Polkadot stable2603

This release contains the changes from polkadot-stable2512 to polkadot-stable2603.

ℹ️ Please note:

The tag corresponding to the current stable release polkadot-stable2603 and matching the old pattern will be
available under polkadot-v1.22.0.

The node version for this release is: 1.22.0

Changelog

Full changelog can be found here.

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#6029]: Implementation of RFC-123

Store a runtime upgrade in :pending_code before moving it to :code in the next block. It's gated by system_version of the runtime and is activated for runtimes with system_version >= 3.

[#11316]: cargo: Update litep2p to v0.13.3

Update litep2p to latest 0.13.3 version

[#11095]: prefix_logs_with: Ensure the macro works correctly for futures

When setting up a tracing span in an async future, it may gets invalidated by any await point. The problem is that after continuing a future, it may runs on a different thread where the span isn't active anymore. The solution for this is to instrument the future properly.

[#10787]: statement-store: validation without runtime

This removes slow runtime validation from statement-submission hot path.
Validation now happens on the node side via direct signature verification and storage reads for account quotas.

[#10882]: statement-store: make encode/hash faster

Optimizes statement encoding and hashing by pre-allocating memory for the encoded buffer.
This reduces allocation overhead and improves performance, particularly when receiving
statements from multiple peers. Benchmarks show ~16% speedup when receiving statements
from 16 peers.

[#10201]: telemtry: Downgrade spam log to debug

This PR downgrade the telemetry warning log to debug.

• The log is causing a lot of noise in our test nets: https://grafana.teleport.parity.io/goto/fjTQ_vzDg?orgId=1

[#10718]: Statement-store: Propagate all statements to newly connected peers

When a new node connects, we now propagate all statements in our store to them. This happens in bursts of ~1MiB messages over time to not completley use up all resources. If multiple peers are connecting, round robin between them.

[#10917]: Implement persistent reputation database for collator protocol (#7751)

Implements persistent storage for the experimental collator protocol's reputation database.

Changes:

• Adds PersistentDb wrapper that persists the in-memory reputation DB to disk
• Periodic persistence every 10 minutes
• Adds --collator-reputation-persist-interval CLI to specify the persistence interval in seconds.
• Immediate persistence on slashes and parachain deregistration
• Loads existing state on startup with lookback for missed blocks

Implementation:

PersistentDb wraps the existing Db and adds persistence on top:

- All reputation logic (scoring, decay, LRU) stays in `Db`
- Persistence layer handles disk I/O and serialization
- Per-para data stored in parachains_db

Tests:

• basic_persistence.rs: Validates persistence across restarts and startup lookback
• pruning.rs: Validates automatic cleanup on parachain deregistration

[#11008]: Collator protocol revamp - update calculate_delay

A followup from #8541 with changes requested by @eskimor:

• Adjust the protocol parameters and add comments about the picked values
• Simpler fetch mechanism - advertisements from unknown collators (those with 0 reputation) are delayed. Everything else is fetched immediately.

[#10542]: statement-store: Add latency bench

Adds a latency benchmark for the statement store to measure propagation performance across distributed nodes.

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#10022]: Aura: Support automatic slot migration

This brings support to pallet-aura for automatically migrated the Slot on a change of SlotDuration. This is done by on_runtime_upgrade of pallet-aura.

[#10324]: Cleanup HRMP channels that were force removed from RC state

Cleanup old LastHrmpMqcHeads entries when the corresponding channel was remove from RC state

[#10794]: [FRAME] Omni bencher run each benchmark at least 10 secs

• Ensure all benchmarks run for at least 10 seconds. Configurable with --min-duration <s>
• Turn off runtime logging in bench bot to reduce spam log output

[#10366]: [pallet-revive] update evm create benchmark

Add a benchmark for the EVM CREATE instruction.

We are currently reusing the seal_instantiate benchmark from PVM instantiation, which is incorrect because instantiating an EVM contract takes different arguments and follows a different code path than creating a PVM contract.

This benchmark performs the following steps:

• Generates init bytecode of size i, optionally including a balance with dust.
• Executes the init code that triggers a single benchmark opcode returning a runtime code of the maximum allowed size (qrevm::primitives::eip170::MAX_CODE_SIZE`).

[#10387]: pallet-revive: add DebugSetting for bypassing eip-3607 for contracts and precompiles

Adds a new DebugSetting option which, if enabled, allows transactions coming from contract accounts or precompiles.
This is needed so that test nodes like anvil can send transactions from contract or precompile accounts, a widely-used feature in tests.

[#10713]: Fix off-by-one error in child bounty limit validation

Fixes an off-by-one error in pallet-child-bounties where the add_child_bounty function allowed creating MaxActiveChildBountyCount + 1 child bounties instead of being capped at MaxActiveChildBountyCount.

The validation check used <= instead of <, allowing the count to exceed the limit by one. This fix changes the comparison to < and removes an unnecessary type cast.

This is a bug fix that ensures runtime configuration limits are properly enforced.

Fixes #10652

[#11389]: Fix: AssetTrapped event with Fungible(0) due to SwapFirstAssetTrader::buy_weight for exact trades

When PayFees contained the exact quoted fee, SwapFirstAssetTrader::buy_weight produces zero swap change. This 0-amount credit was unconditionally wrapped into an AssetsInHolding entry, which propagated through fees → refund_surplus → holding → drop_assets, emitting an AssetsTrapped event with Fungible(0) that fails to decode.

This PR simply guards that by checking if value is 0 before putting it into the holding, and omitting the step if the value is 0.

Closes #11388

[#9184]: FixedPoint: Support parsing x.y format

This makes it easier to declare a fixed point value. The old format is also still supported.

[#10922]: [pallet-revive] small improvements

Small safety and completeness improvements for pallet-revive:

• Add selfdestruct call tracing: Emit terminate trace after successful SELFDESTRUCT
• Add debug assertions for unsafe bytecode operations: in relative_jump, absolute_jump, and read_slice
• Remove transmute in i256 sign detection: Replace unsafe { core::mem::transmute } with explicit conditional logic for determining Sign::Zero vs Sign::Plus

[#10397]: Update the commit hash of the revive-differential-tests

Description

This is a PR that updates the commit hash of the revive-differential-tests framework and the compilation caches to a version that includes fixes to certain tests that used hard-coded gas values. The compilation caches required an update since this was a change to the contract's code.

Changelog for Node Operator

ℹ️ These changes are relevant to: Those who don't write any code and only run code.

[#10978]: Omni-node supports polkadot-asset-hub

The polkadot-omni-node binary now supports polkadot-asset-hub. Other system chains where already supported, but PAH uses Ed25519, which makes it a special case.

[#8541]: collator-protocol-revamp: CollationManager and subsystem impl

This PR adds a new experimental validator-side collator protocol subsystem implementation, which can be enabled via the --experimental-collator-protocol CLI flag.

The new implementation introduces a reputation-based collator selection mechanism. Collators
are assigned scores based on the outcome of their submitted collations: valid included candidates increase the score, while invalid collations or failed fetches decrease it.
When multiple collation advertisements are received, validators prioritize fetching from higher-reputation collators first (with timestamp as a tiebreaker for equal scores).

