EOSIO Release 1.2.2

This release provides bug fixes and non-critical security fixes.

Description of the Issues

Fix Null-pointer Dereference for Stalled Producers (#5286)

397659b created the potential for there to be no pending block after the call to producer_plugin_impl::maybe_produce_block if the block was produced more than 5 seconds after its intended deadline. This is an exceptional case observed only when producing blocks on a node that is also servicing a large RPC request load. Nevertheless, in that case the logging that would execute after the call to producer_plugin_impl::maybe_produce_block presumed that the pending block was present and valid without checking resulting in a dereferenced null pointer.

Fix for MongoDB action filtering (#5306)

Previous filtering functionality in the deprecated history_plugin was based on action_trace which includes the actions that implicitly execute during a transaction. The filtering for MongoDB was meant to be identical to that functionality.

Fix for bios-boot-tutorial.py (#5355)

Changes to cleos in v1.2.0 broke this tutorial script.

Fix incorrect JSON field expected by cleos (#5294)

cleos was not expecting the correct JSON response for /v1/chain/get_account when attempting to infer the parent value for a new permission when invoking cleos set account permission ACCOUNT active PUBKEY

Remove deprecated support for code_as_wasm parameter (#5354)

Use of this parameter was deprecated in the v1.2.0 release and is being removed.

Return data even if ABI deserialization fails (#5260)

Occasionally, RPC responses would misreport a successful transaction submission as unsuccessful due to time constraints on pretty-printing the action payload.

Consider delays when determining keys (#5291)

/v1/chain/get_required_keys was not taking the delay in the transaction into account when determining which keys to return.

Mitigations

• None

EOSIO 1.2.1 Release Notes

This release provides bug fixes.

Description of the Issues

Fix Null-pointer Dereference for Waiting Producers (#5258)

#4972 created a different calling path into producer_plugin_impl::calculate_next_block_time where there was no pending block state. As a result when the following conditions were met the code would dereference a null pointer:

• the node was a producer, who had produced during this processes lifetime OR replayed a block where they produced (so they have watermark data)
• the producer was still in the active schedule of producers
• the chain experienced a gap in blocks of > 5 seconds (so they moved to our “waiting” mode)

Fix for eosiocpp in the eos-dev Docker image (#5261)

With the restoration of eosiocpp some of the internal paths had changed and/or gone stale preventing users from compiling contracts.

Other

• Better Error Messaging When Passing Non-WASM Files to cleos (#5257)

Mitigations

• None

EOSIO 1.2.0 Release Notes

This release comprises several additional features and fixes, in addition to the cumulative patches made against v1.1

A blog post providing more information can be found here

DEPRECATION NOTICES

• the history_plugin is deprecated in favor of one of the many data access plugins like the MongoDB plugin. There is no plan to remove it at this time however, new features will be added to other similar plugins without maintaining parity.
• eosiocpp this multi-tool has been deprecated in this release and will be removed in v1.3.0. It has been supplanted by on-going effort in the eosio.wasmsdk repository
• Disassembled WAST results via the /v1/chain/get_code RPC endpoint is deprecated and will be removed in v1.2.1. Similar functionality can be found in the tools provided by the eosio.wasmsdk repository
• Contract development libraries ( contracts/eosiolib , contracts/libc++ , and contracts/musl ) are deprecated and will be removed in v1.3.0. The new home for these contracts is the eosio.wasmsdk repository
• the following contracts are deprecated and will be removed in v1.3.0.
  • contracts/bancor
  • contracts/dice
  • contracts/eosio.* - these contracts are now tracked in the eosio.contracts repository
  • contracts/exchange
  • contracts/hello
  • contracts/identity
  • contracts/noop
  • contracts/payloadless
  • contracts/simple.token
  • contracts/skeleton
  • contracts/social
  • contracts/stltest
  • contracts/tic_tac_toe

REMOVAL NOTICES

• it is no longer possible to run the wallet_plugin or wallet_api_plugin as part of nodeos. This configuration has not been recommended for many versions as it places private information in the same process space as unrelated RPCs and the execution environment for untrusted code (WebAssembly). This release officially removes the support.

