github.com/tendermint/tendermint/issues/2582) Enable CORS on RPC API (@hleb-albau) 1941 1942 ### BUG FIXES: 1943 1944 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Unlock mutex in localClient so even when app panics (e.g. during CheckTx), consensus continue working 1945 - [abci] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Fix DATA RACE in localClient 1946 - [amino] [\#2822](https://github.com/tendermint/tendermint/issues/2822) Update to v0.14.1 to support compiling on 32-bit platforms 1947 - [rpc] [\#2748](https://github.com/tendermint/tendermint/issues/2748) Drain channel before calling Unsubscribe(All) in `/broadcast_tx_commit` 1948 1949 ## v0.26.1 1950 1951 _November 11, 2018_ 1952 1953 Special thanks to external contributors on this release: @katakonst 1954 1955 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 1956 1957 ### IMPROVEMENTS: 1958 1959 - [consensus] [\#2704](https://github.com/tendermint/tendermint/issues/2704) Simplify valid POL round logic 1960 - [docs] [\#2749](https://github.com/tendermint/tendermint/issues/2749) Deduplicate some ABCI docs 1961 - [mempool] More detailed log messages 1962 - [\#2724](https://github.com/tendermint/tendermint/issues/2724) 1963 - [\#2762](https://github.com/tendermint/tendermint/issues/2762) 1964 1965 ### BUG FIXES: 1966 1967 - [autofile] [\#2703](https://github.com/tendermint/tendermint/issues/2703) Do not panic when checking Head size 1968 - [crypto/merkle] [\#2756](https://github.com/tendermint/tendermint/issues/2756) Fix crypto/merkle ProofOperators.Verify to check bounds on keypath parts. 1969 - [mempool] fix a bug where we create a WAL despite `wal_dir` being empty 1970 - [p2p] [\#2771](https://github.com/tendermint/tendermint/issues/2771) Fix `peer-id` label name to `peer_id` in prometheus metrics 1971 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Fix IDs in peer NodeInfo and require them for addresses 1972 in AddressBook 1973 - [p2p] [\#2797](https://github.com/tendermint/tendermint/pull/2797) Do not close conn immediately after sending pex addrs in seed mode. Partial fix for [\#2092](https://github.com/tendermint/tendermint/issues/2092). 1974 1975 ## v0.26.0 1976 1977 _November 2, 2018_ 1978 1979 Special thanks to external contributors on this release: 1980 @bradyjoestar, @connorwstein, @goolAdapter, @HaoyangLiu, 1981 @james-ray, @overbool, @phymbert, @Slamper, @Uzair1995, @yutianwu. 1982 1983 Special thanks to @Slamper for a series of bug reports in our [bug bounty 1984 program](https://hackerone.com/tendermint) which are fixed in this release. 1985 1986 This release is primarily about adding Version fields to various data structures, 1987 optimizing consensus messages for signing and verification in 1988 restricted environments (like HSMs and the Ethereum Virtual Machine), and 1989 aligning the consensus code with the [specification](https://arxiv.org/abs/1807.04938). 1990 It also includes our first take at a generalized merkle proof system, and 1991 changes the length of hashes used for hashing data structures from 20 to 32 1992 bytes. 1993 1994 See the [UPGRADING.md](UPGRADING.md#v0.26.0) for details on upgrading to the new 1995 version. 1996 1997 Please note that we are still making breaking changes to the protocols. 1998 While the new Version fields should help us to keep the software backwards compatible 1999 even while upgrading the protocols, we cannot guarantee that new releases will 2000 be compatible with old chains just yet. We expect there will be another breaking 2001 release or two before the Cosmos Hub launch, but we will otherwise be paying 2002 increasing attention to backwards compatibility. Thanks for bearing with us! 2003 2004 ### BREAKING CHANGES: 2005 2006 - CLI/RPC/Config 2007 2008 - [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are now strings like "3s" and "100ms", not ints 2009 - [config] [\#2505](https://github.com/tendermint/tendermint/issues/2505) Remove Mempool.RecheckEmpty (it was effectively useless anyways) 2010 - [config] [\#2490](https://github.com/tendermint/tendermint/issues/2490) `mempool.wal` is disabled by default 2011 - [privval] [\#2459](https://github.com/tendermint/tendermint/issues/2459) Split `SocketPVMsg`s implementations into Request and Response, where the Response may contain a error message (returned by the remote signer) 2012 - [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version field to State, breaking the format of State as 2013 encoded on disk. 2014 - [rpc] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `/abci_query` takes `prove` argument instead of `trusted` and switches the default 2015 behaviour to `prove=false` 2016 - [rpc] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Remove all `node_info.other.*_version` fields in `/status` and 2017 `/net_info` 2018 - [rpc] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Remove 2019 `_params` suffix from fields in `consensus_params`. 2020 2021 - Apps 2022 2023 - [abci] [\#2298](https://github.com/tendermint/tendermint/issues/2298) ResponseQuery.Proof is now a structured merkle.Proof, not just 2024 arbitrary bytes 2025 - [abci] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version to Header and shift all fields by one 2026 - [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Bump the field numbers for some `ResponseInfo` fields to make room for 2027 `AppVersion` 2028 - [abci] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Updates to ConsensusParams 2029 - Remove `Params` suffix from field names 2030 - Add `Params` suffix to message types 2031 - Add new field and type, `Validator ValidatorParams`, to control what types of validator keys are allowed. 2032 2033 - Go API 2034 2035 - [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Timeouts are time.Duration, not ints 2036 - [crypto/merkle & lite] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Various changes to accomodate General Merkle trees 2037 - [crypto/merkle] [\#2595](https://github.com/tendermint/tendermint/issues/2595) Remove all Hasher objects in favor of byte slices 2038 - [crypto/merkle] [\#2635](https://github.com/tendermint/tendermint/issues/2635) merkle.SimpleHashFromTwoHashes is no longer exported 2039 - [node] [\#2479](https://github.com/tendermint/tendermint/issues/2479) Remove node.RunForever 2040 - [rpc/client] [\#2298](https://github.com/tendermint/tendermint/issues/2298) `ABCIQueryOptions.Trusted` -> `ABCIQueryOptions.Prove` 2041 - [types] [\#2298](https://github.com/tendermint/tendermint/issues/2298) Remove `Index` and `Total` fields from `TxProof`. 2042 - [types] [\#2598](https://github.com/tendermint/tendermint/issues/2598) 2043 `VoteTypeXxx` are now of type `SignedMsgType byte` and named `XxxType`, eg. 2044 `PrevoteType`, `PrecommitType`. 2045 - [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Rename fields in ConsensusParams to remove `Params` suffixes 2046 - [types] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify Proposal message to align with spec 2047 2048 - Blockchain Protocol 2049 2050 - [crypto/tmhash] [\#2732](https://github.com/tendermint/tendermint/issues/2732) TMHASH is now full 32-byte SHA256 2051 - All hashes in the block header and Merkle trees are now 32-bytes 2052 - PubKey Addresses are still only 20-bytes 2053 - [state] [\#2587](https://github.com/tendermint/tendermint/issues/2587) Require block.Time of the fist block to be genesis time 2054 - [state] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Require block.Version to match state.Version 2055 - [types] Update SignBytes for `Vote`/`Proposal`/`Heartbeat`: 2056 - [\#2459](https://github.com/tendermint/tendermint/issues/2459) Use amino encoding instead of JSON in `SignBytes`. 2057 - [\#2598](https://github.com/tendermint/tendermint/issues/2598) Reorder fields and use fixed sized encoding. 2058 - [\#2598](https://github.com/tendermint/tendermint/issues/2598) Change `Type` field from `string` to `byte` and use new 2059 `SignedMsgType` to enumerate. 2060 - [types] [\#2730](https://github.com/tendermint/tendermint/issues/2730) Use 2061 same order for fields in `Vote` as in the SignBytes 2062 - [types] [\#2732](https://github.com/tendermint/tendermint/issues/2732) Remove the address field from the validator hash 2063 - [types] [\#2644](https://github.com/tendermint/tendermint/issues/2644) Add Version struct to Header 2064 - [types] [\#2609](https://github.com/tendermint/tendermint/issues/2609) ConsensusParams.Hash() is the hash of the amino encoded 2065 struct instead of the Merkle tree of the fields 2066 - [types] [\#2670](https://github.com/tendermint/tendermint/issues/2670) Header.Hash() builds Merkle tree out of fields in the same 2067 order they appear in the header, instead of sorting by field name 2068 - [types] [\#2682](https://github.com/tendermint/tendermint/issues/2682) Use proto3 `varint` encoding for ints that are usually unsigned (instead of zigzag encoding). 