Skip to content

Proa

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 Dec 10:50
v1.2.0
This tag was signed with the committer’s verified signature.
petarjuki7
GPG key ID: 52C058BCB41E7948
Verified
Learn about vigilant mode.
2b39ae4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Summary

This release includes Operator Doppelgänger Protection, as well as other minor improvements!

We recommend this release for everyone. However, there are no important bugfixes included, so rollout is not urgent.

👥 Operator Doppelgänger Protection

Anchor now offers Operator Doppelgänger Protection! This optional feature helps to prevent running two SSV clients with the same operator key, e.g. a Go-SSV node and a freshly created Anchor node. This should be avoided as it can cause missed duties and, if there are multiple Doppelgänger operators in a committee, slashing.

This works by listening for network messages signed by the own operator key before commencing normal operation. If such a message is detected, there is another node acting as our operator, and Anchor shuts down to avoid creating a duplicate node (Doppelgänger).

Operator Doppelgänger Protection is disabled by default. You can activate it using the --operator-dg true CLI option. Also, you can configure the number of epochs to listen using --operator-dg-wait-epochs, the default is 2.

↩️🛡️ Altered Majority Fork Protection

In the previous release we introduced Majority Fork Protection, which makes sure that the full attestation checkpoint data matches the local view of the chain. However some users observed significantly reduced validator performance.

We are relaxing the majority fork protection rules to only check the target and source epochs of a BeaconVote (attestation) against the node's own local view of the chain.

This change prioritizes validator liveness over fork protection. Slashing protection remains active and prevents actual slashable attestations. We make sure to maintain liveness during benign reorgs when operators' beacon nodes temporarily see different roots.

If you want to go back to the more strict checks, even if it means reduced validator performance, you can use the experimental --strict-mfp flag.

All Changes

  • chore: Release 1.2.0 (#760)
  • refactor: relax BeaconVote validation to epoch-only comparison (#749)
  • fix: only store one node info and update that (#738)
  • Merge branch 'stable' into unstable
  • feat(keysplit): Split multiple validator keys into one file (#440)
  • refactor: use Result for error handling instead of of early returns (#727)
  • feat: add 34-slot TTL for ValidatorRegistration and VoluntaryExit messages (#711)
  • feat: add blocked peer metrics (#708)
  • feat: operator doppelgänger protection with slot-based detection (#692)
  • ci: fix workflow configuration format and add timeout (#713)
  • ci: add timeout and debug logging to claude-pr-review workflow (#705)
  • fix: prevent handshake race condition causing ConnectionClosed failures (#644)
  • docs: Add warning for key format issue (#714)

Binaries

See pre-built binaries documentation.

The binaries are signed with Sigma Prime's PGP key: 15E66D941F697E28F49381F426416DC3F30674B0

System Architecture Binary PGP Signature
Apple logo aarch64 anchor-v1.2.0-aarch64-apple-darwin.tar.gz PGP Signature
Linux logo x86_64 anchor-v1.2.0-x86_64-unknown-linux-gnu.tar.gz PGP Signature
Raspberrypi logo aarch64 anchor-v1.2.0-aarch64-unknown-linux-gnu.tar.gz PGP Signature
System Option - Resource
Docker logo Docker v1.2.0 sigp/anchor
Assets 8
Loading