Introduction
This document outlines the standardized procedures for Ethereum protocol upgrades, covering development networks (devnets), test networks (testnets), and mainnet. It includes security reviews, fork preparations, testing protocols, and communication strategies to enhance network security and stability.
Key Components of the Upgrade Process
1. Core Principles
Timing Restrictions:
- Avoid major holidays or events for upgrades.
- No bundled upgrades; maintain a 14-day gap between testnet upgrades.
Client Readiness:
- Require 90% client consensus before proceeding.
- Assess infrastructure needs with All Core Developers (ACD).
2. EIP Management
Evaluation:
- External audits for complex EIPs.
- Compliance with EIP-7723 (e.g., test vectors).
Deadlines:
- Set cutoff dates for EIP inclusion.
- Mandate additional testing for significant EIP changes.
3. Network-Specific Procedures
Devnets:
- Short-lived; focus on targeted testing and interoperability.
Testnets:
- 30-day buffer between client readiness and deployment.
- Two successful testnet upgrades required before mainnet.
Mainnet:
- 30-day delay post-final testnet upgrade.
- Mirror testnet validation steps.
๐ Explore Ethereum's upgrade history
Validation and Security
Internal Reviews
Coordination:
- Dedicated Discord channels per EIP.
- Assign core developers to CFI/SFI EIPs.
Goals:
- Verify implementation accuracy.
- Continuous security audits.
External Audits
RFP Process:
- Solicit proposals for third-party reviews.
- Mandatory sign-off on findings.
Bug Bounty Integration
EF Program:
- Include upgrade-specific code at testnet readiness.
Contests:
- Post-review; end 3 weeks pre-mainnet.
Upgrade Verification
| Network | Key Activities |
|---|---|
| Devnets | Targeted EIP tests, stress scenarios |
| Testnets | Consensus checks, 48h stability monitoring |
| Mainnet | Identical to testnets |
๐ Learn about Ethereum's security
Incident Response Plan
Team Roles
| Role | Responsibilities |
|---|---|
| Client Coordinators | Diagnose client-specific issues |
| DevOps | Monitor network metrics |
| Communication | Community updates (120-min intervals) |
Severity Levels
- High: Chain splits, finality failure (immediate response).
- Medium: Partial outages (out-of-band fixes).
- Low: Minor bugs (next scheduled release).
Templates for Upgrades
## [Network] Upgrade Plan
### Team Assignments
| Client | Lead | Backup |
|----------|------------|-----------|
| Geth | Jane Doe | John Smith|
### Validation Checklist
- [ ] EIP-XXXX functional tests
- [ ] 32-epoch stability checkFAQ
Q: How long does a typical upgrade take?
A: Minimum 30 days from testnet readiness to mainnet deployment.
Q: What happens if an upgrade fails?
A: Incident review initiated; next testnet delayed by โฅ14 days.
Q: Are devnets mandatory?
A: No, but recommended for early-stage testing.