From ba94f271dbb386c41e0f101d021e3d21a8842681 Mon Sep 17 00:00:00 2001
From: Jakub Sztandera <kubuxu@protocol.ai>
Date: Thu, 28 Jan 2021 16:38:58 +0100
Subject: [PATCH 1/6] Add spam protection to fountain

Uses reCAPTCHAv3, `RECAPTCHA_SITE_KEY` and `RECAPTCHA_SECRET_KEY` need to be
set in env.

Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai>
---
 cmd/lotus-fountain/main.go         | 67 +++++++++++++++++++++++-------
 cmd/lotus-fountain/recaptcha.go    | 67 ++++++++++++++++++++++++++++++
 cmd/lotus-fountain/site/funds.html | 16 +++++--
 go.mod                             |  2 +
 go.sum                             |  4 ++
 5 files changed, 139 insertions(+), 17 deletions(-)
 create mode 100644 cmd/lotus-fountain/recaptcha.go

diff --git a/cmd/lotus-fountain/main.go b/cmd/lotus-fountain/main.go
index 931978d96..1114ad07e 100644
--- a/cmd/lotus-fountain/main.go
+++ b/cmd/lotus-fountain/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"fmt"
+	"html/template"
 	"net"
 	"net/http"
 	"os"
@@ -68,6 +69,10 @@ var runCmd = &cli.Command{
 			EnvVars: []string{"LOTUS_FOUNTAIN_AMOUNT"},
 			Value:   "50",
 		},
+		&cli.Float64Flag{
+			Name:  "captcha-threshold",
+			Value: 0.5,
+		},
 	},
 	Action: func(cctx *cli.Context) error {
 		sendPerRequest, err := types.ParseFIL(cctx.String("amount"))
@@ -107,11 +112,13 @@ var runCmd = &cli.Command{
 				WalletRate:  15 * time.Minute,
 				WalletBurst: 2,
 			}),
+			recapTreshold: cctx.Float64("captcha-threshold"),
 		}
 
-		http.Handle("/", http.FileServer(rice.MustFindBox("site").HTTPBox()))
-		http.HandleFunc("/send", h.send)
-
+		box := rice.MustFindBox("site")
+		http.Handle("/", http.FileServer(box.HTTPBox()))
+		http.HandleFunc("/funds.html", prepFundsHtml(box))
+		http.Handle("/send", h)
 		fmt.Printf("Open http://%s\n", cctx.String("front"))
 
 		go func() {
@@ -123,6 +130,17 @@ var runCmd = &cli.Command{
 	},
 }
 
+func prepFundsHtml(box *rice.Box) http.HandlerFunc {
+	tmpl := template.Must(template.New("funds").Parse(box.MustString("funds.html")))
+	return func(w http.ResponseWriter, r *http.Request) {
+		err := tmpl.Execute(w, os.Getenv("RECAPTCHA_SITE_KEY"))
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadGateway)
+			return
+		}
+	}
+}
+
 type handler struct {
 	ctx context.Context
 	api api.FullNode
@@ -130,15 +148,45 @@ type handler struct {
 	from           address.Address
 	sendPerRequest types.FIL
 
-	limiter *Limiter
+	limiter       *Limiter
+	recapTreshold float64
 }
 
-func (h *handler) send(w http.ResponseWriter, r *http.Request) {
+func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "only POST is allowed", http.StatusBadRequest)
+		return
+	}
+
+	reqIP := r.Header.Get("X-Real-IP")
+	if reqIP == "" {
+		h, _, err := net.SplitHostPort(r.RemoteAddr)
+		if err != nil {
+			log.Errorf("could not get ip from: %s, err: %s", r.RemoteAddr, err)
+		}
+		reqIP = h
+	}
+
+	capResp, err := VerifyToken(r.FormValue("g-recaptcha-response"), reqIP)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadGateway)
+		return
+	}
+	if !capResp.Success || capResp.Score < h.recapTreshold {
+		log.Infow("spam", "capResp", capResp)
+		http.Error(w, "spam protection", http.StatusUnprocessableEntity)
+		return
+	}
+
 	to, err := address.NewFromString(r.FormValue("address"))
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
+	if to == address.Undef {
+		http.Error(w, "empty address", http.StatusBadRequest)
+		return
+	}
 
