Written by | GaryMa, Wu Blockchain
The WuBlockchain summarizes key developments within the blockchain expertise house for March:
Bitcoin
The event principal department of the Bitcoin consumer, Bitcoin Core, has merged the Cluster Mempool replace (PR #34616), which is anticipated to be included sooner or later Bitcoin Core 31.0 model. This improve will redesign how nodes handle pending transactions (mempool) by processing associated transactions in teams to enhance block packaging effectivity and optimize charge calculations for RBF (Exchange-By-Charge) and CPFP (Baby Pays For Mum or dad) transactions. Bitcoin Core 31.0 is anticipated to be launched within the second half of 2026.
Quantum expertise firm BTQ Applied sciences introduced the profitable deployment of the primary useful implementation of Bitcoin Enchancment Proposal BIP-360 on its Bitcoin Quantum testnet (v0.3.0). BIP-360 goals to deal with potential threats from quantum computing to Bitcoin, with its core being the introduction of a brand new output sort referred to as “Pay-to-Merkle-Root” (P2MR) to attenuate the publicity danger of elliptic curve public keys. The proposal was formally merged into the Bitcoin BIP codebase earlier this 12 months.
The Bitcoin community not too long ago skilled a comparatively uncommon two-block reorganization (reorg). Close to block top 941,880, mining swimming pools Foundry USA, AntPool, and ViaBTC shaped two transient fork chains throughout a mining competitors. Subsequently, Foundry USA mined consecutive subsequent blocks, making its chain the principle chain and finishing the reorganization. Researchers acknowledged that such occasions are a traditional a part of the Bitcoin consensus mechanism’s operation and are usually not indicative of an assault or system failure.
Ethereum
Glamsterdam Upgrade: Final L1 scaling and MEV equity. Progress: The event group has been testing on Devnet-5, and a number of other core EIPs have entered “Thought-about for Inclusion” (CFI) standing, with activation anticipated round June.
Hegota Upgrade: Censorship resistance, privateness enhancement, and node slimming. Progress: Body Transactions have been initially deliberate for introduction to help post-quantum cryptography and extra superior account abstraction. Nonetheless, resulting from excessive complexity, they’ve been postponed or streamlined in current growth conferences to make sure that Hegota may be launched on schedule by the top of 2026.
Vitalik Buterin acknowledged that the 2 core instructions for the Ethereum execution layer improve are state tree reconstruction and digital machine changes, aiming to resolve the first bottleneck of proof effectivity. On the state degree, EIP-7864 proposes changing the present hexary Merkle Patricia Tree with a binary tree construction primarily based on extra environment friendly hash features to shorten Merkle branches, scale back bandwidth and proof prices, and optimize storage entry buildings. Relating to long-term course, he proposed step by step changing the EVM with a extra proof-friendly digital machine (equivalent to RISC-V) to enhance execution and ZK-proof effectivity. The transition path might contain first utilizing it for precompiles, then opening contract deployment, and eventually turning the EVM right into a compatibility layer, sustaining backward compatibility whereas solely involving Gasoline price changes.
Ethereum co-founder Vitalik acknowledged that EIP-8141 will full the Account Abstraction improve, introducing a “Body Transactions” mechanism to make options like batch operations, Gasoline sponsorship, and personal funds native protocol capabilities. Vitalik talked about that this improve could also be applied through the Hegota fork inside a 12 months.
Virtuals Protocol introduced that it has co-proposed and launched ERC-8183 (Agentic Commerce) with the Ethereum Basis’s dAI group, aiming to offer an open, permissionless on-chain industrial settlement normal for AI Brokers. The core of this normal is the “Job” primitive: composed of Consumer, Supplier, and Evaluator events, with funds locked in contract escrow and settled in line with an Open→Funded→Submitted→Terminal (Accomplished/Rejected/Expired) state machine; the Evaluator is liable for on-chain affirmation or rejection of deliverables, and associated information can be utilized for composable purposes equivalent to status programs.
Ethereum co-founder Vitalik Buterin launched a brand new quick affirmation rule mechanism for Ethereum on X. This mechanism permits customers to acquire a tough assure that an Ethereum transaction is not going to be reverted (Non-revert) after only one Slot (12 seconds). Vitalik identified that the safety of this rule is predicated on two premises: first, the overwhelming majority of validators are sincere nodes, and second, community latency is decrease than roughly 3 seconds. Though its safety is barely decrease than financial finality, it already gives excessive reliability for a lot of utility situations.
The Ethereum Basis revealed an article outlining the long run ecological imaginative and prescient for L1 and L2. The article notes that L1 will keep its function as the worldwide settlement and DeFi hub, whereas the core process of L2 has shifted from pure scaling to offering differentiated and customised companies. The Basis means that L2s ought to attain at the very least Stage 1 safety requirements and encourages them to evolve towards Stage 2, synchronous composability, and “Native Rollups.” In the meantime, the Ethereum Basis dedicated to persevering with L1 and Blob scaling (at present solely about 30% loaded) and specializing in fixing cross-chain expertise fragmentation attributable to the multi-chain ecosystem.
