Skip to main content
July 1, 2026
OMS
OMS Payments consolidates quote and transaction economics into a single pricing container, refactors the source and destination shape into a typed instrument model discriminated by type (walletOms, walletExternal, bankUs, bankIban, bankCanada, card, cash), replaces the legacy origin fields on transactions with a typed precursor object, and retires the GET /customers/{customerId}/transactions route in favor of a ?customerId= filter on GET /transactions.

New

  • Typed instruments on source and destination: quote and transaction sides are now discriminated by type. A quote’s source is an OMS wallet (walletOms) or a debit card (card, pull-from-card funding); the destination can be walletOms, walletExternal, bankUs, bankIban, bankCanada, card, or cash. Each type carries its own details envelope with the instrument-specific fields (bank routing coordinates, IBAN block, card identifiers, cash pickup coordinates, and so on) and a party block that identifies who is on that side.
  • Consolidated pricing object on quotes and transactions: per-side amounts (amountGross, amountNet, feesDeducted), the rate pair (exchangeRate, effectiveRate), the asset pair, fixedAmountSide, sponsorGas, and sponsorGasCost all move into a single top-level pricing object with pricing.source and pricing.destination per-side entries. The core equation is now pricing.source.amountNet × pricing.exchangeRate = pricing.destination.amountGross.
  • precursor on transactions: a typed precursor object describes what created the transaction (quote, depositAddress, virtualAccount, or cashIn) and carries that origin’s deposit instructions. It supersedes the loose quoteId / depositAddressId / virtualAccountId / cashInId and top-level depositInstructions fields.
  • hold and awaitingAction status: transactions can now enter a non-terminal awaitingAction state when blocked on developer, upstream, or compliance action. The hold object explains the reason and carries a deadline, and the transaction returns to processing once cleared. TransactionSubStatus is now a closed set of status-scoped strings namespaced by their parent (for example processing.cashPickupReady, completed.cashPickupCollected, awaitingAction.awaitingSenderAttribution, failed.attributionTimeout).
  • sourceToDestination corridor tag: a new composite tag on quotes and transactions covers cryptoToCrypto, cryptoToCash, cryptoToFiatAccount, cashToCrypto, and fiatAccountToCrypto. It replaces the older type and TransferType for these resources; TransferType is retained for deposit addresses, onramp/cash-in, and customer filters.
  • Party model on each side: sides now carry a party block discriminated by relationship (customer, otherCustomer, externalRegistered, externalUnregistered), so two-sided flows such as remittances and B2B payouts can identify each side inline. senderCustomerId, recipientCustomerId, and the per-request role field are removed; use customerId (the quote owner and sender) plus the party blocks instead.
  • ?customerId= filter on GET /transactions: pass customerId as a query parameter to scope the list to a customer. Matches rows where the customer is on either side.
  • SettlementError and operator Recovery: transactions carry a SettlementError (code, message, occurredAt, recoverable, and an optional recovery path or refund) in place of the previous generic AsyncError.

Updated

  • Removed the “MVP” note from the customer type description: the field description now reads simply Must be "individual".
  • Card settlementType field on quote requests: card rail only. internal custodies the crypto with OMS; external delivers to an on-chain wallet. Defaults are external for card buys and internal for card sells.

Removed

  • GET /customers/{customerId}/transactions: retired. Use GET /transactions?customerId=… for the same behavior.
  • Legacy top-level fields on Transaction: senderCustomerId, recipientCustomerId, role, quoteId, cashInId, depositAddressId, virtualAccountId, depositInstructions, rail, rates, sponsorGas, sponsorGasCost, fixedAmountSide, type, completedAt, and cashPickup are removed from the top level. The information they carried now lives on pricing, precursor, source/destination party, sourceToDestination, and subStatus.
  • cashPickupReady top-level status: cash off-ramp pickup lifecycle events surface as sub-statuses (processing.cashPickupReady, completed.cashPickupCollected, completed.cashPickupExpired) rather than as a top-level status.
June 26, 2026
AggLayer
The AggLayer settlement service now resumes pending settlement jobs when it restarts, so a restart no longer strands an in-progress settlement until something else re-drives it.

Updated

  • Settlement jobs resume on service restart: on startup, the settlement service scans persisted settlement job ids and restarts any whose result is non-terminal, skipping jobs that already completed. Operator restarts and crash recovery no longer leave an active settlement job sitting idle until an unrelated event picks it back up (#1585).
June 26, 2026
OMS
OMS Payments adds debit-card buy and internal sell to the existing quotes and transactions endpoints, requires billingAddress when registering a card external account, returns structured JWT authentication errors that distinguish expired from missing or invalid tokens, and writes a visible retry reason on transient onboarding failures so partners can tell an actively-retrying job from a stalled one.

New

  • Debit-card buy and internal sell on /quotes and /transactions: partners reference the card by its externalAccountId (ext_…) on the quote and transaction requests and the existing pricing and transaction machinery handles the rest. Card buys produce a fiatToCrypto transaction and settle either internally or externally; internal card sells produce a cryptoToFiat transaction. A new optional settlementType field on the quote request (internal or external) is persisted on the quote and re-read at execute time. externalAccountId is surfaced on the transaction source (buy) and destination (sell) in GET and list responses and on the webhook snapshot. Source walletId is now optional for card buys, and a wallet target on a card sell is rejected. New validation errors include external_sell_unsupported, external_account_rail_mismatch, external_account_required, external_custody_not_allowed, and source_wallet_address_not_allowed (422), plus invalid_wallet_target (400). External card sell is not yet supported.
  • billingAddress required for card external accounts: registering an external account of type=card now requires a billingAddress (addressLine1, city, state, country, zipCode). Missing or whitespace-only fields surface a billing_address_invalid validation error.

Updated

  • Structured JWT authentication errors: failed bearer-token requests now return RFC 6750-style bodies with a stable machine code on error and a human-readable reason on error_description, plus a matching WWW-Authenticate: Bearer error="…", error_description="…" challenge header. Distinct codes let clients tell expired tokens (invalid_token with "token expired") from missing (invalid_request with "missing authorization token"), bad signature (invalid_token with "invalid token signature"), missing required project claims, and generic invalid tokens, so a dashboard can trigger a silent refresh on expiry instead of treating every 401 the same. A keyset-unavailable failure now returns 503 temporarily_unavailable instead of 401. Note the breaking response contract change: the top-level error field is now a stable machine code rather than free-form prose; clients reading .error as a human message need to read .error_description instead.
  • Visible retry reason on transient onboarding failures: when an onboarding phase hits a transient error, the onboarding record now carries a non-terminal statusReason such as retrying after transient error (attempt N): <err>, refreshed on each retry and self-cleared once the phase advances or the onboarding reaches a terminal state. An actively-retrying onboarding is no longer indistinguishable from one that is silently stuck; terminal failures continue to record their final reason as before.
June 25, 2026
Polygon PoS
Bor adds graded peer response on develop so transient sync failures no longer churn good peers, Heimdall lands the disabled-by-default Ithaca hardfork code for stalled-producer span rotation, and Erigon v3.6.1 ships with optimizations and bug fixes that RPC providers are recommended to take before the mainnet Zurich activation.

New

  • Bor devp2p peer jailing on develop: the bor downloader replaces blanket peer drops with a graded response. Transient failures (timeouts, stalls, unsynced peers, empty headers) get a 30-second local backoff, four soft strikes in a 10-minute window escalate to a 5-minute jail, a whitelist (checkpoint or milestone) mismatch backs off then jails before dropping only after persistent disagreement within a 30-minute window, and a pruned-sidechain ghost-state mismatch jails on the first occurrence and drops only on a repeat inside a 30-minute window. Every terminal drop also benches the peer for 30 minutes so it cannot dodge the drop by reconnecting. Not consensus-affecting, fully backwards-compatible, and operator-visible through new eth/downloader/peer/response/{backoff,jail,drop,mismatch} Prometheus meters and a reason field on the existing Synchronisation failed, dropping peer log (#2283).
  • Heimdall Ithaca hardfork code merged, disabled by default: a new hardfork gate adds VEBLOP pending-stall recovery so a span rotates when the agreed actual bor head stops advancing past a stall threshold, closing the post-Rio liveness hole where a stalled single block producer could halt bor production while a pending milestone tally remained in the 1/3–2/3 band. The new behavior is gated behind a per-network ithacaHeight that ships at 0 (disabled) on every network; activation heights are a release-planning decision and must be >= Rio. No stored-state migration or genesis change (#611).

Updated

  • Erigon v3.6.1: a non-breaking optimization and bug-fix release. RPC providers are strongly recommended to upgrade ahead of the mainnet Zurich activation; nodes already running v3.7.1-priv require no action.
June 25, 2026
AggLayer
AggLayer 0.6.0 development adds a settlement-result lookup by hash, persists EIP-1559 fees per settlement attempt so replacement transactions reliably clear the standard 10% pricebump on nonce retry, and stops a retry loop from hammering L1 RPCs during indexing lag.

New

  • L1 result lookup by settlement hash: operators can query the L1 settlement result for a given settlement hash directly, instead of re-deriving the result from local state (#1572).

Updated

  • Gas bump on settlement retry: each settlement attempt now persists its resolved EIP-1559 fees (max_fee_per_gas, max_priority_fee_per_gas), and a replacement transaction on the same nonce bumps both fields by at least the geth pricebump floor (10%), tracking a fresh L1 estimate and respecting the configured ceiling. When the ceiling forbids a strict bump, the run loop waits on the existing ceiling-priced attempt rather than broadcasting an underpriced replacement that execution-layer clients would reject (#1580).

Fixed

  • No reorg loop during L1 indexing lag: when a nonce is observed mined but the receipt has not yet propagated to a lagging RPC node, the settlement loop now re-checks the (wallet, nonce) mapping and treats a still-matching transaction as NotSettledYet, retrying through the existing backoff path. Only a nonce that no longer maps to the same transaction is reported as a reorg, eliminating a tight retry loop that hammered L1 during indexing lag (#1581).
June 25, 2026
Trails
Trails makes Base ETH native an unconditional relay-handoff candidate on every edge rail (Solana and Tron, origin and destination), exposes per-rail edge enablement on RuntimeStatus, fixes a multi-wallet connection regression in the widget, and lands a broad set of edge-monitor, provider-scoring, and shutdown reliability fixes.