[#10617]: statement-store: use many workers for network statements processing

Adds --statement-network-workers CLI parameter to enable concurrent statement validation from the network.
Previously, statements were validated sequentially by a single worker. This change allows multiple workers o process statements in parallel, improving throughput when statement store is enabled

[#10373]: Block import improvements

This PR fixes block import during Warp sync, which was failing due to "Unknown parent" errors - a typical case during Warp sync.

Changes

• Relaxed verification for Warp synced blocks:
  The fix relaxes verification requirements for Warp synced blocks by no...

Polkadot stable2512-3

This release contains the changes from polkadot-stable2512-2 to polkadot-stable2512-3.

ℹ️ Please note:

This is a patch release for the latest stable version: stable2512. If your nodes are already running on this stable release,
you should upgrade to this patch version to get the latest fixes.

The tag corresponding to the current patch release polkadot-stable2512-3 and matching the old pattern will be
available under polkadot-v1.21.3.
The following crates were updated to the corresponding versions:

Click to see crates list

• pallet-election-provider-multi-block@0.6.1
• pallet-staking-async-rc-client@0.7.3
• pallet-staking-async@0.10.4
• asset-hub-westend-runtime@0.42.3
• pallet-session@45.2.0
• pallet-society@45.1.0
• sp-staking@42.2.0
• pallet-fast-unstake@44.1.0
• pallet-nomination-pools@43.1.0
• pallet-staking@45.1.0
• pallet-nomination-pools-benchmarking@43.0.1
• cumulus-client-consensus-aura@0.28.1
• sc-network-types@0.20.2
• sc-network@0.55.2

ℹ️ In case of the issue with expired key on installation of the rpm package

As the expiration date of the key was extended. The installation/update of the polakdot rpm package may fail, you can run the following commands to re-import updated key:

# 1. Find the old key
rpm -qa gpg-pubkey* --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
# Look for the ParityReleases entry

# 2. Remove the old key
sudo rpm -e gpg-pubkey-XXXXXXXX-XXXXXXXX

# 3. Re-import the updated key
sudo rpm --import 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x90BD75EBBB8E95CB3DA6078F94A4029AB4B35DAE&options=mr&exact=on'

# 4. Retry install/update

Changelog

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#11078]: net: Strip previous p2p prefix before concatenating addresses

This PR ensures that a MultiaddrWithPeerId will always remain valid after a concatenating process.

The litep2p code will concatanate the provided multiaddr-with-peerID regardless if the address already contains a p2p/.. prefix:

https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/src/litep2p/service.rs#L427-L434

This then can lead to addresses for reserved peers to never be dialed by the network backend as they are considered invalid.

This has been discovered by running the networking benchmarks:
https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/benches/notifications_protocol.rs#L143-L148

Part of the cleanups for:

• #10425

[#11330]: aura/import: Skip block execution when collators have no parent block state

Skip block execution in SlotBasedBlockImport when gap-sync marks blocks with StateAction::Skip. This fixes an infinite retry loop where non-archive collators failed to import gap-sync blocks because the parent state was already pruned, causing repeated sync restarts and eventual peer bans.

[#11204]: Upgrade litep2p v0.13.0 -> v0.13.1

This PR brings litep2p v0.13.1 to polkadot-sdk. The improvements include:

1. When dialing remote peers, all addresses from the DHT are tried, starting from the public addresses. Before litep2p v0.13.1, only up to 8 addresses were tried, leading to dial failures when due to misconfiguration there was a lot of private addresses in the DHT.
2. Protocols are now notified about connected peers before the library user, fixing failures in opening substreams when the user command arrived before the connection event.
3. Ping protocol implementation now conforms to the spec. This improves the connection stability between polkadot-sdk and smoldot dramatically. Before this PR, smoldot always disconnected polkadot-sdk peers every 15 seconds for 5 seconds due to failed pings.

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#11168]: Add MinSetKeysBond check in rc_client::set_keys

Add a configurable MinSetKeysBond threshold (hardcoded to 10 WND on asset-hub-westend) that rejects set_keys when active bond is insufficient. Set to 0 to disable.

[#11156]: election-provider-multi-block: reduce overclaimed proof_size during Signed phase

on_initialize claimed on_initialize_into_signed weight (> ~3M proof_size) every block during the Signed phase, but the heavy work (loading voter snapshots) only happens once when transitioning from Snapshot into Signed.
Use discriminant comparison to distinguish phase entry from same-phase ticks, falling back to on_initialize_nothing for the latter.

[#11154]: Add kick_member to Society pallet

Adds a kick_member extrinsic to pallet-society, callable by the Founder, that removes a member, slashes its payouts and returns them to the society pot.

[#11197]: pallet-session: track consumer refs and release deposits for externally set keys

Tracks whether session keys were set externally (via SessionInterface, e.g. from AH) or locally. Transitions between the two paths correctly manage the key deposit and consumer ref in both directions.

[#11222]: staking-async/rc-client: replace MinSetKeysBond with storage deposit

Replace MinSetKeysBond with a fungible hold deposit (KeyDeposit) which ties the cost directly to the storage used: held on set_keys, released on purge_keys.
Idempotency is checked by inspecting the existing hold balance rather than a separate storage map. Existing validators are charged on next set_keys.

[#11255]: staking-async-rc-client: add proof parameter to set_keys

Add proof: Vec<u8> to the set_keys extrinsic for forward compatibility with PR #1739, which introduces real ownership proof validation.
Proof validation is a no-op until we backport PR #1739.

Changelog for Runtime User

ℹ️ These changes are relevant to: Anyone using the runtime. This can be a token holder or a dev writing a front end for a chain.

[#11018]: [Pool] Claim trapped balance via one-time migration

One-time migration to recover trapped balance for an affected pool member.
A bug (CurrentEra vs ActiveEra mismatch) caused one pool member's balance to become trapped: their points were
dissolved but the held funds weren't released. This migration:

• Applies any pending slash for the member first
• Calculates trapped amount by checking actual held balance vs expected balance from points
• Releases trapped funds if present

Rust compiler versions

This release was built and tested against the following versions of rustc.
Other versions may work.

• Rust Stable: 1.88.0

Docker images

The docker images for the polkadot node binary and the polkadot-parachain binary can be found at Docker hub (will be available a few minutes after the release has been published):

• Polkadot image
• Polkadot-Parachain image

You may also pull it with:

docker pull parity/polkadot:stable2512-3

or

docker pull parity/polkadot-parachain:stable2512-3

Polkadot stable2603-rc3

This release contains the changes from polkadot-stable2512 to polkadot-stable2603-rc3.

⚠️ Warning: Pre-release Version

The currently published version is a pre-release and is not yet a final stable version. This release is provided for testing purposes only, and there is no guarantee that everything will work as expected. Errors and unusual behaviours of some features are to be expected.

Please use this version at your own risk and report any issues you encounter. We recommend waiting for the official release if you need a stable version.

Changelog

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#9947]: Proposer/BlockBuilder: Accept proof recorder & extensions

This pull request fundamentally changes how Proposer and BlockBuilder are handling the proof recorder and extensions. Before this pull request the proof recorder was initialized by the BlockBuilder and the proposer statically enabled proof recording or disabled it. With this pull request the proof recorder is passed from the the caller down to the block builder. This also moves the responsibility for extracting the final storage proof to the caller and is not part of the block builder logic anymore. The extensions are now also configurable by the caller and are not longer "guessed" by the block builder.

This pull request also remvoes the cumulus-client-proposer crate as it is not really required anymore.

