Skip to content

@codeofalltrades codeofalltrades released this May 6, 2021


This is a recommended upgrade, but it is not mandatory and includes no consensus based changes.


Version includes SHA256D mining fixes. The -miningaddress parameter works with RandomX and SHA256D in-wallet mining. There are new logging categories for MINING and STAKING. RPC updates include mining address.
Links to the full details of each change can be found below.

  • 9f0212d PR #795: [RPC] fix mintzerocoin documentation. (sinetek)
  • f5e7670 PR #939: [RPC][Trivial] Tweak exportzerocoins example to be sensible (Cave Spectre)
  • 97b1508 PR #938: [Zerocoin][Validation] Cache checksum heights (Zannick)
  • 4fe97db PR #915: [Mining][SHA256D] Reduce lock contention with SHA256D (Zannick)
  • 564eb84 PR #937: [Trivial] Add config include for building DEBUG_LOCKCONTENTION (Zannick)
  • 2207ed0 PR #924: [Staking][GUI] Unlock wallet for staking dialogue on click (Rock-N-Troll)
  • 8c80d51 PR #923: [Mining] Use -miningaddress for in-wallet mining. (Zannick)
  • a440ed6 PR #935: [Core] Properly shut down veild if init fails. (Zannick)
  • bd492de PR #908: [Wallet] If nautomintdenom is set, prioritize its use (Rock-N-Troll)
  • 02cc068 PR #928: [Logging] Define a STAKING log category. (Zannick)
  • 1e2b060 PR #921: [Mining] IncrementExtraNonce without cs_main (Zannick)
  • 5852183 PR #914: [Utils] Use gmtime_s with _WIN32 (Zannick)
  • ddd0b15 PR #917: [GUI] Capitalize First Letter in Menu Option Words (Rock-N-Troll)
  • be63fb7 PR #920: [Logging][Mining] Add BCLog::MINING category. (Zannick)
  • 01b2ee5 PR #911: [RPC] Return mining addresses in listaddresses rpc command (Rock-N-Troll)
  • 83db278 PR #907: [GUI] Fix: Address Book menu hover background is white and text is white (Rock-N-Troll)
  • 7e19268 PR #919: [Build] Fix OSX Github Action (Cave Spectre)
  • 924d457 PR #905: [GUI] Add missing resize Address_dot column (Rock-N-Troll)
  • b47406b PR #900: [GUI] Update wallet overview with coin and wallet information (codeofalltrades)
  • e55a309 PR #902: [GUI] Make total balance menu easier to display (Rock-N-Troll)
  • 27d0429 PR #899: [GUI] Updated FAQ with the correct confirmation number (codeofalltrades)
  • 92312a8 PR #898: [GUI] Display correct address when transaction has multiple addresses… (WetOne)
  • 8bd686d PR #896: [PoW][RandomX] Cherry picked fixes from offical randomx repo - Part 2 (codeofalltrades)
  • d93942b PR #895: [GUI] Change default automint denom to 1000 (codeofalltrades)


  • Cave Spectre
  • codeofalltrades
  • Rock-N-Troll
  • sinetek
  • WetOne
  • Zannick
Assets 24

@codeofalltrades codeofalltrades released this Jan 21, 2021


This is a recommended upgrade, but it is not mandatory and includes no consensus based changes.


Version includes a RandomX hash speed increase, various RandomX fixes and a update to QR Codes on address selection Links to the full details of each change can be found below.


  • Cave Spectre
  • codeofalltrades
  • StrontiumZ38
  • Wet One
Assets 21

@codeofalltrades codeofalltrades released this Dec 22, 2020


This is a recommended upgrade, but it is not mandatory and includes no consensus based changes.


Version adds various improvements, optimizations, bug fixes, and GUI changes. One of the most important changes is mitigation of the PIndexWalk error. Other notable changes are hashing optimizations for the internal sha256d miner, an RPC cmd to return the wallet's current hashspeed, and the ability to change the mining algo without stopping the wallet. Links to the full details of each change can be found below.


