BeaconKit v1.1.3

Summary

v1.1.3 fixes syncing issues in a couple of ways:

• v1.1.3 restructures Consensus Layer and Execution Layer communication to keep them in lock-step. Now every RPC communication issue among them will result in a BeaconKit termination BUT being their states in sync you can easily restart any time and keep going.
• v1.1.3 adds a scripts/rollback_cl.sh utility to restore synchrony among Consensus Layer and Execution Layer, in case e.g. you start from a misaligned state (CL tip is ahead of EL tip)

Context on Syncing Issues

BeaconKit 101: there are two processes, BeaconKit itself, acting as Consensus Layer and any EL (mostly unforked Geth and Reth) acting as Execution layer. These two processes can fall out of sync in a way that makes syncing a node a pretty frustrating procedure. Some findings and recommendations for operators running Geth and Reth ELs are below.

Syncing Geth

Make sure to specify --syncmode=full among your flags. This will inform your EL that no snap sync is available so that it won’t waste time with it (snap is default in Geth).

Syncing Reth

We recommend that, while syncing a node, you add the following configs:

--engine.persistence-threshold 0
--engine.memory-block-buffer-target 0

You don’t need to keep the once the node has completed sync, but they make resuming syncing, or syncing from genesis more robust. If you are curious about these flags, here is a deeper explanation:

• Reth does not immediately store on disk every block it received from its consensus layer: by default, only block up to tip’s grandparent (tip - 2 blocks) are persisted. This is fine in Ethereum, since usually blocks are finalised way later than they are marked as latest (aka tip) by the Consensus layer, and it definitely offers some performance. However this is risky with Berachain, where you enjoy the single block finality offered by CometBFT. The default config guarantees that Reth will forget the tip’s parent, a finalized block, in case of shutdown, even if graceful. This is not acceptable in BeaconKit v1.1.3, so we use the flags above to make sure blocks are duly stored.
• Strictly speaking you don’t need those flags under normal operations. However your Consensus Layer and Execution Layer will fall out of sync even in case of a graceful shutdown. You can now use the scripts/rollback_cl.sh utility to recover synchrony and restart the system!

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Recommended
Non-Payload Builders	Strongly Recommended

All Changes

• fix(node-api): Fix param in validator endpoint (#2539)
• fix(API): fix slot selection in validator API (#2538)
• chore(testing): modified start-reth to enforce persistence (#2536)
• Add new script for rollbacking CL to EL height (#2498)
• chore(testing): modified start-geth to enforce syncmode full (#2535)
• chore(networks): add bepolia testnet (#2532)
• Ask to delete EL data dir on make start-[client] (#2479)
• Improvements to signal handling (#2379)
• add a mainnet launch target to vscode (#2386)
• fix(testnet): Activate Deneb1 for EVM inflation (#2528)
• chore(config): activate bera minting on testnet since block 1 (#2527)
• chore(ci): Set go version to 1.23.5 in release workflow (#2525)
• fix(engine api): [2/3] Add force head in FinalizeBlock (#2488)
• fix(engine api): [1/3] error on engine API errors (revive #2485) (#2508)
• fix(node-api): Implement validators endpoint filtering properly (#2467)
• fix(blobs): cleanup logging and node-api handling of blobs (#2486)
• fix(errors): Ignore requests Txs + RPC Error Handlings Fixes (#2517)
• chore(state-transition): cleaned up state in state-transition UTs (#2518)
• chore(engine): splitted up NotifyAndVerifyNewPayload (#2495)
• chore(types): Fix error type and clean up interface definition (#2515)
• fix(state-processor): stricter timestamp enforcement on execution-payload (#2512)
• fix(types): avoid panic on unmarshalling of empty inputs (#2511)
• Revert "fix(engine api): [1/3] error on engine API errors (#2485)" (#2507)
• do not reject PRs based on missing period in a comment (#2504)
• chore: Cleanup devtools.mk make targets (#2421)
• Fix broken CI due to using newest go version which is not supported b… (#2505)
• Merge pull request #2470 from berachain/02-04-explicitly_set_bash_shell_in_kurtosis_makefile
• Merge branch 'main' into 02-04-explicitly_set_bash_shell_in_kurtosis_makefile
• fix(engine api): [1/3] error on engine API errors (#2485)
• chore(generics): Remove Generics from Node Builder (#2500)
• fix(cli): unlocking rollback (#2478)
• chore(e2e): Initialize finalBlockNum before wait loop in WaitForFinalizedBlockNumber (#2494)
• refactor(depinject): Replace Concrete CometBFT implementation with Interface (#2487)
• fix(ci): Update Test Configs to work with new Geth version (#2489)
• chore(networks): 80094 network configs (#2484)
• refactor(cli): Refactor CollectGenesisDeposits to be callable from runtime (#2464)
• chore(state-transition): flipped transaction context attributes logic (#2451)
• Build Process - Fix Linux arm64 (#2475)
• Explicitly set bash shell in Kurtosis Makefile

