Apply to Tendermint 0.33.3

.circleci/config.yml

@@ -14,6 +14,9 @@ executors:
       - image: tendermintdev/docker-website-deployment
     environment:
       AWS_REGION: us-east-1
+  protoc:
+    docker:
+      - image: tendermintdev/docker-protoc
 
 commands:
   checkout_with_submodules:
@@ -92,6 +95,12 @@ jobs:
           root: "/tmp/bin"
           paths:
             - "."
+  proto-lint:
+    executor: protoc
+    steps:
+      - checkout
+      - run:
+          command: make proto-lint
 
   test_abci_apps:
     executor: golang
@@ -179,12 +188,16 @@ jobs:
       GOPATH: /home/circleci/.go_workspace
     machine:
       image: circleci/classic:latest
+    parameters:
+      ipv:
+        type: integer
+        default: 4
     steps:
       - checkout_with_submodules
       - make_libsodium
       - run: mkdir -p $GOPATH/src/github.com/tendermint
       - run: ln -sf /home/circleci/project $GOPATH/src/github.com/tendermint/tendermint
-      - run: bash test/p2p/circleci.sh
+      - run: bash test/p2p/circleci.sh << parameters.ipv >>
       - store_artifacts:
           path: /home/circleci/project/test/p2p/logs
 
@@ -254,7 +267,7 @@ jobs:
 #            source /tmp/workspace/release-version.source
 #            if test ${CIRCLE_NODE_INDEX:-0} == 0 ;then export GOOS=linux GOARCH=amd64   && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
 #            if test ${CIRCLE_NODE_INDEX:-0} == 1 ;then export GOOS=darwin GOARCH=amd64  && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
-#            if test x${CIRCLE_NODE_INDEX:-0} == 2 ;then export GOOS=windows GOARCH=amd64 && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
+#            if test ${CIRCLE_NODE_INDEX:-0} == 2 ;then export GOOS=windows GOARCH=amd64 && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
 #            if test ${CIRCLE_NODE_INDEX:-0} == 3 ;then export GOOS=linux GOARCH=arm     && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
 #      - persist_to_workspace:
 #          root: build
@@ -339,6 +352,7 @@ jobs:
           name: Build tendermint
           no_output_timeout: 20m
           command: |
+            sudo apt-get update
             sudo apt-get install -y ruby
             bash -x ./scripts/gitian-build.sh all
             for os in darwin linux windows; do
@@ -373,13 +387,10 @@ jobs:
   #         command: |
   #           set -x
   #           export PATH=~/.local/bin:$PATH
-
   #           # install node and dredd
   #           ./scripts/get_nodejs.sh
-
   #           # build the binaries with a proper version of Go
   #           docker run --rm -v "$PWD":/go/src/github.com/tendermint/tendermint -w /go/src/github.com/tendermint/tendermint golang make build-linux build-contract-tests-hooks
-
   #           # This docker image works with go 1.7, we can install here the hook handler that contract-tests is going to use
   #           go get github.com/snikch/goodman/cmd/goodman
   #           make contract-tests
@@ -408,6 +419,7 @@ workflows:
       - test_abci_apps:
           requires:
             - setup_dependencies
+      - proto-lint
       - test_abci_cli:
           requires:
             - setup_dependencies
@@ -423,7 +435,10 @@ workflows:
       - localnet:
           requires:
             - setup_dependencies
-      - test_p2p
+#      - test_p2p
+      - test_p2p:
+            name: test_p2p_ipv6
+            ipv: 6
       - reproducible_builds:
           filters:
             branches:

.github/ISSUE_TEMPLATE/feature-request.md

@@ -3,11 +3,34 @@ name: Feature Request
 about: Create a proposal to request a feature
 
 ---
-<!--
-Please describe *in detail* the feature/behavior/change you'd like to see.
 