 	// Limit based on wallet address
 	limiter := h.limiter.GetWalletLimiter(to.String())
@@ -148,15 +196,6 @@ func (h *handler) send(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// Limit based on IP
-
-	reqIP := r.Header.Get("X-Real-IP")
-	if reqIP == "" {
-		h, _, err := net.SplitHostPort(r.RemoteAddr)
-		if err != nil {
-			log.Errorf("could not get ip from: %s, err: %s", r.RemoteAddr, err)
-		}
-		reqIP = h
-	}
 	if i := net.ParseIP(reqIP); i != nil && i.IsLoopback() {
 		log.Errorf("rate limiting localhost: %s", reqIP)
 	}
diff --git a/cmd/lotus-fountain/recaptcha.go b/cmd/lotus-fountain/recaptcha.go
new file mode 100644
index 000000000..11e8deaf9
--- /dev/null
+++ b/cmd/lotus-fountain/recaptcha.go
@@ -0,0 +1,67 @@
+// From https://github.com/lukasaron/recaptcha
+// BLS-3 Licensed
+// Copyright (c) 2020, Lukas Aron
+// Modified by Kubuxu
+package main
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os"
+	"time"
+)
+
+// content type for communication with the verification server.
+const (
+	contentType = "application/json"
+)
+
+// VerifyURL defines the endpoint which is called when a token needs to be verified.
+var (
+	VerifyURL, _ = url.Parse("https://www.google.com/recaptcha/api/siteverify")
+)
+
+// Response defines the response format from the verification endpoint.
+type Response struct {
+	Success            bool      `json:"success"`          // status of the verification
+	TimeStamp          time.Time `json:"challenge_ts"`     // timestamp of the challenge load (ISO format)
+	HostName           string    `json:"hostname"`         // the hostname of the site where the reCAPTCHA was solved
+	Score              float64   `json:"score"`            // the score for this request (0.0 - 1.0)
+	Action             string    `json:"action"`           // the action name for this request
+	ErrorCodes         []string  `json:"error-codes"`      // error codes
+	AndroidPackageName string    `json:"apk_package_name"` // android related only
+}
+
+// VerifyToken function implements the basic logic of verification of ReCaptcha token that is usually created
+// on the user site (front-end) and then sent to verify on the server side (back-end).
+// To provide a successful verification process the secret key is required. Based on the security recommendations
+// the key has to be passed as an environmental variable SECRET_KEY.
+//
+// Token parameter is required, however remoteIP is optional.
+func VerifyToken(token, remoteIP string) (Response, error) {
+	resp := Response{}
+	if len(token) == 0 {
+		resp.ErrorCodes = []string{"no-token"}
+		return resp, nil
+	}
+	q := VerifyURL.Query()
+	q.Add("secret", os.Getenv("RECAPTCHA_SECRET_KEY"))
+	q.Add("response", token)
+	q.Add("remoteip", remoteIP)
+	VerifyURL.RawQuery = q.Encode()
+
+	r, err := http.Post(VerifyURL.String(), contentType, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	b, err := ioutil.ReadAll(r.Body)
+	_ = r.Body.Close() // close immediately after reading finished
