Pre-announcement of security hotfix releases celo-blockchain 1.1.1 and 1.2.2 and 'Churrito hardfork'

Although Celo shares some blockchain code with Ethereum, a bug that caused outages today on Ethereum mainnet is not expected to cause similar issues with Celo. However, the issue will be fixed, and if you run a Celo validator or full node we strongly recommend you upgrade within one month.

Surprise! You were expecting Donut to be Celo’s first hard-fork. cLabs is proposing we slip in a little one ahead of this one. It’ll be Churrito and we are targeting 1 month from today. We were notified recently of a consensus issue in Geth that is also present in the celo-blockchain codebase. This issue caused consensus failure between patched and unpatched Geth versions on Ethereum’s Mainnet this morning.

Having analyzed the issue in detail, we have determined that Celo is not currently at risk of a consensus failure. The celo-blockchain versions active on the Celo network behave consistently, and will not desync even if this issue is exploited. We have no reason to believe the current EVM behavior poses a risk to user funds.

We have drafted an update to celo-blockchain to conform to Ethereum’s current EVM behavior in a hardfork we’re affectionately calling Churrito. During tomorrow’s Celo All-Core Dev Call we will discuss the Churrito specification with the community. Assuming we reach rough consensus, we intend to activate Churrito within 1 month.

Please pay attention to the announcements channel on Discord and Forum as well as Celo Signal emails as we announce new celo-blockchain releases that address these two issues. We will also be coordinating directly with stakeholders to upgrade their nodes prior to the hardfork block activation.

In addition, we are also aware of Google releasing a patch for the security release (CVE-2020-28362) for Golang, in the form of Go v1.15.5 and v1.14.12. We will be releasing new binaries and Docker images compiled using Go v1.14.12.

Thank you to the Celo community for taking this proactive approach to keeping the network safe and secure.