Changes

• #4710 fixes for launcher (mostly used internally in tests)
• #4733 Mongo Optimizations (ABI Caching)
• #4813 Integration Tests (Low Ram)
• #4791 Cleos Memory Leak
• #4799 Cleos listproducers support for R1 keys
• #4819 Cleos wallet create and create keys now write to files by default for security
• #4756 Add key_accounts and controlled accounts to MongoDB
• #4843 minor fix
• #4866 test cleanup
• #4868 integration tests support for bnet
• #4774 README updates
• #4853 RPC access for updating black/white lists
• #4854 code cleanup
• #4891 Better RPC/Cleos error reporting for bad requests
• #4905 integration test fixes
• #4946 OSX build script display changes
• #4908 RPC/Cleos support for sha256 secondary indices
• #4952 remove support for running wallet RPC on nodeos
• #5002 fix off by one in RPC response for get table
• #5005 version response from nodeos and keosd based on tagged release and local changes
• #4931 fix cleos asset transfers for non eosio.token assets
• #4870 multicore boost builds
• #4739 add filter-out option to allow blacklisting instead of whitelisting in history_plugin
• #5077 mirror SDK change to crypto.h
• #5090 mirror SDK change to fix asset overloading
• #4901 better signaling for scheduled transactions to plugins
• #5026 support for external plugins API is not at a stable release yet though
• #5066 support for inline actions and filter-out in mongodb
• #5130 replay performance optimizations & sync optimization: light verification
• #5101 customizable binary names
• #5097 Updated peer logging on bad packets
• #4511 Ricardeos script
• #5082 find_plugin safety
• #5139 fix for fedora build
• #4892 Get transaction ID from cleos/RPC
• #5125 rate limit reaping of dead connections
• #5096 configurable system account name
• #5122 restore eosiocpp and clean up installer
• #4721 wasm/abi paths now relative to contract directory
• #4972 fix for enable-stale-production
• #5131 only fetch unapplied transactions when needed
• #4924 clean up tic-tac-toe example
• #5154 fix for http_client_plugin malformed host header
• #4566 style cleanup in confirmation checks
• #5158 remove deprecated account_history_plugin
• #5161 fix for MongoDB filter-on configuration
• #5160 remove WAST support from cleos
• #5171 reclassify log message as debug
• #5179 better logging of conflicted port bindings
• #5201 launcher boot fixes
• #5061 support for 160-bit keys and key encoder type in cleos/RPC
• #5200 smoke test stability improvements
• #4960 resolve linker errors involving env.free
• #5203 apply MongoDB filter to transaction traces
• #5198 Read-only mode for nodeos
• #5018 Cleos convert command
• #5206 Allow eosiocpp to run without make install

EOSIO 1.1.6 Release Notes

This release provides bug fixes

Description of the Issues

Fix for eosiocpp in the eos-dev Docker image (#5262)

With the restoration of eosiocpp some of the internal paths had changed and/or gone stale preventing users from compiling contracts.

Mitigations

• None

EOSIO 1.1.5 Release Notes

This release provides bug fixes.

Description of the Issues

Fix for unchecked CPU and memory growth in net_plugin (#5202)

The two vectors (received_transactions and received_blocks) in the net_plugin were being improperly pruned when multiple connections managed to create entries leading to unchecked memory and processing growth. Additionally, lookups were always done by ID so, refactoring to a std::multimap instead of a vector of named "pair" types reduces the load of scanning for those transactions/blocks

Fix for regression on eosiocpp ( #5204 #5226 )

The command line utility eosiocpp was improperly removed instead of being DEPRECATED in a previous release. It has been restored however, users are encouraged to begin migrating pipelines and processes to the eosio.wasmsdk repository.

GNU build-id on linux ( #5232 )

In order to facilitate better submissions from the perf tool on linux, nodeos will now be built with a GNU build-id on supporting platforms.

Mitigations

• None

EOSIO 1.1.4 Release Notes

This release provides bug fixes and regression tests.

Description of the Issues

Ambiguous CPU billing of scheduled transactions (#5068)

in #5001 the ability to bill appropriate CPU time for soft_fail and hard_fail scheduled transaction was added. However, this exposes an ambiguity in the block structure: There is no way to represent the objective failure of a scheduled transaction due to a limit that was breached by the billed CPU time. Producing a block with this ambiguity would fail to validate protecting the chain but causing minor disruptions. As a result, producers will no longer include those scheduled transactions in their blocks, giving each producer a chance to execute it in under the limited time or to another objective failure case. (#5068)

Misclassification of Blocks as "exhausted" (#5071)

The producer_plugin was treating leeway cpu exceptions as subjective failures. This implied to the rest of the producer_plugin code that the block is exhausted. However, this exception does not represent an exhausted block and rarely clears in the next block. Therefore, leeway cpu exceptions are no longer considered block exhaustion signals.