2069 - [types] [\#2636](https://github.com/tendermint/tendermint/issues/2636) Add Validator field to ConsensusParams 2070 (Used to control which pubkey types validators can use, by abci type). 2071 2072 - P2P Protocol 2073 - [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) 2074 Replace `CommitStepMessage` with `NewValidBlockMessage` 2075 - [consensus] [\#2735](https://github.com/tendermint/tendermint/issues/2735) Simplify `Proposal` message to align with spec 2076 - [consensus] [\#2730](https://github.com/tendermint/tendermint/issues/2730) 2077 Add `Type` field to `Proposal` and use same order of fields as in the 2078 SignBytes for both `Proposal` and `Vote` 2079 - [p2p] [\#2654](https://github.com/tendermint/tendermint/issues/2654) Add `ProtocolVersion` struct with protocol versions to top of 2080 DefaultNodeInfo and require `ProtocolVersion.Block` to match during peer handshake 2081 2082 ### FEATURES: 2083 2084 - [abci] [\#2557](https://github.com/tendermint/tendermint/issues/2557) Add `Codespace` field to `Response{CheckTx, DeliverTx, Query}` 2085 - [abci] [\#2662](https://github.com/tendermint/tendermint/issues/2662) Add `BlockVersion` and `P2PVersion` to `RequestInfo` 2086 - [crypto/merkle] [\#2298](https://github.com/tendermint/tendermint/issues/2298) General Merkle Proof scheme for chaining various types of Merkle trees together 2087 - [docs/architecture] [\#1181](https://github.com/tendermint/tendermint/issues/1181) S 2088 plit immutable and mutable parts of priv_validator.json 2089 2090 ### IMPROVEMENTS: 2091 2092 - Additional Metrics 2093 - [consensus] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2094 - [p2p] [\#2169](https://github.com/cosmos/cosmos-sdk/issues/2169) 2095 - [config] [\#2232](https://github.com/tendermint/tendermint/issues/2232) Added ValidateBasic method, which performs basic checks 2096 - [crypto/ed25519] [\#2558](https://github.com/tendermint/tendermint/issues/2558) Switch to use latest `golang.org/x/crypto` through our fork at 2097 github.com/tendermint/crypto 2098 - [libs/log] [\#2707](https://github.com/tendermint/tendermint/issues/2707) Add year to log format (@yutianwu) 2099 - [tools] [\#2238](https://github.com/tendermint/tendermint/issues/2238) Binary dependencies are now locked to a specific git commit 2100 2101 ### BUG FIXES: 2102 2103 - [\#2711](https://github.com/tendermint/tendermint/issues/2711) Validate all incoming reactor messages. Fixes various bugs due to negative ints. 2104 - [autofile] [\#2428](https://github.com/tendermint/tendermint/issues/2428) Group.RotateFile need call Flush() before rename (@goolAdapter) 2105 - [common] [\#2533](https://github.com/tendermint/tendermint/issues/2533) Fixed a bug in the `BitArray.Or` method 2106 - [common] [\#2506](https://github.com/tendermint/tendermint/issues/2506) Fixed a bug in the `BitArray.Sub` method (@james-ray) 2107 - [common] [\#2534](https://github.com/tendermint/tendermint/issues/2534) Fix `BitArray.PickRandom` to choose uniformly from true bits 2108 - [consensus] [\#1690](https://github.com/tendermint/tendermint/issues/1690) Wait for 2109 timeoutPrecommit before starting next round 2110 - [consensus] [\#1745](https://github.com/tendermint/tendermint/issues/1745) Wait for 2111 Proposal or timeoutProposal before entering prevote 2112 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Only propose ValidBlock, not LockedBlock 2113 - [consensus] [\#2642](https://github.com/tendermint/tendermint/issues/2642) Initialized ValidRound and LockedRound to -1 2114 - [consensus] [\#1637](https://github.com/tendermint/tendermint/issues/1637) Limit the amount of evidence that can be included in a 2115 block 2116 - [consensus] [\#2652](https://github.com/tendermint/tendermint/issues/2652) Ensure valid block property with faulty proposer 2117 - [evidence] [\#2515](https://github.com/tendermint/tendermint/issues/2515) Fix db iter leak (@goolAdapter) 2118 - [libs/event] [\#2518](https://github.com/tendermint/tendermint/issues/2518) Fix event concurrency flaw (@goolAdapter) 2119 - [node] [\#2434](https://github.com/tendermint/tendermint/issues/2434) Make node respond to signal interrupts while sleeping for genesis time 2120 - [state] [\#2616](https://github.com/tendermint/tendermint/issues/2616) Pass nil to NewValidatorSet() when genesis file's Validators field is nil 2121 - [p2p] [\#2555](https://github.com/tendermint/tendermint/issues/2555) Fix p2p switch FlushThrottle value (@goolAdapter) 2122 - [p2p] [\#2668](https://github.com/tendermint/tendermint/issues/2668) Reconnect to originally dialed address (not self-reported address) for persistent peers 2123 2124 ## v0.25.0 2125 2126 _September 22, 2018_ 2127 2128 Special thanks to external contributors on this release: 2129 @scriptionist, @bradyjoestar, @WALL-E 2130 2131 This release is mostly about the ConsensusParams - removing fields and enforcing MaxGas. 2132 It also addresses some issues found via security audit, removes various unused 2133 functions from `libs/common`, and implements 2134 [ADR-012](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-012-peer-transport.md). 2135 2136 Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint). 2137 2138 BREAKING CHANGES: 2139 2140 - CLI/RPC/Config 2141 2142 - [rpc] [\#2391](https://github.com/tendermint/tendermint/issues/2391) /status `result.node_info.other` became a map 2143 - [types] [\#2364](https://github.com/tendermint/tendermint/issues/2364) Remove `TxSize` and `BlockGossip` from `ConsensusParams` 2144 - Maximum tx size is now set implicitly via the `BlockSize.MaxBytes` 2145 - The size of block parts in the consensus is now fixed to 64kB 2146 2147 - Apps 2148 2149 - [mempool] [\#2360](https://github.com/tendermint/tendermint/issues/2360) Mempool tracks the `ResponseCheckTx.GasWanted` and 2150 `ConsensusParams.BlockSize.MaxGas` and enforces: 2151 - `GasWanted <= MaxGas` for every tx 2152 - `(sum of GasWanted in block) <= MaxGas` for block proposal 2153 2154 - Go API 2155 - [libs/common] [\#2431](https://github.com/tendermint/tendermint/issues/2431) Remove Word256 due to lack of use 2156 - [libs/common] [\#2452](https://github.com/tendermint/tendermint/issues/2452) Remove the following functions due to lack of use: 2157 - byteslice.go: cmn.IsZeros, cmn.RightPadBytes, cmn.LeftPadBytes, cmn.PrefixEndBytes 2158 - strings.go: cmn.IsHex, cmn.StripHex 2159 - int.go: Uint64Slice, all put/get int64 methods 2160 2161 FEATURES: 2162 2163 - [rpc] [\#2415](https://github.com/tendermint/tendermint/issues/2415) New `/consensus_params?height=X` endpoint to query the consensus 2164 params at any height (@scriptonist) 2165 - [types] [\#1714](https://github.com/tendermint/tendermint/issues/1714) Add Address to GenesisValidator 2166 - [metrics] [\#2337](https://github.com/tendermint/tendermint/issues/2337) `consensus.block_interval_metrics` is now gauge, not histogram (you will be able to see spikes, if any) 2167 - [libs] [\#2286](https://github.com/tendermint/tendermint/issues/2286) Panic if `autofile` or `db/fsdb` permissions change from 0600. 2168 2169 IMPROVEMENTS: 2170 2171 - [libs/db] [\#2371](https://github.com/tendermint/tendermint/issues/2371) Output error instead of panic when the given `db_backend` is not initialised (@bradyjoestar) 2172 - [mempool] [\#2399](https://github.com/tendermint/tendermint/issues/2399) Make mempool cache a proper LRU (@bradyjoestar) 2173 - [p2p] [\#2126](https://github.com/tendermint/tendermint/issues/2126) Introduce PeerTransport interface to improve isolation of concerns 2174 - [libs/common] [\#2326](https://github.com/tendermint/tendermint/issues/2326) Service returns ErrNotStarted 2175 2176 BUG FIXES: 2177 2178 - [node] [\#2294](https://github.com/tendermint/tendermint/issues/2294) Delay starting node until Genesis time 2179 - [consensus] [\#2048](https://github.com/tendermint/tendermint/issues/2048) Correct peer statistics for marking peer as good 2180 - [rpc] [\#2460](https://github.com/tendermint/tendermint/issues/2460) StartHTTPAndTLSServer() now passes StartTLS() errors back to the caller rather than hanging forever. 2181 - [p2p] [\#2047](https://github.com/tendermint/tendermint/issues/2047) Accept new connections asynchronously 2182 - [tm-bench] [\#2410](https://github.com/tendermint/tendermint/issues/2410) Enforce minimum transaction size (@WALL-E) 2183 2184 ## 0.24.0 2185 2186 _September 6th, 2018_ 2187 2188 Special thanks to external contributors with PRs included in this release: ackratos, james-ray, bradyjoestar, 2189 peerlink, Ahmah2009, bluele, b00f. 2190 2191 This release includes breaking upgrades in the block header, 2192 including the long awaited changes for delaying validator set updates by one 2193 block to better support light clients. 