app: fetch only the requested indices from cache#4327
Merged
obol-bulldozer[bot] merged 4 commits intomainfrom Feb 18, 2026
Merged
app: fetch only the requested indices from cache#4327obol-bulldozer[bot] merged 4 commits intomainfrom
obol-bulldozer[bot] merged 4 commits intomainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Implements more granular duties caching so callers can request a subset of validator indices, reuse cached duties when available, and fall back to beacon-node fetches only for missing indices (per issue #4009) to reduce duplicate BN load.
Changes:
- Adds index-aware filtering for proposer/attester/sync duties cache reads and introduces “fetch missing indices” flow.
- Introduces new store-or-amend paths for duties caching (notably for sync duties).
- Updates duties cache test scaffolding for new request-shape expectations.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 14 comments.
| File | Description |
|---|---|
| app/eth2wrap/cache.go | Adds selective duty retrieval, missing-index fetch logic, and new store/amend behavior for duties caches. |
| app/eth2wrap/cache_test.go | Adjusts proposer duties mock generation used by duties cache tests. |
Comments suppressed due to low confidence (2)
app/eth2wrap/cache.go:583
- Same issue as proposer: this function does not amend existing epoch entries, so partially missing attester duties can never be added to the cache under the new logic. This will cause repeated BN calls for the same missing indices and defeats the cache.
// storeOrAmendAttesterDuties stores attester duties in the cache for the given epoch if they don't exist and false if they already exists.
func (c *DutiesCache) storeOrAmendAttesterDuties(epoch eth2p0.Epoch, duties []eth2v1.AttesterDuty, metadata map[string]any) bool {
c.attesterDuties.Lock()
defer c.attesterDuties.Unlock()
_, ok := c.attesterDuties.duties[epoch]
if ok {
return false
}
app/eth2wrap/cache.go:567
- Despite the name/comment, this method does not “amend” existing duties: it returns false if the epoch is already present. With the new partial-fetch behavior, this means missing indices fetched from the BN will never be added to the cache, causing repeated BN requests for the same missing indices. Implement an amend/merge path (similar to
storeOrAmendSyncDuties) and consider whether metadata should be merged/updated as well.
// storeOrAmendProposerDuties stores proposer duties in the cache for the given epoch if they don't exist and false if they already exists.
func (c *DutiesCache) storeOrAmendProposerDuties(epoch eth2p0.Epoch, duties []eth2v1.ProposerDuty, metadata map[string]any) bool {
c.proposerDuties.Lock()
defer c.proposerDuties.Unlock()
_, ok := c.proposerDuties.duties[epoch]
if ok {
return false
}
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #4327 +/- ##
==========================================
- Coverage 56.60% 56.42% -0.19%
==========================================
Files 237 237
Lines 31555 31658 +103
==========================================
Hits 17862 17862
- Misses 11403 11509 +106
+ Partials 2290 2287 -3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
KaloyanTanev
force-pushed
the
kalo/duties-cache-filter-vidxs
branch
from
8ce5230 to
947e2ba
Compare
pinebit
approved these changes
Feb 18, 2026
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.
Comments suppressed due to low confidence (1)
app/eth2wrap/cache_test.go:283
- The cache now supports partial index requests and amending an epoch with newly fetched duties, but this test only covers the “all indices” path. Add coverage for: (1) requesting a subset that is fully served from cache without calling the BN, and (2) requesting a subset where some indices are missing, asserting the BN is called only for the missing indices and the cache is amended.
// Create a cache.
valCache := eth2wrap.NewDutiesCache(eth2Cl, slices.Collect(maps.Keys(valSet)))
ctx := t.Context()
// First call should populate the cache
_, err = valCache.ProposerDutiesCache(ctx, 0, slices.Collect(maps.Keys(valSet)))
require.NoError(t, err)
require.True(t, proposerDutiesCalled)
// Second call should use the cache
proposerDutiesCalled = false
_, err = valCache.ProposerDutiesCache(ctx, 0, slices.Collect(maps.Keys(valSet)))
require.NoError(t, err)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.
Comments suppressed due to low confidence (1)
app/eth2wrap/cache_test.go:283
- Test coverage: this test still only covers the full-index cache hit path. Since the cache now supports partial hits + fetching only missing indices and amending the cached epoch, add an assertion-driven case for that behavior (e.g., cache a subset first, then request a superset and verify only missing indices invoke
ProposerDutiesFunc).
