github AztecProtocol/aztec-packages v5.0.0

8 hours ago
  ██    ██  ██████
  ██    ██  ██
   ██  ██   ██████
    ████        ██
     ██     ██████

        A Z T E C

v 5 · 0 · 0 — none of the wait, twice the pace, half the gates.

Date: 2026-07-11 · Tag: v5.0.0 · Baseline: v4.4.0 · First stable v5 — supported on testnet AND mainnet

Install: aztec-up install 5.0.0 · Docker: aztecprotocol/aztec:5.0.0

Summary

v5.0.0 is the first stable release of the v5 line and the first Aztec release supported on both testnet and mainnet. It is built around three things. Speed: block production is now pipelined (AZIP-6) — the proposer builds and broadcasts a slot's checkpoint a slot ahead, so attestations and L1 submission are ready when the slot opens instead of eating an idle in-slot wait — cutting user-perceived transaction latency from an average of ~72s to under 6s; epoch proving starts optimistically the moment each checkpoint lands on L1; client-side proving is 2.0–2.5x faster than v4, with client proofs also smaller and cheaper to move; network proving is lighter, with the root rollup circuit roughly half its v4 size; and a separate Solidity Honk verifier optimization cuts epoch-proof verification on L1 by ~44%. Developer tooling: contracts choose message-delivery guarantees explicitly, PXE picks up on-chain contract upgrades automatically, the TXE test runtime runs contract tests in parallel worker threads, and the node/wallet APIs were consolidated and cleaned up. Security hardening: a broad audit-driven campaign closed classes of issues across the P2P layer, consensus, proving and fees, validator signing, and the circuits themselves. v5 is a hard fork from v4: every account and contract address changes, and local PXE state is reset on upgrade — see Breaking changes before doing anything else.

What contract developers should care about

  • Explicit message-delivery guarantees — the new aztec::messages::delivery module lets every note/event .deliver(...) call pick MessageDelivery::offchain(), ::onchain_unconstrained(), or ::onchain_constrained(), each with documented cost/privacy/guarantee trade-offs, plus a .with_sender(...) builder to control the discovery tag (#23875, #23866, #24432).
    • Ships with a handshake registry standard contract supporting interactive and non-interactive handshakes, so two parties can establish message discovery without pre-registering each other (#24473, #23806, #24522).
  • New facts primitive — contracts can record typed, immutable, reorg-safe facts in PXE's local store (record_retractable_fact / record_non_retractable_fact, with automatic pruning of retractable facts on reorg). Partial notes are reimplemented on top of it as an explicit state machine (#24139, #24369).
  • Contract upgrades now "just work" in PXE — PXE no longer tracks a contract's current class; it resolves it from the node on demand. After an on-chain upgrade via the ContractInstanceRegistry, registered instances pick up the new class with no PXE-side action. pxe.updateContract is gone; register the new artifact with registerContractClass instead (#24282).
  • Immutable state committed into the addressContractInstance gains immutablesHash, folded into address derivation, enabling patterns like initializerless accounts and cheap in-circuit access to per-instance immutables; contract_class_id is renamed original_contract_class_id to make the deploy-time/current-class distinction explicit (#23091, #23152, #23512).
  • New TransientArray / TransientValue storage tier — shared across all call frames of the same contract within one top-level PXE call, sitting between EphemeralArray (one call frame) and CapsuleArray (persistent) (#23576, #23982).
  • Faster L2-to-L1 message consumption — the Outbox supports partial-epoch proofs, so portals and bridges can consume messages as soon as a proof covering their checkpoint lands instead of waiting for the full epoch (#14342).
  • Smaller public bytecode — the public dispatch macro deduplicates argument-unpacking code across public functions that share parameter shapes, shrinking bytecode for contracts with many public entry points (#23464).
  • Cheaper passkey verification — the in-circuit ECDSA secp256r1 (P-256 / WebAuthn) verification cost dropped from 72,313 to 45,945 gates (~36% smaller), making passkey-based accounts meaningfully cheaper to prove.
  • Faster contract test runs — the TXE test runtime now bundles its oracle server with esbuild and runs contract simulations across a pool of worker threads sharing one prebuilt contract-class store.
  • Cross-contract utility calls expose msg_sender — a utility function called from another contract can read the caller via self.msg_sender(); top-level utility calls have none (use maybe_msg_sender()).
  • Leaner protocol surface — only ContractClassRegistry, ContractInstanceRegistry, and FeeJuice remain protocol contracts (compacted to addresses 1–3); auth_registry, public_checks, and multi_call_entrypoint are now ordinary standard contracts with new STANDARD_* address constants (#23262).
  • API tightening you will hit when recompilingPrivateContext fields are accessor-only (#24417); L1→L2 message secrets are [Field; N] arrays (#24599); for_each iterates front-to-back and no longer supports mid-iteration removal (#24021); push_nullifier is renamed push_nullifier_unsafe. See Breaking changes.

