tl;dr
Rayonism☀️, hacking Merge together
This week protolambda and others announced their next plans. rayonismAn ambitious month-long hack to create a Merge devnet based on the current spec, with the stretch goal of adding sharding to these devnets along with L2 rollup integration.
The key motivation is to unify development around a unified Merge specification, firmly embedding all client teams in the Merge design and process so that informed decisions about the Merge roadmap can be agreed upon in the coming months. And have a little fun 🙂
In addition to Rayonism, Merge Specification and design document We are making great progress. A huge thank you to Mikhail and the many reviewers and contributors who push this forward!
Learn more about Rayonism here and join us Eth R&D Discord Join the #rayonism☀️ channel!
Page security advisory
Supranational made the announcement yesterday. security advisory for Page This is the BLS library that all beacon chain clients are currently using in production.
In the differential fuzzing process of the blst library Guido Brancken, he found that blst can produce incorrect results for some input values of the inverse function. This has been patched from: Page release After three weeks it was released to all Beacon Chain clients.
There are currently no known actual exploits for this issue, but we recommend that anyone running the Beacon Chain client upgrade to the latest version in case an exploit is discovered. Similarly, if you use: Page We recommend that you use the latest version as soon as possible in your projects.
(Note: Teku is not running the affected version. PageHowever, there are some useful optimizations recently, so I recommend upgrading anyway)
You can read more about this issue here: public security advisory to Page Repo.
Beacon Chain Security + Test RfP
alarm! There is something outstanding about it Beacon Chain Security + Test RfP.
EF is looking for proposals to further strengthen the security and robustness of the beacon chain and for future mergers (migration from PoW to PoS). Some potential paths include real-time network analysis, formal verification, client load testing, and new consensus vectors.
Get creative! Given the skills of you and your team, there may be valuable ways you can contribute to the security of this system.
The deadline for proposals is April 20. 🚀