-Be ready for followup questions, and please respond in a timely
-manner. 
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺ 
+v                            ✰  Thanks for opening an issue! ✰    
+v    Before smashing the submit button please review the template.
+v    Word of caution: poorly thought-out proposals may be rejected 
+v                     without deliberation 
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
 
-Word of caution: poorly thought out proposals may be rejected without deliberation 
--->
+## Summary
+
+<!-- Short, concise description of the proposed feature -->
+
+## Problem Definition
+
+<!-- Why do we need this feature? 
+What problems may be addressed by introducing this feature?
+What benefits does Tendermint stand to gain by including this feature?
+Are there any disadvantages of including this feature? -->
+
+## Proposal
+
+<!-- Detailed description of requirements of implementation -->
+
+____
+
+#### For Admin Use
+
+- [ ] Not duplicate issue
+- [ ] Appropriate labels applied
+- [ ] Appropriate contributors tagged
+- [ ] Contributor assigned/self-assigned

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,13 +1,24 @@
-<!--
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺
+v                               ✰  Thanks for creating a PR! ✰    
+v    Before smashing the submit button please review the checkboxes.
+v    If a checkbox is n/a - please still include it but + a little note why
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
 
-Thanks for filing a PR! Before hitting the button, please check the following items.
-Please note that every non-trivial PR must reference an issue that explains the
-changes in the PR.
+Closes: #XXX
 
+## Description
+
+<!-- Add a description of the changes that this PR introduces and the files that
+are the most critical to review.
 -->
 
-* [ ] Referenced an issue explaining the need for the change
-* [ ] Updated all relevant documentation in docs
-* [ ] Updated all code comments where relevant
-* [ ] Wrote tests
-* [ ] Updated CHANGELOG_PENDING.md
+
+______
+
+For contributor use:
+
+- [ ] Wrote tests
+- [ ] Updated CHANGELOG_PENDING.md
+- [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
+- [ ] Updated relevant documentation (`docs/`) and code comments
+- [ ] Re-reviewed `Files changed` in the Github PR explorer

.github/workflows/action.yml

@@ -0,0 +1,10 @@
+name: Check Markdown links
+on: push
+jobs:
+  markdown-link-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - uses: gaurav-nelson/github-action-markdown-link-check@0.6.0
+        with:
+          folder-path: "docs"

.golangci.yml

@@ -23,7 +23,7 @@ linters:
     - interfacer
     - lll
     - misspell
-    - maligned
+    # - maligned
     - nakedret
     - prealloc
     - scopelint

.mergify.yml

@@ -0,0 +1,9 @@
+pull_request_rules:
+  - name: automerge to master with label S:automerge and branch protection passing
+    conditions:
+      - base=master
+      - label=S:automerge
+    actions:
+      merge:
+        method: squash
+        strict: true