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.1.3-linux-amd64	Signature
	arm64	beacond-v1.1.3-linux-arm64	Signature
	arm64	beacond-v1.1.3-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>

BeaconKit v1.1.2

Summary

Critical security fixes in this release include:

• Harden timestamp validation of EL payload
• Prevent potential panics and node halts while decoding data

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Strongly Recommended
Non-Payload Builders	Strongly Recommended

All Changes

• chore(networks): 80094 network configs (#2484)
• Fix broken CI due to using newest go version which is not supported b… (#2505)
• fix(types): avoid panic on unmarshalling of empty inputs (#162)
• fix(state-processor): stricter timestamp enforcement on execution-payload (#160)
• do not reject PRs based on missing period in a comment (#2504)
• fix(ci): Update Test Configs to work with new Geth version (#2489)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.1.2-linux-amd64	Signature
	arm64	beacond-v1.1.2-linux-arm64	Signature
	arm64	beacond-v1.1.2-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>

BeaconKit v1.1.1

Summary

BeaconKit 1.1.1 fixes ASA-2025-001 and ASA-2025-002, which could lead to a network halt. Moreover it hardens some checks around deposits and blobs processing.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Recommended
Non-Payload Builders	Recommended

All Changes

• chore(comet): bumped cometBFT version (#2474)
• fix(blob): hardened blob checks (#2473)
• chore(deps): bumped go version to 1.23.5 (#2472)
• chore(kurtosis): Clean up Kurtosis and Support for Cloud Deployments (#2401)
• chore(logger): Drop logger generic (#2460)
• chore(types): Cleanup unused types/funcs and expose Service Registry (#2440)
• chore(api): Dropped node api context generic (#2456)
• fix(ci): Speed up CI, Add t.Parallel and Fix Test Parallelism Issue (#2459)
• chore(ci): make e2e-test run manual (#2453)
• Revert "chore(ci): add manual run/approval for e2e tests (#2447)" (#2452)
• chore(ci): add manual run/approval for e2e tests (#2447)
• chore(types): Introduce canonical sorting of common.Version (#2437)
• refactor(deposit-storage): Refactor set-deposit-storage and execution-payload to be callable in Runtime (#2446)
• refactor(deposits): Modularize Deposit Command for Easier Testing in Runtime (#2443)
• fix(engineAPI): error on ACCEPTED payload status (#2439)
• upgrade geth depdency from 1.14.7 to 1.14.13 (#2444)
• fix(flags): Fix Payload Builder Flags (#2442)
• chore(block-builder): a few minor cleanups (#2412)
• chore(types): Remove abstraction for Gwei (#2433)
• fix(deposits): Enforce deposit inclusion (#2407)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.1.1-linux-amd64	Signature
	arm64	beacond-v1.1.1-linux-arm64	Signature
	arm64	beacond-v1.1.1-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>

BeaconKit v1.1.0

Summary

BeaconKit v1.1.0 unlocks minting of BERA tokens towards the BGT contract.
The activation must be coordinated across validators, so it requires a hard fork.
Validators are required to upgrade their binaries before start of epoch 2855.

BeaconKit v1.1.0 also introduces a new command, deposit validator-keys, to ease up validators key display.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Required
Non-Payload Builders	Required

All Changes

• feat(cli): Tool to display all formats of public key (#2426)
• chore(forks): Deneb1 Values (#2425)
• [5/n] refactor(spec): introducing fork version activated specs based on slot (#2424)
• [4/n] refactor(chain-spec): handling values for planned fork upgrades (#2423)
• chore(e2e): Add verification during deposit e2e test (#2398)
• [3/n] refactor(version): Simplify usage of version type (#2427)
• Remove uses of context.Background() (#2376)
• chore(genesis deposit) : Change in local network setup with single node (#2402)
• chore(update deps): update uint256 package v1.3.2 (#2416)
• Revert "update uint256 package"
• update uint256 package
• fix(initchain): Enforce stricter handling on InitChain Requests (#2413)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.1.0-linux-amd64	Signature
	arm64	beacond-v1.1.0-linux-arm64	Signature
	arm64	beacond-v1.1.0-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>

BeaconKit v1.0.1

Summary

BeaconKit v1.0.1 brings some improvements to node operations. Specifically:

• it improves deposits DB, so to ensure deposits persistence even in case of ungraceful shutdowns;
• it cleans up some metrics to improve their correctness;
• it fixes a bug which causes CLI to report the wrong genesis validator root;

BeaconKit v1.0.1 is fully backward compatible.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Recommended
Non-Payload Builders	Recommended

