1. The Big Things

1.1. Enforced SSL encryption – increased privacy and security

When you start PrizmCore for first time with prizm.apiServerHost=0.0.0.0:

– PrizmCore generates self-signed SSL certificate

– There is a “SSL CERTIFICATE SHA1 FINGERPRINT” message in your log during first run – note the SHA-1 fingerprint of generated certificate. You can compare this fingerprint to the one shown in the browser. If they are equal you can be sure that there is no man-in-the-middle intercepting your connection.

– PrizmCore enables SSL encryption using this certificate

– to open PrizmCore web interface you have to open https://localhost:9976, not the http:// one

– SSL usage is enforced only if the web interface is expected to be accesible from the outer world

– whenever you want you can set up your own self-signed or trusted SSL certificate inside prizm.properties

– browser will warn you, that “Your connection is not private”. It is OK for self-signed certificates – encryption is still works as expected, but your browser does not trust such certificate.

– you can disable SSLEnforce by setting prizm.apiServerEnforceSSL to “false” in prizm.properties

– most significant thigs the SSL does: encrypts your adminPassword (when using administrative APIs), encrypts passphrases of forging users, increases privacy of Web Interface users, protects from man-in-the-middle attacks

1.2 New API: GetAccountChildren – more info about your account

– response contains direct disciples of given account

– response includes balance, amount and disciples count for every of your disciple

– this is “HierarchyAPI” request, so it is available only from localhost by default

– this is not performance-heavy API, so you can open it for outter world

1.3. PrizmCore Web Interface feature “Disciples”

– you can inspect your disciples, their balances, amount, their own disciples count inside the PrizmCore Web Interface

– feature is based on GetAccountChildren API

– this feature is only accessible from localhost

– if you want to make it available for remote clients, set prizm.allowAPIHierarchyOnlyLocalhost to “false” and prizm.allowAPIHierarchyWithoutPassword to “true”. It is also recommended to add “GetAccountHierarchy” to prizm.disabledAPIs to avoid violations

– Feature is available in the side menu for your account, and in “Disciples” tab in any account modal window

– Inside “Disciples” tab displayed disciples count is limited by 100

1.4. Adaptive validation – blockchain sync is faster then ever

– significantly increases blockchain download speed

– blockchain download speed increases with every downloaded block

– max blockchain download speed is reached approximately after 2000 downloaded blocks

– hard/solid drive read time is decreased

– database lock time decreased

– garbage collector delays decreased

1.5 Blokchain recovery – stable and reliable

– PrizmCore now can recover almost any blockchain files inside prizm_db directory

– PrizmCore now can detect blockchain errors during runtime and fix them automatically

– PrizmCore stability is greatly increased

2. The small things:

– change white background under generated passphrase in PrizmCore Web Interface

– generated passphrases in PrizmCore Web Interface now has 19 words instead of 12

– generated passphrases in PrizmCore Web Interface now starts with “prizm” keyword

– generated passphrase entropy bits increased from 128 to 192 bits

– fixed “sidebar not showing during first logon into PrizmCore Web Interface” bug

– forbbidden “GetBlockchainTransaction” for GENESIS account, because bad guys were overloading nodes with public API by spamming this request, you can inspect latest GENESIS transactions inside it’s Account Ledger

– fixed PrizmCore Web Interface translation inaccuracies

– fixed “Error of 364696 block”

– fixed some garbace collector overhead possibilities

– fixed API “getParent – activated by PPPP” error

– fixed PrizmCore hang up during parsing broken transaction bytes

– increased clearness of log messages.