CHANGELOG.md

@@ -1,5 +1,142 @@
 # Changelog
 
+## v0.33.3
+
+*April 6, 2020*
+
+This security release fixes:
+
+### Denial of service 1
+
+Tendermint 0.33.2 and earlier does not limit P2P connection requests number.
+For each p2p connection, Tendermint allocates ~0.5MB. Even though this
+memory is garbage collected once the connection is terminated (due to duplicate
+IP or reaching a maximum number of inbound peers), temporary memory spikes can
+lead to OOM (Out-Of-Memory) exceptions.
+
+Tendermint 0.33.3 (and 0.32.10) limits the total number of P2P incoming
+connection requests to to `p2p.max_num_inbound_peers +
+len(p2p.unconditional_peer_ids)`.
+
+Notes:
+
+- Tendermint does not rate limit P2P connection requests per IP (an attacker
+  can saturate all the inbound slots);
+- Tendermint does not rate limit HTTP(S) requests. If you expose any RPC
+  endpoints to the public, please make sure to put in place some protection
+  (https://www.nginx.com/blog/rate-limiting-nginx/). We may implement this in
+  the future ([\#1696](https://github.com/tendermint/tendermint/issues/1696)).
+
+### Denial of service 2
+
+Tendermint 0.33.2 and earlier does not reclaim `activeID` of a peer after it's
+removed in `Mempool` reactor. This does not happen all the time. It only
+happens when a connection fails (for any reason) before the Peer is created and
+added to all reactors. `RemovePeer` is therefore called before `AddPeer`, which
+leads to always growing memory (`activeIDs` map). The `activeIDs` map has a
+maximum size of 65535 and the node will panic if this map reaches the maximum.
+An attacker can create a lot of connection attempts (exploiting Denial of
+service 1), which ultimately will lead to the node panicking.
+
+Tendermint 0.33.3 (and 0.32.10) claims `activeID` for a peer in `InitPeer`,
+which is executed before `MConnection` is started.
+
+Notes:
+
+- `InitPeer` function was added to all reactors to combat a similar issue -
+  [\#3338](https://github.com/tendermint/tendermint/issues/3338);
+- Denial of service 2 is independent of Denial of service 1 and can be executed
+  without it.
+
+**All clients are recommended to upgrade**
+
+Special thanks to [fudongbai](https://hackerone.com/fudongbai) for finding
+and reporting this.
+
+Friendly reminder, we have a [bug bounty
+program](https://hackerone.com/tendermint).
+
+### SECURITY:
+
+- [mempool] Reserve IDs in InitPeer instead of AddPeer (@tessr)
+- [p2p] Limit the number of incoming connections (@melekes)
+
+## v0.33.2
+
+*March 11, 2020*
+
+Special thanks to external contributors on this release:
+@antho1404, @michaelfig, @gterzian, @tau3, @Shivani912
+
+Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint).
+
+### BREAKING CHANGES:
+
+- CLI/RPC/Config
+  - [cli] [\#4505](https://github.com/tendermint/tendermint/pull/4505) `tendermint lite` sub-command new syntax (@melekes):
+    `lite cosmoshub-3 -p 52.57.29.196:26657 -w public-seed-node.cosmoshub.certus.one:26657
+    --height 962118 --hash 28B97BE9F6DE51AC69F70E0B7BFD7E5C9CD1A595B7DC31AFF27C50D4948`
+
+- Go API
+  - [lite2] [\#4535](https://github.com/tendermint/tendermint/pull/4535) Remove `Start/Stop` (@melekes)
+  - [lite2] [\#4469](https://github.com/tendermint/tendermint/issues/4469) Remove `RemoveNoLongerTrustedHeaders` and `RemoveNoLongerTrustedHeadersPeriod` option (@cmwaters)
+  - [lite2] [\#4473](https://github.com/tendermint/tendermint/issues/4473) Return height as a 2nd param in `TrustedValidatorSet` (@melekes)
+  - [lite2] [\#4536](https://github.com/tendermint/tendermint/pull/4536) `Update` returns a signed header (1st param) (@melekes)
+
+
+### IMPROVEMENTS:
+
+- [blockchain/v2] [\#4361](https://github.com/tendermint/tendermint/pull/4361) Add reactor (@brapse)
+- [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) Change `tendermint debug dump` sub-command archives filename's format (@melekes)
+- [consensus] [\#3583](https://github.com/tendermint/tendermint/issues/3583) Reduce `non-deterministic signature` log noise (@tau3)
+- [examples/kvstore] [\#4507](https://github.com/tendermint/tendermint/issues/4507) ABCI query now returns the proper height (@erikgrinaker)
+- [lite2] [\#4462](https://github.com/tendermint/tendermint/issues/4462) Add `NewHTTPClient` and `NewHTTPClientFromTrustedStore` (@cmwaters)
+- [lite2] [\#4329](https://github.com/tendermint/tendermint/issues/4329) modified bisection to loop (@cmwaters)
+- [lite2] [\#4385](https://github.com/tendermint/tendermint/issues/4385) Disconnect from bad nodes (@melekes)
+- [lite2] [\#4398](https://github.com/tendermint/tendermint/issues/4398) Add `VerifyAdjacent` and `VerifyNonAdjacent` funcs (@cmwaters)
+- [lite2] [\#4426](https://github.com/tendermint/tendermint/issues/4426) Don't save intermediate headers (@cmwaters)
+- [lite2] [\#4464](https://github.com/tendermint/tendermint/issues/4464) Cross-check first header (@cmwaters)
+- [lite2] [\#4470](https://github.com/tendermint/tendermint/issues/4470) Fix inconsistent header-validatorset pairing (@melekes)
+- [lite2] [\#4488](https://github.com/tendermint/tendermint/issues/4488) Allow local clock drift -10 sec. (@melekes)
+- [p2p] [\#4449](https://github.com/tendermint/tendermint/pull/4449) Use `curve25519.X25519()` instead of `ScalarMult` (@erikgrinaker)
+- [types] [\#4417](https://github.com/tendermint/tendermint/issues/4417) **VerifyCommitX() functions should return as soon as +2/3 threshold is reached** (@alessio).
+- [libs/kv] [\#4542](https://github.com/tendermint/tendermint/pull/4542) remove unused type KI64Pair (@tessr)
+
+### BUG FIXES:
+
+- [cmd] [\#4303](https://github.com/tendermint/tendermint/issues/4303) Show useful error when Tendermint is not initialized (@melekes)
+- [cmd] [\#4515](https://github.com/tendermint/tendermint/issues/4515) **Fix `tendermint debug kill` sub-command** (@melekes)
+- [rpc] [\#3935](https://github.com/tendermint/tendermint/issues/3935) **Create buffered subscriptions on `/subscribe`** (@melekes)
+- [rpc] [\#4375](https://github.com/tendermint/tendermint/issues/4375) Stop searching for txs in `/tx_search` upon client timeout (@gterzian)
+- [rpc] [\#4406](https://github.com/tendermint/tendermint/pull/4406) Fix issue with multiple subscriptions on the websocket (@antho1404)
+- [rpc] [\#4432](https://github.com/tendermint/tendermint/issues/4432) Fix `/tx_search` pagination with ordered results (@erikgrinaker)
+- [rpc] [\#4492](https://github.com/tendermint/tendermint/issues/4492) Keep the original subscription "id" field when new RPCs come in (@michaelfig)
+
+
+## v0.33.1
+
+*Feburary 13, 2020*
+
+Special thanks to external contributors on this release:
+@princesinha19
+
+Friendly reminder, we have a [bug bounty
+program](https://hackerone.com/tendermint).
+
+### FEATURES:
+
+- [rpc] [\#3333](https://github.com/tendermint/tendermint/issues/3333) Add `order_by` to `/tx_search` endpoint, allowing to change default ordering from asc to desc (@princesinha19)
+
+### IMPROVEMENTS:
+
+- [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add [buf](https://buf.build/) for usage with linting and checking if there are breaking changes with the master branch.
+- [proto] [\#4369](https://github.com/tendermint/tendermint/issues/4369) Add `make proto-gen` cmd to generate proto stubs outside of GOPATH.
+
+### BUG FIXES:
+
+- [node] [\#4311](https://github.com/tendermint/tendermint/issues/4311) Use `GRPCMaxOpenConnections` when creating the gRPC server, not `MaxOpenConnections`
+- [rpc] [\#4319](https://github.com/tendermint/tendermint/issues/4319) Check `BlockMeta` is not nil in `/block` & `/block_by_hash`
+
 ## v0.33
 