What node operators should care about

  • Pipelined checkpoint production is now the only mode — the sequencer builds a checkpoint (multiple L2 blocks) per slot, broadcasts the proposal for slot N during slot N-1 so the committee attests ahead of time, and submits to L1 at the start of slot N. The idle wait-for-attestations window is gone — internal measurements put user-perceived transaction latency under 6s, down from an average of ~72s — and the non-pipelined code path was deleted (#23665, #23821, #23809, #24031).
  • Optimistic epoch proving — the prover node was rearchitected around per-checkpoint provers that start gathering transactions and proving their sub-tree the moment a checkpoint lands on L1, rather than when the epoch closes; by epoch end, typically only the top of the proof tree remains. Early-finish submissions that another prover beats resolve as superseded without spending L1 gas (#23552, #24436, #24216, #24051).
  • Halved rollup circuits — the root rollup recursive-verification circuit shrank from 12,998,775 to 6,351,528 gates (-51%), and the in-circuit cost of recursively verifying a client (Chonk) proof from 2,395,106 to 1,368,123 gates (-43%): faster proving and lower memory at every level of the rollup.
  • Cheaper epoch-proof verification on L1 — the gas to verify an epoch proof on L1 dropped from ~3.6M to ~2M (~44% less) via the new gas-optimized ZK-Honk verifier, lowering prover L1 operating costs.
  • Network-wide consensus config is enforced — config values that must match across the network (slot/epoch timing, MAX_BLOCKS_PER_CHECKPOINT, committee size, staking and slashing parameters) are sourced from the network preset, and the node refuses to start if your environment diverges, unless you explicitly set ALLOW_OVERRIDING_NETWORK_CONFIG (#23977).
  • JSON-RPC namespaces renamednode_*aztec_*, nodeAdmin_*aztecAdmin_*, nodeDebug_*aztecDebug_*; the standalone p2p_* namespace folded into the node API (#23909). Update any tooling that used the old prefixes; do not rely on a legacy alias being present.
  • Prover RPC moved behind the admin portprover_startProof and friends now require the admin API key; a new aztec prover start-proof / get-jobs CLI is included (#24189).
  • Database schema bumps — the archiver and PXE stores auto-wipe and resync on first start. HA-signer setups must run aztec migrate-ha-db up --database-url postgresql://... before starting any v5 node (idempotent; run as an init container on Kubernetes). See the forum migration guide.
  • Expanded slashing coverage — new offenses for proposers exceeding the max blocks per checkpoint (#24041), data withholding per AZIP-7 (attesters who cannot produce the txs for their attested blocks within a tolerance window), and checkpoint equivocation between P2P and L1. Several SLASH_* env vars were renamed or removed — check your config.
  • Safer defaults and failure modes — the node shuts itself down rather than following an incompatible canonical rollup upgrade (#24269); world-state queries fail closed instead of serving stale or wrong-fork data (#24563); HA validator signing fails closed on persistence gaps and races that could previously lead to double-signing (#24556, #24565); peer bans persist across restarts (#23922).
  • Lighter RPC responses — tx lookups no longer ship the ~35–52KB proof per transaction unless includeProof: true is passed (#23827).
  • Slasher replacement is time-delayed on L1 — replacing a rollup's slasher now goes through a queue with a 60-day delay (and a 30-day drain window for the outgoing slasher), so validators can exit if they object; the escape hatch is now set-once and validated against the rollup it serves.

