EOSIO v1.4.3 Release Notes

NOTICE: IF YOU ARE UPGRADING TO THIS RELEASE FROM VERSION 1.3.X OR EARLIER AND USE THE HISTORY_PLUGIN YOU WILL NEED TO REPLAY THE BLOCKCHAIN TO RECONSTRUCT THAT PLUGIN'S DATA

This release provides bug fixes.

Changes

(#6220) Failed Deferred Transactions Were in History Plugin Results

Please note, the history_plugin was DEPRECATED in version 1.2.0 and is receiving this fix as part of the support for that lifecycle

The history_plugin sometimes included failed deferred transactions in its search results. Since it doesn't store receipt status, there wasn't a reliable way for users of the history API to know which actions were executed. See #6214 for detailed discussion

Nodes which have use the history_plugin and are concerned that this class of transaction may cause misleading results are encouraged to regenerate that plugins database using --replay-blockchain

NB: This does not affect the state of the chain. These failed deferred transactions were merely being misreported through this plugin. Their side-effects were correctly removed from any intermediate state of the blockchain

Other Changes

• (#6219) Trusted producer should be configured via cfg and cli
• (#6222) print config.ini & data-dir nodeos is using at launch
• (#6253) restore eosio root ilog

Mitigations

As mentioned above, operators who are concerned with misrepresentation of deferred transactions in the history_plugin are encouraged to reconstruct that plugin's state using --replay-blockchain

EOSIO v1.4.2 Release Notes

NOTICE: IF YOU ARE UPGRADING TO THIS RELEASE FROM VERSION 1.3.X OR EARLIER AND USE THE HISTORY_PLUGIN YOU WILL NEED TO REPLAY THE BLOCKCHAIN TO RECONSTRUCT THAT PLUGIN'S DATA

This release provides bug fixes.

Changes

(#6100) Remove llvm@4 force link for Mac OS X builds

This removes brew --force link for the llvm@4 package, this force link had unfortunate side effects of overwriting the system clang++/clang with clang 4.0 and libc++ which was causing issues with binary builds.

Before running the fixed eosio_build.sh it is recommended to run brew remove llvm@4 to allow the script to do a fresh install or at the very least brew unlink llvm@4.

Other Changes

• (#6130) Fix for transaction_traces store in mongo_db_plugin.
• (#6133) Correct a bad tag in wrong first block log message.
• (#6164) Fix long startup delay when not loading snapshots.
• (#6178) Fix set_code and set_abi to report only json to stdout.
• (#6179) Fix incorrect ISO timestamps for scheduled transaction expiration in RPC

Mitigations

None

EOSIO v1.4.1 Release Notes

NOTICE: IF YOU ARE UPGRADING TO THIS RELEASE FROM VERSION 1.3.X OR EARLIER AND USE THE HISTORY_PLUGIN YOU WILL NEED TO REPLAY THE BLOCKCHAIN TO RECONSTRUCT THAT PLUGIN'S DATA

This release provides bug fixes.

Changes

Fix bad assert logic when deferred transaction receipts are present (#6036)

An overly protective assert to detect snapshot "virtual" blocks when unwinding a fork made it impossible to unwind a block with deferred transaction receipts. This lead to nodes running 1.4.0 failing to maintain sync with networks experiencing micro-forks.

Other Changes

• respect deterministic row conversion in integrity hash (#6040)
• Don't create a wallet when failed to create password file (#6032)
• Remove double quotes when saving wallet password to file (#6035)
• Add readme section for binary releases (#6045)

Thanks!

Special thanks to the community contributors that submitted patches for this release:

• @conr2d

Mitigations

None

EOSIO 1.4.0 Release Notes

THIS RELEASE HAS A CRITICAL BUG THAT IS FIXED IN Version 1.4.1

This release comprises several additional features and fixes, in addition to the cumulative patches made against v1.3

A blog post providing more information can be found here

DEPRECATION/REMOVAL NOTICES

• binaryen as a WebAssembly runtime is removed in favor of wabt.
• the dice contract has been removed in favor of storing example contracts in a different repository (TBD)

Changes

Binary Releases (#6003)

This is the first release to officially support a binary distributable of cleos keosd and nodeos. Users who are not going to contribute to or develop these products should be able to download the appropriate packages for the supported OS. Links will be published to the repository release section.

Deterministic Snapshots (#5956)

This release supports the creation of deterministic snapshots of consensus affecting state. At this time, this does not conveniently support non-consensus state, such as the state that may be created by a plugin. Instructions for creating and consuming snapshots can be found in the linked issue.

In addition, this change allows for deterministic integrity hashes over the consensus state which can be used to verify that the state of two distinct nodes is exactly the same.