[#10807]: Omni-node: Move timestamps closer to now

Blocks produced with Omni-nodes dev-mode are now closer to the current time. Previously they were starting at UNIX_EPOCH.

[#10662]: Bulletin as parachain missing features

• Node developers/operators could enable the transaction storage inherent data provider setup by using --enable-tx-storage-idp flag. This is especially useful in the context of bulletin chain.
• Node developers will set up the network idle_connection_timeout to 1h when using --ipfs-server flag, again, useful in the context of bulletin chain.

[#11283]: Implement retry in bridges equivocation loop

Implement retry mechanism in bridges equivocation loop

[#11139]: make subscription return statement event instead of bytes

Changes the statement subscription RPC to return StatementEvent instead of raw Bytes.
When a subscription is initiated, the endpoint now sends NewStatements event batches
with matching statements already in the store. If there are not statements in the store
an empty batch is sent.

[#11078]: net: Strip previous p2p prefix before concatenating addresses

This PR ensures that a MultiaddrWithPeerId will always remain valid after a concatenating process.

The litep2p code will concatanate the provided multiaddr-with-peerID regardless if the address already contains a p2p/.. prefix:

https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/src/litep2p/service.rs#L427-L434

This then can lead to addresses for reserved peers to never be dialed by the network backend as they are considered invalid.

This has been discovered by running the networking benchmarks:
https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/benches/notifications_protocol.rs#L143-L148

Part of the cleanups for:

• #10425

[#11027]: Add functions to control statement store per-account allowances

The functions currently residing in individuality are moved to Substrate to unify storage allowance control.

[#10847]: net: Spawn network backend as essential task

This PR spawns the network backends as essential (libp2p / litep2p).

When the network future exits, it will bring down the whole process.

• there's no point in running a node without the core network backend as it will not be able to communicate with peers
• while at it, have changed some logs from debug to warn
• the network backend can be brought down unintentionally by the import_notif_stream

Discovered during:

• #10821

[#10658]: Omninode instant seal: Support relay parent offset

This brings support for relay parent offset to the omni-node instant seal consensus engine. Before instant seal was not working with relay parent offsets bigger than 0.

[#11095]: prefix_logs_with: Ensure the macro works correctly for futures

When setting up a tracing span in an async future, it may gets invalidated by any await point. The problem is that after continuing a future, it may runs on a different thread where the span isn't active anymore. The solution for this is to instrument the future properly.

[#10770]: Statement-store: Follow-up improvements from PR #10718 review

This follow-up PR addresses review comments from PR #10718:

• Removed unnecessary Result wrapper from statement_hashes() - method is infallible
• Added debug assertion to validate sent count matches prepared count

[#10846]: net/metrics: Add metrics for inbound/outbound traffic

This PR adds a new metric for inbound / outbound traffic for individual request-response protocols.

• the PR is motivated by #10765 which shows a significant number of bytes as downloaded (4-5 MiB/s). This is suspicious for a fully synced validator, 1-2 blocks to the tip of the chain.
• It suggests a protocol is internally consuming too much bandwidth leading to network inefficiencies, wasted CPU, and in the case of the issue to OOM kills

cc @paritytech/sdk-node

[#11046]: Collator protocol revamp: Change collation hold-off timing to start at leaf activation

#11022

The hold-off delay should be measured from when the relay parent (leaf) is activated, not when the advertisement message arrives. This prevents artificially delaying messages that already arrived late.

Changes

• Calculate remaining hold-off time from leaf activation, not message arrival
• Process immediately if hold-off window has already elapsed
• Add test to ensure late-arriving collations skip artificial delay

[#10661]: statement-store: Add networking benchmark

Adds a benchmark for the statement store networking to measure performance
of statement propagation and validation under various conditions.

[#10960]: Warn when dropping an out of view candidate

This changes a debug log to a warning. The other log messages around the candidate state are also partially warnings. A candidate that is directly out of view counts clearly as a warning. Besides that this pull request also increases
the lookahead for Westend + Rococo to 5 to align it with Kusama.

[#11053]: tracing-subscriber: Pin version to prevent ANSI colour code issues

Latest version of tracing-subscriber right now doesn't support ASNI colour codes correctly: tokio-rs/tracing#3378

So, the workaround right now is to pin it to 0.3.19.

Closes: #11030

[#10973]: cumulus: Remove max_depth for the parent search

We were just incrementing this number all the time and there is actually no need to have it, as the search is already automatically bounded. For chains with 500ms blocks and relay offset of 1 we easily go above this limit and this then leads to forks.

So, let's remove the value.

[#11085]: Sync: Gracefully handle blocks from an unknown fork

There is the possibility that node A connects to node B. Both are at the same best block (20). Shortly after this, node B announces a block 21 that is from a completely different fork (started at e.g. block 15). Right now this leads to node A downloading this block 21 and then failing to import it because it doesn't have the parent block.

This pull request solves this situation by putting the peer into ancestry search when it detects a fork that is "unknown".

[#10650]: Prospective parachains cleanup

This PR removes redundant code and simplifies the prospective parachains subsystem in preparation
for upcoming scheduling_parent design changes. Key improvements include:

1. Removed duplicate ImplicitView from prospective-parachains subsystem - the subsystem was
   maintaining its own relay chain ancestry while also feeding it to ImplicitView and querying
   it back, which was redundant.

2. Separated relay chain scope from para-specific scope - split the Scope structure into
   RelayChainScope (shared relay parent ancestry) and para-specific Scope (pending
   availability and constraints) for better clarity.

3. Removed GetMinimumRelayParents message - this unused inter-subsystem message is no longer
   needed as minimum relay parents are now calculated directly from the scheduling_lookahead
   parameter rather than queried per parachain.

4. Simplified ImplicitView - removed per-parachain tracking since all parachains share identical
   allowed relay parent windows at any relay block, reducing code complexity by ~150 lines.

This refactoring reduces the codebase by ~170 lines while maintaining the
same functionality and adding documentation.

[#10884]: [benchmarking-cli] Add --keys-limit, --child-keys-limit and --random-seed to storage benchmarks

Adds three new CLI parameters to the benchmark storage subcommand:

• --keys-limit=<N>: Limits the number of top-level storage keys sampled for
  read/write benchmarks. When omitted all keys are used (previous behaviour).
• --child-keys-limit=<N>: When `--include-chil...

Polkadot stable2509-6

This release contains the changes from polkadot-stable2509-5 to polkadot-stable2509-6.

ℹ️ Please note:

⚠️ This is a patch release for the stable version: stable2509 and contains only patches and fixes to the crates (list
below). No binary or docker images will be provided for this release.

The tag corresponding to the current patch release polkadot-stable2509-6-rc1 and matching the old pattern will be
available under polkadot-v1.20.6.
The following crates were updated to the corresponding versions:

Click to see crates list

• sc-authority-discovery@0.53.1
• cumulus-client-consensus-aura@0.26.3

Changelog

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#11330]: aura/import: Skip block execution when collators have no parent block state

Skip block execution in SlotBasedBlockImport when gap-sync marks blocks with StateAction::Skip. This fixes an infinite retry loop where non-archive collators failed to import gap-sync blocks because the parent state was already pruned, causing repeated sync restarts and eventual peer bans.