What wallet / PXE users should care about

  • Every account address changes — plan for a full reset. Four independent protocol changes each shift addresses (hash-only master keys per AZIP-8, signing-key-rooted derivation, Schnorr's move to Poseidon2, and immutablesHash in address derivation), and the PXE schema bump wipes all local state on first open. Treat the v5 upgrade as: deploy fresh accounts, migrate funds, re-register contracts, re-sync from genesis. Details under Breaking changes.
  • Keys are rooted on the signing key — the signing key is now the derivation root and the privacy secret is derived from it (deriveSecretKeyFromSigningKey); PXE never receives the seed or the message-signing/fallback secret keys, only the four privacy secrets plus public keys. deriveSigningKey is removed (#24439, #24451, #24416).
  • Initializerless accounts — a new Schnorr account variant needs no deployment transaction: the address commits to the signing public key via immutablesHash and the contract state is materialized locally in PXE, so the account is usable immediately. Sandbox test accounts use this by default (#23973, #23962).
  • Smaller client proofs, faster prover bootstrapAztecClientBackend gains compressProof/decompressProof, cutting per-transaction proof serialization for P2P gossip from ~52KB (1,632 field elements) to ~35KB compressed (#21065); the G1 reference string now downloads in compressed form, halving the SRS data a browser or mobile prover fetches before it can start proving (#21112).
  • SQLite everywhere — the default PXE/wallet storage backend is SQLite on every platform; in the browser this means SQLite-OPFS instead of IndexedDB (@aztec/kv-store/sqlite-opfs). Note OPFS takes an exclusive origin-wide lock, so handle the second-tab case in EmbeddedWallet apps (#24179).
  • Note discovery without pre-registration — unconstrained delivery to an external recipient defaults to a non-interactive handshake, so recipients can discover messages without having registered the sender first (at the cost of an on-chain marker derived from the recipient's address) (#24387); sender/shared-secret registration is unified under TaggingSecretSource (#24280).
  • Gas handling is validated up front — wallets reject transactions whose gas limits exceed the network's advertised per-tx admission limit (NodeInfo.txsLimits) before sending, instead of the tx silently never being included (#23947).
  • Cleaner client APIsgetTxReceipt returns a Pending/Dropped/Mined lifecycle union (#23660); getPublicEvents is cursor-paginated so you can actually page through all events (#24324); L2→L1 message witnesses are computed node-side (#23646, #24207); the unchecked AztecAddress constructors carry an Unsafe suffix (#24230).
  • "What if" simulationsimulate() accepts an overrides option to inject public storage values into an ephemeral fork, and a fastForwardContractUpdate helper simulates a full contract-class upgrade without performing one.
  • Custom oracle hookresolveCustomRequest lets a wallet intercept and answer caller-defined oracle requests from contract code (#24409).
  • Wallet SDK integration docs@aztec/wallet-sdk now ships a third-party integration README covering the discovery → key-exchange → encrypted-channel connection model for wallet extensions.

Breaking changes

v5 is a hard fork with no state migration from v4. The consolidated items below cover most of the impact; the full, per-change migration reference is the migration notes and, for operators, the v5 node migration guide.

Every address changes; local PXE state is wiped

Four protocol changes each independently alter account and contract addresses, and they all land at once:

  1. Hash-only master keys (AZIP-8)PublicKeys carries npk_m/ovpk_m/tpk_m only as Poseidon2 hash digests (.npk_m_hash etc.); only ivpk_m remains a curve point. Every address derived from a non-default PublicKeys changes, and the ContractInstancePublished log moves to a version-2, 13-field payload (#23159, #24284).
  2. Signing keys as the derivation root — the privacy secret is derived from the signing key, not the other way around, and two new master keys (message-signing, fallback) join the derivation (#24451, #24348).
  3. Schnorr moves from blake2s/pedersen to Poseidon2 — with a new [Field; 4] auth-witness format. Previously deployed Schnorr accounts cannot be controlled by new client code; ECDSA accounts are unaffected (#21808).
  4. Address derivation v2immutablesHash is folded into the salted initialization hash, and new domain separators harden every Merkle, block-header, and blob hash — which also changes every tree root, genesis constant, and block hash, so regenerate any pinned test fixtures.

