v1.1.4

Release Notes v1.1.4

Changes from v1.1.3 (Post-Audit Improvements) Following an in-depth security audit, version 1.1.4 of both MPC and gcEVM introduces key fixes and refinements focused on stability, security, and maintainability. These updates reflect our ongoing commitment to delivering a robust, privacy-preserving infrastructure.

Hard Fork

• hydrogen (see specific network section for implementation details)

MPC – Key Fixes & Improvements

1. Strengthened File Handling Logic Improved file path validation to prevent unintended access outside approved directories, reducing the risk of directory traversal vulnerabilities.

2. Improved Randomness Validation Enforced minimum entropy checks for random seeds used in cryptographic functions, aligning with recommended security practices.

3. Refined Random Byte Generation Updated internal methods for device-level randomness to ensure consistency and improve cryptographic unpredictability.

4. More Resilient Connection Handling Fixed a race condition in client connection logic, improving reliability under high concurrency or unexpected delays.

5. Enhanced Cleanup of Sensitive Data Ensured secure memory wiping in destructors to better protect in-memory secrets from residual access.

6. Introduced a Unique Fixed Key per Garbled Circuit Enhanced cryptographic security by generating a fresh fixed key for each garbled circuit instance, replacing the previous static approach and reducing key reuse.

7. Improved Memory Management in Garbling Workflow Fixed allocation and cleanup routines within the batch garbling process, preventing memory leaks and improving runtime stability.

8. Safer Arithmetic Operations Introduced checks to prevent potential integer overflows and underflows during circuit construction and evaluation.

9. Better Exception Safety Strengthened error-handling in destructors and allocation logic to avoid crashes during failure scenarios.

10. Hardened Input Validation Across Modules Applied more robust input validation throughout the codebase, reducing attack surface from malformed or unexpected inputs.

gcEVM – Key Fixes & Improvements

1. Improved Transcript Validation Strengthened the validation of MPC transcript hash to ensure correctness in secure execution. This fix led to the introduction of the network’s first protocol fork, Hydrogen, aligning all nodes with the corrected logic.

   1. affected by hydrogen

2. Fixed gRPC Error Handling in Opcode Execution Improved handling of unexpected or unmapped gRPC errors in the opcode execution path to reduce the likelihood of silent failures during MPC interactions.

3. Fixed Redundant Verification in Block Insertion Simplified block processing by removing duplicate verification steps, resulting in a more maintainable and efficient flow.

4. Fixed Minor Issues in Authenticated Memory Handling Corrected subtle inconsistencies between the authenticated memory implementation and its documentation.