[#10954]: auth-discovery: Ensure DHT published addresses have ports

We have seen instances in production where validators will propagate multiaddresses without ports.
These addresses are effectively unreachable from the networking layer perspective.
They might be discovered via:

• identify protocol
• or simply a wrongly configured CLI for public addresses

To close the gap on this issue, this PR checks that the published addresses will always contain a port.

Closes:

• #10466

Part of:

• #10425

Rust compiler versions

This release was built and tested against the following versions of rustc.
Other versions may work.

• Rust Stable: 1.88.0

Polkadot stable2506-9

This release contains the changes from polkadot-stable2506-7 to polkadot-stable2506-9.

ℹ️ Please note:

⚠️ This is a patch release for the stable version: stable2506 and contains only patches and fixes to the crates (list
below). No binary or docker images will be provided for this release.

The tag corresponding to the current patch release polkadot-stable2506-9-rc1 and matching the old pattern will be
available under polkadot-v1.19.9.
The following crates were updated to the corresponding versions:

Click to see crates list

• sp-trie@40.0.1
• sc-authority-discovery@0.51.1
• polkadot-collator-protocol@24.0.1
• sc-network@0.51.2

Changelog

[#10954]: auth-discovery: Ensure DHT published addresses have ports

We have seen instances in production where validators will propagate multiaddresses without ports.
These addresses are effectively unreachable from the networking layer perspective.
They might be discovered via:

• identify protocol
• or simply a wrongly configured CLI for public addresses

To close the gap on this issue, this PR checks that the published addresses will always contain a port.

Closes:

• #10466

Part of:

• #10425

[#11078]: net: Strip previous p2p prefix before concatenating addresses

This PR ensures that a MultiaddrWithPeerId will always remain valid after a concatenating process.

The litep2p code will concatanate the provided multiaddr-with-peerID regardless if the address already contains a p2p/.. prefix:

https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/src/litep2p/service.rs#L427-L434

This then can lead to addresses for reserved peers to never be dialed by the network backend as they are considered invalid.

This has been discovered by running the networking benchmarks:
https://github.com/paritytech/polkadot-sdk/blob/e85be1c07adedcc86554affa4f6af536c4a2efc1/substrate/client/network/benches/notifications_protocol.rs#L143-L148

Part of the cleanups for:

• #10425

[#10464]: collator-protocol: Readvertise collations after peer disconnects

There's a possible race case between peer connectivity and collation advertisement:

• The advertisement was generated
• peer disconnected before receiving the advertisement

As a result of that, when the peer reconnects, the previous collation (C0) is not sent.
This happens when the collator has produced another collation (C1).
However, from the logs it looks like the collation C1 is advertising, but C0 is skipped.

• T0: peer disconnects without receiving C0
• T1: peer reconnects
• T2: collator advertises C1, but not C0

This PR aims to resubmit collations on PeerConect events to mitigate these cases

Closes #10463

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#11028]: Add DecodeWithMemTracking derive to CompactProof

Description

Add DecodeWithMemTracking derive to CompactProof in substrate/primitives/trie/src/storage_proof.rs.

StorageProof already derived DecodeWithMemTracking but CompactProof in the same file was missed.

Integration

No integration changes required for downstream projects. CompactProof now implements DecodeWithMemTracking, which is a strictly additive trait implementation. Existing code using CompactProof will continue to work as before.

Review Notes

Single-line change adding DecodeWithMemTracking to the derive macro list on CompactProof:

-#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, TypeInfo)]
+#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, DecodeWithMemTracking, TypeInfo)]
 pub struct CompactProof {
     pub encoded_nodes: Vec<Vec<u8>>,
 }

CompactProof only contains Vec<Vec<u8>>, which already implements DecodeWithMemTracking, so the derive works without any manual implementation.

Rust compiler versions

This release was built and tested against the following versions of rustc.
Other versions may work.

• Rust Stable: 1.84.1

Polkadot stable2512-2

This release contains the changes from polkadot-stable2512-1 to polkadot-stable2512-2.

This is a patch release for the latest stable version: stable2512. If your nodes are already running on this stable release,
you should upgrade to this patch version to get the latest fixes.

The tag corresponding to the current patch release polkadot-stable2512-2 and matching the old pattern will be
available under polkadot-v1.21.2.

The following crates were updated to the corresponding versions:

Click to see crates list

- sp-trie@42.0.1 - frame-benchmarking@45.0.3 - pallet-dap@0.2.0 - pallet-statement@0.2.0 - pallet-bags-list@44.0.1 - pallet-nomination-pools@43.0.2 - snowbridge-verification-primitives@0.7.1 - polkadot-node-core-pvf-execute-worker@24.0.1 - polkadot-node-core-pvf-prepare-worker@24.0.1 - pallet-staking-async@0.10.1 - pallet-staking-async-ah-client@0.7.2 - pallet-staking-async-rc-client@0.7.1 - pallet-session@45.1.0 - snowbridge-beacon-primitives@0.18.1 - snowbridge-pallet-ethereum-client@0.18.2 - snowbridge-pallet-outbound-queue-v2@0.7.1 - snowbridge-pallet-ethereum-client-fixtures@0.26.1 - snowbridge-pallet-inbound-queue-fixtures@0.26.1 - snowbridge-pallet-inbound-queue-v2-fixtures@0.7.1 - snowbridge-core@0.18.1 - snowbridge-outbound-queue-primitives@0.7.1 - polkadot@0.1.1 - polkadot-jemalloc-shim@0.1.1 - frame-omni-bencher@0.17.3 - xcm-emulator@0.26.0 - emulated-integration-tests-common@28.0.0 - polkadot@30.0.2 - xcm-executor-integration-tests@0.13.1 - polkadot-omni-node@0.13.2 - westend-runtime@30.2.0 - asset-hub-westend-runtime@0.42.0 - staging-xcm-executor@24.0.1 - polkadot-sdk@2512.3.3

Changelog

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#10955]: Snowbridge: Remove unused proof fields

When verifying Ethereum-to-Polkadot transfer messages, the key field in receipt_proof is not used. Remove it as a cleanup and update the tests accordingly.

[#11055]: staking-async/ah-client: emit event when session key update from AssettHub fails on relay chain

Emit SessionKeysUpdateFailed with the operation type and dispatch error for observability so set_keys/purge_kets failures from AssetHub are observable on-chain

[#10808]: Update retester CI to check expectations

Description

This PR makes a number of changes to the retester CI job that were recommended by @athei and other people at parity.

One of our main objectives with the changes in this PR is to harden the CI and ensure that the job status that we see in Github is representative of whether we got the results that we expect or not.

With this PR, we added two versioned controlled JSON files, one for each platform that we run differential tests on, which describe the status that we expect for each one of the tests that we run.

Part of the retester CI job is to run the differential tests and ensure that the results of running tests match the expectation files we have in the repo for the platform.

In this case:

• CI is green if the test's execution matches the expectations that we've set in the expectations JSON files.
• CI is red if the test's execution doesn't match the expectations that we've set in the expectations JSON files.

The CI job for retester no longer posts a comment with the status of all of the tests.

If the expectations do not match, then the new expectations file is uploaded to the CI job you would be required to update the expectation file to match.

[#11069]: frame-omni-bencher: enable jemalloc-allocator

Fix huge benchmark regression for storage-heavy extrinsics, enabling jemalloc-allocator via polkadot-jemalloc-shim for omni-bencher, marked as optional in the scope of PR #10590.
Revert also the dummy write/read workaround at the end of commit_db() introduced by #10947.