Consequently: expect every account and contract address on the network to change. On first open, v5 PXE wipes the entire local database (accounts, contacts, aliases, synced notes) — there is no forward migration. Deploy fresh accounts (previous addresses are not recoverable from the same secret), migrate funds before upgrading where applicable, re-register contracts, and re-sync from genesis. Wallets should surface a "local state was reset" flow to users. The aztec-wallet CLI reflects the new key architecture too: --secret-key/SECRET_KEY becomes --signing-key/SIGNING_KEY, and saved accounts do not carry over.

Pipelined block production changes the protocol's shape

The speed-up pillar is one coherent redesign spanning L1 and the node, and its pieces are individually breaking:

  • Proposer pipelining (AZIP-6) is the sole production mode — the proposer for slot N builds and broadcasts its checkpoint during slot N-1, and the non-pipelined block-building path was removed. (The block→checkpoint rename and multi-block checkpoints predate the v4 line; what is new in v5 is the pipelined timing, not the terminology.)
  • L1 verifies checkpoint headers directlysubmitEpochRootProof takes checkpoint headers instead of a prover-supplied fee array and re-verifies them against stored header hashes (#24190); the Outbox keys roots by checkpoints-covered to support partial-epoch proofs (#14342).
  • The sequencer's sub-slot timetable is always enforced (SEQ_ENFORCE_TIME_TABLE is gone); SEQ_BLOCK_DURATION_MS and MAX_BLOCKS_PER_CHECKPOINT are consensus-critical network values.
  • Proposal and attestation signing moved to EIP-712 typed data under the "Aztec Rollup" domain — anyone running custom signing infrastructure must switch (#22531).
  • The prover node's public JSON-RPC surface shrank and moved to the authenticated admin port (#24189).

Also breaking, in brief

  • Node RPC: namespace renames (aztec_*); unified getBlock/getCheckpoint with an options bag (removes getBlockByHash, getProvenBlockNumber, etc.); log retrieval consolidated to getPrivateLogsByTags/getPublicLogsByTags; tx lookups proofless by default; NodeInfo.txsLimits is required (old clients cannot talk to new nodes).
  • Operator config: ~15 env vars removed, several renamed (notably the SLASH_* family), and diverging from network-consensus values now fails startup. aztec start --archiver/--pxe flags removed (both are embedded in the node).
  • aztec.js / PXE: estimateGas/estimatedGasPadding removed and getGasLimits moved to @aztec/wallet-sdk; AccountWithSecretKey removed; pxe.updateContract removed and registerContract no longer takes an artifact; DeployMethod.send() always returns { contract, receipt, instance }; TxReceipt is no longer a class.
  • Aztec.nr: messages::message_deliverymessages::delivery with constructor-style MessageDelivery modes; PrivateContext fields accessor-only; consume_l1_to_l2_message secrets as arrays; push_nullifierpush_nullifier_unsafe; emit_private_log_unsafe/emit_raw_note_log_unsafe take BoundedVec; MessageContextResolvedTx; for_each iterates in order; standard-contract address constants renamed (STANDARD_*); hand-defined sync_state functions must move to AztecConfig::custom_sync_state (#23446).
  • L1 contracts: Empire slashing model removed — only the (renamed) SlashingProposer remains, and slasherFlavor becomes slasherEnabled (#21830); setSlasher replaced by a queue/cancel/finalize flow with a 60-day delay; escape hatch is set-once; the rewards-claimable gate and "ignition" bootstrap phase are removed (a v5 rollup accepts transactions and pays rewards from genesis); RewardDistributor reworked around earmarked funding (#15991); IOutbox/IRollup ABIs changed as above.
  • Databases: archiver and PXE stores auto-wipe on version mismatch; HA-signer Postgres requires a manual aztec migrate-ha-db up before first start.