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, json.Unmarshal(b, &resp)
+}
diff --git a/cmd/lotus-fountain/site/funds.html b/cmd/lotus-fountain/site/funds.html
index cd26032f3..c6916239f 100644
--- a/cmd/lotus-fountain/site/funds.html
+++ b/cmd/lotus-fountain/site/funds.html
@@ -3,6 +3,13 @@
 <head>
     <title>Sending Funds - Lotus Fountain</title>
     <link rel="stylesheet" type="text/css" href="main.css">
+	<script src="https://www.google.com/recaptcha/api.js"></script>
+	<script>
+   		function onSubmit(token) {
+     	document.getElementById("funds-form").submit();
+   	}
+	</script>
+
 </head>
 <body>
 <div class="Index">
@@ -11,10 +18,13 @@
             [SENDING FUNDS]
         </div>
         <div class="Index-node">
-            <form action='/send' method='get'>
+            <form action='/send' method='post' id='funds-form'>
                 <span>Enter destination address:</span>
-                <input type='text' name='address' style="width: 300px">
-                <button type='submit'>Send Funds</button>
+				<input type='text' name='address' style="width: 300px">
+				<button class="g-recaptcha" 
+						data-sitekey="{{ . }}"
+						data-callback='onSubmit' 
+						data-action='submit'>Send Funds</button>
             </form>
         </div>
     </div>
diff --git a/go.mod b/go.mod
index 273391a56..ce09895ad 100644
--- a/go.mod
+++ b/go.mod
@@ -121,6 +121,7 @@ require (
 	github.com/multiformats/go-multiaddr-dns v0.2.0
 	github.com/multiformats/go-multibase v0.0.3
 	github.com/multiformats/go-multihash v0.0.14
+	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/opentracing/opentracing-go v1.2.0
 	github.com/polydawn/refmt v0.0.0-20190809202753-05966cbd336a
 	github.com/prometheus/client_golang v1.6.0
@@ -145,6 +146,7 @@ require (
 	golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
 	golang.org/x/time v0.0.0-20191024005414-555d28b269f0
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
+	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/cheggaaa/pb.v1 v1.0.28
 	gotest.tools v2.2.0+incompatible
 	launchpad.net/gocheck v0.0.0-20140225173054-000000000087 // indirect
diff --git a/go.sum b/go.sum
index 6d38f4a8e..6d35032f8 100644
--- a/go.sum
+++ b/go.sum
@@ -1226,6 +1226,8 @@ github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxzi
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
+github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/nikkolasg/hexjson v0.0.0-20181101101858-78e39397e00c h1:5bFTChQxSKNwy8ALwOebjekYExl9HTT9urdawqC95tA=
 github.com/nikkolasg/hexjson v0.0.0-20181101101858-78e39397e00c/go.mod h1:7qN3Y0BvzRUf4LofcoJplQL10lsFDb4PYlePTVwrP28=
 github.com/nkovacs/streamquote v0.0.0-20170412213628-49af9bddb229 h1:E2B8qYyeSgv5MXpmzZXRNp8IAQ4vjxIjhpAf5hv/tAg=
@@ -1916,6 +1918,8 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
+gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/cheggaaa/pb.v1 v1.0.28 h1:n1tBJnnK2r7g9OW2btFH91V92STTUevLXYFb8gy9EMk=
 gopkg.in/cheggaaa/pb.v1 v1.0.28/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=