All Changes

• 2/2 chore(cli): improve tooling around deposits (#2392)
• fix(cli): beacond deposit validate had wrong number of args (#2397)
• feat: print results from create-validator in json for easier parsing (#2391)
• chore(kurtosis): kurtosis setup to get deposit contract storage slots and fill genesis files (#2383)
• Fix - Release workflow (#2395)
• 1/2 fix(cli): Align genesis validator-root cmd with processing of genesis validators (#2393)
• feat(api): add debug endpoint to beacon API (#2387)
• chore(engine): Remove Unused Errors and Functions (#2384)
• Wrap pebble DB to use SetSync always with deposit store. (#2381)
• fix: handle sigterm properly in case genesis is in the future (#2380)
• fix(execution-client): duplicated payload duration metric (#2367)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.0.1-linux-amd64	Signature
	arm64	beacond-v1.0.1-linux-arm64	Signature
	arm64	beacond-v1.0.1-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>

BeaconKit v1.0.0

Summary

BeaconKit v1.0.0 represents the first production-ready version of BeaconKit.

It is the result of multiple rounds of security audits and extensive testing. It contains every bug fix, code cleanup and performance optimization we have been able to build and verify so far.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Priority
Payload Builders	Required
Non-Payload Builders	Required

All Changes

• chore(README): cleanup (#2374)
• chore(state-transition): allow validators with non-eth1 withdrawal creds to stake (#2373)
• chore(license): Update LICENSE to 2025 (#2372)
• fix(state-transition): Correctly enforce deposits length to avoid panics (#2369)
• fix(state-transition): Deposit's signature domain must be fork-agnostic. (#2364)
• fix(consensus): validate block slot (#2368)
• LICENSE: Update change date and contact info (#2351)
• Merge pull request #2365 from berachain/harden-consensus-txs-check
• explicitly check consensus txs count
• chore(scripts): fix docker push to public ghcr (#2363)
• Merge pull request #2362 from berachain/rebase-beaconkit-internal
• Merge remote-tracking branch 'origin' into rebase-beaconkit-internal
• chore(codeowners): use team for codeowners file (#2345)
• fix(state-transition): Correctly enforce local validation of beacon block deposits (#142)
• Release Workflow - Sign Build Artefacts (#141)
• Revert "nit"
• nit
• chore(codeowners): use team for codeowners file (#2345)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.0.0-linux-amd64	Signature
	arm64	beacond-v1.0.0-linux-arm64	Signature
	arm64	beacond-v1.0.0-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

v0.6.2

Summary

This includes a consensus BREAKING change to Boonet that is NOT backwards compatible.

Effective changes to validator set processing are:

• The min stake (or EjectionBalance) is now set to 250k BERA
• The EffectiveBalanceIncrement (not the same as minimum deposit amount on the execution layer deposit contract) is now set to 10k BERA

Breaking

This version is NOT fully compatible with bArtio. The last stable release recommended for Bartio is v0.2.0-alpha.8.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Bartio	Boonet	General
Payload Builders	Forbidden	Required	None
Non-Payload Builders	Forbidden	Required	None

All Changes

• chore(boonet): min stake upgrade on boonet fork 4 (#2333)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v0.6.2-linux-amd64
	arm64	beacond-v0.6.2-linux-arm64
	arm64	beacond-v0.6.2-darwin-arm64
System	Option	-	Resource
	Docker		berachain/beacon-kit

v0.7.0

Summary

This includes code refactoring and new consensus BREAKING changes to Boonet that are NOT backwards compatible.

• Upgrades cosmos-sdk dependency to v0.52.0
• Using BLS keys from the upstream CometBFT library
• Enforces verification of all historical deposits in CL beacon state (requires all nodes to maintain a full unpruned set of EL deposits)
• Partial removal of generic types throughout the codebase
• Miscellaneous code cleanup

Breaking

This version is NOT fully compatible with bArtio. The last stable release recommended for Bartio is v0.2.0-alpha.8.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Bartio	Boonet	General
Payload Builders	Forbidden	Forbidden	None
Non-Payload Builders	Forbidden	Forbidden	None

