RiB Newsletter #32
Welcome to the #32 edition of Rust in Blockchain, the monthly newsletter about Rust, distributed systems, cryptography, and other industry topics. Previous: #31.
Thanks
Thanks to contributors: bbyleggo123, Daniel Lubarov, Dan Shields, John Adler, Philip Glazman, PopcornPaws, Squirrel, TannrA, Brian Anderson, Aimee Zhu. Thank you for your help!
RiB needs help to keep up with Rust blockchain projects. If you follow a particular project, or otherwise find information that is beneficial to the Rust & blockchain community, please contribute to the next issue by submitting a PR to the next draft.
Project Spotlight
Each month we like to shine a light on a notable Rust blockchain project. This month that project is…
Trampoline is a Rust-based smart contract framework for the UTXO-based Nervos network. Whereas most smart contract platforms are account-based, with a programming model that is relatively easy to reason about in the imperative style, there are comparatively few smart contracts of any complexity written for UTXO blockchains. This project is an attempt to make writing UTXO-based contracts more accessible.
Interesting Things
News
- The great renaming: what happened to Eth2?
- Statement by Diem CEO Stuart Levey on the Sale of the Diem Group’s Assets to Silvergate
Blog Posts
- Electric Capital Developer Report (2021)
- Part 1: The life of an optimization barrier
- Part 2: Improving crypto code in Rust using LLVM’s optnone
Papers
- An Introduction to Secret-Sharing-Based Secure Multiparty Computation
- Non-Interactive Zero-Knowledge Proofs to Multiple Verifiers
- PlonKup: Reconciling PlonK with plookup
- Titanium: A Metadata-Hiding File-Sharing System with Malicious Security
- LedgerHedger: Gas Reservation for Smart-Contract Security
- Broken Proofs of Solvency in Blockchain Custodial Wallets and Exchanges
- XCC: Theft-Resilient and Collateral-Optimized Cryptocurrency-Backed Assets
- Preparation for Post-Quantum era: a survey about blockchain schemes from a post-quantum perspective
Projects
- Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. The announcement: Introducing Plonky2.
- Schnorrkel implements Schnorr signature on Ristretto compressed Ed25519 points, as well as related protocols like HDKD, MuSig, and a verifiable random function (VRF).
- ref-fvm. Reference implementation of the Filecoin Virtual Machine [v0, pre-alpha].
- Scrt-RNG. Secret Oracle - RNG will be a decentralized source of private randomness on Secret Network.
- stable-swap. The source for the Saber stableswap AMM on Solana.
Security Advisories
Monthly security advisories, from RustSec, and GitHub Advisories. Bold entries here are especially relevant to blockchain projects.
- RUSTSEC-2021-0133: cargo-download is unmaintained.
- RUSTSEC-2021-0134: rental is unmaintained.
- RUSTSEC-2022-0004: Vulnerability in rustc-serialize.
- RUSTSEC-2022-0001: lmdb is unmaintained.
- RUSTSEC-2022-0002: Vulnerability in dashmap.
- CVE-2022-21658: Vulnerability in std. Time-of-check time-of-use race condition can allow attacker to delete files they do not have access to delete.
- RUSTSEC-2022-0003: Vulnerability in ammonia.
- RUSTSEC-2022-0005: ftd2xx-embedded-hal is unmaintained.
- RUSTSEC-2022-0006: Vulnerability in thread_local.
- RUSTSEC-2022-0007: Unsoundness in qcell.
- CVE-2022-21685: Integer underflow in Frontier. Frontier is an ethereum compatibility for substrate
- CVE-2021-39480: Denial of service in bingrep.
- CVE-2021-46102: Integer overflow in solana_rbpf.