[#11028]: Add DecodeWithMemTracking derive to CompactProof

Description

Add DecodeWithMemTracking derive to CompactProof in substrate/primitives/trie/src/storage_proof.rs.

StorageProof already derived DecodeWithMemTracking but CompactProof in the same file was missed.

Integration

No integration changes required for downstream projects. CompactProof now implements DecodeWithMemTracking, which is a strictly additive trait implementation. Existing code using CompactProof will continue to work as before.

Review Notes

Single-line change adding DecodeWithMemTracking to the derive macro list on CompactProof:

-#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, TypeInfo)]
+#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, DecodeWithMemTracking, TypeInfo)]
 pub struct CompactProof {
     pub encoded_nodes: Vec<Vec<u8>>,
 }

CompactProof only contains Vec<Vec<u8>>, which already implements DecodeWithMemTracking, so the derive works without any manual implementation.

[#10957]: pallet-dap: mark funds as inactive and expect buffer account to be pre-funded

In pallet-dap, mark funds in the issuance buffer as inactive so they do not participate in governance.
In production, the buffer account must be pre-funded (e.g., via genesis allocation or transfer) before the pallet receives any funds.
Removed the InitBufferAccount migration since the buffer account is now expected to be pre-funded externally.
For delegated staking, redirect slashes to DAP for Westend AssetHub.
Removed DAP dependency from main staking-async crate, keep it only for test runtimes.

[#11031]: xcm-emulator: fix emulated integration tests for non-6s parachains

After AuraDigestProvider was introduced, emulated integration tests for parachains with slot_duration != relay_slot_duration (e.g. 12s Polkadot/Kusama chains) panic because FixedVelocityConsensusHook derives a parachain slot that doesn't match CurrentSlot.

Fix by advancing the relay block number by slot_duration / RELAY_CHAIN_SLOT_DURATION_MILLIS per parachain block (instead of always +1), and computing the aura digest slot inline using both durations. This removes the DigestProvider associated type from the Parachain trait and the AuraDigestProvider struct — the emulator now handles the digest automatically.

Downstream users must remove DigestProvider: AuraDigestProvider, from their decl_test_parachains! invocations.

[#10980]: Add StakingOperator proxy type to Westend AssetHub

Introduces StakingOperator proxy type that allows validator operational tasks (validate, chill, kick) and session key management (set_keys, purge_keys) without access to fund management operations.

This enables pure proxy stashes to delegate validator operations: now that pallet_staking_async_rc_client provides set_keys/purge_keys on AssetHub, pure proxies can fully utilize StakingOperator.

[#11114]: Force the linker not to drop jemalloc shim on Linux

Force the linker to keep the polkadot_jemalloc_shim crate and its #[global_allocator] in all binaries that depend on it. Without it, the linker might drop it since it is seen as a dependency with no referenced symbols. The issue happens only on a subset of combination of rust version and linker (e.g. on CI with Ubuntu 24.04, rust 1.88.0 + gcc/ld strips the jemalloc crate from the binary but not rust 1.92.0, and also rust 1.88.0 + clang/mold works fine).

[#11050]: staking-aync: remove stale prune_era_total_stake

Leftover from #10810 backport. The function was replaced by prune_era_single_entry_cleanups in #10502.

[#10880]: Remove failing assertion related to VoterList count mismatch

Updated bags-list so that on_insert queues items into PendingRebag instead of failing, and removed the invariant that required VoterList's count to equal the combined number of Nominators and Validators. This is safe while bags-list is locked. After unlocking, on_idle drains PendingRebag, and the counts converge back to consistency over time.

[#10793]: Snowbridge: Fix fork version slot selection for sync committee signature verification

Fixes fork version selection for sync committee signature verification to use signature_slot - 1 per the Ethereum Altair light-client spec. This prevents valid light client updates from being rejected at fork activation boundaries.

[#10666]: staking-async: allow session keys handling on AssetHub

Added session keys handling on AssetHub for staking-async:

• Validators can now call set_keys and purge_keys on AssetHub, which forwards the request to the RelayChain via XCM.
• Session keys are validated on AssetHub before forwarding. Only validated keys are sent to RC (no proof), as RC trusts AH's validation.
• Proof of ownership is not yet supported since the related change has not been backported to stable2512.
• Staking proxies can call set_keys and purge_keys on behalf of validators. The ProxyType::Staking filter on runtime has been updated to include these calls.
• Validators are still allowed to call set_keys and purge_keys via relay-chain pallet-session's extrinsics. This option will be deprecated in the future.
• No key deposit is required on AssetHub.
• XCM delivery fees are charged from user's liquid balance before sending messages.
• Workflow change: unlike the current flow for new validators on RC (bond -> set_keys -> validate), users on Asset Hub MUST call bond and validate BEFORE
  calling set_keys. Attempting to set keys before declaring intent to validate will fail with NotValidator.

[#10947]: benchmarking: fix DB read/write counts

PR #10802 added reset_read_write_count() at the end of commit_db() to prevent warmup operat...

Polkadot stable2603-rc2

This release contains the changes from polkadot-stable2512 to polkadot-stable2603-rc2.

⚠️ Warning: Pre-release Version

The currently published version is a pre-release and is not yet a final stable version. This release is provided for testing purposes only, and there is no guarantee that everything will work as expected. Errors and unusual behaviours of some features are to be expected.

Please use this version at your own risk and report any issues you encounter. We recommend waiting for the official release if you need a stable version.

Changelog

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#10974]: slot_timer: Downgrade spammy log to debug

The log is quite spammy with 12core setup since the last ~2 blocks will be skipped in the last second of block production.

[#10658]: Omninode instant seal: Support relay parent offset

This brings support for relay parent offset to the omni-node instant seal consensus engine. Before instant seal was not working with relay parent offsets bigger than 0.

[#10493]: add external transient_storage to pallet_revive::ExecConfig

Description

This PR adds the ability to supply external copy of TransientStorage to pallet_revive::ExecConfig to be used during execution.
This is required by testing in foundry as we only enter pallet_revive during a CALL or CREATE instruction and we need to carryover
the transient storage to other following calls as they happen within an external tx.
For example this is required to support more testing scenarious inside foundry-polkadot because only a subset of execution happens on pallet-revive.
e.g:

fn example_test() { // this entrypoint is executed on the side of `foundry-polkadot`
Example contract = new Example(); // happens on pallet-revive
contract.setTransientStorage(5); // happens on pallet-revive

uint256 result = contract.getTransientStorage(); // happens on pallet-revive and returns `0` aka the default value 
// `result` above is `0` because `transient_storage` is reset after every call to `pallet-revive` and in `foundry-polkadot`
// only `CALL` and `CREATE` within function calls(already executed on foundry's revm) are forwarded to `pallet-revive`,
// so for assertion below to pass we would need to have our external `transient_storage` instance to be manually supplied
// to pallet-revive and be persistent within the wrapping call
assertEq(5, result); // fails without this PR with `5 != 0` 
}

link for the test-file inside foundry-polkadot:

• click me

[#10513]: Extract parachain types into a dedicated crate

Closes #10512.

