Releases: nknorg/nkn
v2.0
v2.0 is the first security audited and non-beta version of mainnet, as part of the NKN 2.0 ecosystem.
Feature Highlights
There are massive new features and improvements compared to mainnet v1.0 released, here are some of the highlights:
- Security audited by world leading security company Chaitin Tech, all known issues have already been fixed (with one low vulnerability issue as exception, which will be fixed in the future)
- New secure wallet format v2 using state of the art key derivation function, millions times harder to brute force than v1 format
- Name service generally available: using human readable name instead of public key for sending and receiving messages
- NanoPay generally available: lock-free payment channel for bandwidth usage payment
- Significant relay performance improvement: 95% less relay RAM usage, 20x higher throughput for low memory node
- Network and consensus security enhancement
- State pruning will be turned on by default (pruning only happens when nknd starts)
Upgrade to v2 Wallet Format
v1 wallet format is being deprecated because v2 wallet format is much more secure than v1. NKN node and SDK will continue to support v1 wallet format, but wallet created by new version of nknc and SDK will be in v2 format.
Existing wallets in v1 format are strongly recommended to be upgraded to v2 format if there are (or will be) any token in them. We provide a few simple way to upgrade v1 wallet to v2:
- Import your v1
wallet.json
in https://wallet.nkn.org and download it to getwallet.json
in v2 format. Note: you need to explicitly import the wallet; if you find you don't need to import it and browser remembers your wallet, the downloaded wallet will still be v1 format. A simple way to make sure it works is to open https://wallet.nkn.org in browser's private mode. - Use
nknc wallet --changepassword
to change your wallet password, and the updatedwallet.json
will be in v2 format. You can use the same password as new password, and nknc will still update the wallet to v2 format.
nkn-commercial
As part of the NKN 2.0 ecosystem, we also released nkn-commercial. nkn-commercial provides a much more convenient way to run and upgrade nknd, see details at: NKN commercial: an all-in-one mining software for NKN ecosystem
v1.1.7-beta
This version continues to fix a few potential security problems found during the ongoing security audit. In addition, a few optimization are introduced to greatly reduce RAM usage under high throughput relay (some of them will be activated in the next version). More changes can be found in the change notes below.
Because new security mechanism and protocols are introduced, old version will no longer be able to produce valid signature chain (and earn mining rewards) after block height 1,200,000.
Security
- Avoid the same sigchain to be backtracked multiple times
- Ignore vote with invalid height in persist finish state
- Add rate limiting for RPC requests and sync block msg
- Migrate sigchain sigAlgo from hash to signature
Consensus
- Add minimal number of neighbor samples to help bootstrap network
- Fix syncing node election starts later than persist nodes
Network
- Reduce message id cache RAM usage
- Add pin sigchain protocol to reduce relay RAM usage (stage 1/2)
- Add pin src sigchain logic to reduce first relay node RAM usage
RPC
- Add https json rpc address in getws[s]addr response
nknc
- Fix nknc create wallet might print wrong address
Code Quality
- Remove legacy crypto big int code from old ECDSA signature
- Fix gofmt, ineffassign, misspell warnings
v1.1.6-beta
This version fixed a few potential security problems found during the ongoing security audit. In addition, it fixed a problem that might cause join network failure.
Security
- Prevent last 2 elements in sigchain to be the same
- Returns error if proposal txn hash list contains duplicate
- Will not cache sigchain txn with invalid txn signature
- Use random neighbor probabilistically chance when stabilize
- Unify fee subtract and nonce increment logic for all txn types
- Check amount and fee range when checking payload
Network
- Connect to random neighbor first when joining the network to improve join reliability
v1.1.5-beta
This is a minor release with a lot of improvements. Upgrade is recommended.
Logs
- Remove old log files if total log file size exceeds a limit
Build
- Add web directory to git repo for user's convenience
- Add docker entrypoint to create default config/wallet/certs/etc
Security
- Will not cache block with invalid signature
- Add neighbor sent block with invalid signature to blacklist
Client
- Use periodical ping/pong message to detect client timeout rapidly
- Will put message into buffer if client timeout
v1.1.4-beta
This is a major release that will re-enable name service functions at block height 980,000, including name registration, extension, transfer and delete. Name registration now costs a fee (10 NKN) and is valid only for a year to avoid spamming attacks.
Please update your node BEFORE block height 980,000 (around March 7th, 2020). Old version will not be able to parse new name service transactions and thus will fail to work after block height 980,000.
v1.1.3-beta
This version fixes a few TLS related issues. Starting from this version, https/wss support will be officially enabled. Some important notes:
- TLS certs content has been updated. Please make sure to update certs!
- TLS certs name has been changed for window compatibility.
- Just in case you missed the previous upgrade info: please make sure port 30004/30005 are also open, otherwise TLS clients will not be able to connect to you.
v1.1.2-beta.1
This minor update rename the default certificates name to support windows.
v1.1.2-beta
This is a major release that introduced various features. Particularly, every miner should read this:
- Two more ports 30004 and 30005 need to be open in order to accept https/wss clients and receive more mining rewards!
- The
certs
directory should be shipped together with nknd! It's included in the release zip file, but if you are using your own script to install/update nodes, please remember to include/updatescerts
directory together!
Feature highlights:
- Implement [NKP-0003] Providing https/wss endpoint for EVERY NKN node, now every node needs to open port 30001-30005 (two more ports 30004/30005 needs to be open) in order to accept https/wss clients and receive more rewards
- Introducing go-upnp as another NAT traversal library to increase success rate
- Starting http json server while generating id to allow node monitor get status earlier
v1.1.1-beta
This is a major release that introduced various features, security updates, and performance optimization. Feature highlights:
Database:
- Implement state pruning that can greatly reduce ChainDB size by removing unused states. State pruning is still be beta phase and is not enabled by default. You can enable it by setting
StatePruningMode
to"lowmem"
inconfig.json
, or start nknd with--pruning lowmem
argument. In the future state pruning will be enabled by default. When state pruning is enabled, every time nknd starts, it will first prune local ChainDB, which might take a long time depending on last pruned height. Pruning an unpruned ChainDB can take a few days depending on your node's disk I/O speed, so please be patient or start from a pruned snapshot (e.g. https://nkn.org/ChainDB_pruned_latest.zip or https://nkn.org/ChainDB_pruned_latest.tar.gz)
Consensus:
- Implement random sampling neighbors in voting and gossip
Security:
- Add block verification when syncing and persisting blocks
Client:
- Implement multicast and compression protocol
Others:
- Fix the bug that nanopay txn not in txpool gets removed
- Fix the bug that nknc return code is not correct
v1.1.0-beta.1
This release fixes a bug that might cause nknd to panic in a race condition. In addition, it reduces bandwidth usage by not sending blocks to client by default.