Summary
This is a security release that includes a critical patch to cometbft.
Update Priority
This table provides priorities for which classes of users should update particular components.
| User Class | Priority |
|---|---|
| Payload Builders | Strongly recommended |
| Non-Payload Builders | Recommended |
All Changes
- chore(deps): upgrade to latest cometbft (#3017)
Binaries
| System | Architecture | Binary | PGP Signature |
|---|---|---|---|
| amd64 | beacond-v1.3.6-linux-amd64 | Signature | |
| arm64 | beacond-v1.3.6-linux-arm64 | Signature | |
| arm64 | beacond-v1.3.6-darwin-arm64 | Signature | |
| System | Option | - | Resource |
| Docker | berachain/beacon-kit |
Verifying signatures
Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:
brew install gpgon macapt install gpgon Ubuntu/Debian
Once gpg is installed, import our public key into its database and verify:
- Download signing public key from here.
- Run
gpg --import berachain_release.asc - Verify with
gpg --verify {signature}.sig {binary}.tar.gz - This message is expected:
WARNING: This key is not certified with a trusted signature! - To resolve the warning, trust the key by signing with your own keypair.
gpg --lsign-key <keyid>