Open in app

Sign in

Write

Sign in

Ethereum Cat Herders Update #48

Ethereum mainnet attack, Travis CI security issue, Merge — engine API design, Beacon chain upgrade — Altair on mainnet in October, All core dev meeting, Verkle Tree presentation, and more community update.

Pooja Ranjan
Ethereum Cat Herders
8 min readSep 14, 2021

--

Welcome to the latest edition of the Ethereum Cat Herders community update to share what's going on in the Ethereum clients’ developers meeting and bring you up to speed since the last update.

TL;DR

  • Ethereum mainnet attack — Nethermind team released a fix for future the mainnet attack happened today. Update your node to Nethermind v1.11.2.
  • The Merge — The team will look for initial targets for devnets. Core sets of the doc will be coordinated in the devnet for the Merge.
  • Altair upgrade — Prater testnet forked on Sep 2nd. Mainnet fork will be planned for October. Expect client release by the end of this month.
  • Travis CI security issue — Travis CI security issue was identified by Felix Lange about a week ago. They published a Security Bulletin today after silently patching the issue.
  • EIPs Insight A monthly report to provide EIP status change and other EIPs related tasks.

Ethereum mainnet attack (Sep 14, 2021)

As shared in a tweet thread by Marius, someone unsuccessfully tried to attack the Ethereum mainnet today by publishing a long (~550) block that contained invalid proof of work. Only a small percentage of Nethermind nodes switched to this invalid chain. All other clients rejected the long sidechain as invalid. The affected archive nodes have been recovered. Most of our fast sync nodes were not affected but one did not manage to reorg due to pruning. The Nethermind team has already applied a fix for future attacks. Update your node to Nethermind v1.11.2.

The Merge

Soon after the London upgrade is deployed on the mainnet, the main focus of Ethereum developers is shifted to The Merge. The Merge will switch Ethereum’s current proof of work consensus algorithm to the proof of stake mechanism running on the beacon chain. In the past few weeks, we had 2 dedicated merge meetings on the API design space — Consensus API design space & Engine API design space and part of the discussion also happened in the ACD meeting 121.

https://hackmd.io/@n0ble/consensus_api_design_space#Consensus-rules-are-validated-before-the-payload

Mikhail Kalinin put together the Engine API design space document to frame the design space of the Consensus API. The end goal is to come up with a solution that would not restrict future extensibility of the protocol and on the other hand, would re-use as much of the existing JSON-RPC implementation over HTTP and WebSockets that are already present across clients.

The latest Merge meeting briefly covered changes in the Minimal set of methods section that have been added after discussions in earlier meetings. The team will look for initial targets for devnets. Core sets of the doc will be coordinated in the devnet for Merge.

In ACD 121, Felix Lange shared a document Sync & The Merge, and walked us through the Geth team’s ideas for implementing chain synchronization on the merged eth1 + eth2 chain. In an early review of the schemes, two issues were discovered. Both stem from the misunderstanding of eth2 finalization semantics. So, it seems that the sync scheme presented there will not work without modifications. Follow the post-presentation discussion on the call.

Merge Resources

Consensus Layer (Eth2.0)

Altair upgrade

  • Mainnet fork will be planned in October, Client releases are expected by the end of this month.
  • Pick Altair fork epoch in 2 weeks' time, more testing/analysis in the meantime.
  • Altair will not be a blocker for the Merge. The next wave of merge implementation will be ready.

Prater testnet

  • Prater testnet forked on Sep 2nd, generally successful, some bumps.
  • Teku was unable to produce a valid block for the first epoch but was fine thereafter. Adrian Sutton analyzed the cause, and the issue is fixed.
  • The testnet explorer showed lower than expected participation. Danny and the team will do more digging, analysis this week.

Pyrmont testnet

Altair fork is complete and stable on Pyrmont, we are inducing a number of behaviors on the soon-to-be-deprecated Pyrmont. The complete checklist for Pyrmont scenario testing can be found here.

Clients’ update

Most clients are ready with support for the Altair upgrade on the Prater testnet.

  • Nimbus-eth2 v1.4.2.
  • Lighthouse — Doofus Rick. A fix to a recent issue where a drop in peer count resulted in sub-optimal attestation performance. The fork schedule API has been updated for Altair
  • Lodestar —Release v0.29.3
  • Prysm — v1.4.4 — Update head timely feature and optimized balance updates feature are now on by default.
  • Teku —v21.8.2 — Scheduled Altair upgrade on the Prater testnet at epoch 36660.