From 608793314f857c45ab99a7f824792e5150e65cea Mon Sep 17 00:00:00 2001
From: Jakub Sztandera <kubuxu@protocol.ai>
Date: Thu, 28 Jan 2021 18:07:37 +0100
Subject: [PATCH 2/6] Fix url Values

Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai>
---
 cmd/lotus-fountain/recaptcha.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/cmd/lotus-fountain/recaptcha.go b/cmd/lotus-fountain/recaptcha.go
index 11e8deaf9..d4e71cc02 100644
--- a/cmd/lotus-fountain/recaptcha.go
+++ b/cmd/lotus-fountain/recaptcha.go
@@ -46,13 +46,15 @@ func VerifyToken(token, remoteIP string) (Response, error) {
 		resp.ErrorCodes = []string{"no-token"}
 		return resp, nil
 	}
-	q := VerifyURL.Query()
+
+	q := url.Values{}
 	q.Add("secret", os.Getenv("RECAPTCHA_SECRET_KEY"))
 	q.Add("response", token)
 	q.Add("remoteip", remoteIP)
-	VerifyURL.RawQuery = q.Encode()
 
-	r, err := http.Post(VerifyURL.String(), contentType, nil)
+	u := &(*VerifyURL)
+	u.RawQuery = q.Encode()
+	r, err := http.Post(u.String(), contentType, nil)
 	if err != nil {
 		return resp, err
 	}

From 0a0fc47655cd1e4aa9eb6bd53b8c7472226a4be4 Mon Sep 17 00:00:00 2001
From: Jakub Sztandera <kubuxu@protocol.ai>
Date: Thu, 28 Jan 2021 19:58:28 +0100
Subject: [PATCH 3/6] Make lint happy

Signed-off-by: Jakub Sztandera <kubuxu@protocol.ai>
---
 cmd/lotus-fountain/recaptcha.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/cmd/lotus-fountain/recaptcha.go b/cmd/lotus-fountain/recaptcha.go
index d4e71cc02..69359faa3 100644
--- a/cmd/lotus-fountain/recaptcha.go
+++ b/cmd/lotus-fountain/recaptcha.go
@@ -52,7 +52,11 @@ func VerifyToken(token, remoteIP string) (Response, error) {
 	q.Add("response", token)
 	q.Add("remoteip", remoteIP)
 
-	u := &(*VerifyURL)
+	var u *url.URL
+	{
+		verifyCopy := *VerifyURL
+		u = &verifyCopy
+	}
 	u.RawQuery = q.Encode()
 	r, err := http.Post(u.String(), contentType, nil)
 	if err != nil {

From f358af6f5663c893c252e64a5c2d6dc98a4428fc Mon Sep 17 00:00:00 2001
From: Aayush Rajasekaran <arajasek94@gmail.com>
Date: Tue, 16 Feb 2021 19:19:27 -0500
Subject: [PATCH 4/6] Fix typo

---
 cmd/lotus-fountain/main.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/cmd/lotus-fountain/main.go b/cmd/lotus-fountain/main.go
index 1114ad07e..79f08aa83 100644
--- a/cmd/lotus-fountain/main.go
+++ b/cmd/lotus-fountain/main.go
@@ -112,7 +112,7 @@ var runCmd = &cli.Command{
 				WalletRate:  15 * time.Minute,
 				WalletBurst: 2,
 			}),
-			recapTreshold: cctx.Float64("captcha-threshold"),
+			recapThreshold: cctx.Float64("captcha-threshold"),
 		}
 
 		box := rice.MustFindBox("site")
@@ -148,8 +148,8 @@ type handler struct {
 	from           address.Address
 	sendPerRequest types.FIL
 
-	limiter       *Limiter
-	recapTreshold float64
+	limiter        *Limiter
+	recapThreshold float64
 }
 
 func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
@@ -172,7 +172,7 @@ func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, err.Error(), http.StatusBadGateway)
 		return
 	}
-	if !capResp.Success || capResp.Score < h.recapTreshold {
+	if !capResp.Success || capResp.Score < h.recapThreshold {
 		log.Infow("spam", "capResp", capResp)
 		http.Error(w, "spam protection", http.StatusUnprocessableEntity)
 		return

From 5f998038c794c4b7523436f9f88910da83513900 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Magiera?= <magik6k@gmail.com>
Date: Wed, 17 Feb 2021 18:59:26 +0100
Subject: [PATCH 5/6] Update go-jsonrpc