Other Changes

• Added support for cmake find_package (#6007)
• Remove skip_trx_checks() from checktime hot path (#6019)
• Remove dice (#6023)
• Added version of distributed-transaction-test that uses bnet plugin... (#6022)
• remove unused code (#6016)
• Added a pull request template for the eos repo (#5981)
• Added a buildkite pipeline for an undefined behavior sanitizer (#5980)
• refactor eosio_exit for WAVM; improve long running performance (#5938)
• Kernel timer based checktime (#5799)
• Add block log verification to distributed transactions test (#5986)
• duplicated error message (#5999)
• Remove config.ini options that are no longer supported by nodeos (#5988)
• fix descriptions of the two types of cleos commands to create an account (#5984)
• Fox for the the unit test code coverage pipeline (#5979)
• Add log level name to log output (#5969)
• Apply filter to transaction updates (#5967)
• Create action_trace & action_receipt on hard_fail (#5957)
• change core symbol name length to 7 (#5958)
• Clean up code to fix build warning (#5955)
• Rename cleos sudo command to wrap; also allow user to override contract account (#5953)
• Added Diagnostics for Missing Transactions in integration tests (#5941)
• Remove unneeded lambda capture in abi serializer (#5939)
• Fixes for remote tests (#5933)
• Added link to the BP heartbeat plugin (#5921)
• On macOS populate root CAs via system cert store (#5886)
• Added reading reversible blocks to block log tool (#5918)
• introduce eosio_mysql_plugin by eosBLACK team (#5908)
• Adds reference to ZeroMQ community plugin (#5907)
• Remove unused eosio::sort_names() (#5897)
• (chainbase sync) ifdef out unused LOCKING variables to squelch warnings (#5896)
• modify the sync numbers of 'start_sync' function (#5869)
• Added command line parameter for wallet port for some tests (#5885)
• Add options for buying ram in bytes to newaccount, delegatebw and buyram (#5852)
• allow local CMAKE flags in eosio_build.sh (#5539)
• producer_plugin: Changed "in micro second" to "in microseconds" (#5862)
• Enable Secure Enclave wallet for 2018 MBP models (#5750)
• Allow only read-only access to state DB for consumers outside of the chain library (#5833)
• remove binaryen runtime from nodeos (#5816)
• Install license (and third party licenses) in filesystem & binary packages (#5831)
• Remove unused lambda capture in chain_api_plugin (#5830)
• Final keosd unix socket changes (#5710)
• Make wabt the default wasm runtime (#5754)
• Fix Block Walker For Transactions (#5800)
• Verbose ABI serialization errors (#5787)
• Hide unaligned warnings unless console prints on (#5775)
• Remove some unused lambda captures (#5751)
• Update se_wallet (#5718)

EOSIO 1.3.2 Release Notes

This release provides bug fixes.

Changes

• Add missing tags to exception text for arg processing (#5920)
• Fix producer log format (#5901)
• Present a clearer message on bad_alloc & return consistent error code (#5895)
• Added ZMQ plugin to COMMUNITY.md (#5892)

Thanks!

Special thanks to the community contributors that submitted patches for this release:

• @learnforpractice

Mitigations

None

EOSIO 1.3.0 Release Notes

This release comprises several additional features and fixes, in addition to the cumulative patches made against v1.2

A blog post providing more information can be found here

DEPRECATION NOTICES

• eosiocpp was scheduled to be removed in v1.3.0 but is NOT. It remains deprecated and the timeline for removal is undefined. It has been supplanted by on-going effort in the eosio.cdt repository
• cleos currently attempts to auto-launch keosd and communicate over TCP socket when no instance exists. This is deprecated and v1.4.0 will change this default to named-socket communication. Please see the notes below for details on how to take advantage of named-sockets in v1.3.0
• binaryen as a WebAssembly runtime is deprecated and will be removed in v1.4.0 in favor of wabt. At that time the default WebAssembly runtime will become wabt. Please see the notes below for details on the new interpreter backend.

Changes

New WebAssembly Interpreter: wabt (#5416)

WABT (pronounced: wabbit) is a well respected standards compliant WebAssembly interpreter. Internal profiling indicated that it was up to 2x faster at retiring contract transactions compared to our current default interpreter: binaryen. This release includes a complete integration of WABT into the EOSIO blockchain allowing nodes to take advantage of the decreased cost of transaction processing. This can be enabled by setting the wasm-runtime configuration for nodeos to wabt.

Trusted Producer: Light Validation (#5631)

In order to facilitate faster propagation of transactions and blocks within the local network of API, P2P and block-signing nodes operated by a given block producer, the option to grant light-validation to blocks created by that producer's block-signing node has been added to nodeos. This can be enabled by adding the producer's own account name as the trusted-producer value on the nodeos command line for all internal nodes.

