diff --git a/.changelog/4394.breaking.md b/.changelog/4394.breaking.md
deleted file mode 100644
index 13ce152c9a1..00000000000
--- a/.changelog/4394.breaking.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/registry: Remove support for DeprecatedBeacon
-
-The PVSS backend is no longer present in 22.x and so the field is now
-removed, and even genesis registrations without a VRF signing key will
-be rejected.
diff --git a/.changelog/4667.breaking.md b/.changelog/4667.breaking.md
deleted file mode 100644
index 9b241fb7385..00000000000
--- a/.changelog/4667.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus/tendermint/apps/beacon: Do gas accounting earlier
diff --git a/.changelog/4668.breaking.md b/.changelog/4668.breaking.md
deleted file mode 100644
index d51a429f778..00000000000
--- a/.changelog/4668.breaking.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/common/crypto/signature: Use ECVRF v16
-
-The IETF draft was updated, so use the newer method of calculating proofs.
-This is incompatible with the v10 proof derivation/verification, however
-beta values for a given input will be identical.
diff --git a/.changelog/4755.breaking.md b/.changelog/4755.breaking.md
deleted file mode 100644
index f4f3763cf41..00000000000
--- a/.changelog/4755.breaking.md
+++ /dev/null
@@ -1,9 +0,0 @@
-go/staking/api: Add BurnAddress
-
-Transfers to `oasis1qzq8u7xs328puu2jy524w3fygzs63rv3u5967970` will be
-treated as an explicit token burn (transfer amount deducted from the
-source's general balance and destroyed).
-
-The private key of the address is unknown, and the address is marked
-as reserved so the address can not be used as the source address for
-any transactions.
diff --git a/.changelog/4798.breaking.md b/.changelog/4798.breaking.md
deleted file mode 100644
index 550a69aca85..00000000000
--- a/.changelog/4798.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/consensus/tendermint: Fix liveness tracking for primary+backup
-
-In case a node is both primary and backup and doesn't submit a commit but
-there was no discrepancy, the node should still be treated as failed.
diff --git a/.changelog/4964.cfg.md b/.changelog/4964.cfg.md
deleted file mode 100644
index c1fc2d23cbb..00000000000
--- a/.changelog/4964.cfg.md
+++ /dev/null
@@ -1,35 +0,0 @@
-go/consensus/tendermint: Refactor seed node and peer addresses
-
-Until now a seed node was a Tendermint backend-specific construct which
-supported only one service. To provide support for other services we had
-to refactor the seed node and generalize peer addresses. This led to the
-following configuration changes.
-
-Seed nodes:
-
-- Tendermint seed mode setting `consensus.tendermint.mode:seed` was removed
-  and replaced with `mode:seed`. Full and archive modes remained intact and
-  can still be used in non-seed node configurations.
-
-Non-seed nodes:
-
-- Setting `consensus.tendermint.seed` was removed and replaced with
-  `p2p.seeds`.
-
-- Setting `consensus.tendermint.p2p.unconditional_peer_ids` was renamed to
-  `consensus.tendermint.p2p.unconditional_peer`.
-
-General:
-
-- Persistent peers and seed nodes' addresses were generalized to the form
-  `pubkey@IP:port` which affected settings `p2p.seeds`,
-  `consensus.tendermint.p2p.persistent_peer` and
-  `consensus.tendermint.sentry.upstream_address` (until now we used the
-  form `ID@IP:port`)
-
-- Similarly, peers are now identified through p2p public keys which affected
-  setting `consensus.tendermint.p2p.unconditional_peer` (until now we used
-  Tendermint IDs).