All Changes

• chore(test): readme for e2e-test (#2316)
• fix: timeout_commit defaults to 0 in init (#2312)
• Add make lint-ci which runs all CI linters (#2314)
• chore(blobs): remove Len, GetSidecars, and Get from BlobSidecars (#2313)
• chore(state): use passed in context from comet during process proposal verification (#2311)
• fix(blobs): Validate sidecar KzgCommitments and disallow sidecar omission (#2291)
• chore(blobs): Validate Index field in BlobSidecar during processing (#2289)
• 10/n Remove BeaconBlockT and BeaconStateT generic types (#2297)
• Enable nilaway on CI and remove build tags from linters (#2310)
• Merge pull request #2309 from informalsystems/alesforz/bls-type-is-ptr
• 9/n Remove PayloadIDT generic type (#2293)
• 8/n Remove BlobSidecarT and BlobSidecarsT generic type (#2307)
• Updated go.mod and go.sum to pull latest version of cometbft.
• chore(all): update cosmos-sdk deps (#2221)
• chore(state): cleanup deposits special casing (#2304)
• feat(state-transition): add deposits root to beacon state (#2296)
• appease nilaway
• fix: remove err check for nil to address nilaway false positive
• Remove PayloadAttributesT generic type
• chore(blobs): parallelize blobSidecar header checks (#2286)
• chore(blobs): Cleanup configurable constants for BlobSidecars (#2262)
• 6/n Remove slashinginfo and slotdata (#2284)
• Moved common types back to common package
• Remove BeaconBlockBodyT generic type
• 3/n Remove ExecutionPayloadHeaderT generic type. (#2273)
• 2/n Remove ExecutionPayloadT generic type (#2272)
• 1/n Remove ExecutionAddressT generic type (#2266)
• chore(da): fix broken UT (#2278)
• Support for signed beacon block header and signature verification (#2245)
• fix(blockchain): sequential blob Persist() DB writes (#2258)
• chore(blockchain) : non optimistic client should not request build optimistically (#2240)
• chore(deps): bump github.com/quic-go/quic-go from 0.48.1 to 0.48.2 in the go_modules group (#2217)
• nits (#2016)
• chore(deps): bump github.com/go-playground/validator/v10 from 10.22.0 to 10.23.0 (#2215)
• chore(deps): bump github.com/protolambda/zrnt from 0.32.2 to 0.32.3 (#2213)
• chore(deps): bump github.com/phuslu/log from 1.0.110 to 1.0.113 (#2212)
• 6/n: Remove WithdrawalT generic type (#2264)
• 5/n: Remove ValidatorT generic type (#2263)
• 4/n: Remove DepositT generic type (#2260)
• 3/n: Remove AttestationDataT generic type (#2259)
• 2/n: Remove ForkT generic type (#2257)
• 1/n: Remove ForkDataT generic type (#2256)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v0.7.0-linux-amd64
	arm64	beacond-v0.7.0-linux-arm64
	arm64	beacond-v0.7.0-darwin-arm64
System	Option	-	Resource
	Docker		berachain/beacon-kit

v0.6.1

Summary

Includes a state machine fix to handle backwards compatibility of validator effective balances.

Breaking

This version is NOT fully compatible with bArtio. The last stable release recommended for Bartio is v0.2.0-alpha.8.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Bartio	Boonet	General
Payload Builders	Forbidden	Required	None
Non-Payload Builders	Forbidden	Required	None

All Changes

• fix(state-transition): make EffectiveBalance update backward compatible (#2261)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v0.6.1-linux-amd64
	arm64	beacond-v0.6.1-linux-arm64
	arm64	beacond-v0.6.1-darwin-arm64
System	Option	-	Resource
	Docker		berachain/beacon-kit

v0.6.0

Summary

This includes code refactoring && new features that are consensus BREAKING changes to boonet

• Validator set epoch handling
• Enforce validators eth1 credentials
• Reduced non-determinism from state machine scope
• Sidecar processing hardening
• Miscellaneous internal refactoring

Breaking

This version is NOT fully compatible with bArtio. The last stable release recommended for Bartio is v0.2.0-alpha.8.

Update Priority

This table provides priorities for which classes of users should update particular components.

User Class	Bartio	Boonet	General
Payload Builders	Forbidden	Required	None
Non-Payload Builders	Forbidden	Required	None

All Changes

• chore(docs) added some docs around validation (#2248)
• Remove WithdrawalCredentialsT generic type (#2254)
• chore(boonet): Fork 3 handling (#2250)
• Remove Eth1DataT generic type (#2251)
• Fix - Permission error in E2E Testing (#2246)
• Remove BeaconBlockHeaderT generic type (#2243)
• increase lint max line-length (#2178)
• fix(blockchain): remove reachable panic in blobsidecar processing (#2244)
• Gracefully stop services on SIGTERM and SIGINT signals (#2239)
• Inherit req ctx when saving state (#2241)
• Move smaller services into BlockchainService (#2220)
• Build errors now show correct file names (#2242)
• bug(validator): Serialize StateRoot computation and sidecar production (#2237)
• fix(state-transition): enforce valid eth1 withdrawal credentials (#2231)
• feat(state-transition): make validators epochs handling close to Eth2.0 specs (#2226)
• chore: fix some function names in comment (#2229)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v0.6.0-linux-amd64
	arm64	beacond-v0.6.0-linux-arm64
	arm64	beacond-v0.6.0-darwin-arm64
System	Option	-	Resource
	Docker		berachain/beacon-kit