2194 It also fixes enforcement on the maximum size of blocks, and includes a BFT 2195 timestamp in each block that can be safely used by applications. 2196 There are also some minor breaking changes to the rpc, config, and ABCI. 2197 2198 See the [UPGRADING.md](UPGRADING.md#v0.24.0) for details on upgrading to the new 2199 version. 2200 2201 From here on, breaking changes will be broken down to better reflect how users 2202 are affected by a change. 2203 2204 A few more breaking changes are in the works - each will come with a clear 2205 Architecture Decision Record (ADR) explaining the change. You can review ADRs 2206 [here](https://github.com/tendermint/tendermint/tree/develop/docs/architecture) 2207 or in the [open Pull Requests](https://github.com/tendermint/tendermint/pulls). 2208 You can also check in on the [issues marked as 2209 breaking](https://github.com/tendermint/tendermint/issues?q=is%3Aopen+is%3Aissue+label%3Abreaking). 2210 2211 BREAKING CHANGES: 2212 2213 - CLI/RPC/Config 2214 2215 - [config] [\#2169](https://github.com/tendermint/tendermint/issues/2169) Replace MaxNumPeers with MaxNumInboundPeers and MaxNumOutboundPeers 2216 - [config] [\#2300](https://github.com/tendermint/tendermint/issues/2300) Reduce default mempool size from 100k to 5k, until ABCI rechecking is implemented. 2217 - [rpc] [\#1815](https://github.com/tendermint/tendermint/issues/1815) `/commit` returns a `signed_header` field instead of everything being top-level 2218 2219 - Apps 2220 2221 - [abci] Added address of the original proposer of the block to Header 2222 - [abci] Change ABCI Header to match Tendermint exactly 2223 - [abci] [\#2159](https://github.com/tendermint/tendermint/issues/2159) Update use of `Validator` (see 2224 [ADR-018](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-018-ABCI-Validators.md)): 2225 - Remove PubKey from `Validator` (so it's just Address and Power) 2226 - Introduce `ValidatorUpdate` (with just PubKey and Power) 2227 - InitChain and EndBlock use ValidatorUpdate 2228 - Update field names and types in BeginBlock 2229 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block 2230 - updates returned in ResponseEndBlock for block H will be included in RequestBeginBlock for block H+2 2231 2232 - Go API 2233 2234 - [lite] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Complete refactor of the package 2235 - [node] [\#2212](https://github.com/tendermint/tendermint/issues/2212) NewNode now accepts a `*p2p.NodeKey` (@bradyjoestar) 2236 - [libs/common] [\#2199](https://github.com/tendermint/tendermint/issues/2199) Remove Fmt, in favor of fmt.Sprintf 2237 - [libs/common] SplitAndTrim was deleted 2238 - [libs/common] [\#2274](https://github.com/tendermint/tendermint/issues/2274) Remove unused Math functions like MaxInt, MaxInt64, 2239 MinInt, MinInt64 (@Ahmah2009) 2240 - [libs/clist] Panics if list extends beyond MaxLength 2241 - [crypto] [\#2205](https://github.com/tendermint/tendermint/issues/2205) Rename AminoRoute variables to no longer be prefixed by signature type. 2242 2243 - Blockchain Protocol 2244 2245 - [state] [\#1815](https://github.com/tendermint/tendermint/issues/1815) Validator set changes are now delayed by one block (!) 2246 - Add NextValidatorSet to State, changes on-disk representation of state 2247 - [state] [\#2184](https://github.com/tendermint/tendermint/issues/2184) Enforce ConsensusParams.BlockSize.MaxBytes (See 2248 [ADR-020](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-020-block-size.md)). 2249 - Remove ConsensusParams.BlockSize.MaxTxs 2250 - Introduce maximum sizes for all components of a block, including ChainID 2251 - [types] Updates to the block Header: 2252 - [\#1815](https://github.com/tendermint/tendermint/issues/1815) NextValidatorsHash - hash of the validator set for the next block, 2253 so the current validators actually sign over the hash for the new 2254 validators 2255 - [\#2106](https://github.com/tendermint/tendermint/issues/2106) ProposerAddress - address of the block's original proposer 2256 - [consensus] [\#2203](https://github.com/tendermint/tendermint/issues/2203) Implement BFT time 2257 - Timestamp in block must be monotonic and equal the median of timestamps in block's LastCommit 2258 - [crypto] [\#2239](https://github.com/tendermint/tendermint/issues/2239) Secp256k1 signature changes (See 2259 [ADR-014](https://github.com/tendermint/tendermint/blob/develop/docs/architecture/adr-014-secp-malleability.md)): 2260 - format changed from DER to `r || s`, both little endian encoded as 32 bytes. 2261 - malleability removed by requiring `s` to be in canonical form. 2262 2263 - P2P Protocol 2264 - [p2p] [\#2263](https://github.com/tendermint/tendermint/issues/2263) Update secret connection to use a little endian encoded nonce 2265 - [blockchain] [\#2213](https://github.com/tendermint/tendermint/issues/2213) Fix Amino routes for blockchain reactor messages 2266 (@peerlink) 2267 2268 FEATURES: 2269 2270 - [types] [\#2015](https://github.com/tendermint/tendermint/issues/2015) Allow genesis file to have 0 validators (@b00f) 2271 - Initial validator set can be determined by the app in ResponseInitChain 2272 - [rpc] [\#2161](https://github.com/tendermint/tendermint/issues/2161) New event `ValidatorSetUpdates` for when the validator set changes 2273 - [crypto/multisig] [\#2164](https://github.com/tendermint/tendermint/issues/2164) Introduce multisig pubkey and signature format 2274 - [libs/db] [\#2293](https://github.com/tendermint/tendermint/issues/2293) Allow passing options through when creating instances of leveldb dbs 2275 2276 IMPROVEMENTS: 2277 2278 - [docs] Lint documentation with `write-good` and `stop-words`. 2279 - [docs] [\#2249](https://github.com/tendermint/tendermint/issues/2249) Refactor, deduplicate, and improve the ABCI docs and spec (with thanks to @ttmc). 2280 - [scripts] [\#2196](https://github.com/tendermint/tendermint/issues/2196) Added json2wal tool, which is supposed to help our users restore (@bradyjoestar) 2281 corrupted WAL files and compose test WAL files (@bradyjoestar) 2282 - [mempool] [\#2234](https://github.com/tendermint/tendermint/issues/2234) Now stores txs by hash inside of the cache, to mitigate memory leakage 2283 - [mempool] [\#2166](https://github.com/tendermint/tendermint/issues/2166) Set explicit capacity for map when updating txs (@bluele) 2284 2285 BUG FIXES: 2286 2287 - [config] [\#2284](https://github.com/tendermint/tendermint/issues/2284) Replace `db_path` with `db_dir` from automatically generated configuration files. 2288 - [mempool] [\#2188](https://github.com/tendermint/tendermint/issues/2188) Fix OOM issue from cache map and list getting out of sync 2289 - [state] [\#2051](https://github.com/tendermint/tendermint/issues/2051) KV store index supports searching by `tx.height` (@ackratos) 2290 - [rpc] [\#2327](https://github.com/tendermint/tendermint/issues/2327) `/dial_peers` does not try to dial existing peers 2291 - [node] [\#2323](https://github.com/tendermint/tendermint/issues/2323) Filter empty strings from config lists (@james-ray) 2292 - [abci/client] [\#2236](https://github.com/tendermint/tendermint/issues/2236) Fix closing GRPC connection (@bradyjoestar) 2293 2294 ## 0.23.1 2295 2296 _August 22nd, 2018_ 2297 2298 BUG FIXES: 2299 2300 - [libs/autofile] [\#2261](https://github.com/tendermint/tendermint/issues/2261) Fix log rotation so it actually happens. 2301 - Fixes issues with consensus WAL growing unbounded ala [\#2259](https://github.com/tendermint/tendermint/issues/2259) 2302 2303 ## 0.23.0 2304 2305 _August 5th, 2018_ 2306 2307 This release includes breaking upgrades in our P2P encryption, 2308 some ABCI messages, and how we encode time and signatures. 2309 2310 A few more changes are still coming to the Header, ABCI, 2311 and validator set handling to better support light clients, BFT time, and 2312 upgrades. Most notably, validator set changes will be delayed by one block (see 2313 [#1815][i1815]). 2314 2315 We also removed `make ensure_deps` in favour of `make get_vendor_deps`. 2316 2317 BREAKING CHANGES: 2318 2319 - [abci] Changed time format from int64 to google.protobuf.Timestamp 2320 - [abci] Changed Validators to LastCommitInfo in RequestBeginBlock 2321 - [abci] Removed Fee from ResponseDeliverTx and ResponseCheckTx 2322 - [crypto] Switch crypto.Signature from interface to []byte for space efficiency 2323 [#2128](https://github.com/tendermint/tendermint/pull/2128) 2324 - NOTE: this means signatures no longer have the prefix bytes in Amino 2325 binary nor the `type` field in Amino JSON. They're just bytes. 