// First call should populate the cache
_, err = valCache.ProposerDutiesCache(ctx, 0, slices.Collect(maps.Keys(valSet)))
require.NoError(t, err)
require.True(t, proposerDutiesCalled)
// Second call should use the cache
proposerDutiesCalled = false
_, err = valCache.ProposerDutiesCache(ctx, 0, slices.Collect(maps.Keys(valSet)))
require.NoError(t, err)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
KaloyanTanev
force-pushed
the
kalo/duties-cache-filter-vidxs
branch
from
8f37a7a to
f9c5cc0
Compare
|
KaloyanTanev
added
the
merge when ready
KaloyanTanev
added a commit
that referenced
this pull request
Feb 18, 2026
1. Fetch only the requested validator indices from cache 2. Make a request to the BN if some of the requested indices are missing 3. Store the newly fetched indices in the cache, amending the previous epoch category: feature ticket: #4009
KaloyanTanev
added a commit
that referenced
this pull request
Feb 18, 2026
* chore(deps): update docker/build-push-action action to v6.19.0 (#4315) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/build-push-action](https://redirect.github.com/docker/build-push-action) | action | minor | `v6.18.0` → `v6.19.0` | --- ### Release Notes <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v6.19.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v6.19.0) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v6.18.0...v6.19.0) - Scope default git auth token to `github.com` by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​1451](https://redirect.github.com/docker/build-push-action/pull/1451) - Bump brace-expansion from 1.1.11 to 1.1.12 in [#​1396](https://redirect.github.com/docker/build-push-action/pull/1396) - Bump form-data from 2.5.1 to 2.5.5 in [#​1391](https://redirect.github.com/docker/build-push-action/pull/1391) - Bump js-yaml from 3.14.1 to 3.14.2 in [#​1429](https://redirect.github.com/docker/build-push-action/pull/1429) - Bump lodash from 4.17.21 to 4.17.23 in [#​1446](https://redirect.github.com/docker/build-push-action/pull/1446) - Bump tmp from 0.2.3 to 0.2.4 in [#​1398](https://redirect.github.com/docker/build-push-action/pull/1398) - Bump undici from 5.28.4 to 5.29.0 in [#​1397](https://redirect.github.com/docker/build-push-action/pull/1397) **Full Changelog**: <docker/build-push-action@v6.18.0...v6.19.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ObolNetwork/charon). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Ny4wIiwidXBkYXRlZEluVmVyIjoiNDIuOTcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> * build(deps): Bump golang from 1.25.7-alpine to 1.26.0-alpine in /testutil/promrated (#4318) Bumps golang from 1.25.7-alpine to 1.26.0-alpine. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> * chore(deps): update github/codeql-action action to v4.32.3 (#4320) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v4.32.2` → `v4.32.3` | --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.32.3`](https://redirect.github.com/github/codeql-action/releases/tag/v4.32.3) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.32.2...v4.32.3) - Added experimental support for testing connections to [private package registries](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries). This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. [#​3466](https://redirect.github.com/github/codeql-action/pull/3466) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ObolNetwork/charon). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My44LjUiLCJ1cGRhdGVkSW5WZXIiOiI0My44LjUiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=--> * build(deps): Bump chainsafe/lodestar from v1.39.1 to v1.40.0 in /testutil/compose/static/lodestar (#4317) Bumps chainsafe/lodestar from v1.39.1 to v1.40.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> * chore(deps): update docker/build-push-action action to v6.19.2 (#4319) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/build-push-action](https://redirect.github.com/docker/build-push-action) | action | patch | `v6.19.0` → `v6.19.2` | --- ### Release Notes <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v6.19.2`](https://redirect.github.com/docker/build-push-action/compare/v6.19.1...v6.19.2) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v6.19.1...v6.19.2) ### [`v6.19.1`](https://redirect.github.com/docker/build-push-action/compare/v6.19.0...v6.19.1) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v6.19.0...v6.19.