  • 422ccbb PR #885: [Build] Change parameters for v1.1.1 release (Cave Spectre)
  • a2e0a52 PR #884: Trivial: Update veilstatusbar.cpp (seanPhill)
  • 83bd2bf PR #880: [GUI] Update Staking Slider to be reflective of status (Wet One)
  • 1194909 PR #883: [RPC][Mining] Extract last Hashspeed calculation (Cave Spectre)
  • 0697885 PR #879: [RPC][Mining] Add sanity checks to generatecontinuous (Cave Spectre)
  • 8d209f5 PR #878: [RPC][Mining] Add ability to switch between mining algorithms without restarting wallet (Cave Spectre)
  • fb2a216 PR #876: [RPC] Reworked getnetworkhashps with tweaks to -mine and getmininginfo (Cave Spectre)
  • 2f83d92 PR #874: [Config] Ignore prune mode if txindex is set (Cave Spectre)
  • ea827dc PR #872: [DB] Data error checks and frequency changes (Cave Spectre)
  • 0d61f45 PR #871: Optimize hashing of internal sha256d miner. (barrystyle)
  • 62a2c49 PR #865: [GUI]: add a small indicator for the last block time on lower veil status bar (Wet One)
  • 7286f85 PR #873: [Trivial][RPC] Correct generatecontinuous help (Cave Spectre)
  • e993b7b PR #870: [RPC] Remove lock check for listzerocoinamounts (Cave Spectre)
  • 08c6a26 PR #868: [RPC] add vout.n sequence number to decoderawtransaction (Cave Spectre)
  • 8bed093 PR #869: [PoW][RandomX] Display Hashspeed after processing (Cave Spectre)
  • 2568e61 PR #858: [CI][Build] Reinstate i686 Linux 32 Github Action (Cave Spectre)
  • 259177a PR #860: [Build] Name master branch to distinguish from v1.2 branch (Cave Spectre)


  • Cave Spectre
  • seanPhill
  • Wet One
  • barrystyle
Assets 21

@codeofalltrades codeofalltrades released this Oct 20, 2020


This is a mandatory upgrade. Version includes a hard fork that will activate on 05:00:00PM GMT - October 31st.
Please update your wallets before this date.


Version includes Proof-of-Work consensus change, various improvements, optimizations, bug fixes, and GUI changes.

Proof-of-Work consensus changes

GPU mining with ProgPoW

  • Aims for 70% of all PoW blocks averaging 504 blocks per day.

CPU mining with RandomX

  • Aims for approximately 20% of all PoW blocks averaging 144 blocks per day.

ASIC mining with SHA-256D

  • Aims for approximately 10% of all PoW blocks averaging 72 blocks per day.

Note: PoW will continue to target 50% of blocks alongside PoS’s 50%. This division can deviate with varying hash power.

[Performance] Rework orphan pruning (#727)

The PoS algorithm has a much greater potential to have several stakers submitting a valid block, even though eventually only one will end up being chosen by the consensus to be the official chain. All others that submit a block that doesn't end up in the chain will see orphans. These orphans reside in the memory of the core daemons until they are purged. As a result, the number of tips (as seen with veil-cli getchaintips) will continue to grow until it reaches a threshold of 1000.

RPC Changes


  • mine=<algo> - (new) Mine blocks using the selected algorithm. Options are randomx|progpow|sha256d (default: randomx)
  • pprpcheader - (new) The header hash that can be used by the local GPU miner to mine a block (using -miningaddress) as the destination for the coinbase tx\n"
  • pprpcepoch - (new) The epoch of the ProgPoW pprpcheader given to user to be used by the local GPU miner


  • getblockchaininfo - (modified) Added difficulty value for each consensus algorithm
  • getchainalgostats - (new) Returns the blocks found by each algo over the [blocks] blocks leading up to


  • stdinwalletpassphrase - (new) Read RPC password from standard input as a single line
  • walletpassphrase - (modify) Let 0 be max walletpassphrase unlock


  • getbalance - (modify) Fixed to get all coin types
  • listunspent - (modify) Corrected listunspent for ct, ringct and zerocoin
  • listaddresses - (new) Lists addresses in the wallet Address Book
  • sendrawtransaction - (modify) Fixed Dandelion default option


