Go Ethereum’s JIT-EVM

The Ethereum Virtual machine is kind of different than most other Virtual Machines out there. In my previous post I already explained how it’s used and described some of its characteristics. The Ethereum Virtual Machine (EVM) is a simple but powerful, Turing complete 256bit Virtual Machine that allows anyone to execute arbitrary EVM Byte Code.</blockquote> The go-ethereum project contains two implementations of the EVM. A simple and straightforward byte-code VM and a more sophisticated JIT-VM. In this post I’m going to explain some of the differences... [Read More]

Security Alert – cpp-ethereum keeps accounts unlocked

Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.5 (fixed in 1.2.6) Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again.</section><section class="postbody"></section><section class="postbody">Severity: High</section><section class="postbody"></section><section class="postbody">Possible Attacks: Attackers can spend funds from previously used accounts if they have access to the local machine or to an exposed json-rpc interface.</section><section class="postbody"></section><section class="postbody">Details: Due to a bug in cpp-ethereum, accounts stay unlocked once their password... [Read More]

Security Alert – Geth suffers from a very low probable DoS attack vector – Update immediately

Affected configurations: All Go client versions  Likelihood: Very low Severity: High Details: A bug in Geth (and potentially other clients) may suffer from a DoS attack and allows remote attackers to stall synchronisation process almost indefinitely by supplying a valid, lighter chain. More information will be given out a later time including the report that was submitted through the bug bounty program. Effects on expected chain reorganisation depth: None Proposed temporary workaround: None Remedial action taken by Ethereum: Provision of hotfixes as below: If you’re using Mist:... [Read More]

On Settlement Finality

Special thanks to Tim Swanson for reviewing, and for further discussions on the arguments in his original paper on settlement finality. Recently one of the major disputes in ongoing debate between public blockchain and permissioned blockchain proponents is the issue of settlement finality. One of the simple properties that a centralized system at least appears to have is a notion of “finality”: once an operation is completed, that operation is completed for good, and there is no way that the... [Read More]

C++ DEV Update: Announcing Remix

After almost three months into the “reboot” of the C++ team, I would like to give an update about the team itself, what we did and what we plan to do. Team update The so-called C++ team currently consists of Paweł Bylica (@chfast), Greg Colvin (@gcolvin), Liana Husikyan (@LianaHus), Dimitry Khokhlov (@winsvega), Yann Levreau (@yann300), Bob Summerwill (@bobsummerwill), me (@chriseth) and (kindly “donated” by Eris Industries) RJ (@VoR0220). Paweł is the original author of the llvm-based EVM-to-native just-in-time compiler, re-joined in... [Read More]

Ethereum Foundation and Wanxiang Blockchain Labs announce a blockbuster event combining Devcon2 and the 2nd Global Blockchain Summit in Shanghai, September 19–24, 2016

[Last update: July 5, 2016] The Ethereum Foundation and Wanxiang Blockchain Labs are excited to jointly announce the International Blockchain Week in Shanghai, which will take place at Hyatt on the Bund, September 19–24, 2016. Both Ethereum’s Devcon and Wanxiang Blockchain Labs’ Global Blockchain Summit were sold out last year with great interest and anticipation for this year’s events. Now, people who wish to attend both events can do so in the same week. The combined event features a unique... [Read More]

Ethereum Partners with R3CEV on Lizardcoin, Bringing Together the Best of Centralized Finance and Blockchain Technology

The Ethereum Foundation has announced that it will be working with the New York-based banking consortium R3CEV on creating a new blockchain-based cryptocurrency, Lizardcoin, which aims to showcase the benefits of blockchain technology as well as the consortium’s ability to bring the technology to institutional clients and the regulation-loving masses by supplementing it with a healthy dose of centralized control. Lizardcoin aims to be a direct competitor to Bitcoin as a store-of-value, beating out Bitcoin’s 21 million fixed supply cap... [Read More]

Solidity Available in Visual Studio

Consensys and Microsoft have announced that the Ethereum contract programming language Solidity will be available in Microsoft’s Visual Studio integrated development environment. ConsenSys and Microsoft collaborated on this integration to enable developers to rapidly build smart contract-based applications for the public Ethereum blockchain, as well as private and consortium blockchain deployments based on Ethereum. This integration is being revealed at //Build, Microsoft’s annual developer conference, in San Francisco on March 30th; Vitalik Buterin, Consensys CEO Joseph Lubin and Consensys Enterprise... [Read More]

An Open Source Mining Pool Bounty and DEVgrant

Ethereum’s present reliance on Proof of Work (PoW) mining is not ideal, and while we continue to work with gusto towards a Proof of Stake solution (PoS), we have to live with PoW as gracefully as possible (at least until the eventual switch!). Meanwhile, in the interest of overall network health, mining decentralization and diversity is a clear imperative: [caption id=”attachment_2623” align=”alignnone” width=”622”] Mining Pool Diversity from March 28 via https://etherchain.org/statistics/miners[/caption] Though there are some instances of open source Ethereum... [Read More]

Serenity PoC2

After an additional two months of work after the release of the first python proof of concept release of Serenity, I am pleased to announce that Serenity PoC2 is now available. Although the release continues to be far from a testnet-ready client, much less a production-ready one, PoC2 brings with it a number of important improvements. First and foremost, the goal of PoC2 was to implement the complete protocol, including the basic corner cases (slashing bets and deposits), so as... [Read More]