New

  • Base ETH native on all edge rails: Base ETH native is now an unconditional relay-handoff candidate on both origin and destination across every edge rail. The previous flag that gated Base-native to Solana origin only is removed; Relay quotes the pair in all four corners (EVM↔Tron, exact-input and exact-output), so suppressing it on Tron origin saved no work and hid a swap-saving candidate. The strategy race still discards candidates that fail to quote (#944).
  • edgeSolanaEnabled and edgeTronEnabled on RuntimeStatus: the RuntimeStatus RPC and generated Go and TypeScript clients report per-rail edge enablement derived from config.edge.solana.enabled and config.edge.tron.enabled (#948).

Updated

  • Edge monitor enablement is rail-aware: the edge monitor is considered enabled when either Solana or Tron edge is enabled, centralised behind Config.EdgeEnabled() so a Tron-only or Solana-only deployment starts the worker correctly (#951).
  • Provider scoring uses real gas costs: Relay now reports origin-chain gas in Info() (200k gas units), Hyperlane CrossCollateral reports a 3 bps fee and 30-second duration, and Relay’s default duration moves from 10s to 30s. Capabilities() returns Supported, Trustless, and Operations from a single struct, so probe paths no longer call Info() with a zero chain ID and silently drop Relay, Hyperlane, and CCTP from candidate building (#935).

Fixed

  • Multi-wallet connection regression on EVM and SVM: a widget regression that broke connecting both EVM and Solana wallets in the same session is fixed (#1122).
  • Edge monitor queue starvation: persistent-error rows no longer cycle through POLLING → PENDING every 5 seconds (which had been resetting the 1-hour retry timeout) and starve newer edge intents behind 10 stuck rows in the dequeue. Failing origin edge quotes now park in POLLING until stale recovery or timeout, so persistent failures age out through the existing pending-edge pipeline (#949).
  • Origin edge fast-retry on missing fill hash: when Relay reports terminal success before the fill or handoff hash has propagated into txHashes, the edge quote fast-retries on the next worker cycle instead of waiting for stale-recovery to time out (#953).
  • Solana edge address validation: Solana origin, destination, token, and refund addresses are validated by decoding through solana-go instead of a regex shape check, so base58-shaped strings that decode to the wrong public-key length are now rejected. Token-style public keys remain valid where appropriate, but are not accepted as a user recipient or refund address (#943).
  • Terminal intents clear queued child transactions: IntentReceipts.RefreshStatus aborts queued child transactions still in ON_HOLD, PENDING, or ERRORED once the parent receipt is terminal, so /info/workers no longer shows stale dependents waiting for a release that will never come. Active child transactions in RELAYING, SENT, or MINING are preserved (#940).
  • Graceful-shutdown dispatch stranding: the dispatch decision in ProcessTransactions runs on a context detached from worker shutdown, so a SIGTERM landing after the dequeue claim no longer leaves an ORIGIN/DESTINATION row stuck in RELAYING until the 10-minute stale sweep. Receipt waits remain cancellable so shutdown still aborts long polls cleanly (#923).
June 25, 2026
Wallets
OMS Wallet hardens WalletConnect session handling, normalizes wallet, relayer, and EVM revert errors into clearer in-app messages across send, sign-transaction, recovery, WalletConnect, and Earn, adds a cookie consent banner with separate analytics toggles and PII scrubbing, and tightens Earn deposit preflight so capped vaults and unaffordable relayer fees are caught before signing.

New

  • Cookie consent and analytics preferences: a consent banner now appears on first visit with separate toggles for product analytics and Google Analytics, and Account Settings exposes a re-openable analytics preferences entry. Analytics initialize only after consent and stop again on revoke; GA Consent Mode is updated and _ga* cookies are cleared on revoke. Wallet addresses, hashes, emails, bare hex values, ENS names, and sensitive URL substrings are scrubbed from analytics payloads before they leave the client, and contact and watched-wallet nicknames are no longer sent (#286).
  • Earn deposit preflight and vault status guards: ERC-4626 maxDeposit(receiver) and previewDeposit(amount) are checked before relayer execution, capped vaults surface a friendly vault-capacity error, and a fee-balance guard blocks deposits and withdrawals where amount plus relayer fee would exceed the selected token balance. Yield vault status (entry and exit availability, capacity state, entry limits, risk metadata) is now preserved through the proxy cache, so deposits and withdrawals are disabled with a clear reason when Yield reports the vault is not accepting them. Possible fees show as informational detail-page copy, not warning badges (#285).

Updated

  • Wallet, relayer, and EVM revert errors normalize app-wide: a vendored wallet-errors module decodes wallet, relayer, and EVM revert errors (including Error(string) and AllCapsReached()) into structured, friendly messages and is wired through send, sign-transaction, recovery, WalletConnect, Earn deposit, and Earn withdraw. Raw error details (code, name, cause, original message) are preserved for analytics and debugging while user-facing copy is clearer. Failed relayer quotes are no longer classified as sponsored or free-gas options, and a stale selected relayer ID is cleared once relayer options refresh (#291).

Fixed

  • WalletConnect session-request handling and stale modal UX: duplicate transaction modals from WalletConnect re-delivering unresponded session_request events on every relay reconnect are de-duplicated by an in-memory seen-request set, closing the modal now bulk-deletes all pending transactions instead of triggering a close/reopen loop, pending transactions older than 10 minutes are cleaned up on WalletKit init and every 60 seconds, the sign-transaction modal opens reliably on tab focus through the document visibility API instead of the non-reactive document.hasFocus(), session-proposal unmount no longer cancels approvals that triggered a navigation, and unimplemented WC methods (eth_sign, eth_signTypedData, eth_sendRawTransaction, unsupported defaults) now reply with UNSUPPORTED_METHODS so dapps get a real error. The confirm button is also disabled until the relayer fee option is selected (#329).
  • Trails history button restored in the wallet’s Trails integration (#323).
June 23, 2026
OMS
The OMS public API surfaces a structured on-chain identity for assets on wallets and transactions, so integrators can read the underlying chain, protocol family, and token without parsing the human-readable chain and asset strings.

New

  • BlockchainAsset schema: a new component that combines the chain identifier (chainId), the wire-level protocol family (protocol: evm, svm, or sui), and the token identifier on that chain (tokenId). All three fields are required when the object is present.
  • BlockchainProtocol enum: evm for Ethereum-compatible chains, svm for Solana, and sui for the Sui Move VM.
  • blockchainAsset field on wallets, customer wallets, transactions, and wallet balances: Wallet, CustomerWallet, TransactionSource, TransactionDestination, and the data payload of GET /wallets/{walletId}/balance now include an optional blockchainAsset object. The field is additive: existing chain and asset strings continue to be returned, so current integrations keep working unchanged.
June 22, 2026
OMS
  • residentialAddress and identifyingInformation on POST /customers and PATCH /customers/{customerId}: both fields are now accepted on the public surface and persisted through to compliance review. ResidentialAddress and IdentificationDocument are exposed as reusable component schemas.
  • Required fields on IdentificationDocument: type, issuingCountry, and number are now required when an identification document is supplied.
  • Single E.164 phone field: the public customer schema standardizes on one E.164-formatted phoneNumber field, replacing the prior pair of country code plus subscriber number.
June 22, 2026
Polygon PoS
Bor v2.8.3 ships stable across mainnet block producers, and the mainnet block gas limit lifts from 140 million to 160 million, completing the throughput target announced earlier this month.

New

  • Mainnet block gas limit raised to 160 million: the planned increase from 140 million to 160 million gas has rolled out on mainnet, lifting the effective execution rate to around 106.66 Mgas/s at the 1.5-second block time. This is the final scheduled step on the path to roughly 5,079 TPS using POL transfers (21,000 gas) as the unit transaction.

Updated

  • Bor v2.8.3 stable rolled out on mainnet block producers: bor v2.8.3 was cut from a multi-iteration v2.8.3-candidate line on Amoy and promoted to mainnet block producers around June 16 to 17. The release rolls up the v2.8.3-beta fixes, including a milestone-mismatch rewind deadlock fix and the related revert from beta4.
June 22, 2026
Trails
Trails adds a gasless option to the React send hook, makes wagmi 3 the default widget integration, ships Hyperlane CrossCollateral routes with bridge-gas reimbursement, and lands a wide set of widget UX and worker-side reliability fixes.

New

  • gasless option on useTrailsSendTransaction: integrators can opt into gasless execution directly from the React send hook.
  • Hyperlane CrossCollateral routes with bridge-gas reimbursement: Hyperlane CrossCollateral is wired in as a route option, with bridge-gas reimbursement so destinations receive the expected amount.
  • Timed refund leaf on 1.5 intents: v1.5 intents now include a timed refund leaf, so refunds can be claimed deterministically once the timeout window elapses.
  • /info/workers queue filters and admin intent-receipt refresh: the admin workers endpoint accepts queue filters and exposes an admin intent-receipt status refresh.

Updated

  • Wagmi 3 is the default widget integration.
  • EVM-first connect ordering: the connect dialog requires an EVM wallet connection before exposing Solana wallets, matching the EVM-anchored intent model. The SVM tab is also hidden when the Solana edge is not enabled by the API.
  • Auto-sync of origin and destination chains: the widget auto-syncs selected origin and destination chains with the connected wallet and the entered recipient, and improves SVM and EVM address validation.
  • Balance hooks: balance hooks now take an object-shaped params argument.
  • Hyperlane monitor cadence: poll interval reduced from 15 seconds to 3 seconds for faster origin-to-destination dispatch, with CrossCollateral dispatched only after the origin receipt is confirmed.
  • /info/workers pending-intents speedup: the operator endpoint that lists pending intents is materially faster.

