Merge commit Dash 0.14.0.5 into Biblepay develop (fix important DoS a…

…ttack vector) * commit '2ae1ce4800a22c717b67aea97680bbe1eeffa07b': [v0.14.0.x] Update release notes with notable changes and changelog (dashpay#3229) [v0.14.0.x] Make sure mempool txes are properly processed by CChainLocksHandler despite node restarts (dashpay#3230) [v0.14.0.x] Bump version and prepare release notes (dashpay#3228) More fixes in llmq-is-retroactive tests Make llmq-is-retroactive test compatible with 0.14.0.x Make wait_for_xxx methods compatible with 0.14.0.x Allow re-signing of IS locks when performing retroactive signing (dashpay#3219) Add wait_for_xxx methods as found in develop More/better logging for InstantSend Tests: Fix the way nodes are connected to each other in setup_network/start_masternodes (dashpay#3221) More fixes related to extra_args Tests: Allow specifying different cmd-line params for each masternode (dashpay#3222) Don't join thread in CQuorum::~CQuorum when called from within the thread (dashpay#3223) Merge bitcoin#12392: Fix ignoring tx data requests when fPauseSend is set on a peer (dashpay#3225) # Conflicts: # configure.ac # doc/man/biblepay-cli.1 # doc/man/biblepay-qt.1 # doc/man/biblepay-tx.1 # doc/man/biblepayd.1 # doc/release-notes.md # qa/pull-tester/rpc-tests.py # qa/rpc-tests/test_framework/test_framework.py # src/clientversion.h
biblepay · Jan 1, 2020 · 34851a0 · 34851a0
2 parents f0832b2 + 2ae1ce4
commit 34851a0
Show file tree

Hide file tree

Showing 27 changed files with 1,185 additions and 346 deletions.
diff --git a/doc/Doxyfile b/doc/Doxyfile
@@ -41,7 +41,7 @@ PROJECT_NAME           = "BiblePay Core"
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
 
-PROJECT_NUMBER         = 0.14.0.4
+PROJECT_NUMBER         = 0.14.0.5
 
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a

diff --git a/doc/release-notes.md b/doc/release-notes.md
@@ -1,15 +1,17 @@
-Biblepay Core version 0.14.0.0
+Biblepay Core version 1.4.8.5
 ==========================
 
 Release is now available from:
 
-  <https://www.biblepay.org/downloads/#wallets>
+  <https://www.dash.org/downloads/#wallets>
 
-This is a new minor version release, bringing various bugfixes.
+This is a new minor version release, bringing various bugfixes and improvements.
+It is highly recommended to upgrade to this release as it contains a critical
+fix for a possible DoS vector.
 
 Please report bugs using the issue tracker at github:
 
-  <https://github.com/biblepay/biblepay-evolution/issues>
+  <https://github.com/dashpay/dash/issues>
 
 
 Upgrading and downgrading
@@ -20,87 +22,72 @@ How to Upgrade
 
 If you are running an older version, shut it down. Wait until it has completely
 shut down (which might take a few minutes for older versions), then run the
-installer (on Windows) or just copy over /Applications/biblepay-Qt (on Mac) or
-biblepayd/biblepay-qt (on Linux). If you upgrade after DIP0003 activation you will
-have to reindex (start with -reindex-chainstate or -reindex) to make sure
-your wallet has all the new data synced (only if you were using version < 0.13).
-
-Note that there is no protocol bump in this version and thus active masternodes
-updating from v0.13.0.0 or v0.13.1.0 do not require any additional actions (no need to issue
-`masternode start` command).
-=======
-installer (on Windows) or just copy over /Applications/Dash-Qt (on Mac) or
+installer (on Windows) or just copy over /Applications/Biblepay-Qt (on Mac) or
 dashd/dash-qt (on Linux). If you upgrade after DIP0003 activation and you were
 using version < 0.13 you will have to reindex (start with -reindex-chainstate
 or -reindex) to make sure your wallet has all the new data synced. Upgrading from
 version 0.13 should not require any additional actions.
 