---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index d8efe4a3d..22df9bbfc 100644
--- a/go.mod
+++ b/go.mod
@@ -34,7 +34,7 @@ require (
 	github.com/filecoin-project/go-data-transfer v1.2.7
 	github.com/filecoin-project/go-fil-commcid v0.0.0-20201016201715-d41df56b4f6a
 	github.com/filecoin-project/go-fil-markets v1.1.7
-	github.com/filecoin-project/go-jsonrpc v0.1.3
+	github.com/filecoin-project/go-jsonrpc v0.1.4-0.20210217175800-45ea43ac2bec
 	github.com/filecoin-project/go-multistore v0.0.3
 	github.com/filecoin-project/go-padreader v0.0.0-20200903213702-ed5fae088b20
 	github.com/filecoin-project/go-paramfetch v0.0.2-0.20200701152213-3e0f0afdc261
diff --git a/go.sum b/go.sum
index 70e789928..074a130d6 100644
--- a/go.sum
+++ b/go.sum
@@ -279,8 +279,8 @@ github.com/filecoin-project/go-hamt-ipld/v2 v2.0.0 h1:b3UDemBYN2HNfk3KOXNuxgTTxl
 github.com/filecoin-project/go-hamt-ipld/v2 v2.0.0/go.mod h1:7aWZdaQ1b16BVoQUYR+eEvrDCGJoPLxFpDynFjYfBjI=
 github.com/filecoin-project/go-hamt-ipld/v3 v3.0.1 h1:zbzs46G7bOctkZ+JUX3xirrj0RaEsi+27dtlsgrTNBg=
 github.com/filecoin-project/go-hamt-ipld/v3 v3.0.1/go.mod h1:gXpNmr3oQx8l3o7qkGyDjJjYSRX7hp/FGOStdqrWyDI=
-github.com/filecoin-project/go-jsonrpc v0.1.3 h1:Ep2PQzO1t3nUlUFXWuT12h7AfC4bZM3BjwfSDlpNzaQ=
-github.com/filecoin-project/go-jsonrpc v0.1.3/go.mod h1:XBBpuKIMaXIIzeqzO1iucq4GvbF8CxmXRFoezRh+Cx4=
+github.com/filecoin-project/go-jsonrpc v0.1.4-0.20210217175800-45ea43ac2bec h1:rGI5I7fdU4viManxmDdbk5deZO7afe6L1Wc04dAmlOM=
+github.com/filecoin-project/go-jsonrpc v0.1.4-0.20210217175800-45ea43ac2bec/go.mod h1:XBBpuKIMaXIIzeqzO1iucq4GvbF8CxmXRFoezRh+Cx4=
 github.com/filecoin-project/go-multistore v0.0.3 h1:vaRBY4YiA2UZFPK57RNuewypB8u0DzzQwqsL0XarpnI=
 github.com/filecoin-project/go-multistore v0.0.3/go.mod h1:kaNqCC4IhU4B1uyr7YWFHd23TL4KM32aChS0jNkyUvQ=
 github.com/filecoin-project/go-padreader v0.0.0-20200903213702-ed5fae088b20 h1:+/4aUeUoKr6AKfPE3mBhXA5spIV6UcKdTYDPNU2Tdmg=

From f76fcef3f878b3ff8401f1a814f0d6b9ec377d3f Mon Sep 17 00:00:00 2001
From: Aayush Rajasekaran <arajasek94@gmail.com>
Date: Wed, 17 Feb 2021 01:08:20 -0500
Subject: [PATCH 6/6] Lotus version 1.4.2

---
 CHANGELOG.md     | 102 +++++++++++++++++++++++++++++++++++++++++++++++
 build/version.go |   2 +-
 2 files changed, 103 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d28432d9e..558b297a0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,107 @@
 # Lotus changelog
 