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ObolNetwork/charon). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Ny4wIiwidXBkYXRlZEluVmVyIjoiNDIuOTcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==--> * build(deps): Bump github.com/pion/dtls/v3 from 3.0.6 to 3.1.1 in the go_modules group across 1 directory (#4321) Bumps the go_modules group with 1 update in the / directory: [github.com/pion/dtls/v3](https://github.com/pion/dtls). Updates `github.com/pion/dtls/v3` from 3.0.6 to 3.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pion/dtls/releases">github.com/pion/dtls/v3's releases</a>.</em></p> <blockquote> <h2>v3.1.1</h2> <h2>Changelog</h2> <ul> <li>fa21c26d6a87d05d6b967ffaa43e58491682120d Retract v3.1.0</li> <li>dc45e23f50fc687947b665ff2b86caed830d91f0 Fix OpenSSL Interop for RSA SignatureHashAlgos</li> </ul> <h2>v3.1.0</h2> <p>Options patterns, Security fix and performance improvements.</p> <h2>Changelog</h2> <ul> <li>61762dee8217991882c5eb79856b9e7a73ee349f Use sequence number for nonce in GCM ciphers (<a href="https://redirect.github.com/pion/dtls/issues/796">#796</a>)</li> <li>46ee7c34b3f145288c8dcafd602da5a1da1a6f82 Refactor Common AEAD Code in Ciphersuite Package (<a href="https://redirect.github.com/pion/dtls/issues/789">#789</a>)</li> <li>10bd10a491cd7df04c77dc0119df7a50761d5b8f Prefer server srtp protection profiles ordering</li> <li>93c26776d1a7eeb9175b99c83e400ae44af7782f Fix rare flaky test</li> <li>d46d2a7626a2623250e73d737eb6f3a98b200694 Fix Bug in signature_algorithms_cert Handling (<a href="https://redirect.github.com/pion/dtls/issues/791">#791</a>)</li> <li>acad848193f1cbefbc8d44964f7f09712943b2c3 DTLS 1.3 signature_algorithms_cert Extension (<a href="https://redirect.github.com/pion/dtls/issues/788">#788</a>)</li> <li>0a5b31170d06ff4ca783d5dee861f06006ac2a18 Introduce options patterns</li> <li>9495bef1367503d0b2dc44fd3a358fe30bf948ea DTLS 1.3 RSA-PSS Signature Scheme Support (<a href="https://redirect.github.com/pion/dtls/issues/778">#778</a>)</li> <li>f1c63e9eb2918e4ffb424e025ddc9e34c6e2526d Refactor error types for 1.3 extensions (<a href="https://redirect.github.com/pion/dtls/issues/787">#787</a>)</li> <li>bed33fe14d7c3c8826a5abe1727d76d180357023 Add PreSharedKey extensions for DTLS 1.3 (<a href="https://redirect.github.com/pion/dtls/issues/773">#773</a>)</li> <li>01f7ba5fd42a22633c6459e3f0c71ed17eea4b3d Update CI configs to v0.11.37</li> <li>5b824b03ce1e91a52fe84243cd6afceb063dfd70 CCM Encrypt Speed + Memory Mgmt Improvements (<a href="https://redirect.github.com/pion/dtls/issues/784">#784</a>)</li> <li>100a3aaf71a4d36a48a72997d723fb22abfcba7e GCM Speed + Memory Mgmt Improvements (<a href="https://redirect.github.com/pion/dtls/issues/783">#783</a>)</li> <li>199a75385e95c9272f916368279312524fdbc82f Add Ciphersuite Benchmark Tests (<a href="https://redirect.github.com/pion/dtls/issues/781">#781</a>)</li> <li>6b2fbf107d632def6eebd0708c3131082dbd5540 Fix Race Condition in TestListenerCustomConnIDs (<a href="https://redirect.github.com/pion/dtls/issues/782">#782</a>)</li> <li>8ea3afcf5ac731635569174ef594b14b5694b1ec Fix intermittent unit test failures (<a href="https://redirect.github.com/pion/dtls/issues/780">#780</a>)</li> <li>c6db81b140b648a66a551d0d836fd3ee256814f4 Update README</li> <li>44160f0f4f2676a332e7fcbe9ed62ffe1cef3cc9 DTLS 1.3 CertificateRequest + Certificate Messages (<a href="https://redirect.github.com/pion/dtls/issues/774">#774</a>)</li> <li>91214624d12c49031af056799189acc3e072e750 Add Cookie extension for DTLS 1.3 (<a href="https://redirect.github.com/pion/dtls/issues/770">#770</a>)</li> </ul> <h2>v3.0.11</h2> <p><a href="https://github.com/pion/dtls/commit/90e241cfec2985715efdd3d005972847462a67d6">Backport security fix for</a> <a href="https://github.com/advisories/GHSA-9f3f-wv7r-qc8r">https://github.com/advisories/GHSA-9f3f-wv7r-qc8r</a> (CVE-2026-26014)</p> <p>This is the only release with the security fix for Go v1.21.