Ethereum launched its most detailed improve plan ever: seven upgrades, 5 targets, and one large reconstruction. The system that permits all operators to achieve consensus known as the “consensus mechanism”; Ethereum’s present consensus mechanism is functioning usually and has been battle-tested, but it surely was designed for an earlier period, limiting the community’s capability ceiling. No matter privateness scheme Ethereum builds, it should concurrently possess quantum resistance — two troublesome issues that have to be solved collectively. As soon as resolved, a serious impediment to mass adoption will disappear.
Ethereum L2s
Gnosis and Zisk proposed constructing the “Ethereum Financial Zone” (EEZ) framework, aimed toward attaining collaborative operation between the Ethereum mainnet and varied Layer 2 networks via shared infrastructure, decreasing redundant growth and technical friction, and bettering person expertise; the Ethereum Basis has participated in funding the mission. The scheme intends to alleviate Layer 2 ecological fragmentation via a unified execution atmosphere and a default mechanism for paying with ETH.
Polygon introduced the launch of the AI instrument Agent CLI, which helps AI brokers in creating wallets and performing fund transfers and administration on the Polygon chain. It gives features equivalent to token sending, swapping, cross-chain bridging, fiat on-ramps, and stability and transaction historical past queries; it additionally helps registering brokers as on-chain NFT identities with status scores through the ERC-8004 normal and gives HTTP-based x402 micro-payment features, supporting stablecoin funds for Gasoline charges and native key storage.
Optimism introduced that it’s going to cease supporting op-geth and op-program on Could 31, 2026; safety patches and important vulnerability fixes will nonetheless be supplied till then, however new characteristic growth, together with the following Karst arduous fork, will solely happen on op-reth. In the meantime, the fault-proof program for op-program will migrate to kona-client, and present deployments are anticipated to stay usable till the Karst arduous fork.
Solana
Solana governance proposal SIMD-0266 has been handed. Proposed by Anza final 12 months, the proposal introduces a brand new p-tokens mannequin to enhance computational effectivity, which may theoretically improve Solana transaction effectivity by as much as roughly 19 instances. The VP of Expertise on the Solana Basis acknowledged that the improve is anticipated to go stay on the mainnet in April.
The Solana Basis launched a report titled “Privateness on Solana,” proposing a privateness framework for institutional adoption. It argues that the following section of purposes within the crypto business will rely extra on customizable privateness mechanisms fairly than pure transparency. The report proposes 4 privateness modes, together with pseudonymization, confidentiality, anonymity, and full privateness programs, noting that Solana’s excessive throughput and low latency can help privateness applied sciences equivalent to zero-knowledge proofs, satisfying regulatory compliance wants whereas defending transaction information via mechanisms like audit keys or compliance proofs for managed disclosure.
Safety Associated
Safety agency BlockSec re-tested EVMBench and concluded that the benchmark overestimates AI’s automation capabilities in sensible contract auditing. By increasing to 26 mannequin configurations and introducing 22 actual assault occasions that occurred after February 2026 for testing, outcomes confirmed that in 110 units of exams, AI’s success fee in exploiting actual assaults was 0%. Nonetheless, its efficiency in vulnerability detection was near the unique report, with some fashions in a position to determine identified sample vulnerabilities.
In accordance with GoPlus Safety, a brand new sort of malware named Infiniti Stealer is focusing on Mac customers’ crypto wallets. It induces customers to execute malicious code within the terminal through cast Cloudflare verification pages, subsequently stealing browser credentials, macOS Keychain, crypto wallets, and delicate developer data. It additionally possesses stealth capabilities equivalent to sandbox detection and delayed execution. Customers are reminded to not click on on unknown hyperlinks or execute instructions from unknown sources.
In accordance with cybersecurity agency Aikido, the GlassWorm malware not too long ago upgraded, using the Solana transaction memo area as a covert communication channel to acquire C2 directions and implement multi-stage assaults. The trojan horse spreads by impersonating open-source packages equivalent to npm and PyPI, and may steal personal keys, mnemonic phrases, browser cookies, session information, and deploy Distant Entry Trojans (RAT). The assault also can goal {hardware} wallets like Ledger and Trezor by popping up cast interfaces to induce the entry of mnemonic phrases, whereas supporting keylogging, screenshots, and distant command execution. Researchers remind builders to be cautious when putting in dependencies and to confirm package deal sources.
In accordance with safety agency Socket, researchers found 5 malicious npm packages focusing on Ethereum and Solana builders, inducing set up via typosquatting (title impersonation) to steal personal keys and ship them again to attackers through Telegram. 4 of those focused Solana, and one focused Ethereum. The malicious packages hijack key features referred to as by builders, importing personal key information earlier than returning regular outcomes. Researchers have submitted takedown requests to npm and reminded affected personal keys to switch belongings instantly.
Vercel CEO Guillermo Rauch posted {that a} person using Opus 4.6 and OpenClaw for growth skilled a scenario the place an AI Agent, regardless of understanding the proper mission ID, hallucinated a faux GitHub repository ID (repoId) and triggered a deployment through API. Since this random ID occurred to correspond to an actual open-source mission, it resulted in a “deployment offset” of unrelated code on the person’s server. In response, SlowMist CISO 23pds warned that with the popularization of AI Brokers, attacking automated deployment processes via means equivalent to GEO (AI search advertising and marketing) poisoning and AI search offset will grow to be a brand new problem within the safety area.