Most Active in January
Solana: 332 merged PRs (1, 2), 51 closed issues (1, 2), 55 open issues (1, 2)
Parity: 304 merged PRs (1, 2, 3, 4, 5, 6), 108 closed issues (1, 2, 3, 4, 5, 6), 90 open issues (1, 2, 3, 4, 5, 6)
NEAR: 184 merged PRs (1, 2), 54 closed issues (1, 2, 3, 4), 57 open issues (1, 2, 3)
Project Updates
Aleo
129 merged PRs (1, 2, 3, 4), 28 closed issues (1, 2, 3), 36 open issues (1, 2, 3)
Anoma
42 merged PRs (1, 2), 33 closed issues (1), 38 open issues (1)
ChainSafe
53 merged PRs (1, 2), 45 closed issues (1, 2), 18 open issues (1, 2)
COMIT
5 merged PRs (1), 5 closed issues (1), 4 open issues (1)
Concordium
13 merged PRs (1, 2, 3, 4), 3 closed issues (1, 2), 9 open issues (1, 2, 3)
Conflux
98 merged PRs (1), 6 closed issues (1), 7 open issues (1)
DarkFi
6 merged PRs (1), 10 closed issues (1), 10 open issues (1)
Dfinity
28 merged PRs (1, 2, 3, 4, 5), 8 closed issues (1, 2, 3), 4 open issues (1, 2, 3)
Elrond
38 merged PRs (1), 2 closed issues (1), 1 open issues (1)
Findora
24 merged PRs (1, 2, 3), 1 closed issues (1), 2 open issues (1)
Fluence
7 merged PRs (1, 2, 3), 1 closed issues (1), 1 open issues (1)
Fuel
165 merged PRs (1, 2, 3, 4, 5, 6, 7, 8, 9), 78 closed issues (1, 2, 3, 4, 5, 6, 7), 108 open issues (1, 2, 3, 4, 5, 6, 7)
Golem
12 merged PRs (1, 2), 13 closed issues (1), 12 open issues (1, 2)
Grin
8 merged PRs (1), 8 closed issues (1), 0 open issues
Holochain
27 merged PRs (1, 2), 6 closed issues (1, 2), 2 open issues (1)
IOTA
8 merged PRs (1), 1 closed issues (1), 5 open issues (1)
Lighthouse
1 merged PRs (1), 34 closed issues (1), 18 open issues (1)
MobileCoin
76 merged PRs (1), 2 closed issues (1), 46 open issues (1)
NEAR
184 merged PRs (1, 2), 54 closed issues (1, 2, 3, 4), 57 open issues (1, 2, 3)
- NEAR Launches Stake Farming To Unlock Ecosystem Rewards
- An Update On the NEAR Validator Upgrade
- NEAR Enhances Decentralization with Validator Upgrade
Nervos
35 merged PRs (1, 2, 3, 4, 5), 2 closed issues (1, 2), 2 open issues (1, 2)
Parity
304 merged PRs (1, 2, 3, 4, 5, 6), 108 closed issues (1, 2, 3, 4, 5, 6), 90 open issues (1, 2, 3, 4, 5, 6)
Rust Bitcoin
72 merged PRs (1, 2, 3, 4, 5, 6), 37 closed issues (1, 2, 3), 27 open issues (1, 2, 3, 4)
Rust Ethereum
3 merged PRs (1), 1 closed issues (1), 1 open issues (1)
Secret Network
13 merged PRs (1, 2), 1 closed issues (1), 2 open issues (1)
Solana
332 merged PRs (1, 2), 51 closed issues (1, 2), 55 open issues (1, 2)
- solana-pay. A new standard for decentralized payments.
- Open issue: Consider adding user specified fees to prioritize txs propagation to the leader/block #22820
- Solana Internals Part 2: How Is a Solana Program Deployed and Upgraded
- Solana Internals Part 3: The Transaction Processing Unit (TPU)
- Solana Internals Part 4: The Bank — A Key Component
- A technical overview of developing gold.xyz on Solana
- Events: Introducing the Solana Hacker House Inaugural World Tour
Spacemesh
2 merged PRs (1), 58 closed issues (1, 2), 14 open issues (1)
Subspace Labs
13 merged PRs (1, 2), 2 closed issues (1, 2), 1 open issues (1)
TezEdge
15 merged PRs (1), 2 closed issues (1), 1 open issues (1)
Zcash
77 merged PRs (1, 2, 3), 61 closed issues (1, 2, 3), 63 open issues (1, 2, 3)
zkSync
0 merged PRs, 0 closed issues, 1 open issues (1)
Events
Feb 5-6 | Online
Feb 11-20 | Denver
Apr 16 - May 13th | Online
Apr 18-25 | Amsterdam
May 2-6 | Canada
Financial Cryptography and Data Security 2022
Jun 13-17 | Šibenik, Croatia
Summer school on real-world crypto and privacy
Aug 29-31 | Arrillaga Alumni Center, Stanford University
SBC'22: The Science of Blockchain Conference 2022
Careers
Aurora | Remote
Fluence | Remote
NEAR | Remote
Pine Street Labs | San Francisco or Remote
Polygon Zero | Remote
More jobs can be found at Job Board.
Want to be included in the next issue? Feel free to submit a PR to the next draft.
Join the discussion on RiB telegram group ❤️