-
-Tendermint specific configuration of a seed node stayed the same. The node
-can still be tuned through `consensus.tendermint.p2p.*` settings.
diff --git a/.changelog/4981.feature.md b/.changelog/4981.feature.md
deleted file mode 100644
index ad7d1118ce3..00000000000
--- a/.changelog/4981.feature.md
+++ /dev/null
@@ -1,9 +0,0 @@
-go/p2p: Bootstrap libp2p peers using seed nodes
-
-Seed nodes can now bootstrap libp2p peers. Bootstrapping can be enabled or
-disabled using a new configuration setting named
-`p2p.discovery.bootstrap.enable`
-which can be used on seed nodes as well as non-seed nodes (e.g. clients,
-key managers). The latter can also configure how frequently peers are fetched
-from the seed nodes with
-`p2p.discovery.bootstrap.retention_period`.
diff --git a/.changelog/4995.feature.md b/.changelog/4995.feature.md
deleted file mode 100644
index 94de303a6b0..00000000000
--- a/.changelog/4995.feature.md
+++ /dev/null
@@ -1,9 +0,0 @@
-go/oasis-node: Always start libp2p node
-
-Validator nodes are currently not part of our P2P network as it consists
-only of nodes that have runtimes configured. Always starting the libp2p
-node will make them available for consensus-related services.
-
-As validators now participate in the p2p network, the configuration of
-publicly routable p2p addresses through `worker.p2p.addresses` flag is
-mandatory in a production setting.
diff --git a/.changelog/4996.cfg.md b/.changelog/4996.cfg.md
deleted file mode 100644
index a483c29f9ce..00000000000
--- a/.changelog/4996.cfg.md
+++ /dev/null
@@ -1,37 +0,0 @@
-go/worker/common/p2p: Refactor P2P package
-
-We are planning to use our P2P network not only for runtime but also for
-consensus-related services. Therefore, it makes sense to move the P2P package
-up in the hierarchy and rename its configuration flags.
-
-The following configuration changes were made to the p2p config flags:
-
-- Prefix `worker.` was dropped.
-
-- Flags for the same feature were grouped under the same prefix.
-
-- Flag `worker.client.addresses` was removed.
-
-Below is the list of modified flags that can be used to configure p2p network:
-
-- `p2p.port`
-
-- `p2p.registration.addresses`
-
-- `p2p.gossipsub.peer_outbound_queue_size`
-
-- `p2p.gossipsub.validate_queue_size`
-
-- `p2p.gossipsub.validate_concurrency`
-
-- `p2p.gossipsub.validate_throttle`
-
-- `p2p.connection_manager.max_num_peers`
-
-- `p2p.connection_manager.peer_grace_period`
-
-- `p2p.connection_manager.persistent_peers`
-
-- `p2p.connection_gater.blocked_peers`
-
-- `p2p.peer_manager.connectedness_low_water`
diff --git a/.changelog/4998.trivial.md b/.changelog/4998.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5000.feature.md b/.changelog/5000.feature.md
deleted file mode 100644
index 2632519dbbf..00000000000
--- a/.changelog/5000.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/p2p/rpc: add support for consensus-wide libp2p protocols
diff --git a/.changelog/5001.trivial.md b/.changelog/5001.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5002.internal.md b/.changelog/5002.internal.md
deleted file mode 100644
index 0f10ec6f7d7..00000000000
--- a/.changelog/5002.internal.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go/p2p: Improve peer manager's peer handling
-
-Peer manager currently connects to all nodes in the registry which has
-multiple drawbacks (connections get pruned, no protocol selection, no peer
-discovery). This should be changed so that peers are connected depending
-on the supported protocols and the number of peers in a protocol/topic
-should be regulated in a controlled fashion.
diff --git a/.changelog/5003.bugfix.md b/.changelog/5003.bugfix.md
deleted file mode 100644
index be8f94d8cdf..00000000000
--- a/.changelog/5003.bugfix.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/runtime/txpool: republish sooner if republish limit is reached
-
-This fixes a case where some portion of a batch of transaction would take a
-long time to be published if there are no new transactions incoming.
diff --git a/.changelog/5005.bugfix.1.md b/.changelog/5005.bugfix.1.md
deleted file mode 100644
index c3db957acbc..00000000000
--- a/.changelog/5005.bugfix.1.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/worker/common: Reorder state determination checks
-
-Otherwise the shown state would be misleading, e.g. showing that it is
-waiting for runtime host being provisioned while it is actually blocked
-in initialization like storage sync.
diff --git a/.changelog/5005.bugfix.2.md b/.changelog/5005.bugfix.2.md
deleted file mode 100644
index 552a10a62b9..00000000000
--- a/.changelog/5005.bugfix.2.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go/worker/storage: Fix case when checkpoint sync disabled but forced
-
-If checkpoint sync is disabled but sync has been forced (e.g. because
-the state at genesis is non-empty), we must request to sync the
-checkpoint at genesis as otherwise we will jump to a later state which
-may not be desired given that checkpoint sync has been explicitly
-disabled via config.
