SSV Node v2.3.3
This release upgrades the node to Go 1.24, ships official AMD64 + ARM64 Docker images, includes bugfixes and optimizations.
introduces ssvsigner — a remote-signer component for separating operator keys and validator shares from the node.
NOTE: this version includes a database migration that is not backward compatible so downgrading requires erasing the database.
Docker image
docker pull ssvlabs/ssv-node:v2.3.3
Upgrade priority
| Network | Priority |
|---|---|
| Mainnet | 🔴 Required (Default GasLimit Fork: Aug-09-2025 06:40:23 AM UTC) |
| Hoodi | 🔴 Required (Default GasLimit Fork: Jul-24-2025 09:30:00 AM UTC) |
Technical context
- Tool-chain — Migrated to Go 1.24; replaced
golang.org/x/exp/{maps,slices}with std-lib equivalents. - Database —
Sharetable now includes anexit-epochcolumn. This fixed a bug where exited validators that are elligbile for sync-committee duties weren't performing. - Docker — Official images built for AMD64 and ARM64; cross-compile issues in
Dockerfile.multiarchresolved. - Network config —
- Full Sepolia profile (genesis, boot-nodes)
- Remote signer —
ssvsignerintroduced with TLS endpoints and a complete setup guide
indocs/ssvsigner/README.md(Docker-compose examples included).
🚀 Features
- Sepolia network support (
networkconfig) - New component —
ssvsignerremote signer - Sync-committee duties for exited validators
- New observability metrics: Doppelganger, round-change, exec-client
- Increased tests coverage
- A few optimizations and bugfixes
🐛 Bug fixes
- Correct total consensus-time logging (two patches)
- Prevent panic on random P2P subnet initialisation
- Stabilised flaky tests in scheduler, discovery and exec-client
- Validator Exit now using header only for getting block time. (#2370)
- fix HostDNS flag usage #2133
🔒 ssvsigner
Full audit report: audits/ssv-signer-final.pdf
SSV-Signer is a remote-signer component that allows you to delegate your operator keys and validators shares to a remote server. It is designed to be secure, reliable and easy to use.
Key Features:
- Audited security: Comprehensive security audit with formal report
- TLS encryption: Secure communication between node and remote signer
- Flexible deployment: Support for various deployment scenarios
- Docker integration: Ready-to-use Docker-compose configurations
- Configuration management: Environment-based configuration with validation
Setup Options:
- Local mode: Traditional local key management (default) (not using remote signer)
- Remote mode: Secure remote key management with TLS
Read more about it and setting it up in the docs.
Default GasLimit update to 36
Default GasLimit used for MEV registrations will be updated to 36mil in the following epochs:
Hoodi Epoch: 29000, // Jul-24-2025 09:30:00 AM UTC
Mainnet Epoch: 385150, // Aug-09-2025 06:40:23 AM UTC
NOTE: It's required for all operators in a cluster to be updated to keep creating MEV blocks after the fork epoch. This does not affect operators who use the EXPERIMENTAL_GAS_LIMIT flag.
Notes
- Go version: Requires Go 1.24 or higher
- Database: Automatic migration from previous versions
- Network: Compatible with all supported networks (Mainnet, Hoodi, Sepolia)
- Docker: Multi-architecture support (AMD64, ARM64)
What's Changed
- refactor: standarize env variable descriptions by @kchojn in #2064
- feat(networkconfig): Sepolia support by @MatusKysel in #2050
- fix: misleading error msg by @MatusKysel in #2097
- linter: update golangci-lint to v2 by @nkryuchkov in #2099
- fix: (committee.go) log correct total consensus time by @y0sher in #2103
- fix: (p2p) init random subnets to prevent crash on random subnets. by @y0sher in #2104
- update sepolia's bootnode address by @MatusKysel in #2109
- chore(storage/api): increase test coverage 1/2 by @kchojn in #2094
- fix(duty-scheduler): flaky
TestScheduler_Committee_Early_Block_Attester_Onlyby @olegshmuelov in #2079 - differ: add unit tests by @moshe-blox in #1574
- refactor(ValidatorRegistration): simplify & optimize submission by @iurii-ssv in #2030
