Quick update as most of my effort has been around getting things ready for HF3 aka
Spent a few days last week investigating a bug that we identified in the way we handle params in the
get_kernel_v2 api call. On the surface it appeared to be related to missing outputs but it was eventually tracked down to some dubious param handling when searching for kernels.
Fix was just merged to
We are in the process of tagging and releasing
v4.0.1 to include this fix. Announcement for this will be going out later today.
Also spent some time looking into what would be involved in modifying transaction inputs to only include the output commitment. We currently require the output “features” in addition to the output commitment when spending an output. This is redundant data in the context of both transactions and blocks. If we can fid a way to clean this up then it will help simplify the path toward supporting “duplicate outputs”.
As we currently enforce uniqueness in the utxo set this is not a consensus change, but it does introduce some complexities if nodes need to support both variants of transaction inputs during block propagation on the network.
Finally - spending time thinking about and discussing “replay attacks” and “play attacks”.
We still don’t have community consensus on the best approach to tackling this, but we do have a clearer understanding of the problem.