Image: Core Lattice by @saender
Payments from the new treasury are blocked for several months by a bug in expenditure policy implementation. The test treasury spend transaction mined on May 22 triggered an overlooked condition in the safety mechanism protecting from spending too much DCR in a short period of time. For the next few months, only around 0.15 DCR can be spent from the new treasury, which is too low to pay contractors.
While this is an unfortunate delay in migrating to the decentralized treasury and extra work to fix the bug, the migration plan was created to handle any cases such as this. All funds in the network are safe and contractor payments will continue from the legacy treasury. Fixing the safety algorithm requires another consensus change that is under development.
On a side note, this incident reminds us that even the heavily reviewed and tested consensus code is not immune to bugs, but they are easier to fix when a well-defined and non-controversial upgrade process exists.
The work reported below has the “merged to master” status unless noted otherwise. It means that the work is completed, reviewed, and integrated into the source code that advanced users can build and run, but is not yet available in release binaries for regular users.
The way standard scripts are handled has been reworked to address several long-standing issues.
For a quick background, “scripts” are small commands stored inside transactions that consume “input” coins from past transactions and create new “output” coins for the recipient. “Standard scripts” is a subset of all scripts allowed by the consensus that covers most useful operations (sending funds, staking, multisig, etc) optimized for efficiency and network security. Mainnet nodes will normally refuse to accept and relay standalone transactions (those that are not part of a block) containing non-standard scripts.
The reworked code adds a new package called
stdscript that supports different script versions (this was hard to support previously and is required for the next consensus upgrade), provides a more ergonomic API for developers (including multisig and atomic swap helpers) and improves separation between “standard” and “consensus” (a common point of confusion for new developers). Additionally, the policy of what scripts are considered “standard” has been further tightened to help ensure the typical scripts occupy less space on-chain and further restrict cases that don’t make sense.
As usual, this large change comes in a series of easy-to-digest commits with informative descriptions, tests, benchmarks, examples, all finished with a thorough new README.
A number of other changes have been focused on removing the usages of standardness code from consensus code, since the policy of what is considered “standard” may change at any time without requiring a consensus change and so consensus code must not be affected.
A proposal for developing the next consensus change has been submitted and approved. This upgrade will practically forbid soft forks to simplify future consensus changes and improve security. Once it activates, full nodes will start rejecting transactions and scripts of newer versions they do not understand, instead of ignoring them and believing they still fully validate the chain.
Soft forks are primarily the outgrowth of less capable systems with technical shortcomings and the lack of formal governance processes necessary to uncontroversially deploy them (@davecgh)
Further departure from soft forks is possible thanks to Decred’s drama-free process of coordinating hard forks and its highly engaged community.
Developer-facing changes include the completion of several security improvements that have been long in the making:
webSecurityfeature to tighten up external requests (this also fixed the development mode on Windows)
proposals-archive.decred.orgto reduce confusion when clicking the site logo
Backend and CLI:
politeiavoterupgraded to the new API released in v1.0.0
politeiavoterwill now retry its votes on server errors
Contractor Management System (CMS):
@lukebp shared a nice educational intro on how Politea achieves its strong cryptographic auditability.
Merged in master and v1.2.0 release:
Merged in dcrlibwallet (base library for Android/iOS apps and godcr):
godcr is approaching the public testing phase. Look forward to pre-release builds.
@fst_nml announced a $100K bounty for building Decred integration with THORChain - a decentralized cross-chain liquidity protocol based on Tendermint, Cosmos and utilizing Threshold Signature Schemes. The development is already in progress (discussion).
Community stats as of Jul 1:
June’s recap of unusual social media dynamics can be found here.
In June the new treasury received 10,510 DCR worth $1.4 million at June’s average rate of $131.52. 1,460 DCR was spent (from the legacy treasury address) to pay contractors, worth $192K at June’s rate, or $253K at May’s billing rate of $173.47. As of Jul 2, a combined balance of legacy and new treasury is 692,988 DCR (91.4 million USD at $131.88).
The first real transaction from the new treasury was not mined because of the bug described earlier and the contractors were paid from the legacy one instead. Even though it didn’t work as planned, that transaction showed a high engagement of on-chain voters and high support of the current treasury management: 11,943 tickets out of the max possible 17,280 voted Yes and zero voted No - a 69% turnout. It could go even higher when TSPEND voting is implemented for VSP users, who currently hold around 20% of live tickets.
Three proposals were published on Politeia, and all three have been approved with strong approval ratings.
The Explicit Version Upgrades Consensus Change proposal hit a new approval milestone with 99.9% Yes votes and just 13 tickets voting against the proposal among the 47% turnout.
The fourth iteration of the Bug Bounty proposal returned with a boosted payout schedule and was approved with 98.5% Yes votes and a turnout of 47%. This is +0.5% Yes votes and +15% turnout compared to Phase 3. @degeri thanks the stakeholders for the ever increasing amount of faith and trust.
See Politeia Digest issue 43 for more details on the month’s proposals.
Hashrate: June’s hashrate opened at ~369 Ph/s and closed ~73 Ph/s, bottoming at 61 Ph/s and peaking at 438 Ph/s throughout the month.
Distribution of hashrate reported by the pools on Jul 1: Poolin 37%, F2Pool 28%, Antpool 8%, Luxor 5%, BTC.com 5%, HuobiPool 1%, UUPool 0.2%, CoinMine 0.1%.
VSP: On Jul 1, ~8,000 (-200) live tickets were managed by vspd servers and ~600 (-500) by the listed legacy dcrstakepool servers. Collectively the 12 legacy and 13 new VSPs managed 20.9% of the ticket pool, down from 22.7% on Jun 1. Delisted but still active legacy VSPs managed 26 live tickets (-35).
