Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 31 million developers.Sign up
EOSIO v1.0 Release Notes (since Dawn 4.2)
With the release of EOSIO v1.0 we’ve got a few small changes from Dawn 4.2. Below is a summary of the more interesting updates since our last release.
Introducing bnet Plugin
This release introduces an alternative P2P network protocol based upon boost::beast websockets and enables multi-threaded networking and faster syncing.
This net plugin works side-by-side with the existing net plugin, though it will only talk to other bnet_plugins on the network. It is entirely independent / optional. To get up and running with the new plugin, simply include eosio::bnet_plugin in your config file or through the command line.
Early this week, Dan Larimer announced the bug bounty program which drew significant attention from the community. We’ve since launched the EOSIO Bug Bounty Program in partnership with the leading ethical hacker-powered security platform, HackerOne. This on-going program will harness the collective intelligence and capabilities of the Block.one Engineering team and leading security researchers via HackerOne’s user-friendly interface.
To submit a report, please visit https://hackerone.com/eosio
Nodes may want the ability to blacklist or whitelist certain contracts from executing on their node under the context of producing a block (either speculatively or as the real block producer that will then sign the block).
Such an ability, particularly whitelisting, will be quite handy early on in the first bootstrapping process of an EOSIO blockchain to provide confidence that the core functionality of the chain (system contract, token contract, multisig contract, and native actions) are all working together properly prior to opening up the chain to arbitrary user-submitted contracts which greatly increase the attack surface.
A whitelist or blacklist can be provided just like other nodeos options (in config.ini or via command line arguments) for contracts and actors (i.e. the authorizing accounts of a transaction).
To support this feature, four new options were added to the chain plugin via nodeos. They are “--actor-whitelist”, “--actor-blacklist”, “--contract-whitelist”, and “--contract-blacklist”.
For the full details, please visit the GitHub issue: #3376
Out-of-process Block Signing Private Keys (Experimental)
This release introduces basic support for connecting a producing nodeos process to a keosd process for the purpose of removing sensitive data (the block signing key) from the the process running untrusted smart contract code. Additionally, this feature paves the way for future support of Hardware Security Modules (HSM).
Connections between keosd and nodeos can be secured by TLS; and the two processes can be hosted in different containers, virtual machines, or even remote endpoints.
Other Notable Updates
Require wallet password when revealing private keys
Some small changes to RPC endpoints and cleos options. Any command that would reveal a private key now requires the wallet’s password. “/v1/wallet/list_keys” now requires two parameters, the name of the wallet and the wallet’s password. There is a new command in cleos, “private_keys”, that maps directly to the “/v1/wallet/list_keys” endpoint. Furthermore, the existing command “keys” now only returns public keys.
Expose runtime options in the producer api plugin
Two new endpoints have been created to expose and update runtime parameters in nodeos. The command “/v1/producers/get_runtime_options” takes no parameters and returns a json object of producer plugin specific config.ini and command line parameters in use. A second command “/v1/producers/update_runtime_options” takes a json payload to set corresponding parameters. Each field is optional, so you don’t have to set all options, you can use it sparsely. The settings will take effect immediately.
“genesis-json” option no longer supported in the config file
Following the changes from the Dawn 4.2 release around the genesis.json file, we’ve removed the “genesis-json” option from the config.ini file as a valid parameter. This can only be passed in from the command line and should only happen on a fresh node without blocks prior to synchronizing with the network.
New config option p2p-max-nodes-per-host
Added a new config item, “p2p-max-nodes-per-host”, to limit the number of client connections accepted from any one host IP address. This defaults to 1.
keosd no longer started for operations where it isn't necessary
We have disable the launch of keosd for get, version, net, and create key subcommands.
Changed the default port for cleos actions from port 80 or 443
Sets the default port to the expected value based on the URL scheme if you pass in a custom URL. The default value is still “http://localhost:8888” if nothing is passed in.
Changed the default “max-irreversible-block-age” to unlimited
The default for “max-irreversible-block-age” is now unlimited. You can set the value to unlimited explicitly by passing “-1” to the option in the config or the command line. Block producers should set this to a reasonable number in the config.ini file.
Creating a new account now requires a buy RAM command
In order to create a new account, you are now required to either “--buy-ram”, which takes tokens as a parameter, or “--buy-ram-kbytes”, which takes the amount of RAM you want to buy in kilobytes.