Ethereum Dev Update 2015 / Week 41

In an effort to bring the community more information about the going-ons at Ethereum, we’re planning to release semi-weekly updates of project progress. I hope this provides some high-level information without having to live on GitHub ;) The Go and C++ teams have daily standups and are making regular progress along with several other improvements around the ecosystem. Concurrent with this, the teams are gearing up for DEVCON1, preparing talks and presentations along with finalizing more details in the coming weeks. If you... [Read More]

Security Advisory [eth (cpp-ethereum) potentially vulnerable if running with UPnP enabled]

Affected configurations: Issue reported for eth (cpp-ethereum).</section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody">Likelihood: Medium</section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody">Severity: High</section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody">Impact: Potentially achieve remote code execution on a machine running eth (cpp-ethereum)</section><section class="postbody"></section><section class="postbody"></section><section class="postbody">Details:</section>A vulnerability found in the MiniUPnP library can potentially affect eth clients running with UPnP enabled. Effects on expected chain reorganisation depth: none</section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody"></section><section class="postbody">Remedial action taken by Ethereum: We are verifying whether this can indeed... [Read More]

The Evolution of Ethereum

Many of you know that the Ethereum platform grew out of the realization that blockchains can go far beyond currency, together with a frustration with the limitations of previous projects. The core idea was simple: a blockchain with a built-in Turing-complete programming language, allowing users to build any kind of applications on top. Over time, the vision evolved and expanded. The blockchain remains a crucial centerpiece, but it is ultimately only part of a larger vision of “web 3.0” as... [Read More]

More uncle statistics

The following are some interesting results on the performance of different miners over the course of the first 280,000 blocks of the Ethereum blockchain. For this timespan I have collected the list of block and uncle coinbase addresses; raw data can be found here for blocks and here for uncles, and from this we can glean a lot of interesting information particularly about stale rates and how well-connected the different miners and pools are. First off, the scatter plot: What... [Read More]

DEVcon is back!

DevCon 1 will be happening in London on November 9-13, a little over one hundred days since the Ethereum network launched. Over the last months, we’ve seen the network grow from a few hundred nodes starting on that one exciting and special night to a very substantial, globally deployed stable platform with thousands of devs pushing towards the decentralization revolution which motivates and inspires us. DevCon will have three primary categories of topics: Basic research and core protocols: including proof... [Read More]

Ethereum Comms Announcement

The foundation is currently in the phase of restructuring its communications activities. Several members of our current communications team in London are soon leaving or reducing their involvement in the Foundation in order to pursue for-profit ventures on top of the Ethereum ecosystem; we wish them the best of luck. And so, we have both the necessity and a unique opportunity to “reboot” that side of the organization and take another look at how the Ethereum foundation interacts with the... [Read More]

Ethereum Wallet – Developer Preview

We are happy to announce our very first developer-preview of the Ethereum Wallet ÐApp. The point of this release is to gather feedback, squash bugs and, most importantly, get the code audited. Please note that this is a developer-preview and not the final release. We advise you to be extremely careful putting large amount of Ether in the wallet contracts. Using the wallet on the mainnet should only be done with small amounts!   As Steve Ballmer once said Developers!... [Read More]

On Slow and Fast Block Times

One of the largest sources of confusion in the question of blockchain security is the precise effect of the block time. If one blockchain has a block time of 10 minutes, and the other has an estimated block time of 17 seconds, then what exactly does that mean? What is the equivalent of six confirmations on the 10-minute blockchain on the 17-second blockchain? Is blockchain security simply a matter of time, is it a matter of blocks, or a combination... [Read More]

Security Alert – [Previous security patch can lead to invalid state root on Go clients with a specific transaction sequence – Fixed. Please update.]

  Summary: Implementation bug in the go client may lead to invalid state Affected client versions: Latest (unpatched) versions of Go client; v1.1.2, v1.0.4 tags and develop, master branches before September 9. Likelihood: Low Severity: High Impact: High Details: Go ethereum client does not correctly restore state of execution environment when a transaction goes out-of-gas if - within the same block - a contract was suicided. This would result in an invalid copy operation of the state object; flagging the... [Read More]

A message from Stephan Tual

To the wonderful Ethereum Community, You often heard me say at conferences that Ethereum was not a company, a foundation, an implementation, or an individual. Ethereum is both an idea and an ideal, encompassing the first censorship-resistant network build specifically to enable those who need it the most to safely trade, privately self-organise and freely communicate, rather than relying on the crippled walled garden handed out by the powers that be. Due to divergence in personal values, Eth/Dev and I... [Read More]