Simplicity programming language represented

Russell O’Connor from Blockstream represented Simplicity - programming language for smart contracts
31 October 2017   1726

Blockstream developer Russell O'Connor published white paper of Simplicity, a new programming language designed to be an alternative to existing languages used to create smart contracts. It is assumed that Simplicity can be implemented over time in the bitcoin protocol via the softfork mechanism.

As stated in the blog Blockstream, Simplicity is based on the algorithm of sequential computation and offers several important improvements, the main one of which is the extension of the language capabilities.

 One of the problems with Bitcoin Script, Bitcoin’s own programming language, is that a number of opcodes were disabled in Bitcoin’s earliest days. For example, you can add numbers in Bitcoin Script, but you can’t multiply them. 
 

Blockcstream Blog

Among other important features, which Blockstream pays attention to, is an increased level of security - Simplicity is a Turing incomplete language that provides limitation of a recursive call, protection against endless cycles and allows for static code analysis.

Also Simplicity has built-in support for Merklized Abstract Syntax Trees (MAST).

All this in combination allows you to create a more secure, efficient and functional code for smart contracts.

A more detailed analysis of Simplicity is expected in the near future, while you can get acquainted with whitepaper

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   935

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.