changelog and version bump

goatpig · Sep 21, 2017 · 2b65ac0 · 2b65ac0
1 parent 7bd9887
commit 2b65ac0
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 3 deletions.
diff --git a/armoryengine/ArmoryUtils.py b/armoryengine/ArmoryUtils.py
@@ -68,7 +68,7 @@
 LEVELDB_HEADERS = 'leveldb_headers'
 
 # Version Numbers
-BTCARMORY_VERSION    = (0, 96,  2, 0)  # (Major, Minor, Bugfix, AutoIncrement)
+BTCARMORY_VERSION    = (0, 96,  3, 0)  # (Major, Minor, Bugfix, AutoIncrement)
 PYBTCWALLET_VERSION  = (1, 35,  0, 0)  # (Major, Minor, Bugfix, AutoIncrement)
 
 # ARMORY_DONATION_ADDR = '1ArmoryXcfq7TnCSuZa9fQjRYwJ4bkRKfv'

diff --git a/changelog.txt b/changelog.txt
@@ -1,3 +1,29 @@
+v0.96.3 released September 21st 2017
+== Vulnerability Fix ==
+   - Fragmented backups were using a faulty implementation of Shamir's Secret Sharing (SSS).
+     One of the requirement of SSS security parameters is that the coefficients of the curve are chozen randomly. The implementation
+     up to this point was deriving these coefficients deterministically.
+
+   - While it is hard to determine how far the deterministic coefficient generation erodes the security of SSS, and how exploitable
+     the vulnerability is, the recommendation for users of fragmented backups is to treat the wallets backed up in this fashion as 
+     compromised and to migrate all funds to a new wallet. 
+
+   - The fragmented backup code now properly randomizes the SSS coefficients. Fragmented backups created with version 0.96.3 and later
+     are safe to use.
+
+   - The result of this change is that fragmented backups will no longer be deterministic. The previous behavior guaranteed a given 
+     wallet will always return the same set of fragments for a given M-of-N scheme. Since it deteriorates SSS security properties, 
+     the behavior has to be rolled back.
+   - Fragment sets are now generated randomly, therefor an unique ID has been added to each set to identify them. You cannot mix 
+     and match sets.
+   - While Armory can no longer generate deterministic fragments, it can still restore wallets from deterministic fragments.
+
+   - Many thanks to Gregory Maxwell (greg@xiph.org) for identifying and reporting the vulnerability as well as reviewing the fix.
+
+== Fixed ==
+   - Fixed faulty version packet deserialization revealed by Core 0.15.0.1
+
+
 v0.96.2, released August 27th 2017
 == Added ==
    - Enabled SegWit on the mainnet. Running against a node with WITNESS service bit flagged will allow you to create SegWit addresses.

diff --git a/configure.ac b/configure.ac
@@ -1,5 +1,5 @@
 AC_PREREQ(2.60)
-AC_INIT([BitcoinArmory], [0.96.1], [moothecowlord@gmail.com])
+AC_INIT([BitcoinArmory], [0.96.3], [moothecowlord@gmail.com])
 
 AM_INIT_AUTOMAKE([1.10 subdir-objects foreign -Wall -Werror])
 

diff --git a/cppForSwig/BitcoinP2P.cpp b/cppForSwig/BitcoinP2P.cpp
@@ -936,7 +936,7 @@ void BitcoinP2P::connectLoop(void)
          version.setVersionHeaderIPv4(70012, services, timestamp,
             node_addr_, clientsocketaddr);
 
-         version.userAgent_ = "Armory:0.96.2";
+         version.userAgent_ = "Armory:0.96.3";
          version.startHeight_ = -1;
 
          sendMessage(move(version));