 Special thanks to external contributors on this release: @mrekucci, @PSalant726, @princesinha19, @greg-szabo, @dongsam, @cuonglm, @jgimeno, @yenkhoon

CHANGELOG_PENDING.md

@@ -1,11 +1,10 @@
-## v0.33.1
+## v0.33.4
 
 \*\*
 
 Special thanks to external contributors on this release:
 
-Friendly reminder, we have a [bug bounty
-program](https://hackerone.com/tendermint).
+Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint).
 
 ### BREAKING CHANGES:
 
@@ -28,5 +27,3 @@ program](https://hackerone.com/tendermint).
 ### IMPROVEMENTS:
 
 ### BUG FIXES:
-
-

CONTRIBUTING.md

@@ -31,7 +31,7 @@ at the RFC stage will build collective understanding of the dimensions
 of the problems and help structure conversations around trade-offs.
 
 When the problem is well understood but the solution leads to large
-strucural changes to the code base, these changes should be proposed in
+structural changes to the code base, these changes should be proposed in
 the form of an [Architectural Decision Record
 (ADR)](./docs/architecture/). The ADR will help build consensus on an
 overall strategy to ensure the code base maintains coherence
@@ -98,6 +98,28 @@ need. Instead of running `go get -u=patch`, which will update anything,
 specify exactly the dependency you want to update, eg.
 `GO111MODULE=on go get -u github.com/tendermint/go-amino@master`.
 
+## Protobuf
+
+We use [Protocol Buffers](https://developers.google.com/protocol-buffers) along with [gogoproto](https://github.com/gogo/protobuf) to generate code for use across Tendermint Core.
+
+For linting and checking breaking changes, we use [buf](https://buf.build/). If you would like to run linting and check if the changes you have made are breaking then you will have to install the needed dependencies with `make buf`. Then the linting cmd will be `make proto-lint` and the breaking changes check will be `make proto-check-breaking`.
+
+To generate new stubs based off of your changes you can run `make proto-gen` after installing `protoc` and gogoproto.
+
+### Installation Instructions
+
+To install `protoc`, download an appropriate release (https://github.com/protocolbuffers/protobuf) and then move the provided binaries into your PATH (follow instructions in README included with the download).
+
+To install `gogoproto`, do the following:
+
+```sh
+$ go get github.com/gogo/protobuf/gogoproto
+$ cd $GOPATH/pkg/mod/github.com/gogo/protobuf@v1.3.1 # or wherever go get installs things
+$ make install
+```
+
+You should now be able to run `make proto-gen` from inside the root Tendermint directory to generate new files from proto files.
+
 ## Vagrant
 
 If you are a [Vagrant](https://www.vagrantup.com/) user, you can get started