MongoDB improvements (#5339) (#5670)

MongoDB now stores the block information and the RAM usage as part of action_trace data allowing greater insight into how actions utilize resources.

Additionally, the ability to filter actions based on wildcards in any combination of the receiver, contract, action filters allows for greater flexibility when tracking a subset of the actions on a given chain.

HTTP over Unix Socket support for keosd (#5425)

keosd now supports HTTP-RPC requests delivered over a Unix socket. This allows operators to take advantage of greater security and permissions concepts available to named sockets. By default, keosd will accept requests at ~/eosio-wallet/keosd.sock however, this is configurable. For more details, see the write-up attached to #5425

Unknown configuration items in config.ini will now error on startup (#5678)

Prior to 1.3.0 unknown configuration items in config.ini would be silently ignored. This behavior has been changed in 1.3.0 to an error that prevents startup of nodeos. Users with old auto-generated config.ini files may need to remove some options that are no longer available in nodeos for example wallet-dir or unlock-timeout

Other Changes

• Transaction trace logging for visibility of transactions on P2P (#5725)
• Fix typo in cleos help text (#5639)
• Doxygen fixes for copy of eosiolib (#5603)
• Unit test fixes (#5634)
• Fix wording for Inline Action Depth Reached (#5635)
• Support iteration over scopes & tables in cleos (#5486)
• Remove unused variable (#5582)
• Spelling and whitespace corrections in transaction.h (#5580)
• Inverted check for flag for no auto keosd (#5574)
• Fix Spurious Long Running Test Failures (#5558)
• Launcher tests (#5476)
• Print separators properly with cleos get account (#5506)
• cleos support for delayed transaction(#5492)
• Remove old exchange contract (#5477)
• New test to ensure require_recipient to generator is ignored (#5446)
• Chain api: get code hash (#5434)
• add cleos set contract/code/abi --clear (#5442)
• Correct cleos get table help text from 'contract' to 'account' (#5448)
• Stop creating anonymous volumes during image build (#5444)
• Docker Improvements (#5452)
• Build secp256k1 as a submodule (#5478)
• Updates to fc:
  • A handful of fc changes to support unix sockets for HTTP RPC (EOSIO/fc#12)
  • Optimize sha256 comparison (EOSIO/fc#16)
  • Change various asserts in fc code to use FC_ASSERT (EOSIO/fc#19)
  • Fix uninitialized data bug in fc cryptographic hash classes when constructing from a hex string (EOSIO/fc#21)
• Fixed framework casing for case sensitive MacOS builds (#5386)
• Improve error for malformed signature (#5305)
• use config::producers_account_name instead of N(eosio.prods) (#5277)
• Add new get_raw_abi RPC to chain API (#5375)
• Support for ABI version 1.1 in abi_serializer: added variants and binary extensions; major version number in ABI is now enforced (#5652, #5673)
• Fixed bugs in abi_serializer (#5680)
• When clearing state DB, erase contents of the state directory but not the directory itself (#5696)
• Add optional --pay-ram-to-open flag for the cleos transfer command to prepend an eosio.token::open action before the eosio.token::transfer action (#5581)
• get_account RPC in chain API now tries to determine the core symbol from the installed system contract rather than relying on the build configuration parameter (#5704)
• Improvements to cleos get account sub-command: robust against mismatch of core symbol between API node and cleos; now also prints account creation time in output (#5704)
• Proper matching of transaction ID prefix within get_transaction RPC of the history_plugin (#5723)
• avoid plugin through irreversible_block signal change block before apply_block (#5611)

EOSIO 1.2.6 Release Notes

This release provides bug fixes.

Description of the Issues

Inefficient Selection of Sync Peers (# )

When searching for peers to sync from, the same candidate could be considered multiple times

Mitigations

None

EOSIO 1.2.5 Release Notes

This release provides bug fixes.

Description of the Issues

Memory Leak in Unapplied Transactions (#5617)

Transactions which were validated and relayed but never appeared in blocks would never be pruned from P2P relay nodes. This created a slow leak which could become a larger leak when grey-listing on block-signing-nodes simulated an overloaded network (eg a network where relayed transactions never make it into signed blocks).

Removal of mlock(#5618)

Prior to v1.2.4 there was a bug that prevented chainbase from achieving its goal of pinning the state database in memory using mlock. With that fix in place it became immediately obvious that the intended behavior was not desirable and was, in effect, a major feature shift. As such we are removing mlock so that v1.2.5 behaves similarly to v1.2.3 or less. Node operators can still achieve the performance benefits of mlock by explicitly locating the state directory on a ram disk.