</p> <h2>v3.0.10</h2> <h2>Changelog</h2> <ul> <li>713910a964f7026715069716e245483f51e74eaf Upgrade to pion/transport/v4</li> <li>e0d31600d0a99bdde26c549fdbf0668f863f05bd Add the key share extension (<a href="https://redirect.github.com/pion/dtls/issues/749">#749</a>)</li> <li>7a57e2689ed88d7e1a8357ce1aa9c87bdec38636 Update CI configs to v0.11.36</li> <li>08d8c3e0ba82aa8a550abec1f3abb6852cddc597 Fix gosec slice bounds warnings (<a href="https://redirect.github.com/pion/dtls/issues/764">#764</a>)</li> <li>7b9612e8c727eee1de08e5b895e12fae61301212 Handshake fragments assembly refactoring (<a href="https://redirect.github.com/pion/dtls/issues/762">#762</a>)</li> </ul> <h2>v3.0.9</h2> <h2>Changelog</h2> <ul> <li>ab5f89bfbc2b5de63f72069b763335073726000c Implement TLS_EMPTY_RENEGOTIATION_INFO_SCSV</li> <li>d5761acdb281969ec0b7e2d3a7f1848a1618a84f Prevent negative intervals</li> </ul> <h2>v3.0.8</h2> <h2>Changelog</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pion/dtls/commit/fa21c26d6a87d05d6b967ffaa43e58491682120d"><code>fa21c26</code></a> Retract v3.1.0</li> <li><a href="https://github.com/pion/dtls/commit/dc45e23f50fc687947b665ff2b86caed830d91f0"><code>dc45e23</code></a> Fix OpenSSL Interop for RSA SignatureHashAlgos</li> <li><a href="https://github.com/pion/dtls/commit/61762dee8217991882c5eb79856b9e7a73ee349f"><code>61762de</code></a> Use sequence number for nonce in GCM ciphers (<a href="https://redirect.github.com/pion/dtls/issues/796">#796</a>)</li> <li><a href="https://github.com/pion/dtls/commit/46ee7c34b3f145288c8dcafd602da5a1da1a6f82"><code>46ee7c3</code></a> Refactor Common AEAD Code in Ciphersuite Package (<a href="https://redirect.github.com/pion/dtls/issues/789">#789</a>)</li> <li><a href="https://github.com/pion/dtls/commit/10bd10a491cd7df04c77dc0119df7a50761d5b8f"><code>10bd10a</code></a> Prefer server srtp protection profiles ordering</li> <li><a href="https://github.com/pion/dtls/commit/93c26776d1a7eeb9175b99c83e400ae44af7782f"><code>93c2677</code></a> Fix rare flaky test</li> <li><a href="https://github.com/pion/dtls/commit/d46d2a7626a2623250e73d737eb6f3a98b200694"><code>d46d2a7</code></a> Fix Bug in signature_algorithms_cert Handling (<a href="https://redirect.github.com/pion/dtls/issues/791">#791</a>)</li> <li><a href="https://github.com/pion/dtls/commit/acad848193f1cbefbc8d44964f7f09712943b2c3"><code>acad848</code></a> DTLS 1.3 signature_algorithms_cert Extension (<a href="https://redirect.github.com/pion/dtls/issues/788">#788</a>)</li> <li><a href="https://github.com/pion/dtls/commit/0a5b31170d06ff4ca783d5dee861f06006ac2a18"><code>0a5b311</code></a> Introduce options patterns</li> <li><a href="https://github.com/pion/dtls/commit/9495bef1367503d0b2dc44fd3a358fe30bf948ea"><code>9495bef</code></a> DTLS 1.3 RSA-PSS Signature Scheme Support (<a href="https://redirect.github.com/pion/dtls/issues/778">#778</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pion/dtls/compare/v3.0.6...v3.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ObolNetwork/charon/network/alerts). </details> * build(deps): Bump golang from 1.25.7-bookworm to 1.26.0-bookworm (#4316) Bumps golang from 1.25.7-bookworm to 1.26.0-bookworm. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> * core: 0-based index for parsig metric (#4322) The metric was reporting a 1-based indices, however, everywhere in grafana we have them as 0-based. category: bug ticket: none * build(deps): Bump attestant/vouch from 1.12.0 to 1.12.1 in /testutil/compose/static/vouch (#4323) Bumps attestant/vouch from 1.12.0 to 1.12.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> * build(deps): Bump github.com/ethereum/go-ethereum from 1.16.8 to 1.17.0 (#4325) Bumps [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum) from 1.16.8 to 1.17.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ethereum/go-ethereum/releases">github.com/ethereum/go-ethereum's releases</a>.</em></p> <blockquote> <h2>Eezo-Inlaid Circuitry (v1.17.0)</h2> <!-- raw HTML omitted --> <p>This is a feature release, with all accumulated development from the last 3 months. See below for the highlights.</p> <p>Note that this release contains multiple critical security fixes, as well as many bug fixes, and is recommended for all users. However, if you are cautious about upgrades, you can also install v1.16.9 which has just the critical security fixes. Specifically, this release fixes <a href="https://github.com/ethereum/go-ethereum/security/advisories/GHSA-689v-6xwf-5jf3">CVE-2026-26313</a>, <a href="https://github.com/ethereum/go-ethereum/security/advisories/GHSA-2gjw-fg97-vg3r">CVE-2026-26314</a>, <a href="https://github.com/ethereum/go-ethereum/security/advisories/GHSA-m6j8-rg6r-7mv8">CVE-2026-26315</a>.