Chia Blog

Chia 2.7.2

by Chia Team

Chia 2.7.2 is now available. Please install it at your earliest convenience.

The AI security deluge has crested in the last few months. Whereas the previous four releases each contained critical security fixes as a result of AI research, the security fixes for 2.7.2 have been minor in comparison. That said, this release does once again contain several updates to make the blockchain more secure, so we recommend that everyone upgrade their nodes, harvesters, and wallets.

As with the previous releases, we will publish a post mortem with the details of all security fixes once 2.7.2 has reached widespread adoption.

That said, this release does contain some non-security features, including:

  • Support for aiohttp 3.14.0, which allows users to sync a full node on a slow internet connection such as StarLink in Standby mode
  • Support for Python 3.14
  • New weight proof commitments, which use Merkle Mountain Ranges for easier and faster validation. We will begin using them sometime after the 3.0 fork’s activation
  • PlotNFT v2 drivers, which will be used in the new pooling protocol, expected to become available at the same time as the 3.0 fork
  • New get_constants full node RPC
  • New get_full_node_peer_count wallet RPC
  • New get_fee_estimate wallet RPC, useful for wallets without a local full node connection (we have not updated the fee calculation formulas for this release)

In addition, we are also aware of two outstanding issues:

  1. When building the Electron GUI from source, if you use Node.js version 24.16 or greater, only the first file will be extracted. As a result, the GUI won’t install correctly. This is an issue with Node. We plan to fix this on our end in the next release. Meanwhile, for Chia 2.7.2, Node 24.15 is the newest supported version when installing the GUI from source. This does not affect those of you who install with the packaged installers, or those who use the CLI only.
  2. In 2.7.1, we fixed a bug that prevented the GUI from loading properly. However, the issue still exists for confirmation dialogs in the Linux GUI. As a result, when performing operations such as sending funds, creating offers, etc, a timeout will occur. This only affects Linux, and it affects both 2.7.1 and 2.7.2. We will fix this issue in the next release. As a workaround, Linux users can continue to use the CLI and RPC for the aforementioned operations.

Over the next few months, we will continue to fix security issues as they come in. We will also make our final push toward the 3.0 hard fork release. Thanks for bearing with us as we (along with everyone else in the software industry) react to this year’s extraordinary advancements in AI security research.