⚠️ 0.10.0 is a **consensus-breaking** release ⚠️

Major changes being introduced 🚩

1. Tendermint Bugs

tl;dr Tendermint fork from 2+ years ago doesn’t include some recent DDoS preventions

Screenshot 2023-03-28 at 8.10.16 AM.png

Hi there,

I have noticed that your are using your own fork of tendermint in pokt-core and your tendermint forks is running unpatched version of tendermint https://github.com/pokt-network/tendermint/blob/v0.32.10.1/p2p/mock/peer.go

Bug -

The P2P layer had a bug that could lead to an attack on a node. The attack occurs when an attacker sends a continuous stream of requests with an erroneous message, causing the incoming request to fail before it can be accepted. This saturates the node's incoming connection slots and prevents it from accepting new connections. When the attacked node tries to remove the attacker from its peer set, the attempt fails because the peer has not yet been added to the set.

Fix - https://github.com/tendermint/tendermint/pull/9500 CVSS v3.1 vector - AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Cheers, matus

Subset of Relevant PRs:

2. Block Size Increase

tl;dr Need a simple solution that can scale up the relays that can be handled by the network

High level points

Long term solutions:

  1. Backup: Probabilistic Proofs on V0 (‣)
  2. Further consolidation of Application stakes (Gigastakes → Terastakes)
  3. Ship V1