Moves the common parachain primitives (accounts, balances, hashes, opaque block types) into a new parachains-common-types crate. The existing parachains-common crate re-exports these definitions, and polkadot-omni-node-lib now depends on the lightweight types crate to avoid pulling runtime pallets into omni-node builds.

[#10690]: statement-store: implement new rpc api

Implements the new simplified RPC API for the statement store as proposed in PR #10452.
The API surface has been reduced to two main functions: submit and subscribe_statement.

Submit changes:

• Added support for the new expiry field where statements with an expiration timestamp
  lower than the current time are rejected.

Subscribe changes:

• Implemented a configurable worker pool that manages all subscriptions.
• New subscriptions are assigned to workers via a round-robin protocol.
• When a new statement is accepted by the statement-store, all workers are notified and
  evaluate their assigned subscription filters, notifying each subscriber accordingly.
• Existing statements matching the filter are sent on subscription.

Additional improvements:

• Added periodical scanning and removal of expired statements.
• Removed the old API methods (broadcast, posts, networkState, etc.) in favor of the
  simplified submit/subscribe interface.

[#9880]: ah-westend: Elastic Scaling with 3 cores on AssetHub Westend

This PR enables elastic scaling on AssetHubWestend with 3 bulk cores.

Guideline for enablement: https://paritytech.github.io/polkadot-sdk/master/polkadot_sdk_docs/guides/enable_elastic_scaling/index.html

Next Steps

• Ensure collators are running with 2509 or newer
• Double check the changes locally
• If AH Westend looks good, we'll enable ES to AHPaseo

cc @paritytech/sdk-node @sandreim

[#10542]: statement-store: Add latency bench

Adds a latency benchmark for the statement store to measure propagation performance across distributed nodes.

[#10960]: Warn when dropping an out of view candidate

This changes a debug log to a warning. The other log messages around the candidate state are also partially warnings. A candidate that is directly out of view counts clearly as a warning. Besides that this pull request also increases
the lookahead for Westend + Rococo to 5 to align it with Kusama.

[#10662]: Bulletin as parachain missing features

• Node developers/operators could enable the transaction storage inherent data provider setup by using --enable-tx-storage-idp flag. This is especially useful in the context of bulletin chain.
• Node developers will set up the network idle_connection_timeout to 1h when using --ipfs-server flag, again, useful in the context of bulletin chain.

[#10661]: statement-store: Add networking benchmark

Adds a benchmark for the statement store networking to measure performance
of statement propagation and validation under various conditions.

[#10617]: statement-store: use many workers for network statements processing

Adds --statement-network-workers CLI parameter to enable concurrent statement validation from the network.
Previously, statements were validated sequentially by a single worker. This change allows multiple workers
o process statements in parallel, improving throughput when statement store is enabled

[#9947]: Proposer/BlockBuilder: Accept proof recorder & extensions

This pull request fundamentally changes how Proposer and BlockBuilder are handling the proof recorder and extensions. Before this pull request the proof recorder was initialized by the BlockBuilder and the proposer statically enabled proof recording or disabled it. With this pull request the proof recorder is passed from the the caller down to the block builder. This also moves the responsibility for extracting the final storage proof to the caller and is not part of the block builder logic anymore. The extensions are now also configurable by the caller and are not longer "guessed" by the block builder.

This pull request also remvoes the cumulus-client-proposer crate as it is not really required anymore.

[#10891]: collator-protocol: Re-advertise collations when peer authority IDs are updated

The collator protocol contained a race-condition which could manifest as "Collation wasn't advertised".

A given peer ("A") can connect before the new authority keys are received via UpdatedAuthorityIds (nk -- new key).

• T0: peer A connectsPeerConnected
• T1: peer A sends its current view PeerViewChange
  • Peer A wants the block N
• T2: validator_group.should_advertise_to: checks peer A for key nK (the new key)
  • We don't have this key stored and therefore return ShouldAdvertiseTo::NotAuthority
• T3: UpdatedAuthorityIds arrives with (peer A, [nK])

At this point, we have the collation, peer A wants to collation, we know peer A is an authority but we never send the collation back. Then, the collation will expire with "Collation wasn't advertised".

To close the gap, the UpdatedAuthorityIds events will trigger a re-advertisement of collations

• note: if the advertisement was already sent, the logic does not resend it (achieved in should_advertise_to).

Part of the stabilization of:

• #10425

[#10785]: Fix inefficient do_propagate_statements

Fixes an O(n^2) complexity issue in send_statements_in_chunks. The loop in
find_sendable_chunk was inefficient because it was passing to_send[offset..]
after each chunk and then calling chunk.encoded_size() on the entire slice.

The fix uses an incremental approach that adds statements one by one until the
size limit is reached, only computing sizes for statements that will actually
be sent in each chunk.

For 300,000 statements, this reduces the processing time from ~2.5 seconds to ~0.33s.

[#10201]: telemtry: Downgrade spam log to debug

This PR downgrade the telemetry warning log to debug.

• The log is causing a lot of noise in our test nets: https://grafana.teleport.parity.io/goto/fjTQ_vzDg?orgId=1

[#10954]: auth-discovery: Ensure DHT published addresses have ports

We have seen instances in production where validators will propagate multiaddresses without ports.
These addresses are effectively unreachable from the networking layer perspective.
They might be discovered via:

• identify protocol
• or simply a wrongly configured CLI for public addresses

To close the gap on this issue, this PR checks that the published addresses will always contain a port.

Closes:

• #10466

Part of:

• #10425

[#10573]: Bump trie-db to 0.31.0

Bumps `trie-...

Polkadot stable2603-rc1

This release contains the changes from polkadot-stable2512-1 to polkadot-stable2603-rc1.

⚠️ Warning: Pre-release Version

The currently published version is a pre-release and is not yet a final stable version. This release is provided for testing purposes only, and there is no guarantee that everything will work as expected. Errors and unusual behaviours of some features are to be expected.

Please use this version at your own risk and report any issues you encounter. We recommend waiting for the official release if you need a stable version.

Changelog

Changelog for Node Dev

ℹ️ These changes are relevant to: Those who build around the client side code. Alternative client builders, SMOLDOT, those who consume RPCs. These are people who are oblivious to the runtime changes. They only care about the meta-protocol, not the protocol itself.

[#10223]: Removed dependency to sp-consensus-grandpa from sc-network-sync

Refactored warp sync to remove the dependency on GRANDPA consensus primitives from the network sync module.
Instead of directly verifying proofs with GRANDPA-specific parameters, warp sync now uses a more generic
verifier pattern. This makes the warp sync implementation independent of any specific consensus mechanism,
allowing it to work with different consensus algorithms in the future.

[#10690]: statement-store: implement new rpc api

Implements the new simplified RPC API for the statement store as proposed in PR #10452.
The API surface has been reduced to two main functions: submit and subscribe_statement.

Submit changes:

• Added support for the new expiry field where statements with an expiration timestamp
  lower than the current time are rejected.

Subscribe changes:

• Implemented a configurable worker pool that manages all subscriptions.
• New subscriptions are assigned to workers via a round-robin protocol.
• When a new statement is accepted by the statement-store, all workers are notified and
  evaluate their assigned subscription filters, notifying each subscriber accordingly.
• Existing statements matching the filter are sent on subscription.

Additional improvements:

• Added periodical scanning and removal of expired statements.
• Removed the old API methods (broadcast, posts, networkState, etc.) in favor of the
  simplified submit/subscribe interface.