+When upgrading from a version prior to 0.14.0.3, the
+first startup of Biblepay Core will run a migration process which can take a few minutes
+to finish. After the migration, a downgrade to an older version is only possible with
+a reindex (or reindex-chainstate).
+
 Downgrade warning
 -----------------
 
-### Downgrade to a version < 0.13.0.0
-
-Downgrading to a version smaller than 0.13 is not supported anymore as DIP2/DIP3 has
-activated on mainnet and testnet.
+### Downgrade to a version < 0.14.0.3
 
-### Downgrade to versions 0.13.0.0 - 0.13.3.0
-
-Downgrading to 0.13 releases is fully supported until DIP0008 activation but is not
-recommended unless you have some serious issues with version 0.14.
+Downgrading to a version smaller than 0.14.0.3 is not supported anymore due to changes
+in the "evodb" database format. If you need to use an older version, you have to perform
+a reindex or re-sync the whole chain.
 
 Notable changes
 ===============
 
-Fixed governance votes pruning for invalid masternodes 
-------------------------------------------------------
-A community member reported a possible attack that involves DoSing masternodes to force the network
-to prune all governance votes from this masternodes. This could be used to manipulate vote outcomes.
+Fix for a DoS vector
+--------------------
 
-See detailed [set of changes](https://github.com/biblepaypay/biblepay/compare/v0.13.1.0...biblepaypay:v0.13.2.0).
-=======
-This vulnerability is currently not possible to execute as LLMQ DKGs and PoSe have not activated yet on
-mainnet. This version includes a fix that requires to have at least 51% masternodes to upgrade to
-0.14.0.1, after which superblock trigger voting will automatically fix the discrepancies between
-old and new nodes. This also means that we will postpone activation of LLMQ DKGs and thus PoSe until
-at least 51% of masternodes have upgraded to 0.14.0.1.
-
-Fixed a rare memory/db leak in LLMQ based InstantSend
------------------------------------------------------
-We fixed a rare memory/db leak in LLMQ based InstantSend leak which would only occur when reorganizations
-would happen.
-
-- [`548a48918`](https://github.com/biblepaypay/biblepay/commit/548a48918) Move IS block filtering into ConnectBlock (#2766)
-- [`6374dce99`](https://github.com/biblepaypay/biblepay/commit/6374dce99) Fix error message for invalid voting addresses (#2747)
-- [`25222b378`](https://github.com/biblepaypay/biblepay/commit/25222b378) Make -masternodeblsprivkey mandatory when -masternode is given (#2745)
-- [`0364e033a`](https://github.com/biblepaypay/biblepay/commit/0364e033a) Implement 2-stage commit for CEvoDB to avoid inconsistencies after crashes (#2744)
-- [`a11e2f9eb`](https://github.com/biblepaypay/biblepay/commit/a11e2f9eb) Add collateraladdress into masternode/protx list rpc output (#2740)
-- [`43612a272`](https://github.com/biblepaypay/biblepay/commit/43612a272) Only include selected TX types into CMerkleBlock (#2737)
-- [`f868fbc78`](https://github.com/biblepaypay/biblepay/commit/f868fbc78) Stop g_connman first before deleting it (#2734)
-- [`9e233f391`](https://github.com/biblepaypay/biblepay/commit/9e233f391) Fix incorrect usage of begin() when genesis block is requested in "protx diff" (#2699)
-- [`e75f971b9`](https://github.com/biblepaypay/biblepay/commit/e75f971b9) Do not process blocks in CDeterministicMNManager before dip3 activation (#2698)
-- [`1cc47ebcd`](https://github.com/biblepaypay/biblepay/commit/1cc47ebcd) Backport #14701: build: Add CLIENT_VERSION_BUILD to CFBundleGetInfoString (#2687)
-=======
-0.14.0.1 Change log
-===================
+This release fixes a serious DoS vector which allows to cause memory exhaustion until the point of
+out-of-memory related crashes. We highly recommend upgrading all nodes. Thanks to Bitcoin ABC
+developers for finding and reporting this issue to us.
 
-See detailed [set of changes](https://github.com/dashpay/dash/compare/v0.14.0.0...dashpay:v0.14.0.1).
+Better handling of non-locked transactions in mined blocks
+----------------------------------------------------------
 