+# 1.4.2 / 2021-02-17
+
+This is a large, and highly recommended, optional release with new features and improvements for lotus miner and deal-making UX. The release also integrates [v3 specs-actors](https://github.com/filecoin-project/specs-actors/releases/tag/v3.0.0), which implements two FIPs:
+
+- [FIP-0007 h/amt-v3](https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0007.md) which improves the performance of the Filecoin HAMT and AMT.
+- [FIP-0010 off-chain Window PoSt Verification](https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0010.md) which reduces the gas consumption of `SubmitedWindowedPost` messages significantly by optimistically accepting Window PoSt proofs without verification, and allowing them to be disputed later by off-chain verifiers.
+ 
+Note that this release does NOT set an upgrade epoch for v3 actors to take effect. That will be done in the upcoming 1.5.0 release.
+ 
+ ## New Features
+ 
+ - [#5341](https://github.com/filecoin-project/lotus/pull/5341)  Added sector termination API and CLI 
+     - Run `lotus-miner sectors terminate`
+- [#5342](https://github.com/filecoin-project/lotus/pull/5342) Added CLI for using a multisig wallet as miner's owner address 
+  - See how to set it up [here](https://github.com/filecoin-project/lotus/pull/5342#issue-554009129)
+- [#5363](https://github.com/filecoin-project/lotus/pull/5363), [#5418](https://github.com/filecoin-project/lotus/pull/), [#5476](https://github.com/filecoin-project/lotus/pull/5476), [#5459](https://github.com/filecoin-project/lotus/pull/5459) Integrated [spec-actor v3](https://github.com/filecoin-pro5418ject/specs-actors/releases/tag/v3.0.0)
+  - [#5472](https://github.com/filecoin-project/lotus/pull/5472) Generate actor v3 methods for pond
+- [#5379](https://github.com/filecoin-project/lotus/pull/5379) Added WindowPoSt disputer
+  - This is to support [FIP-0010 off-chian Window PoSt verification](https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0010.md)
+  - See how to run a disputer [here](https://github.com/filecoin-project/lotus/pull/5379#issuecomment-776482445)
+- [#5309](https://github.com/filecoin-project/lotus/pull/5309) Batch multiple deals in one `PublishStorageMessages`
+  - [#5411](https://github.com/filecoin-project/lotus/pull/5411) Handle batch `PublishStorageDeals` message in sealing recovery
+  - [#5505](https://github.com/filecoin-project/lotus/pull/5505) Exclude expired deals from batching in `PublishStorageDeals` messages
+  - Added `PublishMsgPeriod` and `MaxDealsPerPublishMsg` to miner `Dealmaking` [configuration](https://docs.filecoin.io/mine/lotus/miner-configuration/#dealmaking-section). See how they work [here](https://docs.filecoin.io/mine/lotus/miner-configuration/#publishing-several-deals-in-one-message).
+  - [#5538](https://github.com/filecoin-project/lotus/pull/5538), [#5549](https://github.com/filecoin-project/lotus/pull/5549) Added a command to list pending deals and force publish messages. 
+    - Run `lotus-miner market pending-publish`
+  - [#5428](https://github.com/filecoin-project/lotus/pull/5428) Moved waiting for `PublishStorageDeals` messages' receipt from markets to lotus
+- [#5510](https://github.com/filecoin-project/lotus/pull/5510) Added `nerpanet` build option
+  - To build `nerpanet`, run `make nerpanet`
+- [#5433](https://github.com/filecoin-project/lotus/pull/5433) Added `AlwaysKeepUnsealedCopy` option to the miner configuration
+- [#5520](https://github.com/filecoin-project/lotus/pull/5520) Added `MsigGetPending` to get pending transactions for multisig wallets
+- [#5219](https://github.com/filecoin-project/lotus/pull/5219) Added interactive mode for lotus-wallet
+- [5529](https://github.com/filecoin-project/lotus/pull/5529) Added support for minder nodes in `lotus-shed rpc` util