[#10796]: Fix size limit mismatch in process_initial_sync_burst

Fixes a debug assertion failure in process_initial_sync_burst where the size filter
used MAX_STATEMENT_NOTIFICATION_SIZE while find_sendable_chunk reserved additional
space for Compact<u32> vector length encoding (5 bytes).

This mismatch caused debug_assert_eq!(to_send.len(), sent) to fail when statements
were sized to fit the filter's larger limit but exceeded find_sendable_chunk's
stricter limit.

The fix extracts the size calculation into a shared max_statement_payload_size()
function that both locations now use, ensuring consistent size limits.

[#10770]: Statement-store: Follow-up improvements from PR #10718 review

This follow-up PR addresses review comments from PR #10718:

• Removed unnecessary Result wrapper from statement_hashes() - method is infallible
• Added debug assertion to validate sent count matches prepared count

[#10906]: collator-protocol: Remove stale pending collations from the waiting queue

This PR removes the stale pending collations from the waiting queue when the peer that advertised the collation disconnects.

When the peer reconnects, the peer data is freshly created without any prior information about advertised collations.
Then the state-pending collation is picked from the queue. The network request will not be emitted since the fn fetch_collation sees no prior advertisement via peer_data.has_advertised and returns Err(FetchError::NotAdvertised).

To avoid this, remove the stale entries immediately when the peer disconnects.

Part of the stabilization of:

• #10425

[#10779]: remote-externalities: Support downloading from multiple RPC servers in parallel + major refactoring

Major refactoring of frame-remote-externalities to support downloading state from multiple
RPC servers in parallel. This improves reliability and performance when fetching remote state.

Breaking changes:

• OnlineConfig::transports field renamed to transport_uris
• Various internal API changes

[#10891]: collator-protocol: Re-advertise collations when peer authority IDs are updated

The collator protocol contained a race-condition which could manifest as "Collation wasn't advertised".

A given peer ("A") can connect before the new authority keys are received via UpdatedAuthorityIds (nk -- new key).

• T0: peer A connectsPeerConnected
• T1: peer A sends its current view PeerViewChange
  • Peer A wants the block N
• T2: validator_group.should_advertise_to: checks peer A for key nK (the new key)
  • We don't have this key stored and therefore return ShouldAdvertiseTo::NotAuthority
• T3: UpdatedAuthorityIds arrives with (peer A, [nK])

At this point, we have the collation, peer A wants to collation, we know peer A is an authority but we never send the collation back. Then, the collation will expire with "Collation wasn't advertised".

To close the gap, the UpdatedAuthorityIds events will trigger a re-advertisement of collations

• note: if the advertisement was already sent, the logic does not resend it (achieved in should_advertise_to).

Part of the stabilization of:

• #10425

[#10954]: auth-discovery: Ensure DHT published addresses have ports

We have seen instances in production where validators will propagate multiaddresses without ports.
These addresses are effectively unreachable from the networking layer perspective.
They might be discovered via:

• identify protocol
• or simply a wrongly configured CLI for public addresses

To close the gap on this issue, this PR checks that the published addresses will always contain a port.

Closes:

• #10466

Part of:

• #10425

[#10464]: collator-protocol: Readvertise collations after peer disconnects

There's a possible race case between peer connectivity and collation advertisement:

• The advertisement was generated
• peer disconnected before receiving the advertisement

As a result of that, when the peer reconnects, the previous collation (C0) is not sent.
This happens when the collator has produced another collation (C1).
However, from the logs it looks like the collation C1 is advertising, but C0 is skipped.

• T0: peer disconnects without receiving C0
• T1: peer reconnects
• T2: collator advertises C1, but not C0

This PR aims to resubmit collations on PeerConect events to mitigate these cases

Closes #10463

[#10974]: slot_timer: Downgrade spammy log to debug

The log is quite spammy with 12core setup since the last ~2 blocks will be skipped in the last second of block production.

[#10718]: Statement-store: Propagate all statements to newly connected peers

When a new node connects, we now propagate all statements in our store to them. This happens in bursts of ~1MiB messages
over time to not completley use up all resources. If multiple peers are connecting, round robin between them.

[#10513]: Extract parachain types into a dedicated crate

Closes #10512.

Moves the common parachain primitives (accounts, balances, hashes, opaque block types) into a new parachains-common-types crate. The existing parachains-common crate re-exports these definitions, and polkadot-omni-node-lib now depends on the lightweight types crate to avoid pulling runtime pallets into omni-node builds.

[#10662]: Bulletin as parachain missing features

• Node developers/operators could enable the transaction storage inherent data provider setup by using --enable-tx-storage-idp flag. This is especially useful in the context of bulletin chain.
• Node developers will set up the network idle_connection_timeout to 1h when using --ipfs-server flag, again, useful in the context of bulletin chain.

[#9880]: ah-westend: Elastic Scaling with 3 cores on AssetHub Westend

This PR enables elastic scaling on AssetHubWestend with 3 bulk cores.

Guideline for enablement: https://paritytech.github.io/polkadot-sdk/master/polkadot_sdk_docs/guides/enable_elastic_scaling/index.html

Next Steps

• Ensure collators are running with 2509 or newer
• Double check the changes locally
• If AH Westend looks good, we'll enable ES to AHPaseo

cc @paritytech/sdk-node @sandreim

[#10882]: statement-store: make encode/hash faster

Optimizes statement encoding and hashing by pre-allocating memory for the encoded buffer.
This reduces allocation overhead and improves performance, particularly when receiving
statements from multiple peers. Benchmarks show ~16% speedup when receiving statements
from 16 peers.

[#10763]: Make some BEEFY keystore logic more generic

This PR:

1. makes some BEEFY keystore methods more generic:

• sign()
• public_keys()
  This is done by implementing the specific logic in the BeefyAuthorityId.

2. Removes the BeefyAuthorityId::SignatureHasher since for some algorithms it doesn't make sense to have a hasher.

Also since now the BeefyAuthorityId implements both the signing and the verification logic, we should have better consistency.

Related to #8707 (comment)

[#10542]: statement-store: Add latency bench

Adds a...

Polkadot stable2509-5

This release contains the changes from polkadot-stable2512-1 to polkadot-stable2509-5.

ℹ️ Please note:

⚠️ This is a patch release for the stable version: stable2509 and contains only patches and fixes to the crates (list
below). No binary or docker images will be provided for this release.

The tag corresponding to the current patch release polkadot-stable2509-5 and matching the old pattern will be
available under polkadot-v1.20.5.
The following crates were updated to the corresponding versions:

Click to see crates list

• sp-trie@41.1.1
• frame-benchmarking@43.0.1
• asset-hub-westend-runtime@0.36.3

Changelog

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#11028]: Add DecodeWithMemTracking derive to CompactProof

Description

Add DecodeWithMemTracking derive to CompactProof in substrate/primitives/trie/src/storage_proof.rs.

StorageProof already derived DecodeWithMemTracking but CompactProof in the same file was missed.

Integration

No integration changes required for downstream projects. CompactProof now implements DecodeWithMemTracking, which is a strictly additive trait implementation. Existing code using CompactProof will continue to work as before.