2326 - [p2p] Remove salsa and ripemd primitives, in favor of using chacha as a stream cipher, and hkdf [#2054](https://github.com/tendermint/tendermint/pull/2054) 2327 - [tools] Removed `make ensure_deps` in favor of `make get_vendor_deps` 2328 - [types] CanonicalTime uses nanoseconds instead of clipping to ms 2329 - breaks serialization/signing of all messages with a timestamp 2330 2331 FEATURES: 2332 2333 - [tools] Added `make check_dep` 2334 - ensures gopkg.lock is synced with gopkg.toml 2335 - ensures no branches are used in the gopkg.toml 2336 2337 IMPROVEMENTS: 2338 2339 - [blockchain] Improve fast-sync logic 2340 [#1805](https://github.com/tendermint/tendermint/pull/1805) 2341 - tweak params 2342 - only process one block at a time to avoid starving 2343 - [common] bit array functions which take in another parameter are now thread safe 2344 - [crypto] Switch hkdfchachapoly1305 to xchachapoly1305 2345 - [p2p] begin connecting to peers as soon a seed node provides them to you ([#2093](https://github.com/tendermint/tendermint/issues/2093)) 2346 2347 BUG FIXES: 2348 2349 - [common] Safely handle cases where atomic write files already exist [#2109](https://github.com/tendermint/tendermint/issues/2109) 2350 - [privval] fix a deadline for accepting new connections in socket private 2351 validator. 2352 - [p2p] Allow startup if a configured seed node's IP can't be resolved ([#1716](https://github.com/tendermint/tendermint/issues/1716)) 2353 - [node] Fully exit when CTRL-C is pressed even if consensus state panics [#2072](https://github.com/tendermint/tendermint/issues/2072) 2354 2355 [i1815]: https://github.com/tendermint/tendermint/pull/1815 2356 2357 ## 0.22.8 2358 2359 _July 26th, 2018_ 2360 2361 BUG FIXES 2362 2363 - [consensus, blockchain] Fix 0.22.7 below. 2364 2365 ## 0.22.7 2366 2367 _July 26th, 2018_ 2368 2369 BUG FIXES 2370 2371 - [consensus, blockchain] Register the Evidence interface so it can be 2372 marshalled/unmarshalled by the blockchain and consensus reactors 2373 2374 ## 0.22.6 2375 2376 _July 24th, 2018_ 2377 2378 BUG FIXES 2379 2380 - [rpc] Fix `/blockchain` endpoint 2381 - (#2049) Fix OOM attack by returning error on negative input 2382 - Fix result length to have max 20 (instead of 21) block metas 2383 - [rpc] Validate height is non-negative in `/abci_query` 2384 - [consensus] (#2050) Include evidence in proposal block parts (previously evidence was 2385 not being included in blocks!) 2386 - [p2p] (#2046) Close rejected inbound connections so file descriptor doesn't 2387 leak 2388 - [Gopkg] (#2053) Fix versions in the toml 2389 2390 ## 0.22.5 2391 2392 _July 23th, 2018_ 2393 2394 BREAKING CHANGES: 2395 2396 - [crypto] Refactor `tendermint/crypto` into many subpackages 2397 - [libs/common] remove exponentially distributed random numbers 2398 2399 IMPROVEMENTS: 2400 2401 - [abci, libs/common] Generated gogoproto static marshaller methods 2402 - [config] Increase default send/recv rates to 5 mB/s 2403 - [p2p] reject addresses coming from private peers 2404 - [p2p] allow persistent peers to be private 2405 2406 BUG FIXES: 2407 2408 - [mempool] fixed a race condition when `create_empty_blocks=false` where a 2409 transaction is published at an old height. 2410 - [p2p] dial external IP setup by `persistent_peers`, not internal NAT IP 2411 - [rpc] make `/status` RPC endpoint resistant to consensus halt 2412 2413 ## 0.22.4 2414 2415 _July 14th, 2018_ 2416 2417 BREAKING CHANGES: 2418 2419 - [genesis] removed deprecated `app_options` field. 2420 - [types] Genesis.AppStateJSON -> Genesis.AppState 2421 2422 FEATURES: 2423 2424 - [tools] Merged in from github.com/tendermint/tools 2425 2426 BUG FIXES: 2427 2428 - [tools/tm-bench] Various fixes 2429 - [consensus] Wait for WAL to stop on shutdown 2430 - [abci] Fix #1891, pending requests cannot hang when abci server dies. 2431 Previously a crash in BeginBlock could leave tendermint in broken state. 2432 2433 ## 0.22.3 2434 2435 _July 10th, 2018_ 2436 2437 IMPROVEMENTS 2438 2439 - Update dependencies 2440 - pin all values in Gopkg.toml to version or commit 2441 - update golang/protobuf to v1.1.0 2442 2443 ## 0.22.2 2444 2445 _July 10th, 2018_ 2446 2447 IMPROVEMENTS 2448 2449 - More cleanup post repo merge! 2450 - [docs] Include `ecosystem.json` and `tendermint-bft.md` from deprecated `aib-data` repository. 2451 - [config] Add `instrumentation.max_open_connections`, which limits the number 2452 of requests in flight to Prometheus server (if enabled). Default: 3. 2453 2454 BUG FIXES 2455 2456 - [rpc] Allow unquoted integers in requests 2457 - NOTE: this is only for URI requests. JSONRPC requests and all responses 2458 will use quoted integers (the proto3 JSON standard). 2459 - [consensus] Fix halt on shutdown 2460 2461 ## 0.22.1 2462 2463 _July 5th, 2018_ 2464 2465 IMPROVEMENTS 2466 2467 - Cleanup post repo-merge. 2468 - [docs] Various improvements. 2469 2470 BUG FIXES 2471 2472 - [state] Return error when EndBlock returns a 0-power validator that isn't 2473 already in the validator set. 2474 - [consensus] Shut down WAL properly. 2475 2476 ## 0.22.0 2477 2478 _July 2nd, 2018_ 2479 2480 BREAKING CHANGES: 2481 2482 - [config] 2483 - Remove `max_block_size_txs` and `max_block_size_bytes` in favor of 2484 consensus params from the genesis file. 2485 - Rename `skip_upnp` to `upnp`, and turn it off by default. 2486 - Change `max_packet_msg_size` back to `max_packet_msg_payload_size` 2487 - [rpc] 2488 - All integers are encoded as strings (part of the update for Amino v0.10.1) 2489 - `syncing` is now called `catching_up` 2490 - [types] Update Amino to v0.10.1 2491 - Amino is now fully proto3 compatible for the basic types 2492 - JSON-encoded types now use the type name instead of the prefix bytes 2493 - Integers are encoded as strings 2494 - [crypto] Update go-crypto to v0.10.0 and merge into `crypto` 2495 - privKey.Sign returns error. 2496 - ed25519 address changed to the first 20-bytes of the SHA256 of the raw pubkey bytes 2497 - `tmlibs/merkle` -> `crypto/merkle`. Uses SHA256 instead of RIPEMD160 2498 - [tmlibs] Update to v0.9.0 and merge into `libs` 2499 - remove `merkle` package (moved to `crypto/merkle`) 2500 2501 FEATURES 2502 2503 - [cmd] Added metrics (served under `/metrics` using a Prometheus client; 2504 disabled by default). See the new `instrumentation` section in the config and 2505 [metrics](https://tendermint.readthedocs.io/projects/tools/en/develop/metrics.html) 2506 guide. 2507 - [p2p] Add IPv6 support to peering. 2508 - [p2p] Add `external_address` to config to allow specifying the address for 2509 peers to dial 2510 2511 IMPROVEMENT 2512 2513 - [rpc/client] Supports https and wss now. 2514 - [crypto] Make public key size into public constants 2515 - [mempool] Log tx hash, not entire tx 2516 - [abci] Merged in github.com/tendermint/abci 2517 - [crypto] Merged in github.com/tendermint/go-crypto 2518 - [libs] Merged in github.com/tendermint/tmlibs 2519 - [docs] Move from .rst to .md 2520 2521 BUG FIXES: 2522 2523 - [rpc] Limit maximum number of HTTP/WebSocket connections 2524 (`rpc.max_open_connections`) and gRPC connections 2525 (`rpc.grpc_max_open_connections`). Check out "Running In Production" guide if 2526 you want to increase them. 2527 - [rpc] Limit maximum request body size to 1MB (header is limited to 1MB). 2528 - [consensus] Fix a halting bug where `create_empty_blocks=false` 2529 - [p2p] Fix panic in seed mode 2530 2531 ## 0.21.0 2532 2533 _June 21th, 2018_ 2534 2535 BREAKING CHANGES 2536 2537 - [config] Change default ports from 4665X to 2665X. Ports over 32768 are 2538 ephemeral and reserved for use by the kernel. 2539 - [cmd] `unsafe_reset_all` removes the addrbook.json 2540 2541 IMPROVEMENT 2542 2543 - [pubsub] Set default capacity to 0 2544 - [docs] Various improvements 2545 2546 BUG FIXES 2547 2548 - [consensus] Fix an issue where we don't make blocks after `fast_sync` when `create_empty_blocks=false` 2549 - [mempool] Fix #1761 where we don't process txs if `cache_size=0` 2550 - [rpc] Fix memory leak in Websocket (when using `/subscribe` method) 2551 - [config] Escape paths in config - fixes config paths on Windows 2552 2553 ## 0.20.0 2554 2555 _June 6th, 2018_ 2556 2557 This is the first in a series of breaking releases coming to Tendermint after 2558 soliciting developer feedback and conducting security audits. 2559 2560 This release does not break any blockchain data structures or 2561 protocols other than the ABCI messages between Tendermint and the application. 