  • #c6c457a0a [PoW] change dag size init and epoch length (Cave Spectre)
  • #8751220f1 [Fork] Push testnet 2 more days (Cave Spectre)
  • #995b15afc [Fork] Push out a week (Cave Spectre)
  • #86e3235a9 [Chain] Set fork dates (Cave Spectre)
  • #0e43338dd [Chain] Change min peer proto rules (codeofalltrades)
  • #19eb939e3 [Build] Black out failing build (Cave Spectre)
  • #2efa5b4e1 [Build] Add boost library reference (Cave Spectre)
  • #4f85043b8 [build] Fix RandomX for 32 bit builds and add more actions (Cave Spectre)
  • #d756db588 [Budget] Move to a future block prior to next SB (Cave Spectre)
  • #279ef10a2 [Budget] update multisig budget address (Cave Spectre)
  • #dcdf29606 [DWG] Make sure OneBack exists (Cave Spectre)
  • #c50ea71e0 [PoS] Fine tune PoS difficulty adjustments (Cave Spectre)
  • #25263cf32 [Chain] added checkpoint blocks (codeofalltrades)
  • #31773fbea [Compatability] Maintain backwards capatability to current chain (Cave Spectre)
  • #719578e27 [PoS][PoW] Refine PoS to manage overall chain spacing (Cave Spectre)
  • #c82d5a76c [Regtest] Align difficulties closer to devnet, fix early PoS crashes (Cave Spectre)
  • #d056f002f [Chain] Match limits for genesis block (Cave Spectre)
  • #1f00d3aa1 [PoW][RPC] Correct Sha256 Nonce incrementation (Cave Spectre)
  • #7646cb8c2 [PoW] disable algo-check on blockcreate, add mining state to getblocktemplate (Cave Spectre)
  • #446dee302 [RPC] Let 0 be max walletpassphrase unlock (Cave Spectre)
  • #cc13d0999 [PoW] disable algo-check on blockcreate, add mining state to getblocktemplate (Cave Spectre)
  • #b60e9ca6d [RPC] Let 0 be max walletpassphrase unlock (Cave Spectre)
  • #424689e7f [RPC] Add listaddresses (Cave Spectre)
  • #77cb43888 [GUI] Update veil_en.ts - remove references to x16rt mining algorithm (codeofalltrades)
  • #91e5bdc40 [RPC] Add listaddresses (Cave Spectre)
  • #3f3322c2f [GUI] Disallow stealth mining addresses (Cave Spectre)
  • #2095195ec [PoW] Fix crash on multiple ProgPoW threads without hack (blondfrogs)
  • #f000f872a [Regtest] fix genesis block (Cave Spectre)
  • #c890dc3ce [RPC] Handle getchainalgostats when less than 1440 blocks in chain (Cave Spectre)
  • #fde38760d [PoW] Refine the overflow check to cover < 2x and simplify it (Cave Spectre)
  • #554d80b0d [ProgPow] Make starting multiple threads work (Cave Spectre)
  • #2625ced73 [RPC] Update getchainalgostats to take parameters (Cave Spectre)
  • #17b47fc0b [RPC] add times to getchainalgostats (Cave Spectre)
  • #592a08c11 [PoS] Don't try to stake txs below nStakeMinAge (Cave Spectre)
  • #66469d62a [Debug] Change UpdateTip message to have type= (Cave Spectre)
  • #7a5c11cd9 [PoW] Rework Dark Gravity Wave to work in our model (Cave Spectre)
  • #be91c814b [PoW] Correct randomx stop and ProgPoW thread interrupt (Cave Spectre)
  • #fa600bf83 [PoS] Don't try to stake txs below nStakeMinAge (Cave Spectre)
  • #4ed73e596 [RandomX] Debug log nit (Cave Spectre)
  • #4b8026dd4 [Core] Squash division by zero (Cave Spectre)
  • #8ff920396 [Test] Correct Regtest parameters and nVersion stomping (Cave Spectre)
  • #1d59acb04 [PoW] Correct difficulty limit checks (Cave Spectre)
  • #0246671cb [GUI] Adjust stretch factor (Cave Spectre)
  • #8a2bb0713 [Build] Remove Travis CI build state badge (Cave Spectre)
  • #9308ce282 [RPC] Rework difficulty reporting in getblockchaininfo (Cave Spectre)
  • #59b816634 [PoW] Disallow stealth mining addresses (Cave Spectre)
  • #798318777 [Build] Update for ARM builds (Cave Spectre)
  • #2b07d4970 [Build] Fix apt updates (Cave Spectre)
  • #b0be30af3 [PoW][RandomX] Don't check RandomX PoW until checking the block (Cave Spectre)
  • #9ff07a603 [Logging] remove FindTx txid mismatch error when expected (Cave Spectre)
  • #322138302 [PoW] Align difficulty and spacing for mainnet (Cave Spectre)
