New Year, New Features

On behalf of myself and the entire Divi Project team, we’d like to wish everyone a happy and prosperous new year.

All developers are now back in their respective offices, full-time and we’re hitting the ground running with new features and developments. Read on to find out what to expect in the short term.

PayPal Integration

The PayPal integration, which will allow users to pay for MOCCI (Masternode One-Click Cloud Installer) hosting with a credit/debit card or PayPal account is moving forward as planned. Error handling, the configuration for various tiers, and currently deployed masternode payments have all been implemented and will go into testing early next week.

Atomic Swaps / HTLCs

Atomic swap technology, also known as HTLC (Hashed Time Locked Contracts) are an essential part of Divi’s plan to add features making crypto easier to use.

To use Atomic Swaps, we’re adding Bitcoin Improvement Protocols to our blockchain. These are BIP65, BIP68, and BIP112.

For more information on how this affects users and the project at large, read our blog.

Mandatory upgrade required

The implementation of PayPal and Atomic Swaps will both require a mandatory upgrade.

PayPal & MOCCI

Users running Masternodes with MOCCI will see their nodes go down over the course of the next 45-60 days. Users who fail to upgrade their software risk missing out on masternode rewards. To reinstate the MOCCI node, install the automatic update and click to pay for the monthly subscription and restart your remote server. We roll out the mandatory update in waves of 10-20% of the user base as to not disrupt the overall network.

If you do not want to pay for the monthly hosting subscription through Divi, dismantle your node and either set it up manually or stake your DIVI.

Atomic Swaps

Users running Divi Desktop will automatically receive the latest core build, which will include Atomic Swap/HTLC functionality by default. It is still incredibly important that Desktop users upgrade their software to avoid hard-forking into a separate network and earning Divi that is incompatible with the main chain.

Users running the CLI build will need to upgrade manually, and we will distribute documentation to make the transition as smooth as possible.

Security Audit

LedgerOps have completed a third-party, quarterly security audit for the DIVI ecosystem. This analysis consisted of enterprise-level penetration testing as well as a source code audit.

API & Divi Blockchain penetration testing covered the following areas:

Evaluating session management and authentication mechanisms

Evaluating input sanitization for user-supplied inputs

Evaluating access controls for restricted resources

Evaluating application for misconfigurations that could enable disclosures § Evaluating protections against automated attack attempts

Evaluating currently implemented patch levels and service versions

Evaluating application for misconfigurations and oversights

Evaluating DIVX to DIVI Redemption Process

Ensuring communications are secure during transit between endpoints

Divi Desktop penetration testing covered the following areas:

Desktop wallet application (Cross-platform)

Desktop application source code review and audit

Evaluating session management and authentication mechanisms § Evaluating Insecure Data Storage

Evaluating Improper Platform Usage

Evaluating Insecure communication

Evaluating Client Code Quality and Code Tampering

Evaluating Reverse Engineering

Evaluating Extraneous Functionality

Evaluating Unintended Data Leakage

Evaluating Poor Authorization and Authentication

Evaluating Insufficient Cryptography

Evaluating Client-Side Injection

Ensuring communications are secure during transit between endpoints

Source Code audit covered the following areas:

Review DIVI blockchain source code for bugs and errors

Review DIVI master node deployment scripts for bugs and errors

Review DIVI node default configurations

Identify service misconfigurations of DIVI’s nodes

Results

We are pleased to report that:

0 Critical bugs were discovered.

1 High-risk finding was discovered and has already been resolved by our team before the posting of this blog.

4 Moderate-risk findings, primarily surrounding memory leaks and race conditions were discovered and are being addressed now.

3 Low-risk findings were discovered and are being addressed as necessary.

4 Informational findings were discovered surrounding some practical design choices that are being reviewed by the team.

To remain fully transparent with our community, we will post the full report in the coming week, as soon as all the findings are fully resolved or deferred.

NOTE: It is important to note that none of the discoveries by LedgerOps impact user security or privacy.

Exchanges

SWFT integration is scheduled to be complete on January 8th. This cross-chain swap tool allows for quick and easy transfers between hundreds of digital assets. Because they hold a pool of $DIVI for liquidity, they can manage the swaps in real-time. They have also agreed to let us use their APIs for integration within the Divi Smart Wallet(s), which would allow users to swap their Divi for other coins right within the application!

Media & marketing

Michael Greenwood was interviewed on CoinPM

Nick Saponaro’s interview on Wild West Crypto Podcast at the Washington Elite AI Blockchain Conference.

Thanks to the efforts of the Divi community, we won third place in Masternodes.Online’s contest and will receive a free 100k pageview banner on their site.

Divi Crew is looking for new members. If you’d like to help spread the word about Divi and earn some crypto in the process, reach out to us on Telegram

Upcoming events