- chore(future): use go 1.24 tool by @anatolie-ssv in #2016
- update hoodi-stage bootnode addr by @MatusKysel in #2118
- fix(api/handling.go): restore direct renderer invocation in Handler by @kchojn in #2120
- chore(metrics): measure save participant store by @anatolie-ssv in #2033
- chore: format code and imports with goimports by @iurii-ssv in #2045
- feat(metrics): add
Doppelgangerobservability metrics by @olegshmuelov in #2090 - Update hoodi-stage contract address by @andrew-blox in #2129
- feat(share exit-epoch): Add new field "exit-epoch" to Share data structure and database by @oleg-ssvlabs in #2001
- message-validation: graceful validation locks management by @iurii-ssv in #1840
- feat: add metric for tracking round changes by @kchojn in #2078
- chore: remove unused
Balancefield fromValidatorMetadataby @olegshmuelov in #2135 - benchmarks: go vs openssl rsa implementations by @iurii-ssv in #2137
- feat: Add AMD64/ARM64 docker support by @kchojn in #2101
- fix (logs): corrent total consensus time calculation by @y0sher in #2138
- fix: approve spec alignment by @moshe-blox in #2146
- chore: migrate from golang.org/x/exp/{maps,slices} to stdlib (go 1.24) by @kchojn in #2071
- chore(ai): add
.cursorrulesby @moshe-blox in #2087 - networkconfig: delete unused genesis epoch by @nkryuchkov in #2154
- api/handlers: remove unused NetworkConfig from exporter handler by @nkryuchkov in #2158
- refactor(beacon/goclient): move beacon options from protocol/v2/blockchain/beacon by @nkryuchkov in #2152
- refactor(beacon/goclient): remove unused operatorDataStore by @nkryuchkov in #2157
- refactor(networkconfig): split beacon and ssv configs by @nkryuchkov in #2144
- bugfix: add workaround for incorrect prysm behaviour on proposal by @MatusKysel in #2159
- feat(sync-committee) - Execute SyncCommittee duties for Validators in Exit state by @oleg-ssvlabs in #2061
- fix(compilation error): remove unused import by @oleg-ssvlabs in #2167
- feat: reject messages from removed operators by @kchojn in #2084
- refactor(discovery): remove unused network config from forkingDV5Listener by @nkryuchkov in #2163
- bugfix: add missing lock on bumping nonce by @MatusKysel in #2168
- ssv-signer support by @nkryuchkov in #2028
- eth/executionclient: multi client metrics by @nkryuchkov in #2139
- fix(ssvsigner): linter and tests by @nkryuchkov in #2171
- feat(ssvsigner): tls support by @kchojn in #2151
- chore(eventhandler): remove unused beacon node attribute by @anatolie-ssv in #2177
- Stage <- Main by @iurii-ssv in #2179
- Stage <- Main (2) by @iurii-ssv in #2180
- Main <- Stage by @y0sher in #2175
- feat(committee/observer): use a dedicated cache to identify repeated computations by @anatolie-ssv in #2141
- fix(network/discovery): Correct
HostDNSusage in discovery service by @kchojn in #2133 - fix(protocol/v2/ssv): remove duplicate fields in Aggregator Runner log by @kchojn in #2131
- eth/executionclient: log on connection attempt by @nkryuchkov in #2186
- fix(eth/executionclient): flaky TestFetchLogsInBatches when startBlock > endBlockRetry by @kchojn in #2162
- network/discovery: cleanup fork leftovers in tests by @nkryuchkov in #2185
- beacon: clarify & optimize voluntary exit domain handling by @iurii-ssv in #2166
- chore(codecov.yml): update ignore patterns to exclude all mock, metrics.go, migration files by @kchojn in #2140
- fix(Dockerfile.multiarch): Cross-compilation wasn't producing correct architecture binaries by @kchojn in #2191
- chore: docker fixes by @MatusKysel in #2195
- stage-main arm64 hotfix by @y0sher in #2193
- Configures Renovate to use the stage branch by @zktaiga in #2207
- Fix renovate config reference by @zktaiga in #2212
- Extends renovate configuration by @zktaiga in #2231
- test(protocol/v2/ssv/validator/committee_queue_test.go): verify the functionality of handling messages in a committee queue by @kchojn in #2199
- Hotfix v2.3.2 by @MatusKysel in #2286
