Critical Update on Security Issues and Cold Key Swap Procedure on Bittensor Network

Understanding the Cold Key Swap Procedure

To address the identified security issues, we have implemented several changes to the network. First and foremost, we've opened the firewall and granted access to the chain state. This strategic move allows users to perform a limited set of critical functions:

1. Set weights on subnets
2. Serve axons
3. Make commitments
4. Utilize the newly introduced scheduled cold key swap function

It's important to note that from now until Friday, these will be the only functions available on the network. We've intentionally restricted other operations to minimize potential risks during this sensitive period.

The centerpiece of our security update is the scheduled cold key swap function. If you believe your funds might be at risk, we strongly encourage you to use this function. Here's how it works:

1. When you call the function, it initiates a 72-hour waiting period.
2. During this time, your cold key is completely locked, preventing any unauthorized access or transactions.
3. After the 72-hour period elapses, the actual swap occurs automatically.

We've designed this procedure to provide a balance between urgent action and careful, deliberate execution. The 72-hour delay serves as a safeguard, allowing time for detection of any suspicious activity and giving users an opportunity to halt the process if needed.

On Friday, for the majority of users who initiate the swap promptly, these swaps will be executed. Concurrently, we will be transitioning the chain out of total safe mode. This transition marks a return to normal operations, including staking, unstaking, and delegations, all of which will resume their usual smooth functioning.

The Arbitration Process: A Safeguard Against Conflicts

In our commitment to maintaining the highest levels of security, we've also implemented an arbitration process. This comes into play in two scenarios:

1. When human error leads to conflicting swap requests
2. If an attacker attempts to perform operations mimicking legitimate user actions

In either case, the affected key enters what we call an "arbitrated state". This occurs specifically when there are dual transactions with separate swap destinations associated with a single key.

Upon entering arbitration, our system immediately triggers a voting process on the chain. This vote is distributed to all non-arbitrated Senate members. To resolve the arbitration, we require a 50% consensus from the remaining Senate members.

To ensure transparency and fairness, all votes in this process are cast simultaneously and are visible on-chain for public scrutiny. This approach allows for swift resolution while maintaining the decentralized ethos of our network.

It's worth noting that if your key is not among those in arbitration, you can continue to submit PS (Proof of Stake) as usual. We've implemented robust measures to make it extremely challenging for potential attackers to DOS the chain or submit multiple addresses, further enhancing our network's resilience.

Current Network Status: A Positive Outlook

As we navigate through this critical period, we're pleased to report several encouraging signs:

1. Validators are actively setting weights
2. Axons are being served consistently
3. Our safe mode protocols are holding strong

These indicators suggest that despite the ongoing security measures, the network is maintaining its core functionalities and stability.

User Guidelines: Navigating the Update

To ensure a smooth transition and maintain network security, we ask all users to adhere to the following guidelines:

1. Avoid Rushing: The window for performing the cold key swap extends until Friday. There's no need for immediate action unless you have specific security concerns.
2. Selective Swapping: Only initiate the cold key swap if you have reason to believe your wallet has been compromised. This is particularly relevant for users who ran BTC CLI with version 6.2.2 and unlocked their cold key during that process.
3. Exercise Caution: Be extremely careful not to call the swap function twice with the same cold key but different destinations. Doing so could result in your key being locked, causing complications for both you and the broader network.
4. Regular Status Checks: We've provided a tool for you to monitor the status of your key swap. Use the command btcli wallet check_cold_key_swap to verify if your key is currently in the swapping process.
5. Patience with Technical Issues: As with any major update, some technical hiccups are to be expected. We're seeing several common issues:
   • "Invalid seal" errors: This often occurs if you solved too quickly. Simply try the operation again.
   • "Too many connections" errors: This indicates our entry point nodes are experiencing high load. Please be patient and retry later.
   • "Genesis mismatch" errors: If you encounter this, try clearing your Docker volumes and starting afresh.
6. Use Clean Machines: For those generating new keys, we strongly recommend using a clean machine, especially if you suspect your previous device may have been compromised.
7. Embrace Cold Storage: For long-term security, consider using a cold wallet for your main key storage.