</p> <p>We recommend recreating your p2p node key after installing this update, which you can do by removing the <code>DATADIR/geth/nodekey</code> file before restarting geth. Note this will cause a change in the p2p node ID, which may break static peering setups.</p> <h2>Highlights</h2> <h3>Path-based Archive Node with Proofs</h3> <p>The path-based archive node can now serve proofs (via <code>eth_getProof</code>) for the state of older blocks.</p> <p>You can configure the block range that supports proving independently from other archive state availability. Specifically, you can use the <code>--history.trienode</code> command-line flag to set the amount of blocks for which tree nodes will be tracked.</p> <p>This feature is disabled by default. Note that state history cannot easily be recovered once deleted, as it can only be generated by processing blocks. However, you can enable trienode history (and/or state history) at any time to turn a full node into a partial archive node, keeping state from that point in time onwards.</p> <p><a href="https://redirect.github.com/ethereum/go-ethereum/issues/32727">#32727</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/32621">#32621</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33551">#33551</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/32981">#32981</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33399">#33399</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/32913">#32913</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33303">#33303</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33584">#33584</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33329">#33329</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33681">#33681</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33103">#33103</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33098">#33098</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33515">#33515</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/32247">#32247</a></p> <h3>EraE History Support</h3> <p>Geth now suports the <a href="https://redirect.github.com/eth-clients/e2store-format-specs/pull/16">EraE</a> file format, an archival format for post-merge chain history.</p> <p><a href="https://redirect.github.com/ethereum/go-ethereum/issues/32157">#32157</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33827">#33827</a></p> <h3>OpenTelemetry Tracing</h3> <p>OpenTelemetry tracing is now supported by the RPC server, including support for distributed tracing. We have also added some tracing spans for block processing via the engine API, i.e. <code>engine_newPayload</code>.</p> <p><a href="https://redirect.github.com/ethereum/go-ethereum/issues/33599">#33599</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33452">#33452</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33780">#33780</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33521">#33521</a></p> <h2>All Changes</h2> <h3>Geth CLI</h3> <ul> <li>The <code>geth version-check</code> subcommand has been removed. This command checked the geth website for signed vulnerability notices, and would tell if updates are necessary (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33498">#33498</a>)</li> <li>There is now a <code>--miner.maxblobs</code> command-line flag to set a limit on blobs included in built blocks (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33129">#33129</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33302">#33302</a>)</li> <li>Geth now supports continuous profiling with Grafana Pyroscope (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33623">#33623</a>)</li> <li>A rare bug that could halt block production in <code>geth --dev</code> mode was fixed (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33146">#33146</a>)</li> <li>A new <code>--rpc.rangelimit</code> flag configures the maximum block range for <code>eth_getLogs</code> (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33163">#33163</a>)</li> <li><code>geth --exitwhensynced</code> will now set the <code>finalized</code> and <code>safe</code> block (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33038">#33038</a>)</li> <li><code>geth --ethstats</code> now reports the newPayload processing time to the stats server (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33395">#33395</a>)</li> <li>A