Security hardening

Six themes, the result of internal and external audit work across the release cycle:

  • P2P network hardening — stricter validation, framing, and size bounds on gossip and req/resp traffic (ENR fields, message IDs, declared bytecode lengths, response buffering, per-stream rate limiting), closing malformed-input crash and resource-exhaustion vectors (#24214, #24215, #24552, #24553).
  • Consensus and proposer integrity — proposals are validated and bounded at propose time (out-of-range header fields rejected, checkpoint size limits enforced, attestations and archive roots verified before use), with slashing extended to cover violations (#24041, #24247, #24229).
  • Proving and fee soundness — epoch-proof fee accounting is committed to attested checkpoint headers and re-verified on L1, so even a hypothetically unsound proof verifier could not be leveraged to forge fee recipients or amounts (#24190).
  • Validator and HA-signer safety — the high-availability signing path now fails closed on persistence gaps, races, and misconfiguration that could previously open a path to double-signing (#24556, #24565).
  • Kernel and note-handling soundness — circuit-level audit fixes bound and validate private-log squashing and nullifier injection so adversarial inputs cannot produce a valid proof of an invalid state transition, complemented by ZK-masking fixes in the ECCVM and new domain separators on protocol hashes.
  • Input-validation hardening in client and tooling surfaces — schema validation on CLI-supplied artifacts, single-block-pinned L1 reads, and bounds checks on externally supplied buffers and counts (#23919, #23920, #23921).

Technical appendix

Node software

  • Checkpoint-based proposer pipelining replaces per-slot block building; the sequencer proposes for slot N during N-1 and the non-pipelined path is deleted (#23665, #23821, #23809, #23776, #24031). The sequencer-client README was rewritten to document the new design.
  • Prover node redesign: per-checkpoint provers, session manager, and a proof-publishing service supporting optimistic (checkpoint-level) epoch proving and superseded early-finish submissions (#23552, #24436, #24216, #24051); prover RPC moved to the admin endpoint with a new aztec prover CLI (#24189); aborted proving jobs are revivable instead of permanently cached as failed (#24578).
  • New batched Chonk proof verification: a persistent native bb process batches IPA verification into a single SRS MSM with out-of-order result delivery and per-proof bisection on batch failure.
  • Network-wide consensus config enforcement with ALLOW_OVERRIDING_NETWORK_CONFIG escape hatch, plus startup cross-checks against the L1 rollup contract (#23977).
  • JSON-RPC: aztec_*/aztecAdmin_*/aztecDebug_* namespaces (#23909); unified getBlock/getCheckpoint API with typed include-options; log retrieval consolidated to two tag-based methods; tx lookups proofless by default (#23827); getCheckpoint('proposed') semantics tightened.
  • Robustness: world-state queries resolve to concrete (number, hash) pairs and fail closed on sync/fork mismatch (#24563); event-triggered archiver sync cuts block-propagation latency inside the node with polling as fallback (#24317); sequencer start/stop is idempotent, fixing a silent publish-stall after restarts (#24475); auto-shutdown on incompatible canonical rollup upgrades (#24269).
  • Slashing watchers: AZIP-7 data withholding, checkpoint equivocation, broadcasted-invalid-proposal, and oversized-checkpoint offenses (#24041); peer bans persist across restarts (#23922); finalized txs retained for a configurable margin (#24329).
  • The legacy TypeScript merkle-tree package was removed, superseded by the native world-state implementation.

