Skip to content

Commit

Permalink
changelog and version bump
Browse files Browse the repository at this point in the history
  • Loading branch information
goatpig committed Sep 21, 2017
1 parent 7bd9887 commit 2b65ac0
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 3 deletions.
2 changes: 1 addition & 1 deletion armoryengine/ArmoryUtils.py
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@
LEVELDB_HEADERS = 'leveldb_headers'

# Version Numbers
BTCARMORY_VERSION = (0, 96, 2, 0) # (Major, Minor, Bugfix, AutoIncrement)
BTCARMORY_VERSION = (0, 96, 3, 0) # (Major, Minor, Bugfix, AutoIncrement)
PYBTCWALLET_VERSION = (1, 35, 0, 0) # (Major, Minor, Bugfix, AutoIncrement)

# ARMORY_DONATION_ADDR = '1ArmoryXcfq7TnCSuZa9fQjRYwJ4bkRKfv'
Expand Down
26 changes: 26 additions & 0 deletions changelog.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,29 @@
v0.96.3 released September 21st 2017
== Vulnerability Fix ==
- Fragmented backups were using a faulty implementation of Shamir's Secret Sharing (SSS).
One of the requirement of SSS security parameters is that the coefficients of the curve are chozen randomly. The implementation
up to this point was deriving these coefficients deterministically.

- While it is hard to determine how far the deterministic coefficient generation erodes the security of SSS, and how exploitable
the vulnerability is, the recommendation for users of fragmented backups is to treat the wallets backed up in this fashion as
compromised and to migrate all funds to a new wallet.

- The fragmented backup code now properly randomizes the SSS coefficients. Fragmented backups created with version 0.96.3 and later
are safe to use.

- The result of this change is that fragmented backups will no longer be deterministic. The previous behavior guaranteed a given
wallet will always return the same set of fragments for a given M-of-N scheme. Since it deteriorates SSS security properties,
the behavior has to be rolled back.
- Fragment sets are now generated randomly, therefor an unique ID has been added to each set to identify them. You cannot mix
and match sets.
- While Armory can no longer generate deterministic fragments, it can still restore wallets from deterministic fragments.

- Many thanks to Gregory Maxwell ([email protected]) for identifying and reporting the vulnerability as well as reviewing the fix.

== Fixed ==
- Fixed faulty version packet deserialization revealed by Core 0.15.0.1


v0.96.2, released August 27th 2017
== Added ==
- Enabled SegWit on the mainnet. Running against a node with WITNESS service bit flagged will allow you to create SegWit addresses.
Expand Down
2 changes: 1 addition & 1 deletion configure.ac
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AC_PREREQ(2.60)
AC_INIT([BitcoinArmory], [0.96.1], [[email protected]])
AC_INIT([BitcoinArmory], [0.96.3], [[email protected]])

AM_INIT_AUTOMAKE([1.10 subdir-objects foreign -Wall -Werror])

Expand Down
2 changes: 1 addition & 1 deletion cppForSwig/BitcoinP2P.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -936,7 +936,7 @@ void BitcoinP2P::connectLoop(void)
version.setVersionHeaderIPv4(70012, services, timestamp,
node_addr_, clientsocketaddr);

version.userAgent_ = "Armory:0.96.2";
version.userAgent_ = "Armory:0.96.3";
version.startHeight_ = -1;

sendMessage(move(version));
Expand Down

0 comments on commit 2b65ac0

Please sign in to comment.