2562 2563 Applications that upgrade for ABCI v0.11.0 should be able to continue running Tendermint 2564 v0.20.0 on blockchains created with v0.19.X 2565 2566 BREAKING CHANGES 2567 2568 - [abci] Upgrade to 2569 [v0.11.0](https://github.com/tendermint/abci/blob/master/CHANGELOG.md#0110) 2570 - [abci] Change Query path for filtering peers by node ID from 2571 `p2p/filter/pubkey/<id>` to `p2p/filter/id/<id>` 2572 2573 ## 0.19.9 2574 2575 _June 5th, 2018_ 2576 2577 BREAKING CHANGES 2578 2579 - [types/priv_validator] Moved to top level `privval` package 2580 2581 FEATURES 2582 2583 - [config] Collapse PeerConfig into P2PConfig 2584 - [docs] Add quick-install script 2585 - [docs/spec] Add table of Amino prefixes 2586 2587 BUG FIXES 2588 2589 - [rpc] Return 404 for unknown endpoints 2590 - [consensus] Flush WAL on stop 2591 - [evidence] Don't send evidence to peers that are behind 2592 - [p2p] Fix memory leak on peer disconnects 2593 - [rpc] Fix panic when `per_page=0` 2594 2595 ## 0.19.8 2596 2597 _June 4th, 2018_ 2598 2599 BREAKING: 2600 2601 - [p2p] Remove `auth_enc` config option, peer connections are always auth 2602 encrypted. Technically a breaking change but seems no one was using it and 2603 arguably a bug fix :) 2604 2605 BUG FIXES 2606 2607 - [mempool] Fix deadlock under high load when `skip_timeout_commit=true` and 2608 `create_empty_blocks=false` 2609 2610 ## 0.19.7 2611 2612 _May 31st, 2018_ 2613 2614 BREAKING: 2615 2616 - [libs/pubsub] TagMap#Get returns a string value 2617 - [libs/pubsub] NewTagMap accepts a map of strings 2618 2619 FEATURES 2620 2621 - [rpc] the RPC documentation is now published to https://tendermint.github.io/slate 2622 - [p2p] AllowDuplicateIP config option to refuse connections from same IP. 2623 - true by default for now, false by default in next breaking release 2624 - [docs] Add docs for query, tx indexing, events, pubsub 2625 - [docs] Add some notes about running Tendermint in production 2626 2627 IMPROVEMENTS: 2628 2629 - [consensus] Consensus reactor now receives events from a separate synchronous event bus, 2630 which is not dependant on external RPC load 2631 - [consensus/wal] do not look for height in older files if we've seen height - 1 2632 - [docs] Various cleanup and link fixes 2633 2634 ## 0.19.6 2635 2636 _May 29th, 2018_ 2637 2638 BUG FIXES 2639 2640 - [blockchain] Fix fast-sync deadlock during high peer turnover 2641 2642 BUG FIX: 2643 2644 - [evidence] Dont send peers evidence from heights they haven't synced to yet 2645 - [p2p] Refuse connections to more than one peer with the same IP 2646 - [docs] Various fixes 2647 2648 ## 0.19.5 2649 2650 _May 20th, 2018_ 2651 2652 BREAKING CHANGES 2653 2654 - [rpc/client] TxSearch and UnconfirmedTxs have new arguments (see below) 2655 - [rpc/client] TxSearch returns ResultTxSearch 2656 - [version] Breaking changes to Go APIs will not be reflected in breaking 2657 version change, but will be included in changelog. 2658 2659 FEATURES 2660 2661 - [rpc] `/tx_search` takes `page` (starts at 1) and `per_page` (max 100, default 30) args to paginate results 2662 - [rpc] `/unconfirmed_txs` takes `limit` (max 100, default 30) arg to limit the output 2663 - [config] `mempool.size` and `mempool.cache_size` options 2664 2665 IMPROVEMENTS 2666 2667 - [docs] Lots of updates 2668 - [consensus] Only Fsync() the WAL before executing msgs from ourselves 2669 2670 BUG FIXES 2671 2672 - [mempool] Enforce upper bound on number of transactions 2673 2674 ## 0.19.4 (May 17th, 2018) 2675 2676 IMPROVEMENTS 2677 2678 - [state] Improve tx indexing by using batches 2679 - [consensus, state] Improve logging (more consensus logs, fewer tx logs) 2680 - [spec] Moved to `docs/spec` (TODO cleanup the rest of the docs ...) 2681 2682 BUG FIXES 2683 2684 - [consensus] Fix issue #1575 where a late proposer can get stuck 2685 2686 ## 0.19.3 (May 14th, 2018) 2687 2688 FEATURES 2689 2690 - [rpc] New `/consensus_state` returns just the votes seen at the current height 2691 2692 IMPROVEMENTS 2693 2694 - [rpc] Add stringified votes and fraction of power voted to `/dump_consensus_state` 2695 - [rpc] Add PeerStateStats to `/dump_consensus_state` 2696 2697 BUG FIXES 2698 2699 - [cmd] Set GenesisTime during `tendermint init` 2700 - [consensus] fix ValidBlock rules 2701 2702 ## 0.19.2 (April 30th, 2018) 2703 2704 FEATURES: 2705 2706 - [p2p] Allow peers with different Minor versions to connect 2707 - [rpc] `/net_info` includes `n_peers` 2708 2709 IMPROVEMENTS: 2710 2711 - [p2p] Various code comments, cleanup, error types 2712 - [p2p] Change some Error logs to Debug 2713 2714 BUG FIXES: 2715 2716 - [p2p] Fix reconnect to persistent peer when first dial fails 2717 - [p2p] Validate NodeInfo.ListenAddr 2718 - [p2p] Only allow (MaxNumPeers - MaxNumOutboundPeers) inbound peers 2719 - [p2p/pex] Limit max msg size to 64kB 2720 - [p2p] Fix panic when pex=false 2721 - [p2p] Allow multiple IPs per ID in AddrBook 2722 - [p2p] Fix before/after bugs in addrbook isBad() 2723 2724 ## 0.19.1 (April 27th, 2018) 2725 2726 Note this release includes some small breaking changes in the RPC and one in the 2727 config that are really bug fixes. v0.19.1 will work with existing chains, and make Tendermint 2728 easier to use and debug. With <3 2729 2730 BREAKING (MINOR) 2731 2732 - [config] Removed `wal_light` setting. If you really needed this, let us know 2733 2734 FEATURES: 2735 2736 - [networks] moved in tooling from devops repo: terraform and ansible scripts for deploying testnets ! 2737 - [cmd] Added `gen_node_key` command 2738 2739 BUG FIXES 2740 2741 Some of these are breaking in the RPC response, but they're really bugs! 2742 2743 - [spec] Document address format and pubkey encoding pre and post Amino 2744 - [rpc] Lower case JSON field names 2745 - [rpc] Fix missing entries, improve, and lower case the fields in `/dump_consensus_state` 2746 - [rpc] Fix NodeInfo.Channels format to hex 2747 - [rpc] Add Validator address to `/status` 2748 - [rpc] Fix `prove` in ABCIQuery 2749 - [cmd] MarshalJSONIndent on init 2750 2751 ## 0.19.0 (April 13th, 2018) 2752 2753 BREAKING: 2754 2755 - [cmd] improved `testnet` command; now it can fill in `persistent_peers` for you in the config file and much more (see `tendermint testnet --help` for details) 2756 - [cmd] `show_node_id` now returns an error if there is no node key 2757 - [rpc]: changed the output format for the `/status` endpoint (see https://godoc.org/github.com/tendermint/tendermint/rpc/core#Status) 2758 2759 Upgrade from go-wire to go-amino. This is a sweeping change that breaks everything that is 2760 serialized to disk or over the network. 2761 2762 See github.com/tendermint/go-amino for details on the new format. 2763 2764 See `scripts/wire2amino.go` for a tool to upgrade 2765 genesis/priv_validator/node_key JSON files. 2766 2767 FEATURES 2768 2769 - [test] docker-compose for local testnet setup (thanks Greg!) 2770 2771 ## 0.18.0 (April 6th, 2018) 2772 2773 BREAKING: 2774 2775 - [types] Merkle tree uses different encoding for varints (see tmlibs v0.8.0) 2776 - [types] ValidtorSet.GetByAddress returns -1 if no validator found 2777 - [p2p] require all addresses come with an ID no matter what 2778 - [rpc] Listening address must contain tcp:// or unix:// prefix 2779 2780 FEATURES: 2781 2782 - [rpc] StartHTTPAndTLSServer (not used yet) 2783 - [rpc] Include validator's voting power in `/status` 2784 - [rpc] `/tx` and `/tx_search` responses now include the transaction hash 2785 - [rpc] Include peer NodeIDs in `/net_info` 2786 2787 IMPROVEMENTS: 2788 2789 - [config] trim whitespace from elements of lists (like `persistent_peers`) 2790 - [rpc] `/tx_search` results are sorted by height 2791 - [p2p] do not try to connect to ourselves (ok, maybe only once) 2792 - [p2p] seeds respond with a bias towards good peers 2793 2794 BUG FIXES: 2795 2796 - [rpc] fix subscribing using an abci.ResponseDeliverTx tag 2797 - [rpc] fix tx_indexers matchRange 2798 - [rpc] fix unsubscribing (see tmlibs v0.8.0) 2799 2800 ## 0.17.1 (March 27th, 2018) 2801 2802 BUG FIXES: 2803 2804 - [types] Actually support `app_state` in genesis as `AppStateJSON` 2805 2806 ## 0.17.0 (March 27th, 2018) 2807 2808 BREAKING: 2809 2810 - [types] WriteSignBytes -> SignBytes 2811 2812 IMPROVEMENTS: 2813 2814 - [all] renamed `dummy` (`persistent_dummy`) to `kvstore` (`persistent_kvstore`) (name "dummy" is deprecated and will not work in the next breaking release) 2815 - [docs] note on determinism (docs/determinism.rst) 2816 - [genesis] `app_options` field is deprecated. please rename it to `app_state` in your genesis file(s). `app_options` will not work in the next breaking release 2817 - [p2p] dial seeds directly without potential peers 2818 - [p2p] exponential backoff for addrs in the address book 2819 - [p2p] mark peer as good if it contributed enough votes or block parts 2820 - [p2p] stop peer if it sends incorrect data, msg to unknown channel, msg we did not expect 2821 - [p2p] when `auth_enc` is true, all dialed peers must have a node ID in their address 2822 - [spec] various improvements 2823 - switched from glide to dep internally for package management 2824 - [wire] prep work for upgrading to new go-wire (which is now called go-amino) 2825 2826 FEATURES: 2827 2828 - [config] exposed `auth_enc` flag to enable/disable encryption 2829 - [config] added the `--p2p.private_peer_ids` flag and `PrivatePeerIDs` config variable (see config for description) 2830 - [rpc] added `/health` endpoint, which returns empty result for now 2831 - [types/priv_validator] new format and socket client, allowing for remote signing 2832 2833 BUG FIXES: 2834 2835 - [consensus] fix liveness bug by introducing ValidBlock mechanism 2836 2837 ## 0.16.0 (February 20th, 2018) 2838 2839 BREAKING CHANGES: 2840 2841 - [config] use $TMHOME/config for all config and json files 2842 - [p2p] old `--p2p.seeds` is now `--p2p.persistent_peers` (persistent peers to which TM will always connect to) 2843 - [p2p] now `--p2p.seeds` only used for getting addresses (if addrbook is empty; not persistent) 2844 - [p2p] NodeInfo: remove RemoteAddr and add Channels 2845 - we must have at least one overlapping channel with peer 2846 - we only send msgs for channels the peer advertised 2847 - [p2p/conn] pong timeout 2848 - [lite] comment out IAVL related code 2849 2850 FEATURES: 2851 2852 - [p2p] added new `/dial_peers&persistent=_` **unsafe** endpoint 2853 - [p2p] persistent node key in `$THMHOME/config/node_key.json` 2854 - [p2p] introduce peer ID and authenticate peers by ID using addresses like `ID@IP:PORT` 2855 - [p2p/pex] new seed mode crawls the network and serves as a seed. 2856 - [config] MempoolConfig.CacheSize 2857 - [config] P2P.SeedMode (`--p2p.seed_mode`) 2858 2859 IMPROVEMENT: 2860 2861 - [p2p/pex] stricter rules in the PEX reactor for better handling of abuse 2862 - [p2p] various improvements to code structure including subpackages for `pex` and `conn` 2863 - [docs] new spec! 2864 - [all] speed up the tests! 2865 2866 BUG FIX: 2867 2868 - [blockchain] StopPeerForError on timeout 2869 - [consensus] StopPeerForError on a bad Maj23 message 2870 - [state] flush mempool conn before calling commit 2871 - [types] fix priv val signing things that only differ by timestamp 2872 - [mempool] fix memory leak causing zombie peers 2873 - [p2p/conn] fix potential deadlock 2874 2875 ## 0.15.0 (December 29, 2017) 2876 2877 BREAKING CHANGES: 2878 2879 - [p2p] enable the Peer Exchange reactor by default 2880 - [types] add Timestamp field to Proposal/Vote 2881 - [types] add new fields to Header: TotalTxs, ConsensusParamsHash, LastResultsHash, EvidenceHash 2882 - [types] add Evidence to Block 2883 - [types] simplify ValidateBasic 2884 - [state] updates to support changes to the header 2885 - [state] Enforce <1/3 of validator set can change at a time 2886 2887 FEATURES: 2888 2889 - [state] Send indices of absent validators and addresses of byzantine validators in BeginBlock 2890 - [state] Historical ConsensusParams and ABCIResponses 2891 - [docs] Specification for the base Tendermint data structures. 2892 - [evidence] New evidence reactor for gossiping and managing evidence 2893 - [rpc] `/block_results?height=X` returns the DeliverTx results for a given height. 2894 2895 IMPROVEMENTS: 2896 2897 - [consensus] Better handling of corrupt WAL file 2898 2899 BUG FIXES: 2900 2901 - [lite] fix race 2902 - [state] validate block.Header.ValidatorsHash 2903 - [p2p] allow seed addresses to be prefixed with eg. `tcp://` 2904 - [p2p] use consistent key to refer to peers so we dont try to connect to existing peers 2905 - [cmd] fix `tendermint init` to ignore files that are there and generate files that aren't. 2906 2907 ## 0.14.0 (December 11, 2017) 2908 2909 BREAKING CHANGES: 2910 2911 - consensus/wal: removed separator 2912 - rpc/client: changed Subscribe/Unsubscribe/UnsubscribeAll funcs signatures to be identical to event bus. 2913 2914 FEATURES: 2915 2916 - new `tendermint lite` command (and `lite/proxy` pkg) for running a light-client RPC proxy. 2917 NOTE it is currently insecure and its APIs are not yet covered by semver 2918 2919 IMPROVEMENTS: 2920 2921 - rpc/client: can act as event bus subscriber (See https://github.com/tendermint/tendermint/issues/945). 2922 - p2p: use exponential backoff from seconds to hours when attempting to reconnect to persistent peer 2923 - config: moniker defaults to the machine's hostname instead of "anonymous" 2924 2925 BUG FIXES: 2926 2927 - p2p: no longer exit if one of the seed addresses is incorrect 2928 2929 ## 0.13.0 (December 6, 2017) 2930 2931 BREAKING CHANGES: 2932 2933 - abci: update to v0.8 using gogo/protobuf; includes tx tags, vote info in RequestBeginBlock, data.Bytes everywhere, use int64, etc. 2934 - types: block heights are now `int64` everywhere 2935 - types & node: EventSwitch and EventCache have been replaced by EventBus and EventBuffer; event types have been overhauled 2936 - node: EventSwitch methods now refer to EventBus 2937 - rpc/lib/types: RPCResponse is no longer a pointer; WSRPCConnection interface has been modified 2938 - rpc/client: WaitForOneEvent takes an EventsClient instead of types.EventSwitch 2939 - rpc/client: Add/RemoveListenerForEvent are now Subscribe/Unsubscribe 2940 - rpc/core/types: ResultABCIQuery wraps an abci.ResponseQuery 2941 - rpc: `/subscribe` and `/unsubscribe` take `query` arg instead of `event` 2942 - rpc: `/status` returns the LatestBlockTime in human readable form instead of in nanoseconds 2943 - mempool: cached transactions return an error instead of an ABCI response with BadNonce 2944 2945 FEATURES: 2946 2947 - rpc: new `/unsubscribe_all` WebSocket RPC endpoint 2948 - rpc: new `/tx_search` endpoint for filtering transactions by more complex queries 2949 - p2p/trust: new trust metric for tracking peers. See ADR-006 2950 - config: TxIndexConfig allows to set what DeliverTx tags to index 2951 2952 IMPROVEMENTS: 2953 2954 - New asynchronous events system using `tmlibs/pubsub` 2955 - logging: Various small improvements 2956 - consensus: Graceful shutdown when app crashes 2957 - tests: Fix various non-deterministic errors 2958 - p2p: more defensive programming 2959 2960 BUG FIXES: 2961 2962 - consensus: fix panic where prs.ProposalBlockParts is not initialized 2963 - p2p: fix panic on bad channel 2964 2965 ## 0.12.1 (November 27, 2017) 2966 2967 BUG FIXES: 2968 2969 - upgrade tmlibs dependency to enable Windows builds for Tendermint 2970 2971 ## 0.12.0 (October 27, 2017) 2972 2973 BREAKING CHANGES: 2974 2975 - rpc/client: websocket ResultsCh and ErrorsCh unified in ResponsesCh. 2976 - rpc/client: ABCIQuery no longer takes `prove` 2977 - state: remove GenesisDoc from state. 2978 - consensus: new binary WAL format provides efficiency and uses checksums to detect corruption 2979 - use scripts/wal2json to convert to json for debugging 2980 2981 FEATURES: 2982 2983 - new `Verifiers` pkg contains the tendermint light-client library (name subject to change)! 2984 - rpc: `/genesis` includes the `app_options` . 2985 - rpc: `/abci_query` takes an additional `height` parameter to support historical queries. 2986 - rpc/client: new ABCIQueryWithOptions supports options like `trusted` (set false to get a proof) and `height` to query a historical height. 2987 2988 IMPROVEMENTS: 2989 2990 - rpc: `/genesis` result includes `app_options` 2991 - rpc/lib/client: add jitter to reconnects. 2992 - rpc/lib/types: `RPCError` satisfies the `error` interface. 2993 2994 BUG FIXES: 2995 2996 - rpc/client: fix ws deadlock after stopping 2997 - blockchain: fix panic on AddBlock when peer is nil 2998 - mempool: fix sending on TxsAvailable when a tx has been invalidated 2999 - consensus: dont run WAL catchup if we fast synced 3000 3001 ## 0.11.1 (October 10, 2017) 3002 3003 IMPROVEMENTS: 3004 3005 - blockchain/reactor: respondWithNoResponseMessage for missing height 3006 3007 BUG FIXES: 3008 3009 - rpc: fixed client WebSocket timeout 3010 - rpc: client now resubscribes on reconnection 3011 - rpc: fix panics on missing params 3012 - rpc: fix `/dump_consensus_state` to have normal json output (NOTE: technically breaking, but worth a bug fix label) 3013 - types: fixed out of range error in VoteSet.addVote 3014 - consensus: fix wal autofile via https://github.com/tendermint/tmlibs/blob/master/CHANGELOG.md#032-october-2-2017 3015 3016 ## 0.11.0 (September 22, 2017) 3017 3018 BREAKING: 3019 3020 - genesis file: validator `amount` is now `power` 3021 - abci: Info, BeginBlock, InitChain all take structs 3022 - rpc: various changes to match JSONRPC spec (http://www.jsonrpc.org/specification), including breaking ones: 3023 3024 - requests that previously returned HTTP code 4XX now return 200 with an error code in the JSONRPC. 3025 - `rpctypes.RPCResponse` uses new `RPCError` type instead of `string`. 3026 3027 - cmd: if there is no genesis, exit immediately instead of waiting around for one to show. 3028 - types: `Signer.Sign` returns an error. 3029 - state: every validator set change is persisted to disk, which required some changes to the `State` structure. 3030 - p2p: new `p2p.Peer` interface used for all reactor methods (instead of `*p2p.Peer` struct). 3031 3032 FEATURES: 3033 3034 - rpc: `/validators?height=X` allows querying of validators at previous heights. 