  • #1c1d1a2f1 [Build] Fix Implicit Declaration Warnings (Cave Spectre)
  • #4d4ea5886 [Trivial] Cleanup lingering stdout messages (Cave Spectre)
  • #c7915b5da [RPC] Add RPC command 'getchainalgostats' to get block count for each algo (codeofalltrades)
  • #a17ca8a1b [Build] Remove constant string warnings (Cave Spectre)
  • #c8a6ae1c9 [Build] Fix Travis randomx needs (Cave Spectre)
  • #e185e2c01 [Build] Created Github Actions CI for Veil (Cave Spectre)
  • #c4e408fab [GUI] Adjust stretch factor (PeterL73)
  • #69a60b90c [Doc] Remove Travis CI build state badge (GitHub)
  • #86a88bc6c [Test][Build][CI] Github Actions CI for Veil (GitHub)
  • #2138614d9 [Build] Created Github Actions CI for Veil (Cave Spectre)
  • #7f5c8a0f8 [PoW] Update PoW Diff to use last blocktime (blondfrogs)
  • #2ed7ff4d3 Update code formatting (Cave Spectre)
  • #deb585a46 [PoW] Update miner algo selection (Cave Spectre)
  • #23d10a188 Move functions and update files (Cave Spectre)
  • #47f36c33c [RPC] Fix getbalance to get all coin types (Cave Spectre)
  • #133493b7f [Pos] Get rid of precompute. (Cave Spectre)
  • #27e0d2bf5 [RPC] Add carriage return after stdin input (Cave Spectre)
  • #0bdcb6b16 [trivial] Cleanup old bitcoin text (Cave Spectre)
  • #8a824860d [GUI] Fix RingCT Coin Control for minted change (Cave Spectre)
  • #870520767 [PoS] Fix proof of stake veil data hash error (blondfrogs)
  • #57b1dcc98 [] Update Points of Contact (GitHub)
  • #e1545f8d1 [Core] Getblock: do not hold cs_main. (sinetek)
  • #d79d58d7c [Logging] Rework exceptions where reference is missing. (sinetek)
  • #51280df92 []Correct incorrect usage of string arithmetic. (sinetek)
  • #a984e6061 [Build] ensure we aren't using GNU extensions (sinetek)
  • #e19a58bcd [Core] Prevent UB when computing abs value for num opcode serialize (sinetek)
  • #4edd9651e [PoW] New diff lookback spacing (blondfrogs)
  • #a8a8e0a94 [GUI] Fix leak in CoinControlDialog::updateView (sinetek)
  • #9206a5582 [ReSync] Skip RingCT TX computation during resynching (Cave Spectre)
  • #f5b92aa6f [PoW] Allow for caching of local mining headers (blondfrogs)
  • #5416ae07f [Logging] Do not use Qt's debugging information in the log handler. (Cave Spectre)
  • #85491fe6c [RPC] Clean up mine= argument (blondfrogs)
  • #705a92fe0 [PoW] Allow large nonces in pprpcsb (blondfrogs)
  • #1c94ee2cf [Chain] Restart devnet (blondfrogs)
  • #94c31e240 [RPC] Fix RPC related typos. (sinetek)
  • #968977ff9 [RPC] add -stdinwalletpassphrase for (slightly more) secure CLI (sinetek)
  • #deb203ac3 [RPC] add stdin helpers for password input support (sinetek)
  • #cd99fae61 [PoW] remove mandatory old block versions (blondfrogs)
  • #a3cfa9d2e [PoW] Remove extra height read write (blondfrogs)
  • #4d1bbed5f [PoW] Fix POW block indexes (blondfrogs)
  • #fd65b1691 [Core] script: fix SCRIPT_ERR_SIG_PUSHONLY error string (sinetek)
  • #a9bffafec [GUI] macOS: Disable the Dark Mode feature of recent mac versions. (sinetek)
  • #9558cfeb2 [PoW] Move to veil ProgPoW (blondfrogs)
  • #60a8bab61 [PoW] Move to 0.9.4 Progpow (blondfrogs)
  • #d2c11b4da [Build] Leave 30 minutes for the full build, instead of 20 (Cave Spectre)
  • #02e93fa0f [RingCT] Increase max inputs to 50 (Cave Spectre)
  • #33e26455f [CLI] Fix typo in rescanringctwallet (Cave Spectre)
  • #eac30fa25 [Core] Replace boost::bind with std::bind (sinetek)
  • #8c3232720 [RPC] Added a difficulty property for each of the new algo types (codeofalltrades)
  • #d4af3c981 [PoW] Get POS working again (blondfrogs)
  • #4e36ec58c [RingCT] Fix IsSpent check (Cave Spectre)
  • #82546bd06 [Chain][Performance] Rework orphan pruning (Cave Spectre)
  • #ae2f2a476 [GUI] Fix coin control crashes (Cave Spectre)
  • #a6100350b [GUI] Fix sending page crashes (Cave Spectre)
  • #d1ce080c6 [Chain] Update chainparams for devnet fork (blondfrogs)