Other

• Remove unneeded libs from docker build (#5559)

Mitigations

None

EOSIO 1.2.4 Release Notes

This release provides bug fixes.

Description of the Issues

Pre-release of wallet directory locking (#5495)

Multiple concurrent keosd processes operating on the same data directory can, in some cases, lead to loss of data. This patch introduces a feature which allows future versions of keosd to detect and gracefully handle this scenario.

Previous versions of keosd are not detected by this change so, users are strongly encouraged to update all running keosd processes to enable these protections, including those automatically launched by cleos.

Fix for RPC hangs/stalls when submitting transactions (#5481)

Users were infrequently experiencing prolonged delays/hangs when submitting transactions to an RPC API node. This release addresses an issue where only one of any number of RPC submissions received during a specific window of time would be processed. In scenarios where this window was large or lots of RPC submissions were submitted this would result in the hang/stalled response that users experienced.

Other

• Fix abi serialization exception in get block (#5548)
• Fix chainbase's use of mlock() to work on subsequent launches (#5546, EOSIO/chainbase#18)
• Support --full in eosio_uninstall.sh to delete directories with configs (#5383)
• Launcher/test improvements (#5525)
• Disambiguate filter-on / filter-out short option (#5547)

Mitigations

None

EOSIO 1.2.3 Release Notes

This release provides bug fixes and regression tests.

Description of the Issues

Deprecation of the ability of a notified contract to bill RAM to authorizers of the original action

EOSIO blockchains enable a useful feature which allows one contract executing an action to notify another contract of the action because it may pertain to it. EOSIO blockchains have up to now had an additional capability which allows the notified contract to bill any of the authorizers of the original action for the RAM costs of storing data in the blockchain state. This powerful, but ultimately undesirable, capability has allowed smart contracts to adopt a common pattern of executing sophisticated operations which consume RAM in response to receiving tokens from a transfer action; however, the capability has also been abused by malicious contracts to waste the available RAM of users.

For this reason, this additional capability of allowing a notified contract to bill additional RAM to the authorizers of the original action is now deprecated. Legitimate smart contracts that currently utilize this capability can upgrade to instead use more appropriate patterns (such as the one discussed in the description of #5451). This release introduces a mitigation (#5451) to subjectively restrict this capability if all active block producers of the blockchain deploy the mitigation. An objective solution will be introduced at a later date.

For more information about these changes, please see: https://medium.com/@bytemaster/preventing-unexpected-ram-consumption-8029a9342659

Fixes to CPU greylist feature (#5462)

The greylist feature (or the ability for block producers to subjectively throttle the bandwidth resource usage of certain accounts to only what they are allowed to use under high blockchain load) was a feature introduced in version 1.1.0 (see #4368 and #4410). However, the original implementation of the feature did not make a distinction between CPU resource exhaustion errors caused due to greylisting (which are subjective) versus those caused by the normal objective reasons, which could potentially lead to retiring deferred transactions in a generated block with a status that is not reproducible by validating nodes. This release made changes to mark that distinction which not only makes the error messages due to greylisting more descriptive but also may solve a source of missed blocks for block producers.

Regression Tests for Previous Security Issues

This release includes regression tests that cover issues fixed through version 1.1.1. Regression tests lag the disclosing release(s) by one-month to enhance the security of operational networks.

Other

• [nodeos] Fix framework casing for case sensitive MacOS builds (#5403)
• [eosiocpp/eosio-abigen] Fixed eosiocpp ABI generation error (#5401)
• [eosiocpp/eosio-abigen] Fixed bug ignoring action name in ABI generation (#5459)
• [nodeos] Fixes to bnet threading issues (#5417)
• [nodeos] Reduce error log output in net_plugin (#5423)
• [nodeos] Do not apply transaction optimizations on light-nodes when speculating (#5415)
• [cleos] Do not modify transaction during push transaction if it is already signed (#5461)

Mitigations

• Nodes running version 1.2.3 will by default subjectively reject transactions in which a contract executing an action notification handler tries to bill RAM to any other account. The subjective rejection can be disabled on a node by setting the disable-ram-billing-notify-checks boolean field to true in config.ini. This mitigation, if adopted by all active block producers of an EOSIO blockchain, will protect contracts and users of that blockchain from malicious contracts which attempt to waste the available RAM of accounts that (indirectly) trigger the execution of those malicious contracts. Enabling this mitigation, however, disables a common pattern found in some EOSIO-based smart contracts (e.g. creating a new database table row in response to an eosio::transfer action directed to the contract as a recipient), which may disrupt the operation of effected smart contracts until they are updated to use more appropriate patterns (see #5451 for details).