Week in Ethereum News, August 12, 2023 - sponsored by Web3 Builders podcast
Eth News and Links
Dencun (Cancun + Deneb) upgrade
Latest all core devs – consensus (ACDC) call video. Notes from Terence and Christine Kim:
Devnet 8 planned for early next week
Fork-choice filtering change will be bundled with Deneb release
EIP4788 (beacon block root in EVM) draft assembly contract, optimizations for gas welcome
Latest Dencun testing call video (previously EIP4844 call)
KZG Ceremony has 136k contributions, lobby closes August 23
Layer 1
EthereumJS v7: ESM support, removed Buffer, reduced dependencies & build sizes, default now Shanghai and Cancun support
Holešky testnet to start with 1.4M validators (twice the validators of mainnet) after EF devops spun up 3 large testnets to check sizing (2.1M validators had issues)
Kurtosis package to spin up multi-node EL/CL testnets in the cloud with any client combination (including Reth), comes with Grafana & Prometheus
Verkle Tries
Verkle preimage generation & distribution strategy
Verkle Trie migration options: read-only vs writeable Merkle Trees
Flashbots builder glitch included reverting transactions
For stakers
Beacon chain churn limit turned up to 11 per epoch
NanoPC-T6: run a full node on ~$300 hardware
bloXroute ethical relay being sunset (filtered generalized frontrunning & sandwiching)
Client releases
Execution layer:
Geth v1.12.1: maintenance release, includes development for Dencun
Reth v0.1.0-alpha.6: follow up to fix in alpha.5 that handles reorgs
Research
Second slot reorgs: slot indices impact likelihood of being reorged
Builders’ Behavioral Profiles (BBPs): metrics covering features & strategies when building blocks and bidding during MEV-Boost auctions
Protocol-Enforced Proposer Commitments (PEPC) explainer
Quantum-resistant weak Verifiable Delay Function but requires curves with unknown endomorphism rings as input
Layer 2
Coinbase Base (OP Stack rollup) open to the public (Onchain Summer marketing campaign)
EIPs/Standards
EIPs:
EIP7480: EOF - Data instructions
Check out Austin Griffith on the Week in Ethereum Web3 Builders podcast
Check out Austin Griffith on the first interview of web3 builders. This was a great episode.
What does Austin think is by far the worst part of building in web3?
More episodes on YouTube, or listen on Apple, Spotify or RSS. Or get pinged for new episodes on Telegram or Substack.
Please like, subscribe, and share on social media if you enjoyed the episode.
Stuff for developers
Solmate v6.2.0: fix silent overflow edge case in SignedWadMath:wadMul; found using Trail of Bits Medusa
Iter: lazy evaluated iterators in Solidity
Cove: contract verification, alpha is for Solidity Foundry projects using deployment tx hashes
EVM Diff updated
Bulloak: Solidity test generator based on branching tree technique
Vyper compiler deep dive
Fe v0.24.0: adds support for user defined libraries
Halmos v0.1.2 (symbolic testing): adds support for DELEGATECALL, CALLCODE, CREATE2, struct types as test parameters and library linking
Agent buttercup: agent-based simulation engine for DeFi researchers/engineers, uses revm
yAcademy zk auditing fellowship modules: zk, Rate-limiting Nullifier & Spartan-ECDSA
CTFs:
Flashbots MEV-Share CTF solutions
Curta CTF Billy the Bull solution
p0tion v1: toolkit for Groth16 zk-application development
Noble curves typosquat: malicious npm package sends private key to remote server
Security
Steadefi on Arbitrum & alt-L1 $1.1 million stolen via compromised deployer wallet
UniswapX order vulnerability disclosed, fixed with $200k bounty paid
Vyper postmortem of non-reentrancy lock vulnerability in v0.2.15/16 & v0.3.0
SEAL 911: contact the security community in an emergency via a Telegram bot
Ecosystem
Danny responds to those trying to normalize centralization conversations: Lido over 33% of ETH staked is a threat to Ethereum
EF Next Billion fellowship: five human stories of cohort 3