  • #e16bed715 [Build] Leave 30 minutes for the full build, instead of 20 (Cave Spectre)
  • #d64a9e7cd [Chain] Set new devnet fork time (codeofalltrades)
  • #7f4f9d120 [PoW]Use correct Proof of work calc (blondfrogs)
  • #3b5ffaf04 [PoW] Add more info for rpc mining (blondfrogs)
  • #eac2d5570 [PoW] Fix block serialization failures, add copywrite (blondfrogs)
  • #b71ea1e05 [PoW] Change sha256d final header to be 80 bytes (blondfrogs)
  • #b9ffe470d [PoW] Add in mix_hash checking (blondfrogs)
  • #83ed28eea [PoW] Update code formatting (blondfrogs)
  • #9888437af [PoW] Add local rpc node ProgPow GPU mining support (blondfrogs)
  • #801594911 [PoW] Update block header to remove veildatahash (blondfrogs)
  • #0ded7225d [PoW]Update ProgPoW test to work on v0.9.3 ProgPow (blondfrogs)
  • #aa4d72b84 [PoW] Stop using cs_mining_locks, causing DEADLOCK (blondfrogs)
  • #7e218b9f5 [PoW] Debugging randomx syncing more (blondfrogs)
  • #9c279a5e1 [PoW][PoW]Testing - Debug Randomx high hash (blondfrogs)
  • #4b8ee9119 [PoW]Add missing header. (sinetek)
  • #2fa0d5780 [PoW]Updated devnet PoW fork time (codeofalltrades)
  • #5852b5a67 [PoW] Update ProgPow constants to v0.9.3 (blondfrogs)
  • #a79a50704 [Build] Update software version to match branch, increase devnet protocol version (codeofalltrades)
  • #cff74346e [PoW] Initiate RandomX cache in init (blondfrogs)
  • #60e12e80a [PoW] Add pointer checks before deallocating randomx caches (blondfrogs)
  • #1273e11a8 [Chain] Add devnet to budget (blondfrogs)
  • #6bd566b5e [PoW] Update PoW algo diff calculation (blondfrogs)
  • #232dfa5f7 [Chain] Add missing devnet settings (codeofalltrades)
  • #09b952272 [PoW] Set PoW algo activation time on the devnet (codeofalltrades)
  • #44d3ba2b4 [PoW] Update miner algo selection (blondfrogs)
  • #7e2504a67 [PoW] Move functions and update files (blondfrogs)
  • #da85b6f75 [PoW] Add RandomX Multithread CPU miner in daemon (blondfrogs)
  • #6fc29466c [PoW] Add Pow Forking consensus changes (blondfrogs)
  • #0b7524158 [PoW] Add randomx and sha256 to DGW (blondfrogs)
  • #741aeb691 [PoW] Integrate sha256 and update randomx (blondfrogs)
  • #db5f317b7 [PoW] Integrate RandomX (blondfrogs)
  • #d48f0b6af [PoW] Integrate ProgPow (blondfrogs)
  • #2d45f0bee [RPC] Fix sendrawtransaction Dandelion default (Cave Spectre)
  • #613c3590b [GUI] Removed faq tabs that weren't been used (codeofalltrades)
  • #24ca0943a [Build] Don't include cpp files. (sinetek)
  • #bff6b2395 [Trivial] First round of RingCT logging cleanup (Cave Spectre)
  • #90dc0c77e [Trivial] scripted-diff: [Rebase] Rename Veil Labs to Veil Foundation (Cave Spectre)
  • #fec6e0aea [GUI] Get rid of some deprecated calls. (sinetek)
  • #4f727a573 [Chain] Create an alternative testnet called devnet (codeofalltrades)
  • #dbf21faa8 [Core] include for CHAR_BIT. (sinetek)
  • #4262925e5 [Efficiency] don't check ancestry if block is in the current chain (Cave Spectre)
  • #c76d04aa3 [GUI] UI Updates for FAQ Content & Models. (codeofalltrades)
  • #eade9746c [GUI] Qt: AADPI fix. (sinetek)
  • #6c078b615 [Core] Prevector: fix some compile errors. Make resize faster (sinetek)
  • #68081e4c8 [Qt][Build] Fix Mint Zerocoin amount (Cave Spectre)
  • #971db3bd9 [Build] Lint: initialization order issues. (sinetek)
  • #ef9cdd250 [Build] Fix automake's $VERSION var (sinetek)
  • #b3000dc58 [Build] correct QT duplicate name warnings (Cave Spectre)
  • #24a5c21f2 [GUI] delete useless icons (codeofalltrades)
  • #baeab980b [Wallet] Add coin type filter to AvailableCoins() (Cave Spectre)
  • #53d2e26af [RPC] correct listunspent for ct, ringct and zerocoin (Cave Spectre)
  • #f6a4a52e0 [Core] Focus the lock check (codeofalltrades)
  • #d9d165258 [Core] Add critcal section to UpdateStatusInternal() (blondfrogs)
  • #48c58da4c [Zerocoin] Fix formatting of ztracker remove pending (blondfrogs)