Emissions and Rewards: Addressing Recent Fluctuations

We owe our community an explanation and apology regarding recent issues with emissions. Due to unforeseen technical complications, we experienced a period where nearly all validators on the Bittensor network became inactive. This triggered a fallback mechanism, causing the chain to revert to stake-based emissions. The consequences of this were twofold:

• Delegators may have noticed an increase in their Tao rewards.
• Miners, unfortunately, likely saw a decrease in their Tao earnings.

Based on our analysis, we estimate that miner emissions during this period may have been as low as 25% of expected levels. We sincerely apologize for any financial impact this may have caused our dedicated mining community.

However, there is a silver lining for our delegators. The APY (Annual Percentage Yield) for delegated stakes potentially doubled during this time, offering some compensation for the disruption.

Rest assured, we are working diligently to stabilize emissions and ensure fair distribution moving forward. We value the contributions of both our miners and delegators and are committed to maintaining a balanced and rewarding ecosystem for all participants.

Looking Ahead: Future Developments and Enhancements

As we navigate through these immediate challenges, we're also excited to share some of our plans for the future of Bittensor:

1. Ledger Support: We're currently in the process of upgrading our infrastructure to Polkadot 2.0. This significant upgrade will pave the way for Ledger support, offering our users an additional layer of security for their assets. While we work on this integration, we recommend utilizing the advanced security tools outlined in the Gist document shared by our development team.
2. Decentralized Validator Nodes: In line with our commitment to decentralization, we've set an ambitious goal to implement fully decentralized validator nodes by the end of 2025. This move will significantly enhance the resilience and distributed nature of our network.
3. Enhanced Security Measures: We're actively encouraging a shift towards using chain identities as the primary method for identity verification. This approach offers improved security compared to traditional methods like GitHub-based identification. We'll be providing more guidance on this transition in the coming weeks.
4. Improved Communication Channels: We recognize the importance of clear, timely communication during critical periods like this. We're working on enhancing our communication infrastructure to ensure all community members stay informed and updated in real-time.
5. Community Education Initiatives: To empower our users with the knowledge they need to navigate the complexities of our ecosystem, we're developing a series of educational resources. These will cover topics ranging from basic network operations to advanced security practices.

The Importance of Community Cooperation

The strength of the Bittensor network lies not just in its technological infrastructure, but in the vibrant community that supports and drives it forward. During this critical period, your cooperation and understanding are more valuable than ever. Here's how you can help:

1. Stay Informed: Regularly check our official channels for updates and announcements.
2. Follow Guidelines: Adhere to the security guidelines and best practices we've outlined.
3. Report Issues: If you encounter any unusual activity or technical issues, report them promptly to our support team.
4. Engage Responsibly: Participate in community discussions constructively, sharing knowledge and supporting fellow users.
5. Be Patient: Understand that resolving complex security issues takes time. Your patience during this process is greatly appreciated.

Conclusion: A Stronger, More Secure Bittensor

As we implement these critical security measures and look towards future enhancements, we want to express our deepest gratitude to the Bittensor community. Your trust, patience, and active participation form the backbone of our network's success.

The challenges we face today are stepping stones towards building a more robust, secure, and efficient ecosystem. By addressing these security concerns head-on and implementing forward-thinking solutions, we're not just solving immediate issues – we're laying the groundwork for a stronger, more resilient Bittensor network.

We remain committed to the principles of transparency, security, and decentralization that have guided us from the beginning. As we navigate through this critical juncture, we're more confident than ever in the bright future that lies ahead for Bittensor.

Your continued support and engagement are invaluable. If you have any questions, concerns, or insights to share, please don't hesitate to reach out to our support team or participate in our official community channels. Together, we're not just overcoming challenges – we're pioneering the future of decentralized AI networks.

Source : @Opentensor Foundation