- [S1] ssvsigner: Inconsistent Password Trimming in Keystore Handling Can Lead to Decryption Failures by @nkryuchkov in #2258
- [SSV-17] ssvsigner: Possible Leakage of Web3signer Responses in Case of an Error by @nkryuchkov in #2251
- [SSV-18] ssvsigner: Insecure Logger Usage May Lead to Information Disclosure by @nkryuchkov in #2240
- fasttrack: proposer-duty: configurable proposer delay by @iurii-ssv in #2262
- [SSV-19] ssvsigner: Local Database Is a Single Point of Failure by @kchojn in #2285
- [SSV-3] ssvsigner: Lack of Panic Recovery in Http Handler Wrapper Can Lead to Server Crash by @nkryuchkov in #2228
- [SSV-20] ssvsigner: Server-Side Request Forgery via Web3signer_endpoint Configuration by @kchojn in #2279
- [SSV-5] ssvsigner: High CPU Usage and Potential DoS in the Add Validator Flow Due to Unbounded Share Processing by @nkryuchkov in #2230
- [SSV-8] ssvsigner: Infinite Loop on Zero or Negative Batchsize by @nkryuchkov in #2238
- [SSV-4] ssvsigner: Private Key Share Leakage in
keystoreJSONFromEncryptedShare()Error Handling by @nkryuchkov in #2229 - [SSV-6] ssvsigner: Flawed Error Caching in checkCachePrivkey() Leads to Suppressed Errors and Potential Panic by @nkryuchkov in #2236
- [SSV-7] ssvsigner: Integer Underflow in
computeMinimalAttestationSP()Leads to Corrupted Slashing Data when Initializing at Epoch 0 by @nkryuchkov in #2237 - [SSV-12] ssvsigner: Local Signer Account Overwrite Risk by @nkryuchkov in #2256
- [SSV-9] ssvsigner: Inconsistent Network Configuration Usage in NewRemoteKeyManager() Constructor Risks Incorrect Slashing Protection and Signing Errors by @nkryuchkov in #2265
- ssvsigner: fix linter & UT, add CI checks [main] by @nkryuchkov in #2295
- [S3] ssvsigner: Fragile Error String Comparison for Wallet-Not-Found by @nkryuchkov in #2241
- [SSV-2] ssvsigner: SSV Signer Exposes Signing Operations over Unencrypted HTTP or TLS by @nkryuchkov in #2266
- ssvsigner: fix linter & tests [main] by @nkryuchkov in #2303
- [SSV-10] ssvsigner: The Order of Operations in RemoteKeyManager.AddShare() May Lead to Ineffective Local Slashing Protection by @nkryuchkov in #2239
- ssvsigner: handle request error after remote signer processed keys [main] by @nkryuchkov in #2310
- [SSV-11] ssvsigner: Incomplete Database State Due to Early Error Returns in Multi-Step Operations by @nkryuchkov in #2270
- [SSV-1, SSV-13] ssvsigner: Fix Potential Race Condition in
RemoteKeyManagerBetween Signing Checks andBumpSlashingProtection()by @nkryuchkov in #2227 - fasttrack: validator: options refactoring (cleanup) by @iurii-ssv in #2314
- fasttrack: gas-limit: default to 36 by @iurii-ssv in #2327
- ssvsigner: fix parsing arguments by @nkryuchkov in #2329
- ssvsigner: fix panic on remote signer initialization [main] by @nkryuchkov in #2331
- [S2] ssvsigner: Aes Key Derivation From Rsa Hash Lacks Proper Key Derivation Function by @kchojn in #2289
- UPDATE [SSV-20] ssvsigner: Server-Side Request Forgery via Web3signer_endpoint Configuration by @kchojn in #2333
- [SSV-16,SSV-20] ssvsigner: Possible Local File Read + SSRF via Web3signer_endpoint Configuration by @nkryuchkov in #2350
- Vouch acknowledgements (#2349) by @oleg-ssvlabs in #2351
- [SSV-13] ssvsigner: fix remaining data races by @nkryuchkov in #2368
- [SSV-2] ssvsigner: error on empty fingerprints by @nkryuchkov in #2366
- [Main] hotfix/refactor: (VoluntaryExit) fetch header instead of block, to get the slot by @kchojn in #2370
- chore(networkconfig): update 0NEinfra bootnode by @y0sher in #2377
- Add stale bot by @zktaiga in #2384
- Stale bot: set global limits, increase operations by @zktaiga in #2385
- fix: update GasLimit36Epoch values for hoodi and mainnet configurations by @y0sher in #2386
- chore(audits): add ssv signer final report file. by @y0sher in #2387
- fix(ssvsigner) tls load hostname from all cert data by @vaclav-ssvlabs in #2383
- fasttrack: gas-limit-36: enable on exact epoch configured by @iurii-ssv in #2381
- audit: update ssvsigner final report file by @nkryuchkov in #2396
Full Changelog: v2.3.2...v2.3.3