+
+ ## Bug Fixes
+ 
+ - [#5210](https://github.com/filecoin-project/lotus/pull/5210) Miner should not dial client on restart
+ - [#5403](https://github.com/filecoin-project/lotus/pull/5403) When estimating GasLimit only apply prior messages up to the nonce
+ - [#5410](https://github.com/filecoin-project/lotus/pull/510) Fix the calibnet build option
+ - [#5492](https://github.com/filecoin-project/lotus/pull/5492) Fixed `has` for ipfsbstore for non-existing blocks
+ - [#5361](https://github.com/filecoin-project/lotus/pull/5361) Fixed retrieval hangs when using `IpfsOnlineMode=true`
+ - [#5493](https://github.com/filecoin-project/lotus/pull/5493) Fixed retrieval failure when price-per-byte is zero
+ - [#5506](https://github.com/filecoin-project/lotus/pull/5506) Fixed contexts in the storage adpater
+ - [#5515](https://github.com/filecoin-project/lotus/pull/5515) Properly wire up `StateReadState` on gateway API
+ - [#5582](https://github.com/filecoin-project/lotus/pull/5582) Fixed error logging format strings
+ - [#5614](https://github.com/filecoin-project/lotus/pull/5614) Fixed websocket reconnecting handling
+
+
+ ## Improvements
+ 
+ - [#5389](https://github.com/filecoin-project/lotus/pull/5389) Show verified indicator for `./lotus-miner storage-deals list`  
+- [#5229](https://github.com/filecoin-project/lotus/pull/5220) Show power for verified deals in `./lotus-miner setocr list`
+- [#5407](https://github.com/filecoin-project/lotus/pull/5407) Added explicit check of the miner address protocol
+ - [#5399](https://github.com/filecoin-project/lotus/pull/5399) watchdog: increase heapprof capture threshold to 90%
+ - [#5398](https://github.com/filecoin-project/lotus/pull/5398) storageadapter: Look at precommits on-chain since deal publish msg
+ - [#5470](https://github.com/filecoin-project/lotus/pull/5470) Added `--no-timing` option for `./lotus state compute-state --html`
+- [#5417](https://github.com/filecoin-project/lotus/pull/5417) Storage Manager: Always unseal full sectors
+- [#5393](https://github.com/filecoin-project/lotus/pull/5393) Switched to [filecoin-ffi bls api ](https://github.com/filecoin-project/filecoin-ffi/pull/159)for bls signatures
+- [#5380](https://github.com/filecoin-project/lotus/pull/5210) Refactor deals API tests 
+- [#5397](https://github.com/filecoin-project/lotus/pull/5397) Fixed a flake in the sync manager edge case test 
+- [#5406](https://github.com/filecoin-project/lotus/pull/5406) Added a test to ensure a correct window post cannot be disputed
+- [#5294](https://github.com/filecoin-project/lotus/pull/5394) Added jobs to build Lotus docker image and push it to AWS ECR
+- [#5387](https://github.com/filecoin-project/lotus/pull/5387) Added network info(mainnet|calibnet) in version
+- [#5497](https://github.com/filecoin-project/lotus/pull/5497) Export metric for lotus-gateaway
+- [#4950](https://github.com/filecoin-project/lotus/pull/4950) Removed bench policy
+- [#5047](https://github.com/filecoin-project/lotus/pull/5047) Improved the UX for `./lotus-shed bitfield enc`
+- [#5282](https://github.com/filecoin-project/lotus/pull/5282) Snake a context through the chian blockstore creation
+- [#5350](https://github.com/filecoin-project/lotus/pull/5350) Avoid using `mp.cfg` directrly to prevent race condition
+- [#5449](https://github.com/filecoin-project/lotus/pull/5449) Documented the block-header better 
+- [#5404](https://github.com/filecoin-project/lotus/pull/5404) Added retrying proofs if an incorrect one is generated
+- [#4545](https://github.com/filecoin-project/lotus/pull/4545) Made state tipset usage consistent in the API
+- [#5540](https://github.com/filecoin-project/lotus/pull/5540) Removed unnecessary database reads in validation check