  • blondfrogs
  • codeofalltrades
  • Cave Spectre
  • PeterL73
  • sinetek
Assets 22

@codeofalltrades codeofalltrades released this Dec 16, 2019


This is a recommended upgrade, but it is not mandatory and includes no consensus based changes.


Version adds various improvements, optimizations, bug fixes, and GUI changes. One of the most important changes is the core code was updated to have a full list of nodes managed by the project DNS, with a few backups duplicated amoung the code developers; to protect in the event of a DNS failure for


  • #705 af76e5bcf Update master branch to (Cave Spectre)
  • #703 921740046 [Network] Update seed nodes (Cave Spectre)
  • #677 49be04163 Remove or update of Zerocoin privacy mentions (Strontium)
  • #632 a607cbf5e [UI] Adding new wallet lock/unlock tab to FAQ. (Mat Waller)
  • #694 6bfee5a64 [Security] Update keys for publicly verifiable veil developers (Cave Spectre)
  • #687 ae247970c [Qt] Remove hide() on hideEvents to prevent them from not showing after being minimized (Cave Spectre)
  • #689 f5095fa70 Correct tooltip style (codeofalltrades)
  • #664 c5722cad9 Update gitian docs to reference docker based process (codeofalltrades)
  • #683 25d176134 [RPC] Add zerocoin opcode names (Cave Spectre)
  • #681 b7af39341 Explicitly disable Dark Mode appearance on macOS (codeofalltrades)
  • #680 6041cd400 Add lightzerocoin spend to testnet params (blondfrogs)
  • #676 2063f0c7b Update testnet params and fix amount (blondfrogs)
  • #669 a57ccfbf8 [RPC] getzerocoinsupply height not required (Mimir)
  • #666 4dceafbfc Corrected TravisCI badge, added release version and date badges (codeofalltrades)