Regression Tests for Previous Security Issues

This release includes regression tests that cover security issues fixed through version 1.0.8. Regression tests lag the disclosing release(s) by one-month to enhance the security of operational networks.

Other

• Fix for asset overflows in eosiolib for parity with the WASM SDK (#5092)

Mitigations

• None

EOSIO 1.1.3 Release Notes

This release provides non-critical security updates, bug fixes

Description of the Issues

Bugfixes

The removal of subjective leeway time for scheduled transactions in Version 1.1.2 exposed a latent bug in validation logic that eventually prevented nodes from being able to join active and valid chains ( #4986 ). As a result, Version 1.1.2 is considered invalid and all node operators running it should consider upgrading.

Non Critical Security Updates

• fixed edge case where scheduled transactions that fail ( hard_fail or soft_fail status ) could throw exceptions out to the calling code in violation of the expected semantics of the controller::push_scheduled_transaction method
• fixed bug preventing proper cpu billing for scheduled transactions that fail ( hard_fail or soft_fail status )

Mitigations

• Boost 1.68 will soon be released. Pin the MacOS homebrew install to 1.67, for now, to preemptively avoid auto upgrade when running eosio build script.

EOSIO 1.1.2 Release Notes

THIS RELEASE IS NO LONGER SUPPORTED PLEASE UPGRADE TO v1.1.3

The release of v1.1.2 provides non-critical security updates, bug fixes and minor improvements.

Description of the Issues

This release addresses the following issues:

Bug Fixes and Minor Improvements

• renamed LICENSE.txt to LICENSE (#4969)
• added warning/correction when implicitly installing to system-wide paths (#4970)
• better discovery of core CPU count during build (#4977)
• removal of duplicated block signature check (#4951)
• improved installation of binaries and contract dev dependencies (#4844)

Non-Critical Security Updates (#4981)

• Optimize block_status tracking in bnet_plugin
• Optimize connection releasing in net_plugin
• Move misaligned array copy to heap
• Dissallow scheduled transactions from using subjective leeway cpu time
• Respect wall-clock deadline for blocks in the producer_plugin::start_block
• Serialize transactions in cleos instead of using an RPC

Mitigations

• None

EOSIO 1.1.1 Release Notes

The release of v1.1.1 provides critical security updates previously disclosed to existing EOSIO-based blockchain custodians as well as non-critical security updates.

Description of the Critical Issues

Self-Cancelling Deferred Transactions

Calling cancel_deferred(sender_id) using the sender_id of the currently executing deferred transaction was not properly handled. This has been resolved so that the cancel_deferred call semantics match the expectation that passing invalid or already-retired sender_id is a no-op. The currently executing transaction is considered "retired" WRT these semantics.

Description of the Non-Critical Issues

Stalled Producer Plugin

Promoting producer schedule changes from pending to active requires 2/3+1 confirmations from the currently active producers. There was an edge case when:

• 2/3 confirmations were present (only 1 more needed) AND
• The FIRST producer who had the option to provide the last confirmation each round was DOWN or otherwise not producing AND
• ALL other producers who had the option were either
  • not present in the pending schedule OR
  • had moved to a different position in the list

In this case, the remaining producer nodes who could provide the needed confirmation would calculate the wrong time to wake-up and produce a confirmation.

In extreme cases, this would lead to enough producers abstaining from production, despite being live and ready, to stall the promotion. This issue has been resolved.

BNet Plugin Safety

The BNet plugin exchanges messages with peers to optimize out multiple delivery of a single block. There is now a limited window of retained block IDs for this purpose.

Net Plugin Sanity Checks

The Net plugin has improved sanity checks on incoming block requests.

extended_symbol::operator <

Contracts which compared extended_symbols using the < operator would not take the extended information about hosting contract into account. This change will be reflected in the next release of the WASM SDK.

Mitigations

• None

EOSIO 1.1.0 Release Notes

Features Introduced in 1.1.0

Note, the EOSIO Developer Portal documentation has not been updated yet, this work is being done over the next few days. This notice will be removed once the documentation has been updated.

MongoDB Plugin (#4304)

The MongoDB Plugin (eosio::mongo_db_plugin) is an optional plugin that provides archiving of blockchain data into a MongoDB. This creates a read-only copy of the data in the blockchain that enables highly-scalable and convenient queries on that data.

