- Holochain laying the groundwork for fine-grained personal security
Alternative cryptocurrency solution Holochain released a Dev Pulse #8, the latest rendition of the project’s regular development recap. This update reveals that Holochain is currently laying the groundwork for important features which include CRUD (update/delete entries), capabilities for security, and app-to-app bridging.
Under “Preparation Work for Capabilities: Robust, Configurable Personal Security”, the update describes how Holochain plans to address potential security issues that will come with running Holochain apps in environments where third party browser plugins, software, OS services, and even other hApps exist and run. They mention how the groundwork is currently being laid down for something called capability-based security.
“You will have the power through your hApp to grant or deny outside agents on your machine (other hApps, GUIs, or any other local client) permission to use the hApp’s functions. First, Holochain asks you to authorize the request; then the hApp itself can automatically choose to deny the request based on its own internal rules.”
The second part of the update is titled “CRUD: How to Change an Unchangeable Database” and addresses how the project plans to delete/update information on Holochain’s immutable chain.
“It’s actually fairly simple. When a piece of data gets updated or deleted, a piece of metadata is tagged onto it, marking it ‘obsolete.’ In the case of an update, there is a second piece of metadata that is a link to the new record. So nothing public is ever really forgotten in an hApp; it’s just retired.”
“Better Debugging Output for Developers” paragraph describes how the team plans to make the debugging output more detailed. “Bridging: Getting hApps to Talk to Each Other” describes how the project introduced basic bridging capabilities into its software and how capability-based security will factor into this. Finally, “Continuous Integration (CI): Automated Testing Keeps Getting Better!” the team updates us on their Continuous Integration pipeline progress. Check out the complete Dev Pulse here.
- Electrum wallet suffers from a phishing attack
Software cryptocurrency wallet Electrum has been targeted by malicious players, revealed the project on their official GitHub. They released a short description of the issue:
“TL;DR: There is an ongoing attack against users where servers raise exceptions when a client broadcasts a transaction; in this case the error text is displayed as is in the client GUI. The attacker has spawned lots of servers on different /16 IPv4s to increase his chances of being connected to. The error messages are trying to get the user to download and install malware (disguised as updated versions of electrum).”
Apparently previous Electrum versions allow richtext in error messages sent by the server; the hacker found a way to exploit this and started sending messages to Electrum users containing links to malware installations. One Redditor reveals that devs released a 3.3.2 update to make this attack less convincing (no rich text in error messages) and they are looking at more long term fixes so error messages cannot be customized to fool users into fake upgrades. It is recommended to download the mentioned update from Electrum’s official download page.
- Safe Haven roadmap for 2019 released
After wishing their community a Merry Christmas and a Happy New Year, Safe Haven decided to place a sneak peek of their next year’s roadmap under their investors’ trees.
First quarter of the year will have several notable events, including the launch of a new Safe Haven website, release of a native wallet that will allow for the safe storage of the SHA asset and other VIP-18(x) tokens, release of masternode and governance model details, masternode mobile app release, release of Trust Alliance Network (TAN) and its rollout in Europe, beta release of Safe Haven’s inheritance platform, ThorPay alpha release, U2FA Fido Release + integration in SH inheritance platform, and public API integration ThorBlock.
Q2 will be a busy one as well, with TAN expanding into USA, inheritance platform expanding into Europe, development of the congruity platform (SH’s OTC solution), development of custodian services, onboarding Safe Haven Verticals, ThorPay full release, expansion of the development team, development of SafeID and its beta release, ThorBlock V2, integration of crowdfunding and charity options.
The team behind this VeChainThor based project reiterated that these are just estimated milestones and haven’t provided any exact dates when to expect the features cited above.
- Zilliqa quashes Facebook rumors
Zilliqa, likely the closest project on the market to full implementation of sharding technology, recently saw its name connected with a rather impressive company. Facebook, popular social media giant, recently made it clear that they intend on making their move into the cryptocurrency market and some have suggested that Zilliqa might be the project to help them make the move.
Notably, Facebook is currently in the process of hiring blockchain engineers, describing the job as follows:
“The blockchain team is a startup within Facebook, with a vision to make blockchain technology work at Facebook scale. We’re exploring areas of interest across all facets of blockchain technology. Our ultimate goal is to help billions of people with access to things they don’t have now – that could be things like equitable financial services, new ways to save, or new ways to share information.”
At the same time, Facebook is working on developing a crypto solution for its chat application WhatsApp.
Zilliqa supported Oliver Bell revealed a couple of reasons why his favorite project might be the perfect one for Facebook:
“Rumour going around regarding Facebook building on $ZIL:
- Evan Cheng: Zilliqa advisor & head of blockchain at FB
- Mindshare partnership: FB is a partner of Mindshare
- Ex-Facebook head of blockchain quits Coinbase to avoid conflict of interest: ZIL gets listed on Coinbase”
However, these connections have been dismissed by the currency in question. Zilliqa’s Twitter account explained that this was a baseless rumor and asked their community to not take part in sharing fake information online.