lludlow
commented
6 years ago I vote to urn this off, unless we plan on merging upstream releases on a schedule
Open radix42 opened 6 years ago
lludlow
commented
6 years ago I vote to urn this off, unless we plan on merging upstream releases on a schedule
leto
commented
6 years ago I think we should have the common decency for our nodes to peform Seppuku after a certain time, in order to protect our users from running some old version until the end of time, which will inevitably become vulnerable to some kind of attack/exploit/DoS/etc. Hax0rs can have a compile/run time flag to turn it off, if we want. Letting people run our current code, for let's say, 3 years, is not cool with me. Auto-seppuku is the only responsible thing to do, or auto-update, which is a different can of worms. My vote is 3 months for dev releases and 12 months for production releases to auto-seppuku, which means hushd gracefully shuts down and refuses to start unless seppuku is turned off. Basically, auto-seppuku should enforce the end of our support for a given version.
What thinks you, @radix42 ?
radix42
commented
6 years ago I do not like the auto-shutdown feature, and argued against it upstream. If we actually use it, I'd want to surface stuff up at the GUI layer where appropriate. Which is a pain. Right now just setting it wildly in the future until we have better UI support for it is imho the best option (oh god the PR where they added it is huge or I'd have ripped it out earlier.....but that makes later merges much harder.)
On Sun, Oct 15, 2017 at 10:06 AM, Duke Leto notifications@github.com wrote:
I think we should have the common decency for our nodes to commit Seppuku after a certain time, in order to protect our users from running some old version until the end of time, which will inevitably become vulnerable to some kind of attack/exploit/DoS/etc. Hax0rs can have a compile/run time flag to turn it off, if we want. Letting people run our current code, for let's say, 3 years, is not cool with me. Auto-seppuku is the only responsible thing to do, or auto-update, which is a different can of worms. My vote is 3 months for dev releases and 12 months for production releases to auto-seppuku, which means hushd gracefully shuts down and refuses to start unless seppuku is turned off. Basically, auto-seppuku should enforce the end of our support for a given version.
What thinks you, @radix42 https://github.com/radix42 ?
https://en.wikipedia.org/wiki/Seppuku
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MyHush/hush/issues/34#issuecomment-336725746, or mute the thread https://github.com/notifications/unsubscribe-auth/AF9e0GN_0zfJVZFyKvOpFxr_jHmYFCVvks5ssjuSgaJpZM4PZo27 .
radix42
commented
6 years ago so lets revisit this later after we get 1.0.12 out with the huge, hackish block value in there for now
On Sun, Oct 15, 2017 at 10:59 AM, David Mercer radix42@gmail.com wrote:
I do not like the auto-shutdown feature, and argued against it upstream. If we actually use it, I'd want to surface stuff up at the GUI layer where appropriate. Which is a pain. Right now just setting it wildly in the future until we have better UI support for it is imho the best option (oh god the PR where they added it is huge or I'd have ripped it out earlier.....but that makes later merges much harder.)
On Sun, Oct 15, 2017 at 10:06 AM, Duke Leto notifications@github.com wrote:
I think we should have the common decency for our nodes to commit Seppuku after a certain time, in order to protect our users from running some old version until the end of time, which will inevitably become vulnerable to some kind of attack/exploit/DoS/etc. Hax0rs can have a compile/run time flag to turn it off, if we want. Letting people run our current code, for let's say, 3 years, is not cool with me. Auto-seppuku is the only responsible thing to do, or auto-update, which is a different can of worms. My vote is 3 months for dev releases and 12 months for production releases to auto-seppuku, which means hushd gracefully shuts down and refuses to start unless seppuku is turned off. Basically, auto-seppuku should enforce the end of our support for a given version.
What thinks you, @radix42 https://github.com/radix42 ?
https://en.wikipedia.org/wiki/Seppuku
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MyHush/hush/issues/34#issuecomment-336725746, or mute the thread https://github.com/notifications/unsubscribe-auth/AF9e0GN_0zfJVZFyKvOpFxr_jHmYFCVvks5ssjuSgaJpZM4PZo27 .
leto
commented
6 years ago :+1:
Since merging 1.0.9 updates from upstream, nodes have an auto-senescence feature that causes versions more than roughly 18 weeks old to not run without a flag to override this.
We need to adjust parameters to match HUSH block heights, and possibly make for a longer deprecation period or consider not enabling by default.
Original upstream issue is https://github.com/zcash/zcash/issues/2274 and was implemented in https://github.com/zcash/zcash/pull/2297