+- [#5554](https://github.com/filecoin-project/lotus/pull/5554) Fixed `build lotus-soup` CI job
+- [#5552](https://github.com/filecoin-project/lotus/pull/5552) Updated CircleCI to halt gracefully
+- [#5555](https://github.com/filecoin-project/lotus/pull/5555) Cleanup and add docstrings of node builder
+- [#5564](https://github.com/filecoin-project/lotus/pull/5564) Stopped depending on gocheck with gomod
+- [#5574](https://github.com/filecoin-project/lotus/pull/5574) Updated CLI UI
+- [#5570](https://github.com/filecoin-project/lotus/pull/5570) Added code CID to `StateReadState` return object
+- [#5565](https://github.com/filecoin-project/lotus/pull/5565) Added storageadapter.PublishMsgConfig to miner in testkit for lotus-soup testplan
+- [#5571](https://github.com/filecoin-project/lotus/pull/5571) Added `lotus-seed gensis car` to generate lotus block for devnets
+- [#5613](https://github.com/filecoin-project/lotus/pull/5613) Check format in client commP util
+- [#5507](https://github.com/filecoin-project/lotus/pull/5507) Refactored coalescing logic into its own function and take both cancellation sets into account
+- [#5592](https://github.com/filecoin-project/lotus/pull/5592) Verify FFI version before building
+
+## Dependency Updates
+ - [#5296](https://github.com/filecoin-project/lotus/pull/5396) Upgraded to [raulk/go-watchdog@v1.0.1](https://github.com/raulk/go-watchdog/releases/tag/v1.0.1)
+ - [#5450](https://github.com/filecoin-project/lotus/pull/5450) Dependency updates
+ - [#5425](https://github.com/filecoin-project/lotus/pull/5425) Fixed stale imports in testplans/lotus-soup
+ - [#5535](https://github.com/filecoin-project/lotus/pull/5535) Updated to [go-fil-markets@v1.1.7](https://github.com/filecoin-project/go-fil-markets/releases/tag/v1.1.7)
+ - [#5616](https://github.com/filecoin-project/lotus/pull/5600) Updated to [filecoin-ffi@b6e0b35fb49ed0fe](https://github.com/filecoin-project/filecoin-ffi/releases/tag/b6e0b35fb49ed0fe)
+ - [#5599](https://github.com/filecoin-project/lotus/pull/5599) Updated to [go-bitfield@v0.2.4](https://github.com/filecoin-project/go-bitfield/releases/tag/v0.2.4)
+ - [#5614](https://github.com/filecoin-project/lotus/pull/5614), , [#5621](https://github.com/filecoin-project/lotus/pull/5621) Updated to [go-jsonrpc@v0.1.3](https://github.com/filecoin-project/go-jsonrpc/releases/tag/v0.1.3)
+ - [#5459](https://github.com/filecoin-project/lotus/pull/5459) Updated to [spec-actors@v3.0.1](https://github.com/filecoin-project/specs-actors/releases/tag/v3.0.1)
+
+
+## Network Version v10 Upgrade
+- [#5473](https://github.com/filecoin-project/lotus/pull/5473) Merged staging branch for v1.5.0
+- [#5603](https://github.com/filecoin-project/lotus/pull/5603) Set nerpanet's upgrade epochs up to v3 actors
+- [#5471](https://github.com/filecoin-project/lotus/pull/5471), [#5456](https://github.com/filecoin-project/lotus/pull/5456) Set calibration net actor v3 migration epochs for testing
+- [#5434](https://github.com/filecoin-project/lotus/pull/5434) Implemented pre-migration framework
+- [#5476](https://github.com/filecoin-project/lotus/pull/5477) Tune migration 
+
 # 1.4.1 / 2021-01-20
 
 This is an optional Lotus release that introduces various improvements to the sealing, mining, and deal-making processes. In particular, [#5341](https://github.com/filecoin-project/lotus/pull/5341) introduces the ability for Lotus miners to terminate sectors.
diff --git a/build/version.go b/build/version.go
index a53da9274..8e3ce5e8d 100644
--- a/build/version.go
+++ b/build/version.go
@@ -35,7 +35,7 @@ func buildType() string {
 }
 
 // BuildVersion is the local build version, set by build system
-const BuildVersion = "1.4.1"
+const BuildVersion = "1.4.2"
 
 func UserVersion() string {
 	return BuildVersion + buildType() + CurrentCommit