This update is a critical security update.
This release fixes a cache vulnerability in the process of peer-to-peer acceptance of a single valid block, after taking into account an unaccepted bad block, which leaded to inconsistency inside para-blockchain and the PRIZM node failure.
When an error occurs:
- during using a peer-to-peer interface to accept a new block at height N
Conditions for an error to occur:
- the other node had to send through peer-to-peer interface an invalid block at height N
- the current node caches some changes in the process of checking the block, and these changes were not canceled after declining an invalid block and accepting the valid one at the same height
What it leads to:
- leads to creating a fork with an invalid blockchain, which is why the node with this vulnerability completely fails after some time due to the fact that it cannot automatically return to the valid blockchain
It is highly recommended to apply this update as soon as possible to secure your node.
How to update:
- Delete old PrizmCore
- Install new PrizmCore
- Start PrizmCore
There is no need to delete the blockchain data.