Status: Technical fix approved; governance execution needed
Timeline: 21 days until client expiry triggers permanent freeze
Impact: $5M in tokens could be frozen
Technical Fix: https://github.com/polkadot-fellows/runtimes/pull/1073 (approved by @bkontur)
The Situation
On Feb 14, Hyperbridge transitioned to parathread status to utilise on-demand coretime. This exposed an unexpected but critical runtime limitation: the Polkadot BEEFY MMR excludes parathread data from the parachain heads root.
Because our BEEFY light clients cannot “see” our parathread state, they cannot verify transactions. We have maintained a safety pause since Feb 14 to protect user assets.
The 21-Day Security Cliff
Our BEEFY consensus clients, deployed across 12 external networks, feature a 21-day expiry window as a core security mechanism.
- The Risk: If the runtime fix is not executed before this window closes, the light clients will lose synchronization with the Relay Chain permanently.
- The Consequence: After 21 days, the light client expires permanently freezing the bridge
What We’re Asking
The runtime fix (PR #1073) is straightforward and has been approved by (@bkontur). However, standard governance lead times will likely exceed our 21-day safety window. We are requesting:
- Immediate Whitelisting: We request that the Fellowship fast-track this fix via a Whitelisted Caller track.
- Expedited Referendum: We urge the community to support an emergency referendum to restore interoperability before the client expiry.