Safety analysis establishment Ctrl-Alt-Intel disclosed {that a} group of hackers suspected to be associated to North Korea focused staking platforms, alternate software program suppliers, and crypto exchanges. Attackers exploited the React2Shell vulnerability (CVE-2025–55182) and bought AWS entry credentials to breach cloud environments, enumerating assets equivalent to S3, EC2, RDS, EKS, and ECR, and extracting keys and credentials from Secrets and techniques Supervisor, Terraform information, Kubernetes configurations, and Docker containers. Researchers acknowledged that the attackers downloaded 5 Docker photos and stole supply code, together with software program elements associated to ChainUp clients. The assault infrastructure concerned a South Korean server 64.176.226[.]36 and the area itemnania[.]com. The report acknowledged the exercise is per North Korean-linked assault traits, although attribution confidence is medium and the supply of AWS credentials stays unclear.
SlowMist CISO 23pds tweeted that the Python AI gateway library LiteLLM, which has 97 million month-to-month downloads, suffered a PyPI provide chain assault. Attackers can steal delicate data on person gadgets via the pip set up litellm command. Stealable delicate information consists of: SSH keys, cloud service credentials (AWS / GCP / Azure), Kubernetes configuration information, Git credentials, API keys in atmosphere variables, Shell historical past, cryptocurrency pockets data, and database passwords. SlowMist CISO 23pds warned that the LiteLLM vulnerability attackers have already stolen about 300GB of information and roughly 500,000 credentials. He recommends that each one cryptocurrency builders instantly carry out self-checks, rotate related keys and credentials as quickly as doable, and confirm logs, entry information, and delicate information publicity to keep away from critical losses just like the Belief Pockets incident.
SlowMist CISO 23pds issued an alert urging all iOS customers to replace their programs as quickly as doable. In accordance with monitoring, an assault program named DarkSword has been leaked. The core functionality of this program is to extract forensic-grade information from iOS gadgets through HTTP interfaces. In precise assault situations, attackers might induce customers to fall for the lure via social engineering or watering gap assaults, thereby stealing inside information from iPhones or iPads and importing it to a managed server.
Others
The Sui growth group introduced that its new digital machine (VM) has been publicly launched and has opened a bug bounty program, inviting the group to conduct safety critiques earlier than mainnet deployment. This model is a rewrite of the execution layer, introducing per-package caching and next-generation Transfer options; it has accomplished inside critiques and safety audits by establishments equivalent to OSEC and Zellic.
Sui formally introduced that the mainnet has been upgraded to V1.68.1 and the protocol has been upgraded to model 118. The primary content material of this improve consists of enabling the handle aliases characteristic on the mainnet, enhancing metadata safety within the Sui System, and fixing a difficulty the place simulating irregular transactions containing invalid fund withdrawals may trigger full nodes to crash.
Polkadot formally introduced that its issuance mannequin improve formally began on March 14 (Pi Day). This protocol change primarily introduces two core measures: first, establishing a most provide cap of two.1 billion DOT (roughly 80% at present issued); second, decreasing the emission fee of DOT by roughly 53% beginning March 14, with plans for additional reductions sooner or later. Officers acknowledged that these modifications have been proposed by the group and accepted through OpenGov, aiming to restrict long-term issuance, keep incentive mechanisms, and supply a clear, predictable issuance schedule.
Cosmos Labs posted {that a} vulnerability affecting some chains utilizing the Cosmos EVM stack was not too long ago found, involving a characteristic utilized by sure chains, and has already impacted the Saga manufacturing atmosphere. Cosmos Labs acknowledged it has labored with Saga and ecological companions to finish the investigation of the issue, coordinate mitigation measures, and launch restore patches to the related chains.
Brevis at present launched Brevis Vera, a media authenticity certification system powered by zero-knowledge proofs (ZK), used to confirm whether or not revealed photos and movies come from actual gadgets and ensure they’ve solely undergone provable, reliable modifying. The system combines C2PA hardware-level seize signatures with zero-knowledge proofs generated by the Brevis Pico zkVM, thereby constantly sustaining cryptographic proof of media origin all through the modifying course of. Brevis Vera is now stay and helps open-source libraries.
Stacks Labs, the event group for the Bitcoin Layer 2 Stacks, acknowledged that its SIP-034 improve has accomplished mainnet implementation. By optimizing how transaction useful resource limits are dealt with, the community’s “efficient capability” has been elevated by as much as roughly 30 instances in sure DeFi purposes. The improve adjusted the earlier mechanism the place “hitting any useful resource price range cap resets all limits” to solely resetting the precise single restrict that was exhausted, thereby growing out there throughput inside a block. The group acknowledged that the improve doesn’t instantly change STX token economics however might deliver extra transactions and charges as community exercise will increase.
Comply with us
Twitter: https://twitter.com/WuBlockchain
Telegram: https://t.me/wublockchainenglish
