Decred Journal — March 2020Image: Expand Vector by @saender
Highlights for March:DCP-0005 activated, bringing arguably the most secure and privacy preserving SPV implementation for lightweight clients to the Decred network. Any v1.4 nodes that were still running have been forked off the network. The first order-driven atomic swap trade on testnet was coordinated by the DEX. There has been spectacular progress across just about all of the key software repositories this month, check it out below. Yearly budgets for US/English and Brazilian outreach were approved for $286K in total, including some funding to continue production of the Journal. This is issue 24 of the Decred Journal and marks two years of uninterrupted monthly coverage of the Decred project! Development
Unless otherwise noted, the work reported here has the “merged to master” status. It means that the work is completed, reviewed and integrated into the source code that advanced users can build and run, but is not yet available in release binaries for regular users.
dcrd:ECDSA signatures decoupled from secp256k1 package to make it clear that ECDSA is only one possible digital signature algorithm, and to enable Schnorr signatures to be made first-class citizens of the codebase exported field value type to allow external callers to perform optimized field math signature verification further optimized by minimizing expensive operations added method to clear private key from memory and reduced number of internal copies of private keys to enhance security against memory scraping big integers removed completely from signature parsing and signing operations in favor of the specialized mod n scalar code schnorr verification tests reworked to resolve multiple issues prevented the misuse of code in several areas removed unused code
A vulnerability was disclosed that allowed a potential multi-day memory exhaustion attack that could lead to a node crash in dcrd v1.4.0....