Summary
This release includes a critical fix for blob sidecar ordering during payload caching, new CometBFT API endpoints, improved RPC error handling, and several CI/infrastructure improvements.
Bug Fixes
- fix(payload): correctly order sidecars when caching valid payload envelope (#3050) -> Fixes an issue where blob sidecars could be incorrectly ordered when a valid payload envelope was cached during
ProcessProposal, which could lead to blob verification failures on re-proposal. - fix(rpc): error handling (#3029) -> Improves error handling in the execution client RPC layer.
- fix(cli): prevent
~/.beacondcreation when--homeis specified (#3016) -> The default~/.beaconddirectory was being created even when a custom--homepath was provided.
Features
- feat(node-api): add CometBFT block and header accessors (#3020) -> Adds new REST API endpoints for querying CometBFT blocks and signed headers, with full test coverage and e2e tests.
Infrastructure & Maintenance
- chore(geth): introduce bera-geth modified types (#3022) -> Introduces bera-geth-specific modified types into the codebase.
- chore(go): update to 1.25.7 (#3019) -> Go toolchain bump.
- network chores -> Updated mainnet seeds (#3018), Bepolia EL peers/bootnodes (#3033), and Bepolia CL seeds (#3034).
CI
- Replace Dependabot with daily govulncheck and dependency tests (#3032)
- Always run e2e tests without manual approval (#3037)
- Read Go version from
go.modinstead of hardcoding in CI and Docker (#3036) - Only post Codecov comment when coverage changes (#3038)
Update Priority
| User Class | Priority |
|---|---|
| Payload Builders | High |
| Non-Payload Builders | Medium |
All Changes
- fix(release): correct import of gpg key on macos for signing (#3056)
- fix(payload): correctly order sidecars when caching valid payload envelope (#3050)
- chore(geth): introduce bera-geth modified types (#3022)
- Update top level README.md (#3035)
- chore: only post codecov comment when coverage changes (#3038)
- ci: always run test-e2e and remove need for manual approval (#3037)
- chore: read Go version from go.mod instead of hardcoding it in CI an Docker (#3036)
- CI: Replace dependabot with daily govulncheck and dep tests (#3032)
- 🔧 chore(testing/bepolia): update cl-seeds (#3034)
- chore(testing/bepolia): update el peers and bootnodes (#3033)
- fix(rpc): error handling (#3029)
- feat(node-api): add cometbft block and header accessors (#3020)
- 🔧 chore(networks/mainnet): update seeds in config (#3018)
- chore(go): update to 1.25.7 (#3019)
- fix(cli): prevent ~/.beacond creation when --home is specified (#3016)
Binaries
| System | Architecture | Binary | PGP Signature |
|---|---|---|---|
| amd64 | beacond-v1.3.7-linux-amd64 | Signature | |
| arm64 | beacond-v1.3.7-linux-arm64 | Signature | |
| arm64 | beacond-v1.3.7-darwin-arm64 | Signature | |
| System | Option | - | Resource |
| Docker | berachain/beacon-kit |
Verifying signatures
Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:
brew install gpgon macapt install gpgon Ubuntu/Debian
Once gpg is installed, import our public key into its database and verify:
- Download signing public key from here.
- Run
gpg --import berachain_release.asc - Verify with
gpg --verify {signature}.sig {binary}.tar.gz - This message is expected:
WARNING: This key is not certified with a trusted signature! - To resolve the warning, trust the key by signing with your own keypair.
gpg --lsign-key <keyid>