berachain/beacon-kit v1.4.0

BeaconKit v1.4.0

on GitHub

Summary

v1.4.0 is the mainnet-ready Fusaka (Fulu) release for BeaconKit. It bundles the full Fulu fork along with a round of CometBFT security fixes and node API hardening.

• Mainnet Fusaka (Fulu) hard fork. Sets the mainnet Fulu fork time and ships everything the fork requires mentioned in BRIP-0010: effective-balance hysteresis update, EIP-6110 style in-protocol deposit processing, the new Fulu EVM inflation values, and corrected EL genesis configs. All mainnet operators must upgrade to this version before the fork activates.
• CometBFT security fixes. Bumps CometBFT to a version that includes additional consensus-layer fixes, on top of the earlier maxPeerHeight poisoning fix.
• Node API hardening. Bounds previously unbounded user input on the filter and proof APIs (validator index / filter inputs), closing a resource-exhaustion vector.
• Engine & resilience fixes. The engine client now classifies EL HTTP 4xx responses as fatal via a typed HTTPStatusError, and retries on EL connection errors to survive execution-client restarts.
• Performance. Adds a validator set cache to avoid a full state scan in GetValidators.

This version is required for the mainnet Fusaka hard fork occurring at June 24th 16:00:00 UTC (unix 1782316800). The Bepolia testnet fork activated earlier at May 27th 16:00:00 UTC (unix 1779897600).

Update Priority

This table provides priorities for which classes of users should update particular components.

All Changes

• chore(fusaka): set fulu fork time for mainnet (#3120)
• fix(test): fix race on db flaky test (#3087)
• core(cometbft): bump version to include fixes (#3118)
• perf(beacondb): add validator set cache to avoid full scan in GetValidators (#3113)
• chore(node-api): bound validator index user input on proof apis (#3103)
• fix(node-api): unbounded filter input (#3102)
• fix(test): fix rpcErrorProxy race causing flaky ConnectionDrop recovery test (#3117)
• fix(engine): classify EL HTTP 4xx as fatal via typed HTTPStatusError (#3109)
• chore(ci): pin action to sha (#3111)
• chore: do not ignore error on deposits ingestion iterator (#3104)
• chore(go): bump version (#3105)
• chore(fusaka): align bepolia inflation with mainnet (#3101)
• chore(fusaka): Set fulu fork time for bepolia (#3098)
• feat(deposits): Migration to EIP-6110 style processing (#2794)
• chore(fusaka): new evm inflation values (#3097)
• fix(da): guard against nil inner BeaconBlockHeader in BlobSidecar decode (#3096)
• fix(engine): retry on EL connection errors to survive EL restarts (#3090)
• chore(cometbft): bump to include maxPeerHeight poisoning fix (#3088) (#3095)
• chore(fusaka): correct eth genesis configs (#3094)
• chore(gethlib): Add helpful tx data accessors on ethclient (#3093)
• fix(spec): return correct pre fulu hysteresis upward multiplier (#3089)
• feat(chain): implement BRIP-0008 hysteresis update for Fulu fork (#3081)

Binaries

System	Architecture	Binary	PGP Signature
	amd64	beacond-v1.4.0-linux-amd64	Signature
	arm64	beacond-v1.4.0-linux-arm64	Signature
	arm64	beacond-v1.4.0-darwin-arm64	Signature
System	Option	-	Resource
	Docker		berachain/beacon-kit

Verifying signatures

Use gpg to verify the signature on these binary archives. This is important to make sure that the content you've downloaded is legitimate. gpg can be installed with most package managers. For example:

• brew install gpg on mac
• apt install gpg on Ubuntu/Debian

Once gpg is installed, import our public key into its database and verify:

• Download signing public key from here.
• Run gpg --import berachain_release.asc
• Verify with gpg --verify {signature}.sig {binary}.tar.gz
• This message is expected: WARNING: This key is not certified with a trusted signature!
• To resolve the warning, trust the key by signing with your own keypair. gpg --lsign-key <keyid>