Fixed

  • SOL pricing in Pay mode: SOL prices now resolve correctly in Pay mode.
  • Chain resolution drift: chain selection no longer drifts between widget state and the underlying connector.
  • Add wallet prop control: the fund-methods screen exposes a prop to hide “Add wallet” cleanly.
  • CCTP supported chains: CCTP routes honor the chain_ids config to restrict supported chains.
  • Hyperlane decimals: collateral checks and quote amounts normalize decimals for Hyperlane routes, and route decimal conversions are normalized across providers.
  • Legacy receipts: receipts with a null deposit transaction are refreshed correctly.
  • Timeouts and retries: dispatch and execution timeouts are bounded, ancient executing intents abort cleanly, and WaitIntentReceipt getLogs backoff is fixed so receipts do not stall behind RPC rate limits.
  • Intent SUCCEEDED gating: intent SUCCEEDED status is now gated on destination edge delivery confirmation, with related fee and quote-path consolidation in dispatch.
June 19, 2026
Polygon PoS
Bor v2.8.3 stable ships with parallel-EVM (BlockSTM v2) consensus-correctness fixes, and Heimdall v0.9.0 lands the Zurich hardfork release: Amoy activates around block 37,750,000 on June 17, mainnet around block 47,880,000 on June 25 at 14:00 UTC.

New

  • Zurich hardfork on Heimdall: v0.9.0 promotes the Zurich hardfork to mainnet. At the activation height, x/clerk switches to deterministic state-sync processing with block-height-based event visibility assigned in PreBlocker; both PrepareProposal and ProcessProposal enforce symmetric side-transaction caps (50/block) with wall-clock budgets for proposal construction (500 ms) and vote-extension generation (800 ms); checkpoint signature aggregation moves to commit-only; milestone propositions bind deterministically to the parent hash; MsgVoteProducers is restricted to the active validator set; and new ante decorators add a 16-output cap on aggregate bank transfers and 32-byte validation on MsgCheckpoint.AccountRootHash. All nodes must upgrade before their network’s activation height (Amoy 37,750,000, mainnet 47,880,000); pre-activation behavior is unchanged, no store migration or genesis change is required (#610).
  • Full Heimdall↔Bor gRPC transport in Heimdall v0.9.0: opt-in via bor_grpc_flag, requires bor v2.8.3 or newer, with a startup hash-parity check across HTTP and gRPC before traffic switches. Batched milestone-proposition calls are around 4.4× faster than the HTTP path (#610).
  • Bor endpoint failover with health probing in Heimdall: non-producer nodes can fail over between configured bor endpoints when health probes mark an endpoint unhealthy; failover is explicitly refused on block-producing nodes to preserve a single source of truth (#610).
  • EIP-1559 L1 transactions from Heimdall: bridge submissions and other L1 transactions now post as type-2 EIP-1559 transactions with operator-configurable gas caps (#610).

Updated

  • Bor v2.8.3 stable released: the v2.8.3-candidate branch promoted to stable after five Amoy soak iterations. Required for operators running Heimdall v0.9.0 with the gRPC transport enabled (#2272).

Fixed

  • Parallel-EVM (BlockSTM v2) consensus correctness: three independent BlockSTM v2 vs serial-execution divergences, each capable of producing a bad block, are fixed at the core/state layer. A 7702-delegated CodePath read no longer splits across snapshot versions and poison the cross-block jumpdest cache; Exist now recognises accounts made to exist purely by a prior in-block nonce bump (sender increment or 7702 delegation clear), correctly applying the existing-account refund and avoiding the new-account CALL surcharge; and transfer-log emission now matches by BalanceOpsIdx instead of by transfer shape, so a same-sender/same-recipient/same-amount selfdestruct payout no longer steals a later transfer’s log emission point. Serial StateDB and core/vm are untouched; non-parallel nodes are unaffected (#2270).
  • Heimdall proposer-local liveness on dense blocks: PrepareProposal previously sized the proposal with raw len(tx), but CometBFT validates the returned proposal using the protobuf-encoded size of Data.Txs. Under high tx-count load the proposer could assemble a batch that passed its own check yet exceeded MaxTxBytes once CometBFT re-measured it, stalling block production on that proposer. Accounting now uses the same protobuf unit CometBFT uses (#608).
June 19, 2026
Trails
Trails adds Hyperlane CrossCollateral routes with bridge-gas reimbursement on the API side, tightens the widget connect-wallet flow to require an EVM wallet before Solana wallets surface, and ships a broad set of dispatch and quote reliability fixes.

New

  • Hyperlane CrossCollateral routes: a new Hyperlane route variant covers cross-collateral cases that the standard Warp Route flow cannot, including bridge-gas reimbursement on the destination side. Routing dispatches the CrossCollateral call after the origin receipt lands so the destination side only acts once the origin commitment is confirmed (#843, #913).
  • wagmi 3 as the default widget integration: the Trails widget and demo now ship wagmi 3 as the default wagmi path, with Privy and Sequence Connect using wagmi3-native provider/connector stacks and viem pinned to Privy’s peer requirement (#1102).

Updated

  • Connect-wallet flow requires an EVM wallet before Solana: the widget’s Connect Wallet screen no longer lets users connect a Solana wallet before an EVM wallet is connected, both in the widget and in the standalone connect screen. The widget also enforces an EVM wallet before allowing the connect screen to be left (#1099, #1096).
  • SVM wallet tab hidden when Solana edge is not enabled: when the API returns edges: [] for Solana, the widget hides the SVM wallet tab and all Solana wallet options, including both installable and already-detected Solana wallets (#1101).
  • Hyperlane monitor polling interval reduced: the Hyperlane monitor now polls every 3 seconds instead of every 15 seconds, shortening time-to-state-transition on Hyperlane intents (#912).

Fixed

  • CCTP chain_ids config honoured: CCTP route discovery now respects the configured chain_ids list to restrict the set of supported chains, instead of advertising chains outside the operator’s configuration (#915).
  • Intent SUCCEEDED gated on destination edge delivery: an intent only transitions to SUCCEEDED once destination edge delivery is confirmed, removing a class of premature SUCCEEDED states on edge-backed routes (#893).
  • Dispatch precheck ERRORED, worker interfaces, and admin transitions: dispatch precheck failures now route through the ERRORED path, worker interfaces are narrowed to the operations each worker actually performs, and admin-driven state transitions are centralised so they cannot diverge from worker-driven ones (#897).
  • Ancient executing intents aborted: intents stuck in an executing state past their bound are now aborted instead of holding worker capacity indefinitely (#922).
  • Timeout and retry bounds: dispatch timeout and retry handling are now explicitly bounded, preventing unbounded retry loops on transient errors (#920).
  • Hyperlane decimal normalisation: the Hyperlane collateral check and quote amounts now normalise token decimals before comparing, fixing under-collateralisation false positives on tokens with non-default decimals (#917).
  • Route decimal conversions normalised across the API quote path (#919).
  • Legacy receipts with null deposit transaction: legacy receipts that recorded a null deposit transaction now refresh correctly through the receipt refresh path (#918).
  • Fee and quote-path consolidation: a set of fee-collector and quote-path edge cases are consolidated into a single corrected path (#898).
  • /info/workers pending intents: the pending-intents path of /info/workers is now substantially faster on busy deployments (#928).
June 18, 2026
Polygon PoS
Heimdall v0.9.0 mainnet release schedules the Zurich hardfork for June 25, bor v2.8.3 ships as the matching stable client, and the mainnet block gas limit increases from 140M to 160M while holding 1.5s blocks.

New

  • Mainnet block gas limit raised to 160M: with 1.5s blocks held, the upgrade lifts sustained throughput to roughly 5,000 payments per second at the same fee and reliability characteristics. Amoy continues at 200M for stress testing.
  • Heimdall v0.9.0 mainnet release, Zurich hardfork: activates on mainnet at block 47,880,000 (approximately June 25, 2026, 14:00 UTC), with Amoy already activated at block 37,750,000 on June 17, 14:00 UTC. The fork gates a set of consensus-level changes that stay inactive until the activation height: deterministic state-sync processing in x/clerk with block-height-based event visibility assigned in PreBlocker; symmetric side-transaction caps of 50 per block in PrepareProposal and ProcessProposal, with wall-clock budgets of 500 ms for proposal construction and 800 ms for vote-extension generation; commit-only checkpoint signature aggregation; deterministic milestone-proposition parent-hash binding; MsgVoteProducers restricted to the active validator set; and new ante decorators (16-output aggregate bank-transfer cap and MsgCheckpoint.AccountRootHash 32-byte validation). Validators must upgrade before their network’s activation height (#610).
  • Heimdall to bor gRPC transport (opt-in): heimdall ships full gRPC transport for the heimdall to bor channel, enabled with the bor_grpc_flag config and requiring bor v2.8.3+. Startup hash-parity check and batched milestone-proposition calls included; internal benchmarks show roughly 45% lower extendVote latency on the heaviest GetBorChainBlockInfoInBatch path versus HTTP (#610).
  • Bor endpoint failover with health probing: heimdall now supports multiple bor endpoints with health-probed failover. Disabled on block producers (#610).
  • EIP-1559 L1 transactions in heimdall: heimdall now uses the EIP-1559 fee market for its L1 transactions, with safe-default gas caps (#610).
  • Bor v2.8.3 stable release: backwards-compatible client cut from v2.8.3-candidate after five Amoy beta iterations. Recommended for all operators ahead of the Zurich activation. Includes the milestone-mismatch rewind deadlock fix landed in v2.8.3-beta5 (#2272).