3035 - rpc: Leaving the `height` param empty for `/block`, `/validators`, and `/commit` will return the value for the latest height. 3036 3037 IMPROVEMENTS: 3038 3039 - docs: Moved all docs from the website and tools repo in, converted to `.rst`, and cleaned up for presentation on `tendermint.readthedocs.io` 3040 3041 BUG FIXES: 3042 3043 - fix WAL openning issue on Windows 3044 3045 ## 0.10.4 (September 5, 2017) 3046 3047 IMPROVEMENTS: 3048 3049 - docs: Added Slate docs to each rpc function (see rpc/core) 3050 - docs: Ported all website docs to Read The Docs 3051 - config: expose some p2p params to tweak performance: RecvRate, SendRate, and MaxMsgPacketPayloadSize 3052 - rpc: Upgrade the websocket client and server, including improved auto reconnect, and proper ping/pong 3053 3054 BUG FIXES: 3055 3056 - consensus: fix panic on getVoteBitArray 3057 - consensus: hang instead of panicking on byzantine consensus failures 3058 - cmd: dont load config for version command 3059 3060 ## 0.10.3 (August 10, 2017) 3061 3062 FEATURES: 3063 3064 - control over empty block production: 3065 - new flag, `--consensus.create_empty_blocks`; when set to false, blocks are only created when there are txs or when the AppHash changes. 3066 - new config option, `consensus.create_empty_blocks_interval`; an empty block is created after this many seconds. 3067 - in normal operation, `create_empty_blocks = true` and `create_empty_blocks_interval = 0`, so blocks are being created all the time (as in all previous versions of tendermint). The number of empty blocks can be reduced by increasing `create_empty_blocks_interval` or by setting `create_empty_blocks = false`. 3068 - new `TxsAvailable()` method added to Mempool that returns a channel which fires when txs are available. 3069 - new heartbeat message added to consensus reactor to notify peers that a node is waiting for txs before entering propose step. 3070 - rpc: Add `syncing` field to response returned by `/status`. Is `true` while in fast-sync mode. 3071 3072 IMPROVEMENTS: 3073 3074 - various improvements to documentation and code comments 3075 3076 BUG FIXES: 3077 3078 - mempool: pass height into constructor so it doesn't always start at 0 3079 3080 ## 0.10.2 (July 10, 2017) 3081 3082 FEATURES: 3083 3084 - Enable lower latency block commits by adding consensus reactor sleep durations and p2p flush throttle timeout to the config 3085 3086 IMPROVEMENTS: 3087 3088 - More detailed logging in the consensus reactor and state machine 3089 - More in-code documentation for many exposed functions, especially in consensus/reactor.go and p2p/switch.go 3090 - Improved readability for some function definitions and code blocks with long lines 3091 3092 ## 0.10.1 (June 28, 2017) 3093 3094 FEATURES: 3095 3096 - Use `--trace` to get stack traces for logged errors 3097 - types: GenesisDoc.ValidatorHash returns the hash of the genesis validator set 3098 - types: GenesisDocFromFile parses a GenesiDoc from a JSON file 3099 3100 IMPROVEMENTS: 3101 3102 - Add a Code of Conduct 3103 - Variety of improvements as suggested by `megacheck` tool 3104 - rpc: deduplicate tests between rpc/client and rpc/tests 3105 - rpc: addresses without a protocol prefix default to `tcp://`. `http://` is also accepted as an alias for `tcp://` 3106 - cmd: commands are more easily reuseable from other tools 3107 - DOCKER: automate build/push 3108 3109 BUG FIXES: 3110 3111 - Fix log statements using keys with spaces (logger does not currently support spaces) 3112 - rpc: set logger on websocket connection 3113 - rpc: fix ws connection stability by setting write deadline on pings 3114 3115 ## 0.10.0 (June 2, 2017) 3116 3117 Includes major updates to configuration, logging, and json serialization. 3118 Also includes the Grand Repo-Merge of 2017. 3119 3120 BREAKING CHANGES: 3121 3122 - Config and Flags: 3123 3124 - The `config` map is replaced with a [`Config` struct](https://github.com/tendermint/tendermint/blob/master/config/config.go#L11), 3125 containing substructs: `BaseConfig`, `P2PConfig`, `MempoolConfig`, `ConsensusConfig`, `RPCConfig` 3126 - This affects the following flags: 3127 - `--seeds` is now `--p2p.seeds` 3128 - `--node_laddr` is now `--p2p.laddr` 3129 - `--pex` is now `--p2p.pex` 3130 - `--skip_upnp` is now `--p2p.skip_upnp` 3131 - `--rpc_laddr` is now `--rpc.laddr` 3132 - `--grpc_laddr` is now `--rpc.grpc_laddr` 3133 - Any configuration option now within a substract must come under that heading in the `config.toml`, for instance: 3134 3135 ``` 3136 [p2p] 3137 laddr="tcp://1.2.3.4:46656" 3138 3139 [consensus] 3140 timeout_propose=1000 3141 ``` 3142 3143 - Use viper and `DefaultConfig() / TestConfig()` functions to handle defaults, and remove `config/tendermint` and `config/tendermint_test` 3144 - Change some function and method signatures to 3145 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) accomodate new config 3146 3147 - Logger 3148 3149 - Replace static `log15` logger with a simple interface, and provide a new implementation using `go-kit`. 3150 See our new [logging library](https://github.com/tendermint/tmlibs/log) and [blog post](https://tendermint.com/blog/abstracting-the-logger-interface-in-go) for more details 3151 - Levels `warn` and `notice` are removed (you may need to change them in your `config.toml`!) 3152 - Change some [function and method signatures](https://gist.github.com/ebuchman/640d5fc6c2605f73497992fe107ebe0b) to accept a logger 3153 3154 - JSON serialization: 3155 3156 - Replace `[TypeByte, Xxx]` with `{"type": "some-type", "data": Xxx}` in RPC and all `.json` files by using `go-wire/data`. For instance, a public key is now: 3157 ``` 3158 "pub_key": { 3159 "type": "ed25519", 3160 "data": "83DDF8775937A4A12A2704269E2729FCFCD491B933C4B0A7FFE37FE41D7760D0" 3161 } 3162 ``` 3163 - Remove type information about RPC responses, so `[TypeByte, {"jsonrpc": "2.0", ... }]` is now just `{"jsonrpc": "2.0", ... }` 3164 - Change `[]byte` to `data.Bytes` in all serialized types (for hex encoding) 3165 - Lowercase the JSON tags in `ValidatorSet` fields 3166 - Introduce `EventDataInner` for serializing events 3167 3168 - Other: 3169 - Send InitChain message in handshake if `appBlockHeight == 0` 3170 - Do not include the `Accum` field when computing the validator hash. This makes the ValidatorSetHash unique for a given validator set, rather than changing with every block (as the Accum changes) 3171 - Unsafe RPC calls are not enabled by default. This includes `/dial_seeds`, and all calls prefixed with `unsafe`. Use the `--rpc.unsafe` flag to enable. 3172 3173 FEATURES: 3174 3175 - Per-module log levels. For instance, the new default is `state:info,*:error`, which means the `state` package logs at `info` level, and everything else logs at `error` level 3176 - Log if a node is validator or not in every consensus round 3177 - Use ldflags to set git hash as part of the version 3178 - Ignore `address` and `pub_key` fields in `priv_validator.json` and overwrite them with the values derrived from the `priv_key` 3179 3180 IMPROVEMENTS: 3181 3182 - Merge `tendermint/go-p2p -> tendermint/tendermint/p2p` and `tendermint/go-rpc -> tendermint/tendermint/rpc/lib` 3183 - Update paths for grand repo merge: 3184 - `go-common -> tmlibs/common` 3185 - `go-data -> go-wire/data` 3186 - All other `go-` libs, except `go-crypto` and `go-wire`, are merged under `tmlibs` 3187 - No global loggers (loggers are passed into constructors, or preferably set with a SetLogger method) 3188 - Return HTTP status codes with errors for RPC responses 3189 - Limit `/blockchain_info` call to return a maximum of 20 blocks 3190 - Use `.Wrap()` and `.Unwrap()` instead of eg. `PubKeyS` for `go-crypto` types 3191 - RPC JSON responses use pretty printing (via `json.MarshalIndent`) 3192 - Color code different instances of the consensus for tests 3193 - Isolate viper to `cmd/tendermint/commands` and do not read config from file for tests 3194 3195 ## 0.9.2 (April 26, 2017) 3196 3197 BUG FIXES: 3198 3199 - Fix bug in `ResetPrivValidator` where we were using the global config and log (causing external consumers, eg. basecoin, to fail). 3200 3201 ## 0.9.1 (April 21, 2017) 3202 3203 FEATURES: 3204 3205 - Transaction indexing - txs are indexed by their hash using a simple key-value store; easily extended to more advanced indexers 3206 - New `/tx?hash=X` endpoint to query for transactions and their DeliverTx result by hash. Optionally returns a proof of the tx's inclusion in the block 3207 - `tendermint testnet` command initializes files for a testnet 3208 3209 IMPROVEMENTS: 3210 3211 - CLI now uses Cobra framework 3212 - TMROOT is now TMHOME (TMROOT will stop working in 0.10.0) 3213 - `/broadcast_tx_XXX` also returns the Hash (can be used to query for the tx) 3214 - `/broadcast_tx_commit` also returns the height the block was committed in 3215 - ABCIResponses struct persisted to disk before calling Commit; makes handshake replay much cleaner 3216 - WAL uses #ENDHEIGHT instead of #HEIGHT (#HEIGHT will stop working in 0.10.0) 3217 - Peers included via `--seeds`, under `seeds` in the config, or in `/dial_seeds` are now persistent, and will be reconnected to if the connection breaks 3218 3219 BUG FIXES: 3220 3221 - Fix bug in fast-sync where we stop syncing after a peer is removed, even if they're re-added later 3222 - Fix handshake replay to handle validator set changes and results of DeliverTx when we crash after app.Commit but before state.Save() 3223 3224 ## 0.9.0 (March 6, 2017) 3225 3226 BREAKING CHANGES: 3227 3228 - Update ABCI to v0.4.0, where Query is now `Query(RequestQuery) ResponseQuery`, enabling precise proofs at particular heights: 3229 3230 ``` 3231 message RequestQuery{ 3232 bytes data = 1; 3233 string path = 2; 3234 uint64 height = 3; 3235 bool prove = 4; 3236 } 3237 3238 message ResponseQuery{ 3239 CodeType code = 1; 3240 int64 index = 2; 3241 bytes key = 3; 3242 bytes value = 4; 3243 bytes proof = 5; 3244 uint64 height = 6; 3245 string log = 7; 3246 } 3247 ``` 3248 3249 - `BlockMeta` data type unifies its Hash and PartSetHash under a `BlockID`: 3250 3251 ``` 3252 type BlockMeta struct { 3253 BlockID BlockID `json:"block_id"` // the block hash and partsethash 3254 Header *Header `json:"header"` // The block's Header 3255 } 3256 ``` 3257 3258 - `ValidatorSet.Proposer` is exposed as a field and persisted with the `State`. Use `GetProposer()` to initialize or update after validator-set changes. 3259 3260 - `tendermint gen_validator` command output is now pure JSON 3261 3262 FEATURES: 3263 3264 - New RPC endpoint `/commit?height=X` returns header and commit for block at height `X` 3265 - Client API for each endpoint, including mocks for testing 3266 3267 IMPROVEMENTS: 3268 3269 - `Node` is now a `BaseService` 3270 - Simplified starting Tendermint in-process from another application 3271 - Better organized Makefile 3272 - Scripts for auto-building binaries across platforms 3273 - Docker image improved, slimmed down (using Alpine), and changed from tendermint/tmbase to tendermint/tendermint 3274 - New repo files: `CONTRIBUTING.md`, Github `ISSUE_TEMPLATE`, `CHANGELOG.md` 3275 - Improvements on CircleCI for managing build/test artifacts 3276 - Handshake replay is doen through the consensus package, possibly using a mockApp 3277 - Graceful shutdown of RPC listeners 3278 - Tests for the PEX reactor and DialSeeds 3279 3280 BUG FIXES: 3281 3282 - Check peer.Send for failure before updating PeerState in consensus 3283 - Fix panic in `/dial_seeds` with invalid addresses 3284 - Fix proposer selection logic in ValidatorSet by taking the address into account in the `accumComparable` 3285 - Fix inconcistencies with `ValidatorSet.Proposer` across restarts by persisting it in the `State` 3286 3287 ## 0.8.0 (January 13, 2017) 3288 3289 BREAKING CHANGES: 3290 3291 - New data type `BlockID` to represent blocks: 3292 3293 ``` 3294 type BlockID struct { 3295 Hash []byte `json:"hash"` 3296 PartsHeader PartSetHeader `json:"parts"` 3297 } 3298 ``` 3299 3300 - `Vote` data type now includes validator address and index: 3301 3302 ``` 3303 type Vote struct { 3304 ValidatorAddress []byte `json:"validator_address"` 3305 ValidatorIndex int `json:"validator_index"` 3306 Height int `json:"height"` 3307 Round int `json:"round"` 3308 Type byte `json:"type"` 3309 BlockID BlockID `json:"block_id"` // zero if vote is nil. 3310 Signature crypto.Signature `json:"signature"` 3311 } 3312 ``` 3313 3314 - Update TMSP to v0.3.0, where it is now called ABCI and AppendTx is DeliverTx 3315 - Hex strings in the RPC are now "0x" prefixed 3316 3317 FEATURES: 3318 3319 - New message type on the ConsensusReactor, `Maj23Msg`, for peers to alert others they've seen a Maj23, 3320 in order to track and handle conflicting votes intelligently to prevent Byzantine faults from causing halts: 3321 3322 ``` 3323 type VoteSetMaj23Message struct { 3324 Height int 3325 Round int 3326 Type byte 3327 BlockID types.BlockID 3328 } 3329 ``` 3330 3331 - Configurable block part set size 3332 - Validator set changes 3333 - Optionally skip TimeoutCommit if we have all the votes 3334 - Handshake between Tendermint and App on startup to sync latest state and ensure consistent recovery from crashes 3335 - GRPC server for BroadcastTx endpoint 3336 3337 IMPROVEMENTS: 3338 3339 - Less verbose logging 3340 - Better test coverage (37% -> 49%) 3341 - Canonical SignBytes for signable types 3342 - Write-Ahead Log for Mempool and Consensus via tmlibs/autofile 3343 - Better in-process testing for the consensus reactor and byzantine faults 3344 - Better crash/restart testing for individual nodes at preset failure points, and of networks at arbitrary points 3345 - Better abstraction over timeout mechanics 3346 3347 BUG FIXES: 3348 3349 - Fix memory leak in mempool peer 3350 - Fix panic on POLRound=-1 3351 - Actually set the CommitTime 3352 - Actually send BeginBlock message 3353 - Fix a liveness issues caused by Byzantine proposals/votes. Uses the new `Maj23Msg`. 3354 3355 ## 0.7.4 (December 14, 2016) 3356 3357 FEATURES: 3358 3359 - Enable the Peer Exchange reactor with the `--pex` flag for more resilient gossip network (feature still in development, beware dragons) 3360 3361 IMPROVEMENTS: 3362 3363 - Remove restrictions on RPC endpoint `/dial_seeds` to enable manual network configuration 3364 3365 ## 0.7.3 (October 20, 2016) 3366 3367 IMPROVEMENTS: 3368 3369 - Type safe FireEvent 3370 - More WAL/replay tests 3371 - Cleanup some docs 3372 3373 BUG FIXES: 3374 3375 - Fix deadlock in mempool for synchronous apps 3376 - Replay handles non-empty blocks 3377 - Fix race condition in HeightVoteSet 3378 3379 ## 0.7.2 (September 11, 2016) 3380 3381 BUG FIXES: 3382 3383 - Set mustConnect=false so tendermint will retry connecting to the app 3384 3385 ## 0.7.1 (September 10, 2016) 3386 3387 FEATURES: 3388 3389 - New TMSP connection for Query/Info 3390 - New RPC endpoints: 3391 - `tmsp_query` 3392 - `tmsp_info` 3393 - Allow application to filter peers through Query (off by default) 3394 3395 IMPROVEMENTS: 3396 3397 - TMSP connection type enforced at compile time 3398 - All listen/client urls use a "tcp://" or "unix://" prefix 3399 3400 BUG FIXES: 3401 3402 - Save LastSignature/LastSignBytes to `priv_validator.json` for recovery 3403 - Fix event unsubscribe 3404 - Fix fastsync/blockchain reactor 3405 3406 ## 0.7.0 (August 7, 2016) 3407 3408 BREAKING CHANGES: 3409 3410 - Strict SemVer starting now! 3411 - Update to ABCI v0.2.0 3412 - Validation types now called Commit 3413 - NewBlock event only returns the block header 3414 3415 FEATURES: 3416 3417 - TMSP and RPC support TCP and UNIX sockets 3418 - Addition config options including block size and consensus parameters 3419 - New WAL mode `cswal_light`; logs only the validator's own votes 3420 - New RPC endpoints: 3421 - for starting/stopping profilers, and for updating config 3422 - `/broadcast_tx_commit`, returns when tx is included in a block, else an error 3423 - `/unsafe_flush_mempool`, empties the mempool 3424 3425 IMPROVEMENTS: 3426 3427 - Various optimizations 3428 - Remove bad or invalidated transactions from the mempool cache (allows later duplicates) 3429 - More elaborate testing using CircleCI including benchmarking throughput on 4 digitalocean droplets 3430 3431 BUG FIXES: 3432 3433 - Various fixes to WAL and replay logic 3434 - Various race conditions 3435 3436 ## PreHistory 3437 3438 Strict versioning only began with the release of v0.7.0, in late summer 2016. 3439 The project itself began in early summer 2014 and was workable decentralized cryptocurrency software by the end of that year. 3440 Through the course of 2015, in collaboration with Eris Industries (now Monax Industries), 3441 many additional features were integrated, including an implementation from scratch of the Ethereum Virtual Machine. 3442 That implementation now forms the heart of [Burrow](https://github.com/hyperledger/burrow). 3443 In the later half of 2015, the consensus algorithm was upgraded with a more asynchronous design and a more deterministic and robust implementation. 3444 3445 By late 2015, frustration with the difficulty of forking a large monolithic stack to create alternative cryptocurrency designs led to the 3446 invention of the Application Blockchain Interface (ABCI), then called the Tendermint Socket Protocol (TMSP). 3447 The Ethereum Virtual Machine and various other transaction features were removed, and Tendermint was whittled down to a core consensus engine 3448 driving an application running in another process. 3449 The ABCI interface and implementation were iterated on and improved over the course of 2016, 3450 until versioned history kicked in with v0.7.0.