September 01, 2017 - Dev update

paige · September 1, 2017, 7:48pm

Releases
This week we completed generating a bunch of test data that will aid us with some benchmarks we plan to use to help diagnose wallet performance issues. We’ve tested these benchmarks in our dev-ci infrastructure with plans to get them into the production CI server next week.

The overall theme for 1.0.12 is to focus on benchmarking issues users have been experiencing so that we can implement fixes as soon as we understand how to best address them. If there’s enough time, these fixes could be part of 1.0.12 but are more likely to be addressed in 1.0.13.

We also re-signed the 1.0.11 package because some users on Debian stretch were seeing warnings or errors regarding an unsupported signature type. If you have been experiencing issues upgrading to 1.0.11, try updating again.

We also had a retrospective meeting about the 1.0.11 release so that we could diagnose the process issues we had which resulted in delays. After taking the time for analyzing the planning, coordinating and development slippage, we feel much more prepared for staying on track for future releases and communicating in advance for times we feel the need to postpone.

Future priorities
Our Show & Tell last week to demo XCAT was a big step for our engineers who have been developing a cross-chain atomic trade protocol between Zcash and Bitcoin blockchains. We also open sourced the experimental software (ZBXCAT) used in the demo and will continue to work on improvements and testing over time.

We’re also making progress on research for Sapling and in particular the new MPC protocol we plan to use for generating the new zk-SNARK parameters. An announcement with more details about the improvements and a research paper will be forthcoming.

Miscellaneous
Our subsequent UX research project is just getting started. It will compliment the initial research we published a couple weeks ago and we’ll publish the new results as soon as they’re ready! We’re very excited to be continuing this research, not only to support the Zcash ecosystem but also for general cryptocurrency adoption by addressing fundamental UX challenges.

We’re making headway on migrating our website and blog to more scalable solutions given our current support for 8 languages and interest in expanding even further. This migration will also introduce a reorganization of content on the site to help us communicate more effectively. Stay tuned!

garethtdavies · September 1, 2017, 8:18pm

I still get a W: https://apt.z.cash/dists/jessie/Release.gpg: Signature by key F1E214037E94E950BA8577B263C4A2169C1B2FA2 uses weak digest algorithm (SHA1) on Ubuntu with an apt-get update.

paige · September 1, 2017, 8:52pm

Hmmm… I’ll let folks know. Sorry about that.

Laszlo · September 1, 2017, 11:14pm

Great work, guys!

Sapling will be a big step forward.

NealJayu · September 2, 2017, 12:40pm

My Debian Jessie instance upgraded fine just now. Not sure if something was changed already.

Thanks for the dev update!

paige · September 5, 2017, 5:23pm

After backing up your wallet, try
sudo apt-get purge zcash
then
sudo apt-get update
sudo apt-get install zcash

Blue · September 6, 2017, 1:02pm

Hi @paige I know this isn’t a development update but is there any progress on who the new chief marketing officer is?

paige · September 7, 2017, 5:34pm

Not yet, sorry! 20 chars

naderra · September 18, 2017, 9:34pm

G’Day,

No joy with that recipe.

Still yields apt-get update warning:

W: https://apt.z.cash/dists/jessie/Release.gpg: Signature by key F1E214037E94E950BA8577B263C4A2169C1B2FA2 uses weak digest algorithm (SHA1)

FWIW: https://wiki.debian.org/Teams/Apt/Sha1Removal

Quote:

Fixing half-broken repositories

The repository owner needs to pass --digest-algo SHA512 or --digest-algo SHA256 (or another SHA2 algorithm) to gpg when signing the file. Repositories with DSA keys need to be migrated to RSA first.

jaygraber · September 19, 2017, 4:48pm

The package was re-signed after explicitly passing SHA256 already, is it fixed for you?

garethtdavies · September 19, 2017, 8:34pm

I still get this warning but I haven’t done the apt-get purge as suggested above as seems a bit of overkill to remove this warning. That being said I’m curious why a purge is indeed necessary?

naderra · September 20, 2017, 10:37am

Ok,

I did manage to finally get apt to accept ( better say update ) the SHA1 key to SHA256 as follows

apt purge zcash

apt-key list

provides the list of keys, now delete the Zcash key

apt-key del 9C1B2FA2

OK
Next, I removed /etc/apt/sources.list.d/zcash.list* (the * to remove the .save as well)

rm /etc/apt/sources.list.d/zcash.list*

Now, there’s no trace of zcash in apt … so ‘apt update’ obviously does not complain about the key …

Next, follow the linux instructions on z.cash/download.html ( I use root account versus sudo )

Get the key

wget -qO - https://apt.z.cash/zcash.asc | apt-key add -

printf “deb [arch=amd64] https://apt.z.cash/ jessie main\n” > /etc/apt/sources.list.d/zcash.list

apt update

apt install zcash

Now, it does not complain about the key being SHA1 …

After having tried several times, without previously deleting the /etc/apt/sources.list.d/zcash.list and still have the complaint about SHA1 I can only assume that deleting zcash.list and apt updating is what did the “trick” …

Anyhow, apt is no longer complaining about the SHA1

Thanks

Robert

naderra · September 20, 2017, 10:50am

G’Day

I replied to the forum already.

I don’t think it was a matter of “apt purge zcash” , but the removal of
zcash.list in /etc/apt/sources.list.d, doing “apt update”, and later on
re-installing Zcash that resolved apt not to complain about SHA1

Anyhow, resolved. Thanks

Robert

garethtdavies · September 20, 2017, 6:29pm

Thanks for this, I managed to get it to work without the purge

sudo apt-key del 9C1B2FA2
rm /etc/apt/sources.list.d/zcash.list*
wget -qO - https://apt.z.cash/zcash.asc | sudo apt-key add -
echo "deb [arch=amd64] https://apt.z.cash/ jessie main" | sudo tee /etc/apt/sources.list.d/zcash.list
sudo apt-get update