Nodes: Throughout June there were around 216 reachable nodes according to dcrextdata.
Node versions as of Jul 1 snapshot (256 total, dcrd only): v1.6.2 - 53%, v1.6.0 - 19%, v1.6.1 - 13%, v1.7 dev builds - 7%, v1.6 dev builds - 3%, v1.5.1 - 2.8%, v1.5.2 - 2%.
The share of mixed coins varied between 43.7-47.0% and made a new all-time high.
Decred’s Lightning Network has seen 34 nodes (+1), 60 channels (+7) with a total capacity of 21.8 DCR (+4.7), as of Jul 1.
stakey.net has removed the web interface for its legacy dcrstakepool instance. Voting wallets and the API will be maintained until users migrate to vspd. As of Jul 1, stakey.net’s legacy VSP managed 63 live tickets, down from 134 on Jun 1. Its vspd instance has become the largest, managing more than 2,200 live tickets.
To maintain decentralization, it is recommended to avoid providers that control too many tickets. But stakey.net presents a “problem” here, as it is the only known VSP offering a Tor hidden service. Other providers are welcome to the competition!
dcr.farm now redirects to its vspd instance but @infertux confirmed that its legacy wallets are up and will stay up until all tickets vote (32 remained live as of Jun 22). The status of dcr.farm’s legacy and vspd wallets can be checked on a dedicated status page.
YieldWallet’s legacy VSP has voted its last ticket and has been shut down for good. Thank you for the service!
New VSP from crypto-synergy.net is up on mainnet and testnet. The mainnet instance reports its first voted ticket (a requirement for all new VSPs) but it needs to pass the review to get listed on decred.org/vsp.
At this point legacy VSPs hold less than 1.4% of the ticket pool and upgrading to vspd is recommended to avoid the risk of missed tickets, e.g. in a scenario where another consensus upgrade is activated while dcrstakepool is not patched to follow the chain.
Ledger Live users are recommended to update to version 2.29.0 or later where issues with syncing and sending DCR in have been fixed. The disruption between first mentions of the issue and the release of v2.29.0 lasted around 22 days.
Indian WazirX has enabled DCR/INR and DCR/USDT trading. DCR was part of the “Rapid Listing” process where trading starts sooner but deposit and withdrawal options are limited until the full integration is completed. In case of this listing, inter-wallet deposits and withdrawals between WazirX and Binance are available with no fees. WazirX was acquired by Binance in 2019.
For those who missed it, two lesser-known services in the wider Decred ecosystem are worth highlighting. One is a modestly called Twitter alternative from stakey.net:
This Decred citadel is a modestly fast, secure, and up-to-date Mastodon instance with monitored server availability and nightly off-site backups. Open to the Decred community. (invite link here)
And another is @karamble’s PeerTube instance that mirrors Decred video content for increased resilience and decentralization.
Warning: the authors of the Decred Journal have no idea about the trustworthiness of any of the services above. Please do your own research before trusting your personal information or assets to any entity.
Join our #services chat to follow Decred ecosystem updates.
Monde PR’s achievements for June:
News coverage secured by Monde PR:
Art and fun:
Comm systems news:
Selected Reddit posts:
Selected Twitter discussions:
Politeia has undergone a huge upgrade this year and is doing things that nobody else is doing.
So why is this a big deal? This provides us with irrefutable proof that my proposal existed at block height 552071 and has not been altered since then. No other production site provides this level of transparency and cryptographic auditability for its data. (@lukebp)
In June DCR was trading between USD 87.66-174.59 / BTC 0.00298-0.00468. The average daily rate was $131.52.
Who can resist this liquidity?
A large scale migration of Bitcoin miners (and others) hashrate from China is underway, and it’s being covered in all the mainstream business publications. The exodus was triggered after Chinese authorities made statements about cracking down on Bitcoin mining, and then several provinces made it clear to miners that they had to stop. One of the issues the mining companies face in relocating their hashing hardware is with the current high price of international shipping.
The Zcash Open Major Grants (ZOMG) program has funded the Tor Project with $670,000, to be used for paying developer salaries as they work towards Arti (A Rust Tor Implementation) - which would make Tor more accessible to other applications, including Zcash.
The Uniswap community is considering funding a “DeFi political defense fund” with $27M to $40M USD, the fund’s purpose would be to “educate policymakers, achieve regulatory clarity for DeFi, support DeFi and decentralized governance, and encourage other DeFi protocols to contribute ideas and support”. As it progressed through a temperature check and consensus check phase, it became the more general “DeFi Education Fund” by the time it came to a vote (which concluded at the end of June with 84% approval).
The Curve DeFi project is considering whether to enforce its intellectual property rights in court. A proposal is under discussion which would see the Curve DAO members soliciting and approving or rejecting proposals from law firms, related to shutting down competitor projects that have copied Curve’s code (which includes the stipulation that “no license, right of reproduction or distribution or other right with respect thereto is granted or implied”).
There has been a run on the Iron Titanium protocol, which saw it incentivize its own rapid and irrevocable decline to zero once certain rare trading conditions were met.
The ironically titled “SafeDollar” also went to zero this month after being hacked, with the attacker looting around $248,000 worth of tokens.
THORChain, which some Decred community members have been engaging with around a DCR integration, suffered its first malicious attack. A postmortem indicated $140K was taken by exploiting a logic error in the ETH Bifrost module. The network was halted for 6 hours while a fix was deployed. THORChain said it will cover losses incurred by users from treasury funds.
That’s all for June. Share your updates for the next issue in our #journal chat room.
This is issue 39 of Decred Journal. Index of all issues, mirrors, and translations is available here.
Most information from third parties is relayed directly from source after a minimal sanity check. The authors of the Decred Journal have no ability to verify all claims. Please beware of scams and do your own research.
Credits (alphabetical order):