Fixed

  • Parallel-EVM (BlockSTM v2) consensus divergences: three independent BlockSTM v2 vs serial divergences, each able to produce a bad block, are fixed at the core/state layer. (1) Per-tx CodePath read snapshot consistency for EIP-7702-delegated code, addressing the index out of range panics in validJumpdest and invalid gas used bad blocks observed on mainnet. (2) Exist now considers prior-tx nonce bumps, so applyAuthorization’s existing-account refund and the new-account CALL surcharge match serial. (3) Settlement transfer-log mispairing in tryEmitTransferAt now matches on TransferRecord.BalanceOpsIdx rather than transfer shape, eliminating the receipts-root-only divergence from EIP-6780 selfdestruct payouts. Serial StateDB and core/vm are untouched, so non-parallel nodes are unaffected (#2270).
  • Heimdall proposer liveness under high tx-count load: PrepareProposal accounting now uses the same protobuf-encoded size that CometBFT uses to validate the returned proposal. Raw len(tx) could undercount per-tx protobuf overhead and let a proposer assemble a batch that passed its own check but exceeded MaxTxBytes on CometBFT’s re-measurement, stalling block production on that proposer. Proposer-local fix; not consensus-affecting (#608).
June 18, 2026
AggLayer
AggLayer 0.6.0 development gains a settlement-side wallet-and-nonce wait gate and certificate-to-settlement-job persistence so certificate tasks can resolve settlement jobs directly.

Updated

  • Wait for any new expected (wallet, nonce) to be on L1: settlement submission now waits until any newly expected (wallet, nonce) is observed on L1, closing a race that could surface during recovery and re-submission (#1571).
  • Certificate-to-settlement-job ID persistence: the state store persists the mapping from certificate IDs to settlement-job IDs through a new certificate_settlement_job_cf column family with insert-only semantics and a migration for existing databases. Certificate tasks can resolve settlement jobs directly without re-deriving the link (#1578).
June 18, 2026
Trails
Trails adds Hyperlane CrossCollateral stablecoin routes across Arbitrum, Base, and Ethereum, cuts CrossCollateral end-to-end latency on the order of 47s by dispatching the destination right after origin receipt and tightening the Hyperlane monitor poll, fixes a cross-decimal collateral bug that was stranding intents, and gates EVM and Solana intent completion on confirmed destination fills.

New

  • Hyperlane CrossCollateral routes: new CROSS/moonpay USDC and USDT route set across Arbitrum, Base, and Ethereum, including same-asset, cross-asset, and same-chain coverage. Uses the Hyperlane v4 CrossCollateralRouter with transferRemoteTo and quoteTransferRemoteTo. For overlapping USDC routes, CROSS/moonpay is preferred explicitly rather than by alphabetical order. Exact-input fee accounting reserves provider source-token overage and reimburses relayer-fronted native bridge gas through the origin-token collector sweep, so total fee no longer double-counts bridge gas (#843).
  • wagmi 3 as the default widget integration: the Trails wagmi integration is now wagmi 3 by default in the widget (#1102).
  • CCTP chain_ids config now honored: setting chain_ids under [cctp] in api.conf actually restricts the supported chains for CCTP routes, aligning behavior with every other route provider. Previously the field was declared but silently ignored (#915).

Updated

  • Hide SVM wallet tab when Solana edge is not enabled by the API: the widget gates the SVM tab and all Solana wallet options on useSolanaEdgeActive() in addition to the adapter check. If the API returns edges: [] for Solana, the SVM tab and any detected or connected Solana wallets are hidden (#1101).
  • Require EVM wallet connection before connecting Solana: the widget’s connect screen now requires an EVM wallet before allowing a Solana wallet, and the widget itself no longer leaves the connect screen without one (#1099, #1096).
  • Hyperlane CrossCollateral destination dispatch latency cut by approximately 47s: CrossCollateral now releases the destination transaction as soon as the origin receipt proves the Hyperlane dispatch metadata, instead of waiting for Hyperlane API delivery visibility. Worker-owned early release replaces the API delivery wait; destination preconditions still gate execution (#913).
  • Hyperlane monitor poll interval reduced from 15s to 3s: cuts average Hyperlane delivery-detection latency from roughly 7.5s to 1.5s, the largest controllable overhead on CrossCollateral end-to-end time. The 10s GraphQL HTTP timeout keeps cycles from overlapping (#912).
  • Fee and quote-path consolidation: exact-input fee totals are computed per trade type in the fee calculator; gas-estimation RPCs are cached during quoting; provider fallback cascades are bounded; v1 and v1.5 protocol handlers share a single FeeCalculator instance; zero-value fees and gas are initialized for testnet chains so testnet quotes no longer hit a nil-pointer (#898).

Fixed

  • Hyperlane cross-decimal collateral check (caused two stuck user intents): collateral sufficiency now scales the origin-denominated transfer amount to destination decimals before comparing, instead of comparing destination-denominated collateral against a raw origin transfer amount. For Polygon to BSC 6 to 18 USDC routes, raw collateral 18.45e18 was numerically larger than raw transfer amount 644e6, so an insufficient-collateral case still passed the check. Quote ToAmount and ToAmountUSD are now destination-denominated, and EXACT_OUTPUT requests are normalized back to origin decimals before quoting and packing transferRemote calldata (#917, #919).
  • EVM to Solana intent completion gated on destination edge delivery: for DESTINATION-mode edge intents, WaitIntentReceipt no longer returns Done=true until the edge monitor confirms the Solana fill, failure, or refund. The intent holds at EXECUTING until the edge worker terminates, then RefreshStatus derives the terminal status (Completed to SUCCEEDED, Failed to ABORTED, Refunded to REFUNDED). A delivery bound on the bridge transaction TxnMinedAt exits the hold if the destination delivery stalls (#893).
  • Timeout, cancellation, and retry hardening: CCTP now uses an http.Client with a 10s timeout instead of the no-timeout default; origin-edge success ordering calls ExecuteIntent before marking the edge COMPLETED and parks retryable failures in POLLING with the fill hash preserved; deposit validation no longer marks potentially funded deposits FAILED when shutdown cancels the retry wait, falling through to the existing fail-open provider fallback; deposit-dependent transaction release now uses a background context after the deposit is accepted, so shutdown cannot strand ORIGIN or DESTINATION rows ON_HOLD (#920).
  • Dispatch precheck on guard error: when shouldDispatchToRelayer errors, the transaction transitions to ERRORED with a status reason and a retry metric, instead of being silently skipped and re-dequeued forever. Context cancellation is excluded so shutdown does not produce spurious ERRORED writes (#897).
June 17, 2026
Polygon PoS
Heimdall v0.9.0-beta announces the Zurich hard fork, with activation blocks scheduled on Amoy and mainnet, and Bor v2.8.3 ships as a non-breaking performance and stability release.

New

  • Zurich hard fork activation scheduled: heimdall v0.9.0-beta defines the Zurich hard fork with activation at block 37,750,000 on Amoy (June 17, ~14:00 UTC) and block 47,880,000 on mainnet (June 25, ~14:00 UTC). All validators, RPC providers, and node operators should upgrade their heimdall-v2 nodes before the activation block on each network.

Updated

  • Bor v2.8.3 stable: non-breaking release focused on performance and stability improvements, validated through an extended Amoy testing period. No operator action beyond the standard upgrade cycle is required.
  • Heimdall v0.8.2 stable: matching mainnet release of the v0.8.x line for operators that need to remain on v0.8.x ahead of the Zurich activation on mainnet.
June 17, 2026
AggLayer
AggLayer is now fully upgraded to the SP1 Hypercube (v6) proving system across all connected networks, including mainnet.

New

  • SP1 Hypercube (v6) live on mainnet: AggLayer mainnet recorded its first L1 settlement on the SP1 Hypercube prover on June 16, completing the v5 → v6 migration across devnets, testnets, and mainnet. The upgraded prover is up to 5x faster on proving speed, more cost effective, and brings security hardening improvements. Backward-compatible reads of legacy v5 proofs and certificates remain in place over the migration window, so no caller-side changes are required.
June 15, 2026
AggLayer
AggLayer 0.6.0 development continues with operator usability and recovery improvements, and AggKit gains a new exit-certificate claimer service alongside resilient sync recovery for the legacy-syncer upgrade path.

New

  • Exit-certificate claimer service: a new exit_certificate_claimer HTTP service in AggKit serves the data needed to call claimAsset on L1 for the bridge exits available to an address, with helper scripts (list-bridges.sh, claim-asset.sh, claim-all.sh). The service can run standalone or derive its config from an existing exit-certificate run via --exit-certificate-config. Default port 7080 (#1650).
  • Off-chain LER computation in the exit-certificate tool: Step G is split into G1 (lite L2 bridge sync) and G2 (NewLocalExitRoot computation). G2 now supports an off-chain mode that computes the LER directly from the lite exit tree without an Anvil shadow-fork, alongside the default shadow-fork verification mode. exitAddress is now mandatory and several option names switch to the ignore* convention. Config files now accept JSON or TOML (#1633).
  • Settlement attempt and job persistence: settlement attempts and jobs are persisted to storage before submission to L1, so pending settlements can recover attempt metadata and job payload after a node restart (#1550, #1551).

Updated

  • Docker image version reporting: agglayer Docker and CI builds now stamp a real git-derived version at compile time, so the node startup log prints the version instead of VERGEN_IDEMPOTENT_OUTPUT (#1568).

Fixed

  • Stuck settled-but-InError certificates: re-certification now queries the aggchain hash at the pre-settlement L1 block instead of latest, so stateful aggchain contracts no longer revert reconciliation with L2BlockNumberLessThanNextBlockNumber() after nextBlockNumber advances past the certificate’s L2 range. L1 archive access is required on the same path that already required it (#1563).
  • l1infotreesync upgrade loop: upgrading from a legacy syncer (for example 0.8.x) to the multidownloader implementation no longer leaves the syncer stuck with not found in storage or blocks_reorged. When the last-processed block is at or below the finalized block, the multidownloader validates it against L1 by hash and resumes from lastBlock+1 on a match, removing the need to manually delete the DB (#1639, #1645).
  • Bare-filename config paths: agglayer accepts a bare filename config path (for example agglayer.toml) again, without requiring a parent directory (#1553).
June 15, 2026
Trails
Trails ships a wide set of EVM↔Solana fixes after the EVM↔Solana edge support merge, hardens intent and transaction reliability on the API side, and adds an operator flag to disable the v1 intent protocol.

