Gold Finance reported that dYdx Ops SubDAO (DOS) announced that the deployed dYdX Chain will now provide a test version on the Android platform. The source code of the dYdX Chain Android application will be open source and available on dYdX's GitHub.

PANews reported on March 29 that Ethereum core developer Tim Beiko summarized this week's Ethereum execution layer core developer meeting (ACDE) on the X platform, this meeting first discussed the increase in missing slots on the network in recent days, blocks with missing blobs were propagated, and after checking the vulnerabilities of all clients, 99% of the blocks with this problem were sent by the repeater bloxroute, and the team is investigating the problem. There have been some comments/issues with the mev-boost circuit breaker, if the client sees more than 5 missing slots in a row, they will return to the local chunk build. Since the missed slot doesn't happen consecutively, it's not triggered here. After some discussion, the developers agreed not to increase the sensitivity of the circuit breaker (which could be an attack vector), but to consider a more granular auto-disconnect mechanism for repeaters. In addition, the meeting talked about the historical growth of Ethereum's state, saying that due to the emergence of various cross-chain bridges, the growth of historical data far exceeds the growth of state. Dencun has helped with this (bridging historical data growth by 50% and overall by 33%), but the overall rate of historical growth is still about 10 times the rate of state growth. While the problem with state growth is not just the size of the state itself, but the state of access, these numbers once again emphasize the importance of focusing on historical data. The developers agreed that research on EIP-4444 should continue, with the ideal goal of stopping providing pre-merge history on Ethereum's p2p layer around next year. The meeting went on to discuss two "retroactive EIPs", EIP-7610 and EIP-7523. Among them, EIP-7610 proposes to create an explicit implicit constraint for the contract, which can simplify part of the client's codebase, and remove some test cases that only exist in the edge cases that cover theory, and EIP-7523 proposes to prohibit empty accounts for potential denial-of-service DOS attacks. The session also continued the discussion of the Pectra upgrade, with developers sharing some of the benchmarks they did on EIP-2537 to determine the correct gas cost. The Reth team says they also run benchmarks to determine the correct gas cost. The developers have updated some potential issues with the inclusion list in the context of the account abstraction, which is pending for the time being. In addition, about 10 EIP champions lined up to share updates/justifications for their proposals, including EIP-5920, EIP-7609, EIP-2935, EIP-7545, EIP-7212, EIP-7664, EIP-6493, and more.

PANews reported on September 22 that according to Media OutReach, luxury mobile phone brand VERTU will release its Web3-friendly smartphone "METAVERTU 2" in October. METAVERTU 2 provides a hybrid AI concierge service and has its own decentralized operating system (DOS) with a Secure Element (SE) chip that generates bank-grade encryption for signing, decryption, hardware-based random number generation and zero-knowledge Demonstrate (ZK) ability.

According to news on September 22, luxury mobile phone brand VERTU will launch its Web3-friendly smartphone "METAVERTU 2" in October 2023. VERTU said METAVERTU 2 has its own decentralized operating system (DOS) with a Secure Element (SE) chip that generates bank-grade encryption for signing, decryption, hardware-based random number generation and zero-knowledge proof (ZK) capabilities. .

Odaily Planet Daily News According to official news, the privacy browser Tor announced the launch of Tor 0.4.8 version and introduced PoW) defense against Onion Services, which aims to prioritize verified network traffic to deal with DoS attacks, and recommends users to upgrade . According to reports, Tor's PoW defense is a dynamic and reactive mechanism that remains dormant under normal usage conditions to ensure a seamless user experience. But when the Onion Services are under stress, the mechanism will prompt incoming client connections to perform many more complex operations in succession.

On August 24th, the privacy browser Tor announced that with the release of Tor0.4.8, it officially launched a proof-of-work (PoW) defense for Onion Services, which aims to prioritize verified network traffic to deter denial of service (DoS). )attack. Tor's PoW Defense is a dynamic and reactive mechanism that remains dormant under normal usage conditions to ensure a seamless user experience, but when the Onion Services are under stress, the mechanism will prompt incoming client connections to perform many more complex operations. Tor advises users to update Onion Services to version 0.4.8.

According to PANews news on May 29, Scroll blockchain security researcher iczc tweeted that he found a vulnerability in Polygon zkEVM and received the Immunefi L2 bug bounty from the Web3 bug bounty platform. This vulnerability prevents assets bridged from L1 to Polygon zkEVM (L2) from being properly claimed in L2, thus hindering asset migration from L1 to L2. iczc found in the code logic of processing the pre-execution results of the claim transaction (claim tx) that malicious attackers can bypass the "isReverted" pre-execution check on the claim transaction by setting the gas fee to non-zero, so that it can send a large number of Low-cost claims DoS attacks on sequencers and validators, increasing computational overhead. Also, transactions are not immediately removed from the pool after execution. The status is updated from "pending" to "selected" and continues to exist in the PostgreSQL database. Currently, there is only one trusted sequencer capable of fetching transactions from the transaction pool and executing them. Therefore, another vulnerability is to maliciously mark any deposit amount by sending a failed transaction. This will cause claim transactions that correctly use credits to be rejected because the credits are already used. This makes the L2 network unusable for new users. The Polygon zkEVM team fixed this vulnerability by removing the specific gas logic for claiming transactions, with no funds at risk.

On May 29th, Scroll blockchain security researcher iczc tweeted that he found a vulnerability in Polygon zkEVM and received the Immunefi L2 bug bounty from the Web3 bug bounty platform. This vulnerability prevents assets bridged from L1 to Polygon zkEVM (L2) from being properly claimed in L2, preventing asset migration from L1 to L2. iczc found in the code logic of processing the pre-execution results of the claim transaction (claim tx) that malicious attackers can bypass the "isReverted" pre-execution check on the claim transaction by setting the gas fee to non-zero, so that it can send a large number of Low-cost claims DoS attacks on sequencers and validators, increasing computational overhead. Also, transactions are not immediately removed from the pool after execution. The status is updated from Pending to Selected and continues to exist in the PostgreSQL database. Currently, there is only one trusted sequencer capable of fetching transactions from the transaction pool and executing them. Therefore, another vulnerability is to maliciously mark any deposit amount by sending a failed transaction. This will cause claim transactions that correctly use credits to be rejected because the credits are already used. This makes the L2 network unusable for new users. The Polygon zkEVM team fixed this bug by removing the specific gas logic for claiming transactions, with no funds at risk.