Expedited Software Upgrade Proposal: IXO Chain v8.0.0

Original Proposal Text

## Summary "An expedited software upgrade to IXO Chain v8.0.0 is required to remediate a critical privately disclosed vulnerability. To minimize the risk of pre-upgrade exploitation, validators are requested to install the pre-built release binary and follow official upgrade instructions without prior public disclosure of the underlying defect. Full technical details, impact analysis, and remediation notes will be published after the v8 on-chain software-upgrade has executed successfully and the network has stabilized." Validators are requested to upgrade using the pre-built binary and associated release artifacts provided by the maintainers, following the operational instructions distributed through validator coordination channels. ## Proposal Type Software Upgrade Proposal. ## Requested Voting Path This proposal is submitted as an expedited proposal due to the security-sensitive nature of the required upgrade and the need to minimize the window of exposure. ## Upgrade Overview If passed, this proposal will schedule the IXO Chain v8.0.0 software upgrade at the designated upgrade height specified in the on-chain proposal. At the upgrade height: - Nodes running prior software versions will halt at the upgrade point. - Validators and full node operators must install the v8.0.0 binary and restart their nodes. - The chain will resume once a sufficient portion of voting power has upgraded and comes back online. The upgrade is designed to apply a security fix without disclosing exploit-enabling implementation details in advance. Full technical disclosure will follow after successful execution of the on-chain upgrade. ## Security Disclosure Approach This proposal intentionally withholds full technical details until after execution of the upgrade. This approach is necessary because premature disclosure would materially increase the risk of exploitation against validators, infrastructure operators, and ecosystem participants who have not yet upgraded. The network's security is best served by coordinating a time-bounded blind upgrade using trusted release artifacts, followed by a complete public post-upgrade disclosure. After the upgrade has executed successfully and the network is stable, maintainers will publish: - A technical description of the vulnerability. - Impacted components and attack conditions. - Remediation details included in v8.0.0. - Recommended follow-up actions for downstream integrators, auditors, and application developers. ## Validator Instructions Validators should prepare to: 1. Monitor official validator communication channels for the final upgrade height, binary checksum, and restart instructions. 2. Download the pre-built IXO Chain v8.0.0 binary from the official release channel. 3. Verify the published checksum or signature for the binary before installation. 4. Stop the running node process before the chain reaches the upgrade height, if required by the operator's deployment setup. 5. Install the v8.0.0 binary and restart promptly once the chain halts at the upgrade height. 6. Confirm successful startup, peer connectivity, and block production after restart. Validators are strongly encouraged not to delay upgrading, as any lag in coordinated adoption may extend downtime or weaken network safety during recovery. ## Rationale for Blind Upgrade Blind upgrades should be used sparingly. In this case, they are justified because: - The vulnerability is severe enough that advance public disclosure would create unnecessary exploit risk. - A pre-built binary enables fast, coordinated remediation across validator infrastructure. - The on-chain governance process preserves legitimacy and transparency at the decision layer, while postponing exploit details only until the network is protected. - A full retrospective disclosure will be provided after successful execution. ## Governance Request Token holders are asked to vote Yes on this expedited proposal to authorize the IXO Chain v8.0.0 software upgrade and enable validators to coordinate a secure, time-sensitive remediation.