New

  • Unified wallet connection with SVM: the widget’s wallet connection flow surfaces EVM and Solana wallets in the same connect dialog (#1019).
  • Wallet screening for quote requests: quote requests are subject to wallet screening before a quote is returned (#853).
  • intents.disable_v1_intent_protocol config and GetSupportedIntentProtocols API: deployments can disable the v1 intent protocol, and the supported-protocols RPC reflects the setting (#876, #884).
  • Recipient picker pulse and a same-chain WETH↔ETH calldata demo scenario in the widget (#1080, #1079).

Updated

  • Source-token selector: shows all wallet tokens and supports API-based search inline (#1006).
  • Solana wallet cancellations are retryable: cancellations from Solana wallets during signing are treated as retryable rather than fatal (#1072).
  • Solana destination edge timeline: Solana destination edge transaction states are included in intent state, and duplicate edge-tx rows in the Solana edge timeline are removed (#866, #1076).
  • Default connector set: select native wallet connectors are removed from the widget’s default connector set (#1068).

Fixed

  • Mainnet CCTP routes: a testnet-mode gate that was breaking mainnet CCTP routes is removed (#861).
  • Expired persisted fee quotes: dispatch now regenerates a fresh fee quote when the persisted quote is within 1 minute of its 10-minute expiry, instead of sending an expired quote and being rejected. Stuck DESTINATION transactions also time out after 1 hour rather than waiting forever and starving the dispatch queue (#868).
  • Deposit starvation behind in-flight rows: the dispatch dequeue no longer includes RELAYING/MINING rows, so stale in-flight rows from crashed or restarted workers no longer block recovery or starve deposit-dependent transactions (#858).
  • Same-chain calldata cases: same-chain swaps with calldata, including same-chain same-token with exact input, route correctly (#1074, #1078).
  • Solana destination flows: destination token selection updates correctly, destination fills no longer double-fill, and Fund is disabled until a Solana recipient is selected when the destination is Solana (#1073, #1082, #1083).
  • Edge metadata rail persistence is retained correctly on intent records (#857).
  • IntentTransactionGasFee.totalFeeUsd is now typed as float64 instead of string, aligning the API contract with how it is serialized (#854).
  • Widget polish: connect-wallet close button, WETH demo icons, clipboard fallback compatibility, and inline-SVG canvas rendering (#1070, #1088, #1085, #1086).
June 15, 2026
Wallets
OMS Wallet rebuilds the Private Send experience on a REST send flow with a dedicated recovery surface, and adds a wallet screening auth gate across sign-in and protected-route entry points.

New

  • Private Send REST flow and status UI: Private Send now runs on the REST send flow with fee quoting, order creation, deposit submission, order polling, and a five-step lifecycle and status view. Failures after the deposit hand-off are tracked as recoverable rather than fatal (#304).
  • Private Send recovery: a Settings recovery surface lets a connected wallet look up saved recoverable orders, inspect stuck balances, and submit stuck-UTXO withdrawals (#306).
  • Wallet screening auth gate: authenticated wallets and connected EOAs are checked against a screening service before sign-in, OAuth callback, route loaders, auth-token setup, and the experimental wallet and login routes proceed. Blocked wallets are cleared from local auth state, redirected to sign-in, and shown a blocked-wallet notice. Screening URL and key are configured via environment variables (#287).

Updated

  • Private Send availability analytics: availability now reports unsupported_chain for non-supported EVM chains and unsupported_token for collectibles and non-coin records before checking other eligibility (#305).
June 15, 2026
OMS
The OMS public token endpoint now publishes a 429 Too Many Requests response so clients can handle rate-limited responses correctly.

New

  • 429 response on POST /auth/token (get bearer token): the token endpoint is rate-limited per client IP. When the limit is exceeded, the endpoint returns 429 with an ErrorResponse body and a Retry-After response header carrying the integer number of seconds to wait. Clients should branch on 429 alongside 200, 400, 401, and 500 and honor Retry-After before retrying.
June 9, 2026
OMS
The OMS public API consolidates the account-balance and account-transactions endpoints under the Wallet surface and exposes a synchronous failure response on transaction execution.

Removed

  • GET /accounts/{id}/balance: the standalone account-balance endpoint is no longer part of the public API. Read balances through GET /wallets/{id}/balance instead. The AccountBalance schema is removed.
  • Account tag: the Account grouping is dropped from the API. Endpoints that referenced it now live under Wallet.

Updated

  • GET /accounts/{id}/transactions is now a Wallet operation: the endpoint is re-tagged from Account to Wallet and the summary becomes “List wallet transactions.” The path parameter id now expects a wallet ID with the wlt_ prefix. The path itself is unchanged, so existing integrations continue to work; update tooling, examples, and SDK groupings to file the endpoint under wallets.

New

  • 502 response on POST /transactions (execute a transaction): synchronous provider failures during transaction execution now return 502 with a Transaction body in failed status, so clients can distinguish “created but failed at the provider” from “not created.” Handle 502 alongside 201 when calling the execute endpoint.
June 8, 2026
Wallets
OMS Wallet adds an agentic wallet mode, refreshes the Earn experience with new filters, sorting, and interest disclosures, refreshes the Private Send flow, and ships a wide set of transaction and inventory fixes.

New

  • Agentic wallet mode: dedicated landing experience with a terminal-style prompt copy flow for AI coding agents, plus an in-wallet inventory prompt card with docs link, reduced-motion support, and dismiss persistence.
  • Earn interest disclosures and deposit terms: tooltip-based interest disclosures across the Earn list, detail, and deposit surfaces, with the APY column relabeled to Interest. A terms-and-conditions notice now appears below Review Deposit.
  • Earn coin filters: switch between “Yours” (vaults for tokens in your inventory) and “All” to discover other opportunities, replacing the previous third “Vaults available for your funds” table.
  • Inventory and empty-state defaults: collectibles are hidden by default until enabled in settings, the header wallet avatar stack is hidden when only one wallet exists, decorative placeholder cards are removed from empty states, and Earn defaults to all vaults when no coin tokens are held.

Updated

  • Earn UX: vault data is now cached across page navigation with background refresh, sorting is available on any column with retained filters and sort order across navigation, deposit and withdraw amounts can be entered as a direct percentage, and vault selection rules now require APY under 100 percent (alongside the existing $300k minimum TVL and non-deprecated criteria) to filter out stale high-APY vaults.
  • Private Send flow: refreshed UI with new step transitions, token selection, recipient selection, amount entry, and final send states.
  • Terms of Use and Privacy Policy updated.

Fixed

  • Transaction flow reliability: transaction relay and finality waiting now resolves only after a confirmed final status and handles cancellation and failure consistently; the sign-transaction modal scopes requested transactions correctly and keeps selected transactions visible while progressing; dapp send-wallet-transaction recovery handles wallet sync, duplicate approvals, stored transaction ids, the success idle state, and error rendering consistently.
  • Inventory cache regressions after the persisted query cache migration: auth inventory prefetch now writes the canonical summary shape consumed by the inventory query hook, and recovery inventory reads are scoped to the requested recovery wallet, including the per-chain selection flow.
  • Empty inventory notice no longer flickers when refreshing inventory.
  • Earn snapshot initialization no longer gets permanently stuck if a background refresh is interrupted; the refresh lease now expires within 90 seconds and the next request re-triggers initialization.
  • Private Send withdraw finalization behavior corrected.
  • Trails success modal content fixed in the in-wallet cross-chain flow.
  • Agentic mode terminal: text overflow fixed and generated CLI prompt arguments are now wrapped in double quotes for terminal-safe copy and paste.
June 8, 2026
Polygon PoS
A coordinated heimdall hard fork activated on mainnet on June 2 at block 46361000, and one day later the mainnet block time was reduced from 1.75 seconds to 1.5 seconds, lifting effective execution throughput by roughly 16 percent.

New

  • Mainnet block time reduced from 1.75 s to 1.5 s: on June 3 the network moved to 1.5-second blocks with the block gas limit held at 140 million, raising the effective execution rate from around 80 Mgas/s to around 93.3 Mgas/s. No operator action is required. As a heads-up, a follow-on block-gas-limit increase from 140 million to 160 million is currently scheduled for June 16 as the final step on the path to 5,000 TPS.
  • Heimdall hard fork activated on mainnet at block 46361000: the validator-set fee-withdrawal gate hard fork activated on Polygon PoS mainnet at block 46361000 on June 2 at 14:00 UTC, with heimdall v0.8.1 as the matching public release. After the fork, fee-withdrawal operations on heimdall are restricted to addresses in the active validator set; requests from non-validators are rejected at message-handling time. The fork also activates the v0.8.x features documented in the June 1 entry (planned-downtime successor nomination, deterministic state syncs gated on visibilityTimeHeight, and the related bridge and consensus guards).
June 8, 2026
AggLayer
AggLayer v0.5.0 ships stable, with a revised admin API, mandatory gRPC prover transport, and a safer default for settlement confirmations.

New

  • Networks can be marked as disabled in configuration, so operators can stop accepting certificates from a chain without removing it from the deployment (#1160)

Updated

  • Breaking: the admin API replaces forceSetCertificateStatus with forceEditCertificate, which takes a certificate ID, a process-now=true|false flag, and structured operations such as set-status,from=InError,to=Candidate or set-settlement-tx-hash,from=0x...,to=null. Update any operator tooling that called the previous endpoint (#1159)
  • Breaking: prover transport is now gRPC-only. The prover_entrypoint config key is removed and the [grpc] block is mandatory; prover references a ProverType from the provers repository (#1195)
  • Breaking: the [extra-certificate-signer] configuration variable is removed; drop the matching block from deployment configs (#1206)
  • Default settlement confirmations raised from 1 to 12. Deployments that set this parameter explicitly are unaffected; deployments relying on the default now wait 12 blocks before processing a settlement (#1470)
June 8, 2026
Trails
Trails ships SDK v0.16.1 with Hyperlane and LayerZero Value Transfer routes, the Open Intents Framework as a route option, the OMS Wallet widget theme, and a dedicated recovery flow for stuck intents. EVM↔Solana edge support has merged to master and is in QA ahead of a follow-up release.

