Security and Analysis Report: Part 2
Solar Core is a fork of the ARK Core v3 blockchain. The ARK Blockchain launched in 2017 and was first written in JavaScript and then rewritten in TypeScript.
It is not unusual for blockchain forks to happen quite often. Many cryptocurrencies are the result of blockchain forks. This article aims to explain what a blockchain fork is and how this relates to Solar.
What is a Fork
A hard fork is an event on a blockchain that copies the original software and adds necessary changes to it. The two blockchains cannot coexist and the new blockchain splits away from the main blockchain. The two blockchains are incompatible and continue to evolve and develop independently. This fork requires all users to upgrade to the latest version of the software. Nodes running on the previous version of the software will no longer be accepted on the new version.
Some examples of forked chains:
- Litecoin is a fork of the Bitcoin blockchain
- Dogecoin is a fork of the Luckycoin blockchain
- Ethereum Classic is a fork of the Ethereum blockchain
Think of a fork as a modification of a blockchain.
Solar Fork
As previously stated, Solar is a fork of the ARK blockchain. However, it is different to the type of fork described above. The Solar fork was a software development fork. This means that Solar was never part of the ARK blockchain. Solar developers took a copy of the ARK source code and made improvements and enhancements. Many of these improvements were fixing security vulnerabilities.
The question arises whether it is legal to fork code. In this case, it was completely legal for Solar developers to fork ARK code. ARK is MIT licensed. This licence allows users to reuse code and make any changes or modifications. Solar code has a different licence. Its licence is CC-BY-ND-4.0 which means although it is open source, it does not entitle people to change it in any way or use it commercially.
Secure Solar
The ARK blockchain launched way back in 2017 and is a product of its time. Several of its features are not suitable for a modern blockchain. Over the years, many vulnerabilities were discovered in ARK Core. The majority of these vulnerabilities were patched and reported to ARK by our Solar Core lead developer, Gym.
This leads to the question if there were all these vulnerabilities with ARK Core, why use it?
One of the benefits of using and building on existing code is that it has had many eyes on it over the years. For example, the many vulnerabilities discovered in ARK Core are not present in Solar Core because developers spent hours poring over it. Existing code is in essence battle tested. Forking ARK Core rather than starting from scratch meant we could take this battle-tested platform and build in new features and improvements.
Solar Core developers are continually improving and developing Solar code. All Solar code is audited thoroughly before being made public. Any code considered important is submitted to GitHub as a Pull Request. This request must be approved by an accredited developer before it is moved to a public repository. Solar GitHub is also protected by 2FA to minimise the risk of malicious attacks.
All new versions of Solar Core are passed to the 53 block producers for testing on testnet. The mainnet chain will only be upgraded when the new changes have been tested and any enhancements or fixes have been finally approved by all block producers. It must be pointed out that these block producers are decentralised, they are not part of a Solar “team”.
Solar code is also available for the community to view. Enthusiasts and developers are welcome to look through Solar code.
Any potential security concerns or issues can be sent to security@solar.org This e-mail address is closely monitored and relevant issues are given the highest priority.
With all this attention to detail and scrutiny, it is no surprise to learn that Solar Core is safe, stable and secure.
An appendix of ARK issues and their status can be found in the Security and Analysis report, starting on page 28
If you’ve enjoyed this article give it some claps and follow us here on Medium for more news and updates.
Follow Solar!
Twitter: https://twitter.com/SolarNetwork
Medium: https://blog.solar.org
Telegram: https://t.me/Solar & https://t.me/@Solar_Network
Facebook: https://www.facebook.com/OfficialSolarNetwork
Instagram: https://www.instagram.com/solarnetworkofficial/