  • blondfrogs
  • Cave Spectre
  • codeofalltrades
  • Mat Waller
  • Mimir
  • presstab
  • Strontium
Assets 21

@4x13 4x13 released this Aug 30, 2019


This is a mandatory upgrade, and has consensus enforcement that requires immediate upgrading of the wallet. Note that was the original mandatory version to have, but because of a miscode in the new stake modifier protocol it resulted in the chain becoming stuck. An upgrade to v1.0.4.4, which fixes the miscode, is required to be in sync with the blockchain.


Version is a mandatory update. It includes the patching of a vulnerability in Veil's zerocoin implementation that allowed malformed transactions to claim a different zerocoin denomination than was being redeemed. This update adds a banlist to remaining coins that were not shuffled through Veil's RingCt protocol.

Protocol Changes:

Light Zerocoin

Zerocoin will now have its reliance on zero knowledge proofs completely disabled. A zerocoin will now behave much more like a normal UTXO based transaction does. This results in a large reduction in transaction size, much quicker transaction validation, and fast transaction creation.

New Budget Addresses

The multisignature addresses that the general budget and the foundation budget get paid to have been updated to reflect a group of key holders that are more active in the community.

Zerocoin Overspend Attack and an Updated Inflation Schedule (Removed Founders Reward After 13th Payment)

The overspending of zerocoin denominations occurred slowly and over several months. The attacker did not spend other people's coins, they overspent their own coins and were able to redeem more value than the zerocoins were worth. This overspending attack inflated the supply by 12,441,690 coins. Through cooperation with exchanges that trade Veil, we were able to learn that around 9 million coins had been sold through several anonymous accounts. Overtime the rest of the coins were washed through the RingCt protocol in a way that was not easily traced and not easily able to be blacklisted. We were able to blacklist 282,125 basecoin and 46,810 in zerocoin. We also blacklisted 29 unspent stealth outputs that have a blinded value, so we cannot be sure of their total value. RingCt had over 5,000 outputs blacklisted, but we do not know if any of those coins have already been spent or the value of the coins.

To offset the inflation that was added by the malicious overspending of zerocoin denominations, it has been offered (and accepted) that the founder's reward be removed after payment 13. This removes approximately 10.02 million coins from being added to the supply, offsetting much of the inflation added by the overspend attack. Furthermore, Veil plans to publicly burn excess funds that are being held in the general budget address to offset the remaining 2.1 million coins (counting the blacklist offset). The inflation created by the overspend attack is something that alters coin emission schedule in a way that was much more rapid than designed, but offsetting the inflation is the best way to get the emission schedule close to its original design.

The overspend attack is a reminder that Veil needs to be diligent and continue to make rapid progress replacing the zerocoin based staking protocol with a RingCt based staking protocol.

Stake Modifier Redesigned

To prevent an issue called "stake grinding", the stake modifier code for Veil has been rewritten to make any type of stake grinding much more difficult. A stake modifier is a source of deterministic entropy that is added into the inputs that are hashed to create the proof of stake proof hash. The modifier effectively is in place to prevent the ability to see what a stake hash will be in the future and resend coins until there is a favourable amount of potential stake at some point in the future.

Make Modifier Entropy Bound To Sources That Do Not Grind Well

In order to make it more difficult to have influence over what the stake modifier will be at a point in the future, the entropy collected for the stake modifier has to be something that can't be "ground" easily. For example if the modifier were to be based on transaction hashes, then someone could just keep changing arbitrary parts of the transaction until the transaction hash results in a value that changes the modifier in a favourable way for the grinder. Veil's new modifier protocol now will use the proof-of-work hash (which is bound by computation) when entropy is collected from a PoW block and will use the proof-of-stake hash (which is bound by time and competition) for entropy collected from a PoS block.