New

  • Hyperlane routes: Trails routes can now traverse Hyperlane Warp Routes, including first-party USDC HWR support across Arbitrum, Base, Polygon, Ethereum, and Katana. Hyperlane is enabled in AUTO routing with market-rate fee estimation, supports EXACT_INPUT trades, and includes destination-collateral checks, worker recovery, and underfunded-deposit refund handling.
  • LayerZero Value Transfer (LZ_TRANSFER) routes: a new route provider built on the LayerZero Value Transfer API replaces the deprecated lz_stargate route. The widget exposes it as a selectable bridge option.
  • Open Intents Framework (OIF) routes: OIF is wired in as a route provider, with an expired-order refund worker, explicit rejection of partial-fill quotes, and demo coverage for ETH USDC → Katana USDC.
  • OMS Wallet widget theme: a new widget theme aligned with OMS Wallet, including a refreshed selected-wallet background.
  • Recover funds screen: a dedicated screen in intent history for recovering stuck funds, replacing the prior inline recovery surface. Edge wallet intents are now included in history.
  • Fund exact output: funding flows can now target an exact output amount.
  • Recent chains in the chain selector: previously used chains surface at the top of the chain selector.
  • Token selector refresh: a refresh control on the token selector reloads token lists inline.
  • Widget chain and token filtering: new supportedChains and supportedTokensByChain widget props let integrators restrict the chains and tokens shown to users.
  • GetEdges discovery API: a new RPC enumerates enabled edge rails so integrators can discover available cross-chain routes at runtime.
  • Intent history filters: history and search now accept edge address, rail, mode, provider, and participant-address filters.
  • Edge metadata on intent endpoints: intent receipts now include IntentEdgeMetadata with EdgeStatus, refund transaction hashes, and rail metadata.
  • Same-chain “Swap & Receive” label: same-chain terminal swap steps are labeled clearly in transaction summaries.
  • Wagmi auto-detection: the widget detects an active wagmi provider without explicit adapter configuration.
  • Composable action resolver APIs: the composable-action resolver helpers are now exported for integrator use. See the Trails docs.
  • Somnia chain support: Somnia is supported as a route destination, including USDC.eUSDso swaps and SOMI OFT routes for cross-chain SOMI transfers, with refreshed SOMI branding in the widget.
  • EVM↔Solana edge support (in QA): end-to-end EVM↔Solana intents are merged to master and available in the dev demo, with SVM wallet auto-detection, Solana-standard wallet support, Solana funding and settings rows, Solana-side refund and failure handling, and server-side edge execution via a new edge monitor worker. Targeting a follow-up SDK release once QA completes.

Updated

  • Hyperlane fee breakdown: Hyperlane now shows as a Bridge rather than a Swap in the fee breakdown.
  • WETH passthrough: self-wrap and self-unwrap quote shapes are now supported through passthrough.
  • lz_stargate removed: the deprecated lz_stargate route provider has been removed in favor of LZ_TRANSFER.
  • xai and blast chains removed: both chains are no longer supported by the Trails SDK.
  • Widget input scope tightened: from.currency is restricted to fiat and from.token to ERC-20 in the widget.
  • Multi-swap route discovery: routing now discovers multi-swap routes through intermediary tokens, broadening coverage.
  • GetEarnPools chain list: refreshed list of chains exposed by the earn-pools endpoint.
  • WaitIntentReceipt synthesis: receipts are now synthesized from intent state when no receipt row exists, removing a class of “pending” hangs.

Fixed

  • Polygon USDT permit: salt-based EIP-712 domain handling now works correctly for the Polygon USDT permit flow.
  • EVM signer resolution: quote requests now resolve the EVM signer address when a wallet session is connected but walletClient is still null (for example, MetaMask on Polygon before wagmi materializes the client).
  • Embedded wallet approval prompt: the “Please approve…” prompt is hidden for embedded wallets, including OMS Wallet.
  • Embedded wallet intent recovery: resolves a recovery hang for embedded wallets on v1 intents.
  • Quote owner resolution: the connected EVM wallet is always used as the quote owner; the recipient address is never substituted.
  • Quote route provider fee labels: corrected labels for route provider fees in quote breakdowns.
  • Fund method disabled state: unlisted fund methods now render as disabled rather than enabled.
  • WalletConnect recovery flow: the WalletConnect recovery flow now completes without stalling.
  • WalletConnect funding: WalletConnect funding now redirects to token selection and exposes a disconnect button. WalletConnect wallets are also shown when direct-transfer is hidden from fund methods.
  • Native wallet reconnect on reload: native wallet sessions now reconnect on page reload.
  • Recovery fee options: fee options no longer break for WaaS wallets in the recovery flow.
  • v1.5 depositSignature: v1-only fields in depositSignature are now guarded for v1.5 compatibility.
  • Credit-card flow placeholder: fund amount placeholder text fixed in the credit-card flow.
  • SDK edge sends: the SDK no longer auto-executes intents after an edge deposit; server workers handle execution.
  • Same-chain quote math: fixed PriceImpactUSD, native token normalization, and EXACT_INPUT calldata for same-chain quotes.
  • Edge quote timeout: intents now abort cleanly on edge quote timeout.
  • Fee caps: exact-input fees are capped to the residual amount, and CollectorFeeCap is scoped to EXACT_OUTPUT to fix an EXACT_INPUT bridge gas regression.
  • Edge worker transaction hashes: init and refund transaction hashes now persist correctly through worker updates.
  • Token decimals cache: scoped by chain to prevent cross-chain collisions.
  • Deposit transfer logs: matching deposit transfer logs are summed instead of taking the first match.
  • Outer approvals: redundant outer approvals are skipped for SDK-managed hydrateExecuteAndSweep multicalls.
  • Multi-swap recipients: replay of multi-swap intents now preserves the original per-step recipients.
  • Fee collector: corrected fee-collector validation, tokenlist fallthrough, and receipt-state edge cases.
  • Send-transaction destination context: corrected propagation of destination context for send-transaction calls.
June 8, 2026
OMS
The OMS public API expands the set of blockchain networks accepted for inbound transfers.

Updated

  • Inbound blockchain networks: the BlockchainInNetwork enum used by the deposit-address simulation endpoint (POST /deposit-addresses/{depositAddressId}/simulate) now accepts INK and SUI in addition to BASE, ETHEREUM, and SOLANA. Integrators using the deposit-address flow can now simulate inbound USDC, USDT, or USAT transfers from Ink and Sui in sandbox.
June 1, 2026
Polygon PoS
Bor v2.7.2 through v2.8.2 ship across the lookback window, alongside heimdall v0.7.1, introducing an opt-in heimdall-to-bor gRPC transport, expanded tracing for state-sync transactions, several new operator flags, and a large set of consensus, miner, and bridge fixes.

New

  • Heimdall-to-bor gRPC transport (opt-in): every bor-facing JSON-RPC now has a gRPC counterpart, selectable per-node via bor_grpc_flag in heimdall’s app.toml against bor’s new [grpc] config section. The GetBlockInfoInBatch call used in the consensus-critical ExtendVoteHandler path is around 4.4× faster on gRPC, and the wire path allocates 50 to 67 percent fewer bytes across the seven methods. Defaults are unchanged, and heimdall performs a startup hash-parity check across both transports before continuing.
  • State-sync transaction tracing: state-sync (bor bridge event) transactions are now first-class in the debug_* tracing RPCs, including debug_traceBlockByNumber, debug_traceBlockByHash, debug_traceTransaction, debug_traceChain, debug_traceCall, debug_intermediateRoots, and debug_standardTraceBlockToFile. A new wrapped tracing hook collects multiple bridge events under a single synthetic root call frame per state-sync transaction, so callTracer-class tracers see one root with N sub-calls instead of N independent traces. The legacy debug_traceBorBlock RPC method has been removed; switch any callers to debug_traceBlockByNumber or debug_traceBlockByHash.
  • p2p.nosnap config flag: decouples the local snapshot tree from serving the snap/1 p2p sub-protocol. Block producers can keep the flat-state snapshot enabled for fast local reads while declining to serve snap sync to peers, which removes unnecessary network and CPU overhead on validator boxes.
  • miner.disable-pending-block flag: disables the pending-block creation loop in miner/worker. RPC queries against the pending tag return nil. Intended for non-validator and serving nodes that do not need a pending block.
  • Builder-phase prefetch and new metrics: the builder pipeline now runs three additional, builder-synchronized prefetch phases (upfront plan scan, per-transaction forwarding, and freed-gas overflow), reducing cache-miss costs on contract-heavy blocks. New metrics include worker/prefetch/builder_added_percent and worker/txApplyDuration/{prefetched,notPrefetched}. Additional block-building timing metrics cover prepare-work duration, pending-transaction fetch time, and the count of header-time extensions.
  • Heimdall planned downtime can nominate a successor: MsgSetProducerDowntime now accepts an optional target_producer_id to nominate a specific replacement. If the target is invalid, inactive, or also down for the range, selection falls back to round-robin. Gated on a coordinated hard fork.
  • Heimdall deterministic state syncs: introduces height-pinned, one-block-delayed visibility for clerk events so that during heimdall halts pending events remain excluded and all validators derive identical query results. Activation is gated on visibilityTimeHeight, which is 0 (disabled) on all networks until the next hard fork is scheduled.
  • Heimdall bridge self-healing expanded: the bridge self-heal loop now recovers SignerChange and UnstakeInit events in addition to StakeUpdate, unified through a single combined subgraph query that returns the max L1 nonce across the three event types. Receipt validation now rejects reverted L1 transactions and logs emitted by unexpected contracts.
  • prepareProposalBudget in heimdall: implements an explicit time budget for proposal preparation in ABCI, bounding the work the proposer can do before block dissemination.