Etherscan similar contract search updated to search across Etherscan supported chains
Enterprise
PayPal USD stablecoin, issued by Paxos
PYUSD contract is upgradeable, balances can be frozen & wiped
Visa experiments with paying gas fees with card on Goerli testnet
Notable at app layer
Rune’s Maker endgame and SubDAO farming overview
Maker Enhanced DSR (Dai Savings Rate) started at 8% and reduced to 5.8%
Nexus Mutual providing small UK retailers coverage via Retail Mutual
Safe social login: sign up with Google or Apple ID on iOS, experimental
MultiSafe: clone or deploy a Safe to multiple chains with the same address
Y00ts NFTs migrating to Ethereum after previously migrating from Solana to Polygon
DAO’s shutting down & distributing Arbitrum airdrop: Saddle (Curve fork) & Hundred Finance
Base apps:
BasePaint: shared pixel canvas, open edition NFT every 24 hours
Words3: scrabble with fluctuating price letter tiles, game ends this weekend
Friend Tech: buy shares in people to DM, PWA on mobile, invite only
Job Listings
ZK circuits engineer sought by EF Privacy & Scaling Explorations team
Wyoming Stable Token Commission seek Executive Director
Job listings: $600 for four issues (75 character limit), payable to abcoathup.eth. Questions? abcoathup at-gmail
Regulation/business/tokens
US Federal Reserve info on supervision program for banks crypto activities
Bittrex $24M settlement with US SEC for operating as an unregistered broker
SBF jailed: bail revoked for intimidating witnesses
1 year anniversary of Alex Pertsev’s unjust arrest
Evan’s new podcast: web3 Builders
Austin Griffith comes on web3 builders to talk about what he’s doing to bring in the next wave of developers
Evan and Will’s weekly web3 show, discussing everything exciting over the last week. Current episode is a banger; next episode drops in a few hours.
ZK
Justin Thaler: Lasso (lookup argument with faster prover) and Jolt (zkVM design)
Overview of Folding schemes: Nova, Sangria, SuperNova, HyperNova & Protostar
CycleFold: folding-scheme-based recursive arguments over a cycle of elliptic curves
General computer security (Defcon edition)
Milk Sad: Libbitcoin Explorer bx seed generated insecure private keys, only 32 bits of entropy
BitForge: MPC implementation vulnerabilities, including GG-18, GG-20 and Lindell17
CPU vulnerabilities: Downfall (Intel including SGX) and Inception (AMD Zen CPU)
VS Code secure token storage: malicious extensions could expose application tokens
Acoustic side channel attack on laptop keyboards using deep learning & phone microphones
Follow @WeekinEthNews to find out what the most clicked links are. Follow @abcoathup and @evan_van_ness to get most of the week’s news in real time.
Permalink for this week’s issue: https://weekinethereumnews.com/week-in-ethereum-news-august-12-2023
Upcoming Dates of Note
(new/changes in bold)
Aug 15-16 – ETHToronto & ETHWomen
Aug 15-29 – Gitcoin Grants 18
Aug 16-19 – Ethereum Argentina (Buenos Aires)
Aug 23 – KZG Ceremony closes (extended)
Aug 28-30 – Science of Blockchain Conference (Stanford University)
Aug 31 - Sep 3 – ETHWarsaw conference & hackathon
Sep 1-3 – Ethcon Korea hackathon
Sep 7-9 – ETHAccra hackathon
Sep 10-12 – Ethereum Singapore hackathon & conference
Sep 11-13 – DappCon (Berlin)
Sep 15 – Protocol Berg (Berlin)
Sep 15-17 – ETHChicago conference & hackathon
Sep 18-24 – ETHSafari (Kilifi Kenya)
Sep 21–24 – Pragma & ETHGlobal New York
Oct 5-6 – ETHMilan conference
Oct 6-8 – ETHRome hackathon
Oct 6-27 – ETHOnline (ETHGlobal) virtual
Oct 13-15 – Ethereum Kuala Lumpur conference & hackathon
Oct 21 – Ethereum México
Oct 22-24 – ETH Hong Kong
Oct 27-29 – ETH Miami festival & hackathon
Oct 27-29 – ETH Vietnam
Oct 27-29 – ETH London hackathon
Oct 31 – Road to Devcon grants deadline (max $1k for local meetups)
Nov 3-5 – ETH Lisbon hackathon
Nov 3-5 – ETHBrno
Nov 13-19 – Devconnect (Istanbul)
Nov 16-19 – Pragma & ETHGlobal Istanbul
Sign up to receive this newsletter weekly