15ef57c6d0
Fixes https://github.com/tendermint/tendermint/issues/1189 For every TxEventBuffer.Flush() invoking, we were invoking a: b.events = make([]EventDataTx, 0, b.capacity) whose intention is to innocently clear the events slice but maintain the underlying capacity. However, unfortunately this is memory and garbage collection intensive which is linear in the number of events added. If an attack had access to our code somehow, invoking .Flush() in tight loops would be a sure way to cause huge GC pressure, and say if they added about 1e9 events maliciously, every Flush() would take at least 3.2seconds which is enough to now control our application. The new using of the capacity preserving slice clearing idiom takes a constant time regardless of the number of elements with zero allocations so we are killing many birds with one stone i.e b.events = b.events[:0] For benchmarking results, please see https://gist.github.com/odeke-em/532c14ab67d71c9c0b95518a7a526058 for a reference on how things can get out of hand easily.
Tendermint
Byzantine-Fault Tolerant State Machine Replication. Or Blockchain for short.
| Branch | Tests | Coverage |
|---|---|---|
| master |  |
 |
| develop |  |
 |
NOTE: This is alpha software. Please contact us if you intend to run it in production.
Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines.
For more information, from introduction to install to application development, Read The Docs.
Minimum requirements
| Requirement | Notes |
|---|---|
| Go version | Go1.9 or higher |
Install
To download pre-built binaries, see our downloads page.
To install from source, you should be able to:
go get -u github.com/tendermint/tendermint/cmd/tendermint
For more details (or if it fails), read the docs.
Resources
Tendermint Core
All resources involving the use of, building application on, or developing for, tendermint, can be found at Read The Docs. Additional information about some - and eventually all - of the sub-projects below, can be found at Read The Docs.
Sub-projects
- ABCI, the Application Blockchain Interface
- Go-Wire, a deterministic serialization library
- Go-Crypto, an elliptic curve cryptography library
- TmLibs, an assortment of Go libraries used internally
- IAVL, Merkleized IAVL+ Tree implementation
Tools
Applications
- Ethermint; Ethereum on Tendermint
- Cosmos SDK; a cryptocurrency application framework
- Many more
More
Contributing
Yay open source! Please see our contributing guidelines.
Versioning
SemVer
Tendermint uses SemVer to determine when and how the version changes. According to SemVer, anything in the public API can change at any time before version 1.0.0
To provide some stability to Tendermint users in these 0.X.X days, the MINOR version is used to signal breaking changes across a subset of the total public API. This subset includes all interfaces exposed to other processes (cli, rpc, p2p, etc.), as well as parts of the following packages:
- types
- rpc/client
- config
- node
Exported objects in these packages that are not covered by the versioning scheme
are explicitly marked by // UNSTABLE in their go doc comment and may change at any time.
Functions, types, and values in any other package may also change at any time.
Upgrades
In an effort to avoid accumulating technical debt prior to 1.0.0, we do not guarantee that breaking changes (ie. bumps in the MINOR version) will work with existing tendermint blockchains. In these cases you will have to start a new blockchain, or write something custom to get the old data into the new chain.
However, any bump in the PATCH version should be compatible with existing histories (if not please open an issue).
Code of Conduct
Please read, understand and adhere to our code of conduct.