Dogecoin Core 1.14.6 #3054
Replies: 13 comments 20 replies
-
Thank you all for your hard work |
Beta Was this translation helpful? Give feedback.
-
Q: What is the difference between a signed and unsigned version?Originally posted on r/dogecoindev by /u/regularqualitysound Simple answer: when in doubt, use the signed version. The signing is basically a mechanism that some OS's use (windows and macOS mainly) for any application that runs on your computer to have some form of anti-malware mechanism (or at least make it harder) For windows, we currently only have unsigned binaries but I'm working on getting signed ones and hope to add them to the release files. For macOS, the signed binaries have been notarized by Apple (using my registered developer account) to be unique and untampered. However, there is currently no way to 100% proof from a Dogecoin perspective that that is the same code as what is published on Github. So if you care about such things, then you can download the unsigned version and go through the hassle with Apple's security settings, and then run that. The difference in experience is really: signed = no hassle from Apple because they know I signed it. unsigned = lots of hassle to get it installed but you don't have to trust me at all because you can fully verify on your own that this is the code it says it is. Q: Can you confirm that the code signature has changed?Originally asked in #3064 by @suschizu Correct. Before, the signature was done by @langerhans, and this time it was done by @patricklodder. |
Beta Was this translation helpful? Give feedback.
-
Very nice update, thanks for your work! |
Beta Was this translation helpful? Give feedback.
-
Much wow |
Beta Was this translation helpful? Give feedback.
-
Awesome! could you please tell me what is the build system used for create binaries? |
Beta Was this translation helpful? Give feedback.
-
Security disclosure regarding fixes released with 1.14.6Today, a security disclosure has been made by Halborn, announcing that critical vulnerabilities were found in Dogecoin Core 1.14.5 software and older. The vulnerabilities were subsequently found to also exist in another 280 instances of bitcoin-derived blockchain software. Dogecoin maintainers were privately informed by Halborn about the vulnerabilities and resolved these in code that was released with version 1.14.6. All reported critical issues were confirmed to be resolved with the release of Dogecoin Core 1.14.6 by Halborn's engineers. The inclusion of the bugfixes were done in "stealth mode", to buy time for the network to upgrade organically and to allow security researchers time to address this with other software engineers and teams. Maintainers were already working at hardening the network code at the time, and we incorporated these fixes into that effort. Because the vulnerabilities were found in the code that implements the peer-to-peer protocol, individual nodes with low memory (2GB or less) were vulnerable to running out of memory. Today, with over 50% of the network having upgraded, the risk to the network as a whole is believed to be mitigated, but individual nodes that have not yet upgraded can still be vulnerable and all node operators are recommended to upgrade at their earliest convenience. If you run an older version of the Dogecoin Core software than 1.14.6, please read the upgrade guidance below to help you updating your software. Upgrade guidanceIf you're currently running Dogecoin Core 1.8.x, 1.10.0, 1.14.0 or 1.14.5, an upgrade to 1.14.6 is straight-forward. Just install the updated binaries for your platform from the release page and restart the software. You can identify the version you're running in the bottom lower corner of the Dogecoin Qt home screen, or with If you're running either of versions 1.14.2, 1.14.3 or 1.14.4, you use the wallet functionality, AND you have in the past used 1.14.0, unexpected side-effects from a policy bug fix in version 1.14.2 may have caused your wallet to currently have stuck transactions. An upgrade to 1.14.6 could make these transactions "unstuck" and send them out, and it is recommended to either purge all pending wallet transactions, or manually check for stuck transactions: Purging all pending wallet transactions automaticallyTo automatically purge all pending transactions, restart $ dogecoind -zapwallettxes=1
> Dogecoin-Qt.exe -zapwallettxes=1 Manually searching for and removing pending wallet transactionsTo manually check and remove pending transactions, use the $ dogecoin-cli listtransactions "*" 100000 0 | jq -r '.[] | select(.confirmations == 0)'
{
"account": "",
"address": "D9gEMMtCNT5GHvFvSQMjfSnbZFRRUjjDPX",
"category": "send",
"amount": -420.69,
"vout": 0,
"confirmations": 0, <---- this means the transaction has never been mined
"trusted": true,
"txid": "47a84a30159ed15d36e91ef6ae161fe5254aa9c2c906dc614d5aba03659e65ed",
"walletconflicts": [],
"time": 1678343421,
"timereceived": 1678343421,
"bip125-replaceable": "no",
"abandoned": false <---- this means the transaction is stuck and has not been purged from the wallet
} These transactions can then be removed with $ dogecoin-cli abandontransaction 47a84a30159ed15d36e91ef6ae161fe5254aa9c2c906dc614d5aba03659e65ed Post-upgrade checksAfter abandoning transactions, it should be safe to update the software to version 1.14.6. If you want to double check after you upgraded the software, you can mimic the 1.14.2 dust relay rules by setting the hard dust limit when starting dogecoind or dogecoin-qt with $ src/dogecoin-cli liststucktransactions
[] |
Beta Was this translation helpful? Give feedback.
-
$ dogecoin-cli getnetworkinfo file dogecoin-1.14.6-x86_64-linux-gnu.tar.gz Something wrong with file or bug in core? |
Beta Was this translation helpful? Give feedback.
-
This is a new minor version release, including important security updates and changes to network efficiency.
All Dogecoin Core users - miners, services, relay operators and wallet users - are strongly recommended to upgrade.
A full description of all changes is available in the release notes
Security-related fixes
This release contains multiple security related fixes:
Fee Recommendation
This release changes the recommended dust limit for all participants on the Dogecoin network from 1 DOGE to 0.01 DOGE. The full recommendation can be found in the documentation.
Breaking changes
dumpwallet
andbackupwallet
RPC methods, to exclusively write to the directory specified by-backupdir
and no longer overwrite filesaddnode
records that a node will track has been limited to 800New features
liststucktransactions
has been added to help wallet operators identify if any transactions are stuck (have not been mined and are not in the mempool) and enable resolution. This helps in cases where node-local fee or dust policies change, to prevent the node from sending out old transactions that got lost.setmaxconnections
, has been introduced that enables wallet and node operators to change the maximum number of connections their node allows without needing to restart allowing for more fine-grained control of the node's network capacities.rescan
, has been added to allow node operators to rescan the chain for wallet transactions from a certain height. This can help speed up the rescan process for keys that are known to be generated after a certain date or block height.Translation updates
RPC API Changes
verifychain
RPC command no longer accepts negative valuesaddnode
will now return error -32 when the address provided is too longgetpeerinfo
provides 2 new fields per peer,addr_processed
andaddr_rate_limited
Dependency updates
zlib
to 1.2.12.libevent
to 2.1.12-stable.This discussion was created from the release Dogecoin Core 1.14.6.
Beta Was this translation helpful? Give feedback.
All reactions