Skip to content

Releases: RaoFoundation/subtensor

v3.4.9-424

Choose a tag to compare

@sam0x17 sam0x17 released this 29 Jun 19:35
6d81084

What's Changed

Full Changelog: v3.4.8-423...v3.4.9-424

v3.4.8-423

Choose a tag to compare

@sam0x17 sam0x17 released this 25 Jun 20:37
06032d5

What's Changed

New Contributors

Full Changelog: v3.4.7-422...v3.4.8-423

v3.4.7-422

Choose a tag to compare

@sam0x17 sam0x17 released this 23 Jun 20:46
e367ae6

What's Changed

  • Default subnet emission off on registration by @unconst in #2787

Full Changelog: v3.4.6-421...v3.4.7-422

v3.4.6-421

Choose a tag to compare

@sam0x17 sam0x17 released this 23 Jun 00:31
6016381

What's Changed

  • Price-based emissions with miner-burn scaling (+ locked transfer flags) by @unconst in #2781

Full Changelog: v3.4.5-419...v3.4.6-421

v3.4.5-419

Choose a tag to compare

@sam0x17 sam0x17 released this 17 Jun 14:34
fa83646

Security hotfix — resolves a set of findings from a recent security audit, primarily hardening the proxy permission system along with several hotkey-swap and staking edge cases. Mainnet upgraded to spec_version 419. All findings were reproduced with regression tests before being fixed.

🔒 Security advisories

Advisory Severity Summary
GHSA-m759-m8mv-q3m5 🟠 High Restricted proxies (NonTransfer/NonFungible/NonCritical) can take over an entire coldkey via the announce/swap coldkey-swap lifecycle
GHSA-qh57-vpv2-3fvp 🟠 High NonFungible proxy denylist omits live swap_hotkey_v2 (call 72), letting a scoped delegate reassign a victim's hotkey identity
GHSA-xm63-2wwx-pm6w 🟡 Moderate Owner proxy except sudo_set_sn_owner_hotkey carve-out is bypassable via the duplicate alias sudo_set_subnet_owner_hotkey
GHSA-h98r-p37h-h4mv 🟡 Moderate set_weights/commit_weights family is Pays::No with the per-neuron rate limit enforced only in the dispatch body, enabling fee-free block-fill flooding
GHSA-6c95-q3r3-rgwq 🟢 Low Root cleanliness gate omits RootClaimed, letting a hotkey-swap merge inflate the claimed high-water mark and under-pay future root dividends
GHSA-vpjj-mhgr-cphg 🟢 Low Per-subnet hotkey-swap cooldown (HotkeySwapOnSubnetInterval) is bypassable via the all-subnets swap path
GHSA-rhmm-mqf8-v6gv 🟢 Low StakingColdkeysByIndex / NumStakingColdkeys grow monotonically and are never pruned
GHSA-wc2g-rc74-vgw3 🟢 Low Per-subnet ChildkeyTake is not migrated during hotkey swap, silently resetting it

What's changed

  • Proxy filter hardening — cover the coldkey-swap lifecycle, swap_hotkey_v2, and the sudo_set_subnet_owner_hotkey alias in the restricted-proxy filters (#5, #6, #7)
  • Weight-setting throttle — enforce the per-neuron set_weights/commit_weights rate limit pre-dispatch (#10)
  • Hotkey-swap correctnessRootClaimed watermark accounting (#14), per-subnet swap cooldown on the all-subnets path (#15), per-subnet ChildkeyTake migration (#18), plus review follow-ups merging RootClaimed by sum and extending the cooldown to parent-key subnets (#22)
  • Storage housekeeping — prune the staking-coldkey index when no longer needed (#16)
  • Bump spec_version to 419

Full Changelog: v3.4.4-417...v3.4.5-419

v3.4.4-417

Choose a tag to compare

@sam0x17 sam0x17 released this 10 Jun 21:34
49164bd

Hotfix: adds a check that ensures that during a hotkey swap, the new hotkey already exists globally and is owned by corresponding coldkey

Full Changelog: v3.4.3-416...v3.4.4-417

v3.4.3-416

Choose a tag to compare

@sam0x17 sam0x17 released this 08 Jun 21:19
3c5aff0

What's Changed

Full Changelog: v3.4.2-415...v3.4.3-416

v3.4.2-415

Choose a tag to compare

@sam0x17 sam0x17 released this 03 Jun 16:53
1104f2a

What's Changed

Full Changelog: v3.4.1-413...v3.4.2-415

v3.4.1-413

Choose a tag to compare

@sam0x17 sam0x17 released this 01 Jun 19:52
ec2212c

What's Changed

Full Changelog: v3.4.0-411...v3.4.1-413

v3.4.0-411

Choose a tag to compare

@sam0x17 sam0x17 released this 28 May 15:48
486037b

What's Changed

New Contributors

Full Changelog: v3.3.15-402...v3.4.0-411