-- [`2516a6e19`](https://github.com/biblepaypay/biblepay/commit/2516a6e19) Bump version to 0.13.2
-- [`9dd16cdbe`](https://github.com/biblepaypay/biblepay/commit/9dd16cdbe) Bump minChainWork and AssumeValid to block #1033120 (#2750)
-- [`18f087b27`](https://github.com/biblepaypay/biblepay/commit/18f087b27) Fix some typos in doc/guide-startmany.md (#2711)
-- [`709ab6d3e`](https://github.com/biblepaypay/biblepay/commit/709ab6d3e) Minimal fix for litemode vs bad-protx-key-not-same issue (#2694)
-=======
-- [`a2baa93ec`](https://github.com/dashpay/dash/commit/a2baa93ec) Only require valid collaterals for votes and triggers (#2947) (#2957)
-- [`b293e6dde`](https://github.com/dashpay/dash/commit/b293e6dde) Fix off-by-one error in InstantSend mining info removal when disconnecting blocks (#2951)
-- [`276b6e3a8`](https://github.com/dashpay/dash/commit/276b6e3a8) bump version to 0.14.0.1 and prepare release notes (#2952)
+We observed multiple cases of ChainLocks failing on mainnet. We tracked this down to a situation where
+PrivateSend mixing transactions were first rejected by parts of the network (0.14.0.4 nodes) while other parts
+(<=0.14.0.3) accepted the transaction into the mempool. This caused InstantSend locking to fail for these
+transactions, while non-upgraded miners still included the transactions into blocks after 10 minutes.
+This caused blocks to not get ChainLocked for at least 10 minutes. This release improves an already existent
+fallback mechanism (retroactive InstantSend locking) to also work for transaction which are already partially
+known in the network. This should cause ChainLocks to succeed in such situations.
+
+0.14.0.5 Change log
+===================
+
+See detailed [set of changes](https://github.com/dashpay/dash/compare/v0.14.0.4...dashpay:v0.14.0.5).
+
+- [`20d4a27778`](https://github.com/dashpay/dash/commit/dc07a0c5e1) Make sure mempool txes are properly processed by CChainLocksHandler despite node restarts (#3230)
+- [`dc07a0c5e1`](https://github.com/dashpay/dash/commit/dc07a0c5e1) [v0.14.0.x] Bump version and prepare release notes (#3228)
+- [`401da32090`](https://github.com/dashpay/dash/commit/401da32090) More fixes in llmq-is-retroactive tests
+- [`33721eaa11`](https://github.com/dashpay/dash/commit/33721eaa11) Make llmq-is-retroactive test compatible with 0.14.0.x
+- [`85bd162a3e`](https://github.com/dashpay/dash/commit/85bd162a3e) Make wait_for_xxx methods compatible with 0.14.0.x
+- [`22cfddaf12`](https://github.com/dashpay/dash/commit/22cfddaf12) Allow re-signing of IS locks when performing retroactive signing (#3219)
+- [`a8b8891a1d`](https://github.com/dashpay/dash/commit/a8b8891a1d) Add wait_for_xxx methods as found in develop
+- [`8dae12cc60`](https://github.com/dashpay/dash/commit/8dae12cc60) More/better logging for InstantSend
+- [`fdd19cf667`](https://github.com/dashpay/dash/commit/fdd19cf667) Tests: Fix the way nodes are connected to each other in setup_network/start_masternodes (#3221)
+- [`41f0e9d028`](https://github.com/dashpay/dash/commit/41f0e9d028) More fixes related to extra_args
+- [`5213118601`](https://github.com/dashpay/dash/commit/5213118601) Tests: Allow specifying different cmd-line params for each masternode (#3222)
+- [`2fef21fd80`](https://github.com/dashpay/dash/commit/2fef21fd80) Don't join thread in CQuorum::~CQuorum when called from within the thread (#3223)
+- [`e69c6c3207`](https://github.com/dashpay/dash/commit/e69c6c3207) Merge #12392: Fix ignoring tx data requests when fPauseSend is set on a peer (#3225)
 
 Credits
 =======
 
 Thanks to everyone who directly contributed to this release:
 
 - Alexander Block (codablock)
-- demodun6
 - UdjinM6
 
 As well as everyone that submitted issues and reviewed pull requests.
@@ -128,6 +115,10 @@ Dash Core tree 0.12.1.x was a fork of Bitcoin Core tree 0.12.
 
 These release are considered obsolete. Old release notes can be found here:
 
+- [v0.14.0.4](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.14.0.4.md) released November/22/2019
+- [v0.14.0.3](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.14.0.3.md) released August/15/2019
+- [v0.14.0.2](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.14.0.2.md) released July/4/2019
+- [v0.14.0.1](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.14.0.1.md) released May/31/2019
 - [v0.14.0](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.14.0.md) released May/22/2019
 - [v0.13.3](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.13.3.md) released Apr/04/2019
 - [v0.13.2](https://github.com/dashpay/dash/blob/master/doc/release-notes/dash/release-notes-0.13.2.md) released Mar/15/2019