This includes an unreleased patch to the IBC related vulnerability described in https://forum.cosmos.network/t/ibc-security-advisory-dragonberry/7702.
Please upgrade your node ASAP to avoid node halt, and do not build the binary yourself, as the release binaries contains the fix without disclosing the locations of the bug
The upgrade operation should be a simple binary replacement at the upgrade height:
- Stop the running certik daemon
- Replace the binary (v2.4.0) with the v2.5.0 version.
- Start the daemon with the new binary.
The above steps are sufficient to perform this upgrade.
Make sure you do NOT perform the below operations:
certik unsafe-reset-allor delete the data directory, as it will require you to sync from the beginning of shentu-2.2 network.- Replace the binary before the upgrade height. It will corrupt your database and you will have to either download the snapshot at https://shentu-data-snapshot-light.s3.amazonaws.com/shentu.tar.gz or sync from the beginning of shentu-2.2 network.