lot of minor issues in Geth's command-line flag processing have been fixed (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33379">#33379</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33338">#33338</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33330">#33330</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/32999">#32999</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33279">#33279</a>, <a href="https://redirect.github.com/ethereum/go-ethereum/issues/33252">#33252</a>)</li> <li>The <code>evm blocktest</code> command can now read filenames from stdin when no path is provided (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/32824">#32824</a>)</li> </ul> <h3>Fork Implementation</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ethereum/go-ethereum/commit/0cf3d3ba4f7062fd2bbf2bda10972d528974e876"><code>0cf3d3b</code></a> version: release go-ethereum v1.17.0 stable</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/9b78f45e337f01e66b505c35b74415751b2a0a28"><code>9b78f45</code></a> crypto/secp256k1: fix coordinate check</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/c709c19b40f4b6655d7944c3fb0c36a14c6774d6"><code>c709c19</code></a> eth/catalyst: add initial OpenTelemetry tracing for newPayload (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33521">#33521</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/550ca91b179493e5c0394ee644efed3deefb890e"><code>550ca91</code></a> consensus/misc: hardening header verification (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33860">#33860</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/a4b3898f9041fd7c77130dc17ba2b80441a998af"><code>a4b3898</code></a> internal/telemetry: don't create internal spans without parents (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33780">#33780</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/0cba803fbafb12e9daaea53b76de847842ab3055"><code>0cba803</code></a> eth/protocols/eth, eth/protocols/snap: delayed p2p message decoding (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33835">#33835</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/ad88b68a467b6b3cb9d6a8a24f0ec74e8aa77565"><code>ad88b68</code></a> internal/download: show progress bar only if server gives length (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33842">#33842</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/c50e5edfafe408d911f3cdd2191a6808dc95cb42"><code>c50e5ed</code></a> cmd/geth, internal/telemetry: wire OpenTelemetry tracing via CLI flags (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33484">#33484</a>)</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/d8b92cb9e60fc8785c84f1afb35e64c9312eb35d"><code>d8b92cb</code></a> rpc,internal/telemetry: fix deferred spanEnd to capture errors via pointer (#...</li> <li><a href="https://github.com/ethereum/go-ethereum/commit/ac85a6f25449a7b96505637e18c988b3142d47bf"><code>ac85a6f</code></a> rlp: add back Iterator.Count, with fixes (<a href="https://redirect.github.com/ethereum/go-ethereum/issues/33841">#33841</a>)</li> <li>Additional commits viewable in <a href="https://github.com/ethereum/go-ethereum/compare/v1.16.8...v1.17.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> * chore(deps): update dependency go to 1.26 (#4314) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [go](https://redirect.github.com/actions/go-versions) | uses-with | minor | `1.25` → `1.26` | --- ### Release Notes <details> <summary>actions/go-versions (go)</summary> ### [`v1.26.0`](https://redirect.github.com/actions/go-versions/releases/tag/1.26.0-21889650668): 1.26.0 [Compare Source](https://redirect.github.com/actions/go-versions/compare/1.25.7-21696103256...1.26.0-21889650668) Go 1.26.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ObolNetwork/charon). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Ny4wIiwidXBkYXRlZEluVmVyIjoiNDMuOC41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> * app: fetch only the requested indices from cache (#4327) 1. Fetch only the requested validator indices from cache 2. Make a request to the BN if some of the requested indices are missing 3. Store the newly fetched indices in the cache, amending the previous epoch category: feature ticket: #4009 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
category: feature
ticket: #4009