Other resources for Consensus Layer update

Ethereum All Core Devs meeting

In the last ACD call, most of the discussions were around the Merge. Mikhail shared Consensus API improvements docs, discussion on the post-merge syncing and reorg processing.

  • Lightclinet summarized the EIP-3756: A global gas cap. This will be further discussed in the upcoming calls.
  • EIP status change — Discussed moving two previous EIPs for Eth 64, and Eth 65 to final status because they are in use and it’s a requirement for Eth 66 to be moved to Final.
  • Breakout room call for wallet and infrastructure support for 1559.

Execution Clients update

Other resources

Ethereum Improvement Proposals (EIPs)

EIPIP meeting

Highlights of the EIPIP meeting 40 are:

  • Add execution clients info at execution-specs40.
  • Update EIP editors in EIP-1
  • EIPIP meetings will now be occurring once a month.
  • Notes 40. the next meeting is planned for Sep 22, 2021, at 15:00 UTC.

Other resources

  • EIPs Insight: Recently I’ve started documenting a report on monthly progress made on the EIP editing, including new EIPs, status change for existing proposals, and automatization by the bot. The first issue is published for August 2021.

Community updates

Sign-in with Ethereum

A few weeks ago, the Ethereum Foundation and Ethereum Name Service (ENS) put forward a Request for Proposal for Sign-in with Ethereum, which will allow users to use their Ethereum accounts to access web services instead of accounts owned by large corporations. The Ethereum ecosystem has tens of millions of monthly active wallets. The goal is to have these secure wallets to be used to sign in to Web2 services.

Spruce is an open-source software company focused solely on decentralized identity and data. They build crypto native tools that help users manage their identity and data across platforms, such as our recent implementation of EIP-712 signing in Rust.

Travis CI security issue

Security Bulletin

According to a Twitter thread by Péter Szilágyi, Felix Lange (Geth team) found an issue that between the 3 Sept and 10 Sept, secure env vars of *all* public TravisCI repositories were injected into PR builds. Signing keys, access creds, API tokens. Anyone could exfiltrate these and gain lateral movement into 1000s of orgs. The team Travis CI was notified within the hour. But the response received was no acknowledgment of responsibility, not any assurance of it to be fixed soon. Then the Geth team reached GitHub to have Travis blacklisted. Today they published a Security Bulletin, of course without any thankful acknowledgment to the Geth team’s contribution.

Events & hackathons

https://www.youtube.com/watch?v=A1wGFfDWPQ0&t=1910s

EF blogs

Ethereum Cat Herders

PEEPanEIP

https://youtu.be/RGJOQHzg3UQ

Upcoming

  • Altair upgrade & roadmap ahead (Prysm) with Terence & Raul on Sep 15th at 18:30 UTC
  • Beacon chain metrics & benchmark research with Parithosh & Leo on Sep 28 at 18:30 UTC.
  • For upcoming meetings follow the PEEPanEIP schedule.

New joiners meeting

We’re looking into ways to involve new people in the Ethereum ecosystem and with a bunch of new people joining in, we organized a “New community members meeting” yesterday. This was just for introduction and exchange of thoughts that they have and ways to contribute to the ecosystem.

The general feedback from the call was that it’s helpful talking to a smaller group and getting answers to questions that new people don’t know whom to ask. So, I am considering another call, maybe in two weeks so we can get a few more new people on the call. I already have received some new onboarding applications.

The London upgrade commemorating: NFT Distribution

We‘re happy to announce that after spending a couple of weeks collecting wallet addresses from client teams, EIP authors, editors, and multiple working groups, we’ve distributed 62/100 NFTs. Shoutout to William Schwab & William Xuan for making all the transactions to deliver the NFTs to the end recipients. If you know a contributor who is interested in receiving the NFT and is missed, reach us on the ECH Discord.

Mid-year report (Q2-Q3, 2021)

We published The Ethereum Cat Herders mid-year report on tasks & initiatives led by the ECH, contributing to the growth & development of the Ethereum ecosystem in Q2-Q3, 2021.

Catblazer Chronicles Jul-Aug ‘21

William Schwab published a report highlighting tasks performed by him as the Catblazer in the month of July-Aug. Read the full report here.

Support the Ethereum Cat Herders

Share your question, comments, and suggestions with me on Twitter. Thank you for reading 🙏.

— The Ethereum Cat Herders

Ethereum
Ethereum Cat Herders
Altair
Upgrade

--

--

Pooja Ranjan
Ethereum Cat Herders

Written by Pooja Ranjan

466 Followers

Herder-in-chief @EthCatHerders, Founder @ether_world, EIPsInsight.com. I share news and views about blockchain technology. Ethereum.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams