Nerva core v0.2.2.0 is out. This release delivers meaningful performance gains alongside targeted security and privacy hardening and marks real progress on the Nerva–Monero upstream gaps.
Performance
QuickSync is now 2x faster and full P2P sync is ~40% faster, both compared to v0.2.0.0. Getting a new node up and running has never been this quick.
Security & Privacy (Gap §2)
- P2P message deserialization hardened, closing the critical crash exploitable via crafted P2P messages
- Separate size limits for P2P vs RPC, addressing the memory exhaustion attack vector
- RPC DoS mitigations against computationally expensive queries
- LMDB deadlock fix under concurrent transaction access
- Onion address exposure fixed. Peerlist responses no longer leak real timestamps or fixed positions
- Peer subnet deduplication upgraded from /16 to /24 to reduce spy node effectiveness
- Peer ID correlation on Tor/I2P disabled
- Silent transaction drop on privacy networks fixed
- Multiple decoy selection biases corrected including gamma distribution, integer truncation and sequential ring picking
- Per-transaction DNS privacy leaks eliminated
Wallet & UX (Gap §5)
- Pool spend detection fixed so balance updates correctly when a transaction is in the pool but not yet confirmed
- Key image spent status corrected after confirmed spends, eliminating inflated balance display
We are closing the gaps…
Download: nerva.one/#downloads or GitHub
Upgrade is not required but strongly recommended.
Next stop, hard fork 13.