Week 4 // First month of work.
Hello everyone!
Have you filled in the withdraw form yet?
Withdraw now — https://check.universa.io // IMPORTANT!!! EVERYONE SHOULD DO THIS!
Do you have more than 1M tokens?
Then you have to pass the KYC procedure — https://check.universa.io. If you haven’t yet, please make sure to pass this easy but important procedure as soon as possible.
Token distribution(ERC20)
Finally, there is news that the very impatient part of our audience is waiting for from us :). Last week we asked you to order the withdrawal of UTN or UTN-P tokens (see above). More than 22,000 users have already decided where they want to receive their tokens. This week we’ll begin the Token Distribution. Hopefully, those of you who demanded it so badly for the last four weeks, will be satisfied a bit :).
Russian holidays
This week, Orthodox Christians traditionally celebrate Christmas, so we’ve missed one business day due to a national holiday, however that didn’t slow us down.
Did you know that nobody is working in Russia from 1 to 10th of January due to national holidays? But our Russia-based team members did work to make the product as early as possible and as best as possible!
Our first deal
Very soon you’ll read the news in the press. For now a teaser: Universa has acquired 50% of криптовалюта.рф (cryptocurrency in cyrillic). Arthur Lipatov will become the Community Director, and Universa will get an opportunity to use the resource channel for publishing articles, and blogs about blockchain generally, and Universa particularly.
Artur and I will represent Universa Blockchain in CryptoCruise. So if you’ll be on the ship or in Singapore, find us. We’ll be glad to meet you.
Do you want to have a Master node, you have 1M tokens and a dedicated server?
Fill in the form, and let’s prepare the hardware together, try to run the node image and test the Net with us — https://borodich.typeform.com/to/vUb6ou.
Business development
This week I had negotiations with a couple of African countries, Belarus, USA, Switzerland and Liechtenstein.
Africa — In Africa we started negotiations on the highest level about the blockchain-based economy and emission of national cryptocurrencies powered by Universa. Hopefully, these negotiations will lead to a phase of working projects. If you have contacts and opportunities to help us implement Universa Blockchain in any country of the world, write me right away.
Russia — I was in Russia to have negotiations with a potential integrator, but have gotten to the Bitcoin’s birthday, where I gave an interview to the RussiaToday channel. I hope, there will be a sharable link soon. That day has ended with a deal with криптовалюта.рф (see at the beginning).
Belarus — As you remember from the previous posts, Belarus has adopted a law (not without our contribution) which legalizes cryptocurrencies and allows any crypto-businesses, including ICOs and crypto-exchanges. I have been to Belarus this week and started the opening of our office branch in High Tech Park (http://park.by/post-1749/).
USA — In the USA we begin the preparations for a regional office opening; Our first conference, where we’ll participate will be the North American Crypto Conference — https://one2crypto.com/cryptocurrency-basics/events/north-american-bitcoin-conference-2018/. If you live in the USA and want to talk about the future of Universa and its possible applications in working projects, find our representatives at this conference.
Switzerland/Lichtenstein — Negotiations, which lasted for 6 hours, should give us a good result. Especially with our team of financial specialists and lawyers working there. While the endless paperwork is going on, here is the teaser of what Vontobel can do in crypto — https://www.vontobel.com/en-int/about-vontobel/media/communications/vontobel-launches-first-short-mini-futures-on-bitcoin/.
Technological news of the project
This week we fought against Specter and Meltdown
On January 3rd 2018, two highly dangerous hardware vulnerabilities in Intel/AMD/ARM processors were announced by the researchers from Google’s Project Zero, together with some collaborators. These vulnerabilities got the names Meltdown and Spectre. Since the moment of the announcement, the Universa team has been working hard to estimate its impact on the Universa architecture.
The primary concern with these vulnerabilities is that they are hardware vulnerabilities, making it possible to violate many security guarantees provided by the operating system and the software. This is also the reason why these vulnerabilities are so severe — being the vulnerabilities of a processor, rather than a program, they may affect virtually every computing system available: according to the researchers of the Meltdown vulnerability, “every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013)”. The Spectre vulnerability is even more general (though harder to utilize), and has been shown to affect Intel, AMD and ARM processors, including desktops, laptops and mobile devices.
When applied to Universa (and any other distributed system with the architecture containing some servers or nodes), the primary danger could be running these servers or nodes on the shared hosting or cloud hosting: with Meltdown vulnerability, a malicious application potentially could read the data from other processes running on the same cloud server; and with Spectre vulnerability, a malicious application could potentially even induce a hypervisor to write the data to the guest operating system and its processes.
However, the hardware vulnerabilities, even on such a great scale, were already expected and envisioned by the security experts of Universa, and their risks were predicted and taken into the account. After the security analysis, we are happy to announce that Meltdown and Spectre vulnerabilities have negligible to no effect on the functioning of Universa platform.
And now some details on various Universa subsystems:
- URS (Universal Reserve System — this is what keeps secure your reclaimed UTN and UTN-P tokens, their exchange, and will provide many other cross-blockchain features very soon) — not affected. Runs on dedicated hardware not just non shared with any untrusted users — there are not even any of user login accounts; so no malicious code can be installed or executed.
- Crypto Cloud (this is what keeps your contracts and the chat messages, when you login to the web client at https://access.universa.io/contracts) — not affected. The whole idea of Crypto Cloud is that all data and all messages are end-user-encrypted. There is no data stored in the crypto cloud, that could be decrypted a malicious code gaining the access to it from a different user process; and there is no data in the crypto cloud, that could be overwritten by a malicious code from a different user process, without the data corruption and cryptographic signature mismatch being noticed. Besides that, the cloud hosting provider claims the security patches are already being deployed to the affected systems.
- Universa Testnet Network nodes: minor theoretical impact (each Testnet node), not affected (Testnet network as a whole). Even though each particular node running on a cloud host theoretically can be affected, any malicious change of any stored data would bring it out of consensus; so to alter any data globally in the whole ledger, an attacker would need to successfully attack at least 90% of the nodes. The current Testnet consists of 30 nodes, so successfully attacked should be at least 27 ones. Considering how many clients and how many servers are used by the cloud hosting provider, a chance that a single attacker can run enough virtual hosts so they get distributed and end up on the same hardware as our 27 test nodes, is negligible. Besides that, the cloud hosting provider claims the security patches are already being deployed to the affected systems. Please note that this is applicable to Testnet network only; so if the vulnerability is not fully fixed before the Mainnet launch, the Mainnet will be launched on dedicated hardware only.
The scope of these two vulnerabilities is extremely wide, and the Universa team will keep track of the progress of it being fixed and patched. We will make sure that the hardware is fully patched or only the dedicated hardware is used, before the Universa Mainnet is launched. Also, the risk of similar attacks is the reason why the requirements to running an Universa node are not as loose as for running a node for some different blockchain technology: the conditions of licensing an Universa node will have some hardware and software details to protect of similar attacks.
At the moment, the Universa users should consider that the most insecure parts of the systems are, unfortunately, their own personal computers, laptops and mobile devices.
To be protected from Meltdown and Spectre, it is highly suggested to observe basic IT hygiene — keep the operating system and the software patched with the latest security patches; do not use unlicensed software received from untrusted sources; create a complex random passwords and never write them down; keep the files that should be stored securely (such as private keys) on encrypted storages, that is decrypted before every use.
Join our Official Universa News Channel on Telegram to read the latest Updates and News about our project @UniversaNews.
You are always welcome to ask us any questions in Telegram on @uplatform(EN) and @universa (RU) channels.
See you next week! Stay tuned!
Yours faithfully, your Paranoid CEO, Alexander Borodich
