Dear Klever Validators, Node Maintainers, and Exchange Operators,
We are officially announcing the release of Klever Blockchain version v1.7.19 on the Mainnet. This is a critical security update that directly affects the network’s consensus rules.
The security and integrity of the Klever Blockchain are our absolute and non-negotiable priorities. Due to the nature and severity of the vulnerabilities addressed, it is imperative that all operators upgrade their nodes to version v1.7.19 as soon as possible.
Update Summary and Importance
Version v1.7.19 directly addresses and remediates four coordinated security vulnerabilities (two Critical severity and two High severity) located in the Marketplace and SFT value layer. These vulnerabilities allowed the creation of unbacked values (mint bugs), where KLV or KDA balances could be credited without the corresponding debit, threatening the overall conservation of assets.
In addition to permanently fixing these flaws, this release implements an account freeze at the consensus level (blocking outbound transfers from accounts implicated in these actions), enforces rejections directly at the API level, and fixes data-race concurrency issues.
For a detailed technical breakdown of all the fixes implemented in this release, we strongly recommend reading the full release notes on our official GitHub:
Release Notes - v1.7.19 Update Details
Upgrade Instructions
Although this update does not require activation in a specific future epoch, you will need to update your configuration files before starting the new node.
IMPORTANT: Make sure to update your config files PRIOR to updating the node, by precisely following the instructions below:
Please do:
1. Download the new config:
curl -k https://backup.mainnet.klever.org/config.mainnet.108.tar.gz | tar -xz -C ./node
2. Download new image version:
docker pull kleverapp/klever-go:v1.7.19-0-g8bcc600
3. Update the permission of directories database:
chown -R 999 $(pwd)/node/config
chown -R 999 $(pwd)/node/db
chown -R 999 $(pwd)/node/logs
4. Stop and remove your current node:
docker stop klever-node && docker rm klever-node
5. Run your node again:
docker run -it -d --restart unless-stopped \
--user "$(id -u):$(id -g)" \
--name klever-node \
-v $(pwd)/node/config:/opt/klever-blockchain/config/node \
-v $(pwd)/node/db:/opt/klever-blockchain/db \
-v $(pwd)/node/logs:/opt/klever-blockchain/logs \
--network=host \
--entrypoint=/usr/local/bin/validator \
kleverapp/klever-go:v1.7.19-0-g8bcc600 \
'--log-save' '--use-log-view' '--rest-api-interface=0.0.0.0:8080'
We urge maximum urgency and attention to this process. Network stability depends on the rapid compliance and upgrade of all nodes so that we can continue to maintain a secure and robust ecosystem for all users.
We deeply appreciate your vital support and prompt cooperation.
— The Klever Team