Multi-Source Deterministic Entropy Collection

Many Proof of Stake cryptocurrencies have changed their protocol to collect the stake modifier entropy from a one or two places. For example PIVX recently updated their modifier to the same stake modifier protocol that QTUM uses, which grabs the modifier from the previous block and hashes it with the proof hash from next block. Before this update, Veil's modifier code was grabbed by a single source, and that was the accumulator value of a particular block in relation to the block being staked.

If not enough sources of entropy are collected it can create the ability to grind an entropy source. For example if a wallet has significant enough stake weight (for QTUM and PIVX this would just mean a few very very large UTXO's) then a grinder could find many proof hashes that would work for a particular block, the grinder would withhold from submitting a block that would not result in a modifier that makes them also win the next block. Although this grinding would require significant funds, it could potentially lead to a situation where a grinder could get a large amount of consecutive blocks and perform a double spend attack by causing chain reorganizations.

Veil's new modifier collects its entropy from 10 different blocks over the last 370 blocks. For example the modifier of block 1001 would first sample from the block that is 100 blocks from the chain tip, block 900. The next block is the height of the last sampled block 900 minus the sampled count (1) multiplied by 6. That would give the second sampling a block height of 894. The third would be 882. And so on. The end result is a modifier that is collected from many blocks, all of which are below the chain reorganization depth so cannot be changed, and have a very small chance of all being determined by a single source that could grind the entropy.

Use a Curved Entropy Selection Based on Height

Even if entropy is collected from multiple block sources, if the last block that the entropy comes from has a large amount of entropy bits sampled, then it allows from a grinder to have a large amount of entropy to grind. For example say that each block has 256 bits of entropy sampled from it (the full proof hash), and that the entropy is hashed to create the final modifier value. In the example above, the only real entropy that would matter is the entropy from block 900, since 2^256 has so many possibilities. This number would still be bound to a hard to grind source (as mentioned above), but at this point there would be no purpose of having multi-source entropy collection.

To solve this issue, Veil samples a small amount of entropy from the more recent blocks and gradually more bits from each sampling until the 7th sampling. After the 7th sampling the 8th-10th sampling reduce the number of bits sampled. Using Veil's scheme, if a grinder were going to grind a block to make their modifier favourable for their next stake (which would occur 101 block in the future), the grinder would only be able to grind it to 4 different values because only 2 bits are collected as entropy from that block (which can hold 4 possible values).

Why reduce the sampling at the end? Reducing the sampling on sources 8-10 makes longer range prediction of the modifier more difficult. If you are trying to predict what a modifier will look like at the chain tip + 370, you will know only a smaller portion of the entropy collected for the modifier, there will still be so much entropy added to the final modifier that you could not brute force computation of all of the potential results. If you are trying to predict what the modifier of the chain tip + 101 would be, you would have all of the modifier except for 4 of the bits, at which point you could see all 4 potential modifiers. In this regard, Veil's new protocol makes the final modifier become clearer and clearer the closer it gets (which is why we made the minimum stake age 1,000 blocks).

An example of a modifier for block 1001:

Initialize Modifier to 0.
Block 900 -> Hash(proofhash) -> Take 2 bits from result.
Modifier = Hash(Modifier and 2 sample bits)
Block 894 -> Hash(proofhash) -> Take 4 bits from result.
Modifier = Hash(Modifier and 4 sample bits)
Block 882 -> Hash(proofhash) -> Take 8 bits from result.
Modifier = Hash(Modifier and 8 sample bits)
Block 864 -> Hash(proofhash) -> Take 16 bits from result.
Modifier = Hash(Modifier and 16 sample bits)
Block 840 -> Hash(proofhash) -> Take 32 bits from result.
Modifier = Hash(Modifier and 32 sample bits)
Block 810 -> Hash(proofhash) -> Take 64 bits from result.
Modifier = Hash(Modifier and 64 sample bits)
Block 774 -> Hash(proofhash) -> Take 128 bits from result.
Modifier = Hash(Modifier and 128 sample bits)
Block 732 -> Hash(proofhash) -> Take 64 bits from result.
Modifier = Hash(Modifier and 64 sample bits)
Block 684 -> Hash(proofhash) -> Take 32 bits from result.
Modifier = Hash(Modifier and 32 sample bits)
Block 630 -> Hash(proofhash) -> Take 16 bits from result.
Assets 20