Ethereum consensus client in Rust
Go to file
Michael Sproul a1befd89aa Update openssl for CVE-2022-0778 (#3095)
## Issue Addressed

Fix the `cargo-audit` failure for the recent openssl bug involving parsing of untrusted certificates (CVE-2022-0778).

## Additional Info

Lighthouse loads remote certificates in the following cases:

* When connecting to an eth1 node (`--eth1-endpoints`).
* When connecting to a beacon node from the VC (`--beacon-nodes`).
* When connecting to a beacon node for checkpoint sync (`--checkpoint-sync-url`).

In all of these cases we are already placing a lot of trust in the server at the other end, however due to the scope for MITM attacks we are still potentially vulnerable. E.g. an ISP could inject an invalid certificate for the remote host which would cause Lighthouse to hang indefinitely.
2022-03-17 03:33:32 +00:00
.github Add minimum supported Rust version (#3082) 2022-03-17 03:33:29 +00:00
account_manager Update to Rust 1.59 and 2021 edition (#3038) 2022-02-25 00:10:17 +00:00
beacon_node v2.1.4 (#3076) 2022-03-14 23:11:40 +00:00
book Rename Eth1/Eth2 in documents (#3021) 2022-03-02 01:05:08 +00:00
boot_node v2.1.4 (#3076) 2022-03-14 23:11:40 +00:00
common v2.1.4 (#3076) 2022-03-14 23:11:40 +00:00
consensus Proposer preparation data quoted validator index in API (#3080) 2022-03-13 21:57:05 +00:00
crypto Replace OpenOptions::new with File::options to be readable (#3059) 2022-03-07 06:30:18 +00:00
lcli v2.1.4 (#3076) 2022-03-14 23:11:40 +00:00
lighthouse Add minimum supported Rust version (#3082) 2022-03-17 03:33:29 +00:00
scripts Filter non global ips from discovery (#3023) 2022-03-02 03:14:27 +00:00
slasher Update to Rust 1.59 and 2021 edition (#3038) 2022-02-25 00:10:17 +00:00
testing Prepare proposer (#3043) 2022-03-09 00:42:05 +00:00
validator_client Clarify proposers message is about current epoch (#3084) 2022-03-17 03:33:30 +00:00
.dockerignore Update spec tests to v1.1.0-beta.4 (#2548) 2021-09-25 05:58:35 +00:00
.editorconfig Add editorconfig template 2019-03-11 15:09:57 +11:00
.gitignore Delete uncompressed genesis states (#2092) 2020-12-16 03:44:05 +00:00
.gitmodules Replace EF tests submodule with a makefile 2019-09-08 04:19:54 +10:00
bors.toml Add minimum supported Rust version (#3082) 2022-03-17 03:33:29 +00:00
Cargo.lock Update openssl for CVE-2022-0778 (#3095) 2022-03-17 03:33:32 +00:00
Cargo.toml Engine API v1.0.0.alpha.6 + interop tests (#3024) 2022-02-17 21:47:06 +00:00
CONTRIBUTING.md Update CONTRIBUTING.md (#751) 2020-01-03 10:45:53 +11:00
Cross.toml Optimise slasher DB layout and switch to MDBX (#2776) 2021-12-21 08:23:17 +00:00
Dockerfile Optimized Docker images (#2966) 2022-01-31 22:55:03 +00:00
Dockerfile.cross Update docker images to Ubuntu latest (#2862) 2021-12-15 07:44:44 +00:00
LICENSE Update License to Apache 2.0 2019-04-15 16:47:35 +10:00
Makefile cargo audit updates (#3063) 2022-03-08 19:48:12 +00:00
README.md Rename Eth1/Eth2 in documents (#3021) 2022-03-02 01:05:08 +00:00
SECURITY.md Add how users should report security vulnerabilities for this repository (#2562) 2021-09-07 01:54:05 +00:00

Lighthouse: Ethereum consensus client

An open-source Ethereum consensus client, written in Rust and maintained by Sigma Prime.

Build Status Book Status Chat Badge

Documentation

Banner

Overview

Lighthouse is:

  • Ready for use on Ethereum consensus mainnet.
  • Fully open-source, licensed under Apache 2.0.
  • Security-focused. Fuzzing techniques have been continuously applied and several external security reviews have been performed.
  • Built in Rust, a modern language providing unique safety guarantees and excellent performance (comparable to C++).
  • Funded by various organisations, including Sigma Prime, the Ethereum Foundation, ConsenSys, the Decentralization Foundation and private individuals.
  • Actively involved in the specification and security analysis of the Ethereum proof-of-stake consensus specification.

Staking Deposit Contract

The Lighthouse team acknowledges 0x00000000219ab540356cBB839Cbe05303d7705Fa as the canonical staking deposit contract address.

Documentation

The Lighthouse Book contains information for users and developers.

The Lighthouse team maintains a blog at lighthouse.sigmaprime.io which contains periodical progress updates, roadmap insights and interesting findings.

Branches

Lighthouse maintains two permanent branches:

  • stable: Always points to the latest stable release.
    • This is ideal for most users.
  • unstable: Used for development, contains the latest PRs.
    • Developers should base their PRs on this branch.

Contributing

Lighthouse welcomes contributors.

If you are looking to contribute, please head to the Contributing section of the Lighthouse book.

Contact

The best place for discussion is the Lighthouse Discord server.

Sign up to the Lighthouse Development Updates mailing list for email notifications about releases, network status and other important information.

Encrypt sensitive messages using our PGP key.

Donations

Lighthouse is an open-source project and a public good. Funding public goods is hard and we're grateful for the donations we receive from the community via:

  • Gitcoin Grants.
  • Ethereum address: 0x25c4a76E7d118705e7Ea2e9b7d8C59930d8aCD3b (donation.sigmaprime.eth).