Updated

  • Witness filestore is now the default: the filesystem-backed witness storage is now enabled by default in bor’s CLI. Existing operators on the database-backed store continue to work; new nodes pick up the filestore without additional flags.
  • Witness configuration template hint: bor packaging templates now show [witness] with enable = false instead of the deprecated top-level witnessprotocol key, which the current parser no longer consumes. Update any custom configs that still use witnessprotocol.
  • rpc.batchlimit renamed to rpc.batch-request-limit: bor’s templates and example config now use rpc.batch-request-limit, matching the runtime parser. The previous rpc.batchlimit key was silently ignored, which could leave nodes on the default batch limit of 1000 unintentionally.
  • cache.triejournaldirectory is now wired end-to-end: operators who set this key in config.toml now get the configured directory respected. When unset, behavior is unchanged and the journal stays under <DATADIR>/triedb.
  • Heimdall pruning defaults retuned: the shipped config.toml now defaults indexer = "null" (cometbft transaction index disabled), with the pruning interval reduced from 3h to 10m and EnforcedMinRetainBlocks reduced from 2,500,000 to 2,000,000. The effect on a mainnet RPC node is around 23 GB freed at steady state and the elimination of large pruning bursts. Operators who do not use /tx or /tx_search can also reclaim around 43 GB by removing the existing tx_index.db after upgrading.
  • Heimdall bridge metric rename: the three self-heal Prometheus metrics moved into the heimdallv2 namespace and follow Prometheus naming conventions. self_healing_<chain>_StakeUpdate is now heimdallv2_self_healing_stake_events_processed_total, self_healing_<chain>_StateSynced is now heimdallv2_self_healing_state_syncs_processed_total, and self_healing_<chain>_NewHeaderBlock is now heimdallv2_self_healing_checkpoint_acks_processed_total. Update any dashboards or alerts that reference the old names.
  • Heimdall bridge performance: vote-extension processing now pre-fetches L1 receipts in a single batched RPC call, the root-chain listener uses an O(1) topic-to-event map instead of a per-log linear ABI scan, and the clerk mempool check uses the typed CometBFT RPC client.
  • Amoy bootnodes updated: bor’s compiled-in Amoy static peer list now points at the current set of Amoy bootnodes. Operators relying on the embedded list no longer need a manual override.
  • Heimdall mainnet seeds and persistent peers: refreshed to the current working set, so nodes regenerating their config pick up working peers without manual intervention.

Fixed

  • Bor recovers from milestone-mismatch forks without manual wipe: nodes that briefly forked off the canonical chain due to a heimdall startup hiccup or span propagation gap could enter a state where rewinding required canonical-chain blocks that the downloader refused to deliver, requiring an operator to wipe chain data. The mismatch-rewind path now resyncs the canonical segment from peers while still rejecting genuine sidechain ghost-state attacks.
  • Forkid wire-format change reverted: a change that included polygon-specific forks (Rio, Madhugiri, Dandeli, Lisovo, Giugliano, Chicago, others) in the eth p2p handshake forkid hash was reverted because changing the wire forkid is a breaking peer-to-peer change. Nodes running the changed code could not handshake with older bor peers. A future, coordinated rollout will reintroduce the fix gated on a fork block.
  • eth_estimateGas no longer fails on non-validator nodes: nodes whose configured signer is not in the active validator set previously returned “insufficient funds for transfer” against the pending block because Prepare() was failing on every block and the pending snapshot was never refreshed. Prepare() no longer fails for unauthorized signers; Seal() continues to reject blocks from unauthorized signers independently, so no invalid blocks can be produced.
  • Live tracing no longer conflicts with the miner: bor running with live tracing enabled could call live tracing hooks from the miner path once it reached live, causing problems. The miner now disables the tracer in its vm.Config so only block synchronization invokes the tracer.
  • Heimdall checkpoint submission off-by-one fixed: the bridge stopped submitting checkpoints to L1 after the indexer = "null" migration because the new tx-bytes lookup was passing the event’s block height instead of the height of the block that contained the checkpoint transaction. The lookup now uses height - 1, matching the invariant established by the side-tx post-handler running in the block after the one that included the message.
  • Heimdall producer downtime span off-by-one fixed: veBlop spans created by PostHandleSetProducerDowntime were one block longer than intended (6,401 instead of 6,400), causing overlaps with adjacent spans. Gated behind producerDowntimeSpanFixHeight to preserve pre-fork behavior.
  • (*Header).GetValidatorBytes no longer panics on short Extra: an exported helper used by indexers, light clients, and explorers panicked with slice bounds out of range when passed a header whose Extra field was shorter than 97 bytes on pre-Cancun configurations. The pre- and post-Cancun branches now share a single length guard and return nil for malformed input.
  • Witness size recovers when filesystem metadata and DB disagree: if a crash interrupted a witness write between renaming the file on disk and writing the size key to the DB, witness pagination paths could silently fail because ReadWitnessSize returned nil. The lookup now falls back to os.Stat on the witness file when DB metadata is missing.
  • Miner state-machine wedges closed: four silent stall paths in the producer state machine that could leak the pendingWorkBlock or pendingTasks map entry on edge cases (peer count zero during production, syncing-check early return, sealhash interrupt, full resultCh) are now plugged, with regression tests for each.
  • SpanStore.PurgeCache no longer races its own poll loop: a background poller could write a freshly purged span back into the cache before the next test read, producing intermittent CI flakes. The poll goroutine is now cancelled and waited on before state is reset.
  • Milestone websocket subscriber shuts down cleanly: the heimdall milestone subscriber outlived chainDb.Close() because it was launched with context.Background(). It now exits on the bor close channel, eliminating the burst of pebble: closed errors during shutdown.
May 30, 2026
AggLayer
AggLayer migrates the prover stack to SP1 v6, aggkit ships substantial exit-certificate recovery tooling, and operators get more configurable RPC behavior plus a slate of reliability fixes.

New

  • SP1 prover upgraded to v6 with backward-compatible reads of legacy v5 proofs and certificates, improving proof generation and verification performance during the migration window (#1525, #1545)
  • gRPC ingress now rejects certificates carrying non-writable SP1 proof versions with a dedicated UnsupportedProofVersion error instead of failing downstream (#1522)
  • Settlement service gains an auto-retry helper (retry_callback_until_success) that recovers from transient RPC errors instead of panicking (#1476)
  • aggkit exit-certificate tool: Step A is split into A1 (tracing) and A2 (receipt-recovery fallback), addressable individually or together via --step a1, a2, or a, with automatic migration of legacy output files (#1630)
  • aggkit exit-certificate tool: new stepAWindowSize option (default 5000) for independent Step A chunk sizing, and an abort-on-error mode that stops all workers on the first trace failure when ContinueOnTraceError=false. Trace errors now surface both the transaction hash and the underlying RPC message (#1629)
  • aggkit exit-certificate tool: targetBlock accepts finality keywords (LatestBlock, FinalizedBlock), decimal/hex values, and relative offsets like LatestBlock/-10. The resolved block is persisted and reused across resumed runs (#1627)
  • aggkit LET operator tooling: new craft-cert, send-cert --no-db, cert-status, and export-cert-exits subcommands, with stronger fallback diagnostics when aggsender bridge-exit data is unavailable (#1616, #1570)
  • aggkit RPC client: new BatchBlockHeaderRetrieval option lets operators disable batch header requests and fall back to sequential calls for nodes that do not support batching (#1601)

Updated

  • Per-epoch certificate rate limiting is restored: MAX_CERTIFICATE_PER_EPOCH and epoch-capacity gating in NetworkTask once again enforce one certificate per network per epoch (#1514)
  • aggsender startup recovery now requires a manual database wipe when local certificate state diverges from AggLayer, replacing the previous automatic reconciliation (#1570)
  • aggkit docs now document that event logs must be available from genesis and provide reth configuration for disabling receipt pruning to prevent historical sync failures (#1610)

Fixed

  • aggkit exit-certificate tool now patches ERC-20 balances correctly for smart-contract-locked exits in Step G, supporting both OpenZeppelin v4 (slot 0) and v5 (namespaced storage) layouts. Resolves ERC20InsufficientBalance errors during SC-locked exit processing (#1622)
  • aggkit Docker images now embed VERSION, GITREV, and GITBRANCH build metadata, so docker run aggkit version reports the correct values instead of empty fields (#1619, #1621)
  • aggkit l2gersync no longer emits ERROR-level logs for max-block-range responses that are already handled by automatic chunking (#1607)
  • aggkit ParseMaxRangeFromError now recognizes the query exceeds max block range RPC error format, so ClaimSyncer retries with chunked requests instead of failing (#1589)
  • aggkit bridge-call matching now filters debug trace frames to actual CALL operations only, ignoring DELEGATECALL, STATICCALL, CALLCODE, and untyped frames (#1609)
  • Pending certificate validation now uses the correct error type instead of CertificateCandidateError::UnexpectedHeight (#1289)
May 11, 2026
Trails
Trails ships composable actions, a token-first widget destination flow, auto-refresh for expired quotes, and a wide set of widget and SDK fixes.

New

  • Composable Actions: chain multiple destination calls into a single intent, with dynamic balance routing and support for multiple ERC-20 tokens in dynamic-amount slots. Integrators can sequence approvals, swaps, and custom calls inside one quote, with backend validation rejecting ambiguous recipient or passthrough configurations. See the Trails docs for usage.
  • Token-first widget destinations: widgets now accept token-specific destination lists, letting you configure a fixed set of destination tokens (and chains) that users can pick from. Persisted token selections survive across sessions.
  • Quote auto-refresh: expired quotes refresh automatically on the next user interaction before signing, so users no longer see an “Intent quote has expired” error in the pre-signing state. Refresh is suppressed once signing has begun.
  • Wallet runtime adapters: Trails wallet runtimes are now decoupled behind explicit adapters, giving integrators a cleaner extension point for embedding custom wallet stacks.
  • Configuration validation and offline recovery: intent configuration is now validated up front and cached locally, with pruning of stale entries. This enables offline recovery of in-flight intents.