PXE / aztec.js

  • Key management: signing-key-rooted derivation, privacy keys passable/retrievable explicitly, message-signing and fallback keys held as public keys only (#24439, #24416, #24451); initializerless Schnorr accounts (#23973, #23962).
  • Contract-class tracking is dynamic (node-resolved with a cache); registerContractClass/registerContract split (#24282).
  • Tagging/note discovery rewritten on FactStore and TaggingSecretSource (#24369, #24280); non-interactive handshake by default for external recipients (#24387); wallet-resolvable tagging strategy hook (#24040).
  • Storage: SQLite as the default backend everywhere; browser moves to SQLite-OPFS (#24179).
  • API surface: cursor-paginated getPublicEvents (#24324); getTxReceipt lifecycle union (#23660); node-side L2→L1 witnesses (#23646, #24207); gas admission-limit validation and gas-API reshuffle (#23947); AztecAddress Unsafe renames (#24230); simulate() overrides and fastForwardContractUpdate; resolveCustomRequest oracle hook (#24409).
  • Tooling: TXE oracle server bundled with esbuild and parallelized over a worker-thread pool sharing one contract-class store; aztec-wallet accounts rooted on --signing-key; L1 deposit helpers use a 2x gas buffer to survive estimation variance (#24607); aztec-up no longer leaks ~40 transitive npm bins onto PATH (only the seven @aztec/* bins are exposed); @aztec/wallet-sdk integration README.

aztec.nr

  • messages::delivery module: builder-based MessageDelivery with offchain / onchain-unconstrained / onchain-constrained modes and .with_sender(...) (#23875, #23866, #24312, #24432); handshake registry standard contract with interactive and non-interactive flows (#24473, #24522, #23806).
  • facts primitive with retractable/non-retractable records and reorg-safe pruning (#24139, #24289); partial notes as an explicit FSM on FactStore (#24369); discovered handshakes persisted as facts (#24483).
  • TransientArray/TransientValue, built on a shared UnconstrainedArray abstraction with EphemeralArray and CapsuleArray (#23576, #23982).
  • PrivateContext accessor-only API with new get_side_effect_counter()/is_static_call() getters (#24417); push_nullifier_unsafe rename; consume_l1_to_l2_message generic over secret length (#24599); AztecConfig::custom_sync_state hook including full opt-out for stateless contracts (#23446); msg_sender in cross-contract utility calls; MessageContextResolvedTx; LogRetrievalRequest gains source/from_block/to_block filters.
  • Public dispatch codegen deduplicates argument unpacking across same-signature public functions (#23464).
  • Standard-contract reorg: protocol contracts compacted to addresses 1–3; auth_registry, public_checks, multi_call_entrypoint become standard contracts with STANDARD_* address constants and a v4-style pin-build mechanism (#23262); public_checks helpers moved into aztec-nr proper.
  • compute_note_hash_for_nullification made unconstrained (the constrained path for HintedNote was unsound; use compute_confirmed_note_hash_for_nullification for the constrained case); standard note-hash preimage order changed (storage slot first) for easier domain separation.

Cryptography / bb / circuits / AVM

  • Client-side (Chonk) proving is 2.0–2.5x faster than v4 — the HyperNova kernel-folding reductions below, faster Poseidon2 (the Mega-arithmetized permutation drops from 73 to 27 gates), and MSM/allocator gains compound across the client proving stack; client proofs are also smaller and cheaper to move.
  • Circuit-size reductions (pinned constants, asserted against real built circuits). Server-side (network provers): the root rollup 12,998,775 → 6,351,528 gates (-51%) and in-rollup Chonk-proof verification 2,395,106 → 1,368,123 gates (-43%), speeding up network proving and lowering prover memory. (The L1 verification-gas savings are separate — they come from the Solidity Honk verifier optimization, not these circuit-size changes.) Client-side (the user's HyperNova kernels): folding costs down 43–45% (init 24,226 → 13,877; inner 57,418 → 31,289; tail 31,295 → 17,421); the hiding kernel rose 34,341 → 38,940 (+13%), reflecting the proof-compression and masking logic added to that circuit.
  • Chonk (the client IVC scheme, present since v4) received a substantial optimization and hardening pass, including a new BatchedHonkTranslator that batches the hiding kernel's and translator's sumcheck and opening proofs into one joint reduction, eliminating two independent Honk proofs from the final stack.
  • Chonk proof compression in bb.js: point compression + u256 encoding shrink per-transaction proof serialization from ~52KB (1,632 field elements) to ~35KB (#21065); G1 SRS downloads move to a compressed 32-bytes-per-point format, halving prover bootstrap downloads (#21112).
  • Multi-scalar multiplication (Pippenger) fully rewritten: round-parallel scheduling, GLV splitting, signed-Booth SIMD recoding, duplicate-scalar dedup, and batch-affine bucket reduction (#23691 among others). Note: the legacy MSM remains the default in v5.0.0; the new path is opt-in via BB_MSM_NEW (or legacyMsm: false in TS).
  • ECDSA secp256r1 verification circuit reduced 72,313 → 45,945 gates (~36%); ECCVM recursive verifier grew modestly (224,223 → 234,059, +4.4%) as the bounded cost of audit-driven ZK-masking fixes.
  • New gas-optimized ZK-Honk Solidity verifier template alongside the existing non-ZK optimized verifier, cutting on-L1 epoch-proof verification gas from ~3.6M to ~2M (~44% less).
  • New acir_components_check static-analysis tool flags disconnected or unconstrained witnesses by comparing ACIR-side and circuit-side connectivity — targeting the under-constrained-witness bug class.
  • AVM: the in-memory trace container was rewritten lock-free (sharded columns behind atomic pointers), and Shplemini polynomial batching is parallelized across cores — both prover-throughput wins. New in-process bbapi entry points (avm_prove_from_bytes etc.) with per-stage timing stats. Circuit-soundness fix: MSM terms with a zero scalar now still validate the point is on-curve. EC points in AVM bytecode drop the explicit is_infinite operand ((0,0) is infinity). The AVM opcode set itself is unchanged from v4.4.0.