Review Notes

Single-line change adding DecodeWithMemTracking to the derive macro list on CompactProof:

-#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, TypeInfo)]
+#[derive(Debug, PartialEq, Eq, Clone, Encode, Decode, DecodeWithMemTracking, TypeInfo)]
 pub struct CompactProof {
     pub encoded_nodes: Vec<Vec<u8>>,
 }

CompactProof only contains Vec<Vec<u8>>, which already implements DecodeWithMemTracking, so the derive works without any manual implementation.

[#10802]: benchmarking: fix timing leak from bulk setup operations

Fixes timing leaks in benchmarks with large setup operations (e.g., clearing 27k staking entries). After bulk deletions are committed, the first new allocation can trigger memory allocator overhead that leaks into benchmark timing.

The fix adds a memory allocator warmup step in commit_db() that performs a dummy write/clear cycle to absorb this overhead before timing starts.

Rust compiler versions

This release was built and tested against the following versions of rustc.
Other versions may work.

• Rust Stable: 1.88.0

Polkadot stable2512-2-rc1

This release contains the changes from polkadot-stable2512-1 to polkadot-stable2512-2-rc1.

⚠️ Warning: Pre-release Version

The currently published version is a pre-release and is not yet a final stable version. This release is provided for testing purposes only, and there is no guarantee that everything will work as expected. Errors and unusual behaviours of some features are to be expected.

Please use this version at your own risk and report any issues you encounter. We recommend waiting for the official release if you need a stable version.

The following crates were updated to the corresponding versions:

Click to see crates list

• snowbridge-beacon-primitives@0.18.1
• frame-benchmarking@45.0.2
• pallet-dap@0.2.0
• pallet-statement@0.2.0
• pallet-bags-list@44.0.1
• pallet-nomination-pools@43.0.2
• pallet-staking-async-ah-client@0.7.1
• pallet-staking-async-rc-client@0.7.1
• pallet-staking-async@0.10.0
• pallet-session@45.1.0
• snowbridge-pallet-ethereum-client@0.18.1
• westend-runtime@30.2.0
• asset-hub-westend-runtime@0.42.0
• polkadot-sdk@2512.2.0

Changelog

Changelog for Runtime Dev

ℹ️ These changes are relevant to: All of those who rely on the runtime. A parachain team that is using a pallet. A DApp that is using a pallet. These are people who care about the protocol (WASM, not the meta-protocol (client).)

[#10793]: Snowbridge: Fix fork version slot selection for sync committee signature verification

Fixes fork version selection for sync committee signature verification to use signature_slot - 1 per the Ethereum Altair light-client spec. This prevents valid light client updates from being rejected at fork activation boundaries.

[#10880]: Remove failing assertion related to VoterList count mismatch

Updated bags-list so that on_insert queues items into PendingRebag instead of failing, and removed the invariant that required VoterList's count to equal the combined number of Nominators and Validators. This is safe while bags-list is locked. After unlocking, on_idle drains PendingRebag, and the counts converge back to consistency over time.

[#10986]: [Pool] Use active era for withdrawals

Standardising using active era in pools and staking. Current Era should only be used for election logic

[#10666]: staking-async: allow session keys handling on AssetHub

Added session keys handling on AssetHub for staking-async:

• Validators can now call set_keys and purge_keys on AssetHub, which forwards the request to the RelayChain via XCM.
• Session keys are validated on AssetHub before forwarding. Only validated keys are sent to RC (no proof), as RC trusts AH's validation.
• Proof of ownership is not yet supported since the related change has not been backported to stable2512.
• Staking proxies can call set_keys and purge_keys on behalf of validators. The ProxyType::Staking filter on runtime has been updated to include these calls.
• Validators are still allowed to call set_keys and purge_keys via relay-chain pallet-session's extrinsics. This option will be deprecated in the future.
• No key deposit is required on AssetHub.
• XCM delivery fees are charged from user's liquid balance before sending messages.
• Workflow change: unlike the current flow for new validators on RC (bond -> set_keys -> validate), users on Asset Hub MUST call bond and validate BEFORE
  calling set_keys. Attempting to set keys before declaring intent to validate will fail with NotValidator.

[#10980]: Add StakingOperator proxy type to Westend AssetHub

Introduces StakingOperator proxy type that allows validator operational tasks (validate, chill, kick) and session key management (set_keys, purge_keys) without access to fund management operations.

This enables pure proxy stashes to delegate validator operations: now that pallet_staking_async_rc_client provides
set_keys/purge_keys on AssetHub, pure proxies can fully utilize StakingOperator.

[#10947]: benchmarking: fix DB read/write counts

PR #10802 added reset_read_write_count() at the end of commit_db() to prevent warmup operations from appearing in benchmarking results. However, commit_db is called twice: one on on_before_start() closure before benchmark, and one after benchmark execution after benchmark.
This PR whitelists warmup key so that it doesn't appear in the read/write count.
We also regenerate staking-async and pallet-conviction-voting benchmarks (testing both v1 and v2)

[#10957]: pallet-dap: mark funds as inactive and expect buffer account to be pre-funded

In pallet-dap, mark funds in the issuance buffer as inactive so they do not participate in governance.
In production, the buffer account must be pre-funded (e.g., via genesis allocation or transfer) before the pallet receives any funds.
Removed the InitBufferAccount migration since the buffer account is now expected to be pre-funded externally.
For delegated staking, redirect slashes to DAP for Westend AssetHub.
Removed DAP dependency from main staking-async crate, keep it only for test runtimes.

Rust compiler versions

This release was built and tested against the following versions of rustc.
Other versions may work.

• Rust Stable: 1.88.0

Runtimes

The information about the runtimes included in this release can be found below.
The runtimes have been built using srtool v0.18.3 and rustc 1.88.0 (6b00bc388 2025-06-23).

Westend

🏋️ Runtime Size:          1.84 MB (1930332 bytes)
🔥 Core Version:          westend-1021002 (parity-westend-0.tx27.au2)
🗜 Compressed:            Yes: 81.02%
🎁 Metadata version:      V14
🗳️ system.setCode hash:   0x06edfdb7de82f80e39020f461e1d236cad7535416952c725c65854ad05372311
🗳️ authorizeUpgrade hash: 0xff50006b6c3d1e6a4a09b86e7222f67b6ca8a10c1b96f71e5381fe72e46171f3
🗳️ Blake2-256 hash:       0xc5033b3a2749393b2e6e8963d31dcc36353ea41feb5ba085d4f18b3bac8b9d62
📦 IPFS:                  QmZEyTWx3beRfCN3dXnxgcYhcV545v6FisNH4Qyc5wzWut

Westend Assethub

🏋️ Runtime Size:          2.34 MB (2457225 bytes)
🔥 Core Version:          westmint-1021003 (westmint-0.tx16.au1)
🗜 Compressed:            Yes: 82.15%
🎁 Metadata version:      V14
🗳️ system.setCode hash:   0xca3c9b3b31888fdbaa4f399dfe8a38bb417ea3797f06508f52616b9d12700887
🗳️ authorizeUpgrade hash: 0xbd10b33e9402a0fdca1f7094697aabca362055d535d4f6a648d81deb9ccb5b70
🗳️ Blake2-256 hash:       0xbfd53f79b6df48dd84cfb49738a3900e9a5e5a0f17b2d5d1866e86a90974e5ab
📦 IPFS:                  QmScgRemUb1komeDh3nM4mnqFQC3KZtN18Qe5ACs67JZ5J