Updated

  • Widget lifecycle callbacks renamed: onSwapComplete, onPaymentComplete, onFundingComplete, and onWithdrawComplete are now onSwapSuccess, onPaymentSuccess, onFundingSuccess, and onWithdrawSuccess for consistency. Update your widget props to match the new names.
  • WalletConnect: improved QR rendering, deep-link handling, and loading state in the WalletConnect flow.
  • Quote input: clearer error states when the input amount or token is invalid.
  • Send flow: destination chain now defaults to the connected wallet’s chain when no destination is specified.
  • Mesh exchange: mesh exchange queries can now run without a configured trailsApiUrl.
  • Receipt step ids: receipt step ids are now stable across renders, making them safer to use as React keys and analytics identifiers.
  • SDK packaging: improved compatibility with Node environments and better tree-shaking for smaller bundles. Server-side rendering with Trails actions is now safe.

Fixed

  • Fixed swap funding method selection so the chosen method is preserved across re-renders.
  • Fixed the receiver token picker losing account context when switching accounts.
  • Fixed chain-switch detection in the widget when users change networks mid-flow.
  • Fixed Privy wallet modes incorrectly rendering a ConnectKit button.
  • Fixed useQuote so QuoteError is available as a runtime value rather than a type-only export.
  • Fixed missing deposit transaction enrichment in intent history.
  • Wrapped errors now propagate via Error.cause, preserving the original stack and context for debugging.
  • Composable-action quotes now reject a top-level recipient (which is per-call only) and omit the quote recipient in earn mode.
  • Guarded against undefined details in UnknownRpcError checks to prevent spurious crashes.
  • Removed a duplicate Pay fallback path that could double-trigger the pay flow.
May 10, 2026
Agglayer
Agglayer adds gRPC-level SP1 proof version validation; aggkit ships configurable block header batching and fixes RPC range errors and bridge call trace matching.

New

  • gRPC ingress now rejects certificates carrying non-writable SP1 proof versions and returns a structured UnsupportedProofVersion error, giving integrators explicit feedback when submitting proofs built with unsupported versions
  • BatchBlockHeaderRetrieval is now configurable in [L1NetworkConfig.RPC] and [Common.L2RPC] in aggkit; set to false to disable batch RPC requests for endpoints that do not support them (v0.10.0-rc3)

Fixed

  • Node process no longer panics on corrupt certificate rows; storage decode failures now surface as CodecError::Serialization instead of unwinding the process
  • Pending certificate validation now returns the correct error type; previously reused CertificateCandidateError::UnexpectedHeight for a case it was not designed for
  • ClaimSyncer now recognizes the “query exceeds max block range” RPC error and automatically retries with smaller block ranges, preventing sync failures on restrictive RPC endpoints (aggkit v0.10.0-rc2, v0.8.3-rc2)
  • Bridge and claim sync debug traces now correctly match only CALL frames, preventing incorrect calldata extraction from DELEGATECALL, STATICCALL, or CALLCODE frames (aggkit v0.10.0-rc3, v0.8.3-rc3)
May 5, 2026
Agglayer
aggkit pre-releases add configurable RPC block header batching and improve bridge call trace accuracy; agglayer corrects error type semantics in pending certificate validation.

New

  • Batch block header retrieval is now configurable via RPCClientConfig in aggkit, letting operators control how many block headers are fetched per RPC call (v0.10.0-rc3)

Fixed

  • Pending certificate validation in agglayer now returns the correct error type; the code previously reused CertificateCandidateError::UnexpectedHeight, which is semantically reserved for epoch-context candidate certificates
  • aggkit no longer emits a spurious error log when l2gersync encounters a block range that exceeds the RPC provider limit (v0.10.0-rc3)
  • Bridge call matching in debug traces is corrected (aggkit v0.10.0-rc3, v0.8.3-rc3)
  • aggkit now parses query exceeds max block range responses from RPC providers and retries with a reduced range instead of surfacing an unhandled error (v0.10.0-rc2, v0.8.3-rc2)
May 1, 2026
POL
Two governance proposals targeting the validator reward schedule and payments revenue distribution were merged this week.

New

  • PIP-86 recalibrates CHECKPOINT_REWARD on the L1 StakeManager to hold annual POL emission at the 1% target (103,530,000 POL/yr) as Polygon Chain transitions to faster block times. The parameter decreases from 34,695.98 POL to 29,414.92 POL per checkpoint when block time moves to 1.75s (planned May 5), and to 25,212.79 POL per checkpoint at 1.5s (planned May 19). No contract upgrades are required; both changes execute via updateCheckpointReward() through the existing Governance contract.
  • PIP-87 proposes a fixed-cost payments program that gives payment companies predictable, fiat-denominated pricing for blockspace on Polygon. Revenue from the program is converted to stablecoins and distributed to validators and stakers via the existing PIP-65/82/85 framework, with a portion used to buy POL from the market for staker distribution and for the PIP-24 burn.
May 1, 2026
Polygon Chain
Bor v2.7.2 stable ships RPC fixes including re-enabling eth_simulateV1, with v2.7.3-beta adding private transaction relay improvements and critical fixes for memory growth and security landing on the development branch.

New

  • Added miner.disable-pending-block config option to disable the pending block creation loop; when set, all pending block RPC queries return nil

Updated

  • RPC gas cap is now bypassed only for internal system transactions; external eth_call and simulation requests are subject to the configured gas cap
  • Private transaction relay now purges stale transactions more aggressively using per-block-producer error tracking, preventing unbounded in-memory growth under sustained relay load

Fixed

  • eth_simulateV1 is re-enabled in v2.7.2; a context propagation error in the RPC path was causing the method to return incorrect results
  • Fixed exponential memory growth in the pathDB BFS preload path: the node-child enumeration was enqueuing all 16 nibble children regardless of node type, causing the visited map to grow as O(16^depth) and consuming up to 14 GB per goroutine on restart, stalling block import for up to two hours on archive and full nodes
  • Go runtime updated to 1.26.2, resolving 6 standard library CVEs in crypto/tls and crypto/x509 including a TLS 1.3 KeyUpdate denial-of-service and several certificate validation bypass issues
April 21, 2026
Trails
Trails API adds gas fee option selection to the intent flow, persists wallet configuration at quote time, and fixes a recovery issue for intents using custom address overrides.

New

  • Intents now support gas fee option selection. Specify fee options at quote time; the API validates the selected option against quoted options before execution, giving integrators explicit control over transaction costs.
  • Wallet configuration is now stored at quote time and returned with the quote response, enabling reliable intent recovery and re-execution across sessions.

Fixed

  • Recovery now correctly applies custom address overrides when deriving wallet context, preventing derived-address mismatches for intents configured with non-default addresses.
April 20, 2026
Trails
Trails SDK and widget ship smarter intent protocol defaults, better recipient handling, and improved error recovery.

New

  • The SDK now automatically resolves the best intent protocol version for each transaction. An explicit override, global config, or SDK default is checked in order, with a fallback to the API-provided default when the preferred version isn’t supported.

Updated

  • The widget highlights the recipient address when it differs from the sender, making it easier to spot send-to-other flows before confirming.
  • Expired quote errors now show a warning icon and offer a clear recovery path so users can retry without restarting the flow.

Fixed

  • Fixed an issue where the recipient address could go stale after switching wallets in the widget.
  • Fixed the add-wallet flow in the recipient selector so users can successfully add new recipient addresses.
April 16, 2026
Polygon Chain
Bor v2.7.1 stable ships opt-in EVM execution optimizations, database performance improvements, and a goroutine leak fix.

New

  • Added opt-in EVM execution optimization via --switch-dispatch CLI flag or EnableSwitchDispatch config option, introducing a fixed-size opcode stack and a switch-dispatch fast path for hot opcodes ported from GEVM

Updated

  • Tuned PebbleDB write path (1 MiB BytesPerSync, adaptive compaction) and increased PathDB state buffer to 2 GB with intelligent carry-over across flushes, reducing write stalls for archive and full nodes
  • Removed legacy UpdateDeps/GetDep DAG algorithm from BlockSTM, fully replaced by the DepsBuilder implementation

Fixed

  • Fixed goroutine leaks in the witness request path that caused unbounded memory growth when peers disconnected during parallel stateless import
April 16, 2026
Agglayer
aggkit fixes claim syncer startup block selection on empty databases.

Fixed

  • Claim syncer now determines its starting block from the earliest settled reference block (not the latest) when the database is empty on startup, preventing sync errors on fresh starts
April 10, 2026
Polygon Chain
Bor v2.7.1-beta ships transaction propagation improvements and an SRC buffer reduction, with additional RPC and monitoring fixes merged to the development branch.

Updated

  • Increased max transaction packet size from 100 KB to 1 MB, improving transaction propagation between peers
  • Reduced SRC buffer from 500ms to 100ms, allowing block producers to spend more time on transaction execution

Fixed

  • bor_getLogs and bor_getLatestLogs now correctly return state-sync logs from blocks produced before the Madhugiri upgrade
  • Prometheus _count metrics no longer reset to zero on each scrape, restoring correct rate(), increase(), and latency calculations for node operators
April 10, 2026
Wallets
The Polygon Wallet adds private token transfers and Yield vault support in the Earn tab.

New

  • Added end-to-end private send flow, including a dedicated status screen for deposit, withdraw, success, and failure states, and refreshed gas and privacy fee display with up to 4 decimal place precision
  • Added Yield vault support to the Earn tab
April 10, 2026
Agglayer
Agglayer raises the default settlement confirmation count to 12 for safer out-of-the-box deployments.
  • Default confirmations for L1 settlement increased from 1 to 12. Deployments that do not set this value explicitly are now safer by default.
April 10, 2026
Trails
Trails API adds a new option to suppress passthrough quotes from intent responses.
  • Added intents.disable_passthrough_quotes option. When set, the API omits passthrough quotes from intent results, giving integrators tighter control over which quote sources are returned.