• Fixed bug when walletd will not sync after being unable to contact bytecoind for a long time.
• Fixed rare bug when exported view wallet contained wrong view secrets signature.
• Fixed bug when instead of error message, empty send proof was generated for address not used in particular transaction. Such proofs are invalid so this did not lead to any security issues.
• Fixed bug when walletd sometimes included no block information for unlocked outputs in get_transfers JSON RPC call. This affected only clients who inspected per-block unlocked_transfers, but not unlocked_transfers array returned for the request as a whole.
• Fixed problem when during sync_blocks excess block was returned at the start of the response. This could lead to endless sync loop if this block size was larger that max_size limit set by caller, because only that block would be returned again and again.
• Removed addresses from wallet cache for amethyst wallets
• walletd can now export view-only wallet without ability to view outgoing addresses from a view-wallet with such capability.
• tx_pool_version is no more reset to 0 on block change, but steadily increases on each pool modification. Ir prevents some very rare race conditions between APi users and daemons.

Security-related changes

• Lots of code reorganisation to remove false positives from clang static analyser.
• Several potential undefined behaviours fixed, related to forgetting to initialise values of primitive types in templates.
• Potential floating-point undefined behaviour fixed.
• Several additional checks added to P2P commands parsing.
• Potential crash in groestl hash implementation fixed.
• Connections using legacy P2P version (and legacy commands) prohibited, effectively enabling much stricter consensus rules for P2P (such as hard limits on size of all commands), hardening against potential attacks.
• Security options (non-executable stack, position-independent-binary, non-writable relocation table) for binaries enabled by default on Linux.
• Tiny memory leak fixed.

Incompatible API changes

• get_transfers and get_transaction walletd methods do not return outputs in transfers by default (they are large and very rarely needed). If you need outputs, you should set need_outputs parameter to true.
• outputs field is now optional in transfer in all contexts.
• public_key field is now optional in transaction in all contexts (motivation - amethyst transactions contain no public key)
• extra field is now optional in transaction in all contexts (motivation - after removing public key from extra, it is empty for most transactions)

API tweaks

• All numbers in JSON RPC requests can be sent as strings, "123" instead of 123. This helps integration with JavaScript.
• All JSON RPC requests get optional boolean "numbers_as_strings" parameter (default false). If set to true, all numbers will be returned as strings. This helps integration with JavaScript.

• Tiny fixes in mining-related code. All miners are advised to update.

API tweaks

• In get_transfers response, when filtering by address, filtering does not remove transfers from transactions, only returns less transactions
• In check_sendproof error response, hash of referenced transaction is returned if proof is successfully parsed
• In check_sendproof errors ADDRESS_NOT_IN_TRANSACTION (-204) and ADDRESS_FAILED_TO_PARSE (-4) removed, PROOF_WRONG_SIGNATURE (-203) will be reported instead.
• walletd methods which do request to bytecoind - create_transaction, send_transaction, create_sendproof will now return special error BYTECOIND_REQUEST_ERROR (-1003) instead of INTERNAL_ERROR (-32603) when json RPC call to bytecoind fails.

API deprecations (will be removed in future)

• In get_transfers response, unlocked_transfers for range of blocks deprecated, unlocked transfers are returned in corresponding blocks.
• In create_sendproof request/response, addresses/sendproofs fields are deprecated, use address/sendproof instead. If using address field and proof canno be created, json RPC error ADDRESS_NOT_IN_TRANSACTION (-204) will be returned, instead of empty proof, as it was before.

• walletd can now sync most of the blockchain from static files (tremendously increasing efficiency for public nodes), reverting to RPC only for the (small) part of blockchain after last hard checkpoint.
• Fixed bug when during wallet sync some transactions from memory pool were requested and processed more than once

• In get_transfers walletd's method error is returned if from_height is larger than to_height or top block height.
• WALLET_FILE_EXISTS (209) is correctly returned when walletd is instructed to overwrite an existing wallet.
• Fixed a bug when wrong error message was displayed when passing some invalid addresses to walletd's create_transaction RPC method.
• LMDB virtual memory usage by bytecoind and walletd reduced from fixed 512Gb to approx. actual blockchain database/wallet cache size.
• walletd will not undo sync progress, if connected node is behind wallet state and behind latest hard checkpoint. It will wait for a node to advance to a checkpoint.
• Wallet cache now takes much less space, especially for wallets with small number of transactions.
• For all TCP sockets keep_alive option is now set after they are created (with default timeouts for each system, common value is 2 hours), solving very rare bug when there would be no reply to long poll ever for external services (like block explorers) calling from remote machines.
• All paths now subject to substitution of ~ (Mac & Linux) and %appdata% (Windows). Also, on Linux and Max backslash is no more considered path separator.

API tweaks

• JSON numbers are interpreted according to spec throughout API, for example 10.01E2 is now good value for height (1001). This helps integration with some weird languages.
• Better error messages throughout API when required parameters are not specified.
• More strict JSON RPC - excess fields on top level are no more allowed in requests.
• bytecoind's binary version of sync_blocks now uses separate zero overhead response to save traffic during sync.

Incompatible API changes

• bytecoind's getblocktemplate, submitblock and JSON versions of sync_blocks and sync_mempool now require private authorization. This helps with preventing excess load on public nodes.
• deprecated field outs_count in bytecoind.get_random_outputs removed.

• Fixed merge mining related bug affecting blocks version 4 (amethyst). All miners not upgraded to 3.4.2 at the moment of consensus update will produce broken blocks.
• Fixed crash when disconnecting Ledger while scanning blockchain.
• Fixed behavior of the get_transfers walletd's method when transactions from a memory pool are wrongly returned for some from_height and to_height values.

Incompatible API changes

• In response to the get_wallet_info walletd's method, boolean field amethyst changed to string wallet_type

• Fixed a stagenet voting bug.

• Fixed problem when bytecoind stops responding via JSON RPC API.
• Tweaked random output distribution for mixins.
• The walletd daemon now better utilizes CPU during sync (cores use 100%, if available).
• During mining, the bytecoind daemon now prefers blocks received via submit_block API to other blocks, if difficulty are equal. This will slightly increase mining profitability for lucky miners.
• Added back create_transaction optimization for large wallets which was accidentally removed in version 3.4.1.
• Fixed bug when transaction size is 0 in all walletd API calls.
• Fixed bug when transaction timestamp is 0 in get_transaction of bytecoind API call for transaction, if it has been already included in the blockchain.
• Transaction fields prefix_hash and inputs_hash are now correctly set in various bytecoind API calls, if need_redundant_data is set.
• Improved command line processing in walletd, especially if wrong combination of options specified.
• Trezor and Ledger early support in walletd.

Incompatible API changes

• Deprecated binary_size field removed from transaction in all contexts. Please use the size field.

• New cryptography reviewed, some important tweaks added - thanks for all feedback to those who contributed.
• Derivation paths of wallet secrets modified. Now dishonest modification of any secret in view-only wallet is immediately clear to auditor.
• Output seed generation simplified.
• Proof of sH ~ H contained in view-only wallet is simplified.

API additions

• Added has_view_secret_key field in the get_wallet_info method of walletd.

• Added an early support for hardware wallets.
• Fully working Trezor Model T prototype.
• Partial support for Ledger Nano.

Current Limitations

• If you disconnect a hardware wallet while walletd is running, it will immediately crash.
• Works in the stagenet only.