@neewy neewy released this May 18, 2018 · 346 commits to master since this release

Assets 4

In this release following changes were made:

Uploading of Iroha build artifacts

Artifacts are now available on https://artifact.soramitsu.co.jp for downloading:

  • macOS Iroha binary
  • linux Iroha binaries
  • Android, Java, Python bindings

In the following releases, more bindings are coming!

Fix of critical vulnerabilities discovered during the security audit

Previously, several problems existed:

  • Blocks can be signed more than once by the same peer (fixed in #1193)
  • Transactions can be signed more than once by the same signatory (fixed in #1302)

If ed25519 library was modified to use a non-deterministic nonce, these vulnerabilities were likely to be used. Thanks to @dhuseby who helped us to unveil this tricky part of ed25519.

Message size

Previously, gRPC message was limited to 4MB. Regarding our release stage, we decided to get rid of this limitation. Right now anyone can send huge messages over the peer network. It is a potential attack vector, so we will fix it in following releases.

Docker naming

Our docker containers now are described here: https://hub.docker.com/r/hyperledger/iroha/
Please use only them (our docs were also updated in #1337)

Integration test framework

We fixed the indeterministic outcome of tricky tests, optimized their overall runtime by 15 times on macOS hosts and by 3 times on linux hosts (#1338)

MSVC

Now our client library (shared model) can be built with Microsoft compiler, and respective tests can be built and ran in this environment.

Hyperledger Iroha codebase MSVC support is coming in next releases.

Genesis block generation from a transaction

iroha-cli --genesis_block --genesis_transaction transaction.json #1168

Error message to response, if stateless validation has failed

ToriiResponse has field error_message with the error description of a transaction
ErrorResponse has field message with the error description of a query
QueryResponse has hex-encoded query hash instead of binary hash

Client libraries & shared model

Finished transition to shared model.
Transaction counter is no longer used in the transaction structure. Replay attacks are going to be prevented with transaction hash on peer side.

Stability

A regular queue is replaced with a priority queue in ordering gate so that proposals are propagated in order to the system if they are received in random order from the network. That causes fewer issues with simulator warnings about last block height being inconsistent with proposal height.

Bugfixes

  • Fixed: streaming
  • Fixed: boost linking
  • Fixed: numerous synchronization issues
  • Fixed: inconsistent genesis block generation
  • Fixed: possible fork attacks
  • Fixed: numerous permission issues
  • Fixed: segfaults when the ledger doesn't contain blocks
  • Fixed: numerous memory management issues
  • Fixed: copyright and licensing issues (mostly)
  • Other minor fixes

Known issues