This is a proposal for an EXPEDITED software upgrade to the v1.10 software version of the Secret Network codebase on block 10186400, which is estimated to occur on August 14, 2023 at ~5:00 PM UTC. Block times have high variance, so please monitor the chain for a more precise time estimation.
Here we propose a new breaking release and a new minor version to Secret Network's codebase, hence bumping the version to v1.10. However, for clarification, this upgrade will NOT contain any functionality that was planned as a part of any other network major upgrade. The previously named v1.10 minor release will be renamed as v1.11.
- Downfall vulnerability was publicly disclosed earlier this month.
- In response and as a percussion measure we have executed a registration freeze, allowing us the necessary time to comprehensively assess its impact and potential risks.
- To mitigate this vulnerability, Intel scheduled a TCB Recovery to enforce patched platforms starting September 19, 2023 (more info here).
In light of this, with an aim to continue normal network operation ASAP and to bridge the gap between now and the scheduled TCB Recovery while keeping risk to a minimum, we have opted for an expedited upgrade proposal that will:
- reenable registrations of new (patched) nodes and rebooting existing nodes,
- enable early platform enforcement to allow only patched platforms to join the network,
- allow a week-long “grace period”, ending on August 21, 2023, 2:00 PM UTC, during which pre-registered nodes will be granted a limited window to patch their platforms or migrate to different patched machines without downtime. After this time window is closed, the network will activate strict enforcement automatically, and unpatched platforms will no longer be able to register or restart the node.
No additional upgrade will be necessary to enable Intel’s TCB Recovery or to address this vulnerability.
See docs.scrt.network for upgrade instructions*.
* Due to the urgent nature of this proposal, we will update the upgrade docs after the proposal is already up. That said, the upgrade process is expected to be very similar to previous upgrades.