For information on deploying and accessing a MongoDB cluster, please visit The EOSIO Developer Portal.

Read-Mode: HEAD (#4373)

Configuring an instance of nodeos for Read-Mode: HEAD means that all RPC endpoints will return data as of the latest (head) block of the chain. This excludes any changes from unconfirmed transactions that may be relaying on the peer-to-peer network. This mode can be useful to determine what transactions have been applied to the blockchain by at least one producer but may not have reached finality.

Future read modes will provide even stronger guarantees for the data returned by the RPC.

For more information on configuring nodeos to run in Read-Mode: HEAD, please visit The EOSIO Developer Portal.

nodeos Quality of Life Improvements

Faster Syncing (#4649)

Previously, when a new node was syncing the blockchain it would also attempt to remain a good network citizen and validate/relay transactions that it learned about. If the chain was too far out of sync, not only did the accuracy of the validation degrade but the cost of doing the validation increased.

In version 1.1.0, nodeos will no longer attempt to relay transactions when they are too far out of sync to provide meaningful validation. The result is a significant performance improvement when syncing into a network for the first time or if a node falls behind.

Database Size Guards (#4666)

The two in-memory databases that drive EOSIO, state DB and reversible block DB, are now protected by usage guards which allow running instances of nodeos to detect imminent overages and gracefully shutdown the process before hitting the dreaded BAD_ALLOC exception that caused dirty databases and required a long replay to fix. Recovering from exhausted databases is now as easy as modifying a single config and restarting the process without any need for replays or resyncs to the network.

For information on configuring the database sizes and guards, please visit The EOSIO Developer Portal.

Preview Releases in 1.1.0

This release includes a few features which, while not production ready, represent the direction the EOSIO blockchain software. We invite community members to test and provide feedback on these features as they progress towards their respective releases.

Fair Warning, these features should be considered "ALPHA" quality.

Hardware Wallet support in keosd

Hardware wallets provide superior security to software alternatives. As part of an on-going effort to make it easy for users to secure their keys on EOSIO blockchains, keosd will be gradually adding support for accessible and widely available hardware wallet technologies.

OSX Secure Enclave (#4244)

Apple's Secure Enclave is present in several of their popular laptop and desktop offerings. keosd now allows any user who owns a recent Apple computer to begin securing their EOSIO accounts with hardware-based keys via the Secure Enclave.

Once the wallet is unlocked, you can issue cleos wallet create_key -n SecureEnclave commands to create keys within the Secure Enclave wallet. You may not import keys.

In order to access Secure Enclave your executable must be signed. For more information on building a signed preview release of keosd with Secure Enclave support, please visit The EOSIO Developer Portal.

YubiHSM 2 (#4526)

The YubiHSM 2 is an external hardware security module that can be added to any user's computer with a USB port. keosd now allows any user on supported Linux distributions and MacOS to begin securing their EOSIO accounts with hardware-based keys via the YubiHSM 2. This may be particularly interesting for block-producers running on hard-iron. We are seeking feedback on the level of interest in support for the YubiHSM 2, please add feedback to #4526.

For more information on building a preview release of keosd with YubiHSM 2 support, please visit The EOSIO Developer Portal.

Login Plugin (#4375)

The login plugin is the first component supporting the concept of applications authenticating with the EOSIO blockchain. The plugin API allows you to verify a user is able to sign to satisfy a specified authority. The API for the plugin is preliminary and may change in the future.

Other Changes

• [cleos/RPC] Support for secondary indices when reading table data (#4053)
• [cleos] Support for proposing whole transactions to eosio.msig (#4248)
• [cleos] Support for eosio.sudo (#4431)
• [cleos] Support for issuing atomic delegatebw/buyram transactions (#4297)
• [cleos] Support for buyram in KiB (#4427)
• [cleos] Major pass at improving error messaging (#4587)
• [RPC] Endpoint for fetching scheduled transactions (#4470)
• [nodeos] Support for greylisting accounts, preventing access to the unclaimed resources in an uncongested chain (#4368)
• [nodeos] Support finer control over timing of block transmission to compensate for network lag between producers (#4118)
• [nodeos] Support for checkpoints which can enforce the chain includes well-known-valid blocks during sync (#4471)
• [nodeos] Support for exporting and importing reversible block database as portable file format (#4253 and #4680)
• [nodeos] Improved producer watermark tracking (#4560)
• [nodeos] Logging updated to use ISO timestamps (#4255)