Security

  • The six hardening themes above (P2P, consensus/proposer, proving/fees, validator/HA-signer, kernel/note soundness, input validation) span the node, the L1 contracts, and the circuits; the rc.2 notes carry the itemized operator-facing subset.
  • Defense-in-depth on L1: checkpoint header fields validated as canonical BN254 field elements at propose time and genesis; epoch-proof fees derived from attested, re-verified headers (#24190); proving-cost fee parameter rate-limited (bounded step per 30-day cooldown) so a single governance action or compromised key cannot spike the fee model; staking-queue and reward-booster configs validated against deposit-trapping and double-claim edge cases.
  • Release AVM builds strip internal column/subrelation names; gossipsub message IDs are length-framed; response buffering and per-stream rates are capped in req/resp.

Network / L1 contracts

  • EIP-712 typed proposal/attestation signing under the "Aztec Rollup" domain (#22531); checkpoint header fields validated as canonical field elements at propose time. (The block→checkpoint rename on L1 landed in 2025 and is not a v5 change.)
  • submitEpochRootProof takes ProposedHeader[]; L1 rehashes and verifies each against stored hashes before deriving fees (#24190); Outbox partial-epoch proofs (#14342).
  • Governance safety: slasher replacement queued behind a 60-day delay with a 30-day legacy drain window, and validator exit delay capped so exits never outlast the rotation window; escape hatch set-once and validated against its rollup; setLocalEjectionThreshold removed (construction-time only).
  • Rewards: claimability gate and ignition phase deleted — transactions and rewards from genesis; RewardConfig split into immutable (distributor, booster) and mutable (sequencerBps, checkpointReward) parts; RewardDistributor supports earmarked per-recipient funding and constrained recovery paths (#15991).
  • Slashing: Empire model removed, TallySlashingProposer renamed SlashingProposer (#21830); offense catalog reworked with AZIP-7 data-withholding coverage (#23468, #23436, #23116, #23494).
  • V5UpgradePayload is the one-shot governance proposal (AZUP-2) that moves a live network from v4 to v5: drains the v4 reward distributor into the v5 one, migrates the flush incentive into a v5-bound FlushRewarder, makes the v5 rollup canonical, registers it with the GSE so attesters follow without redepositing, and activates the escape hatch (#23752).
  • Deployment infra: first Ethereum-mainnet environment in spartan (chain id 1, with a WAF policy on the public RPC ingress); KEDA-based prover-agent autoscaling on queue depth, including scale-to-zero (#23554, #23553); validator publisher keys allocated per replica with a schema-v2 keystore format (custom keystore tooling must migrate).

Reference

Don't miss a new aztec-packages release

NewReleases is sending notifications on new releases.