diff --git a/.changelog/5005.bugfix.3.md b/.changelog/5005.bugfix.3.md
deleted file mode 100644
index f0c9924acf2..00000000000
--- a/.changelog/5005.bugfix.3.md
+++ /dev/null
@@ -1 +0,0 @@
-go/storage/mkvs/checkpoint: Exclude initial version when pruning
diff --git a/.changelog/5005.bugfix.4.md b/.changelog/5005.bugfix.4.md
deleted file mode 100644
index 4b95b23f27b..00000000000
--- a/.changelog/5005.bugfix.4.md
+++ /dev/null
@@ -1 +0,0 @@
-go/p2p/rpc: Fix multi call dispatch to different peers
diff --git a/.changelog/5007.bugfix.1.md b/.changelog/5007.bugfix.1.md
deleted file mode 100644
index 996b2c084f1..00000000000
--- a/.changelog/5007.bugfix.1.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/p2p/rpc: Fix peer grading when context is canceled
-
-When method `CallMulti` finishes early, the requests in progress are canceled
-and unfairly recorded as failed.
diff --git a/.changelog/5007.bugfix.2.md b/.changelog/5007.bugfix.2.md
deleted file mode 100644
index 5adda41fb19..00000000000
--- a/.changelog/5007.bugfix.2.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/p2p/rpc: Fix memory leak when RPC multi call finishes early
-
-When method `CallMulti` finishes early, the result channel is never cleared.
-Therefore, the channel never closes and leaves one go routine hanging.
diff --git a/.changelog/5007.internal.md b/.changelog/5007.internal.md
deleted file mode 100644
index d8120332eb1..00000000000
--- a/.changelog/5007.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/p2p/rpc: Refactor RPC calls
-
-Peer manager and RPC client are too tightly coupled. The client also doesn't
-support simple RPC calls which call exactly one peer.
diff --git a/.changelog/5008.bugfix.md b/.changelog/5008.bugfix.md
deleted file mode 100644
index cbbbced8212..00000000000
--- a/.changelog/5008.bugfix.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/common/workerpool: Fix memory leak when workerpool is stopped early
-
-When workerpool si stopped, the job channel might still contain jobs which
-haven't been processed. Therefore, the channel never closes and leaves one
-go routine hanging.
diff --git a/.changelog/5011.feature.md b/.changelog/5011.feature.md
deleted file mode 100644
index e182e815046..00000000000
--- a/.changelog/5011.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus/tendermint/apps/staking: Reduce DelegationsTo scanning
diff --git a/.changelog/5012.breaking.md b/.changelog/5012.breaking.md
deleted file mode 100644
index 000649abfb0..00000000000
--- a/.changelog/5012.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/registry: validate SoftwareVersion field in node descriptor
diff --git a/.changelog/5015.trivial.md b/.changelog/5015.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5016.breaking.md b/.changelog/5016.breaking.md
deleted file mode 100644
index 76f23f7840a..00000000000
--- a/.changelog/5016.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-staking: specify slashed debonding amount in TakeEscrowEvent
-
-The event contains a new field; clients that do not need it
-can safely ignore it.
diff --git a/.changelog/5016.feature.md b/.changelog/5016.feature.md
deleted file mode 100644
index 689293a678d..00000000000
--- a/.changelog/5016.feature.md
+++ /dev/null
@@ -1,5 +0,0 @@
-staking: specify slashed debonding amount in TakeEscrowEvent
-
-The newly introduced field lets observers distinguish how much
-was slashed from the active escrow pool and how much from the
-debonding escrow pool.
diff --git a/.changelog/5018.trivial.md b/.changelog/5018.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5021.breaking.md b/.changelog/5021.breaking.md
deleted file mode 100644
index d0b04fc4faa..00000000000
--- a/.changelog/5021.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-roothash: Support governance actions via roothash messages
-
-This will allow runtimes to vote on and submit consensus governance
-proposals.
diff --git a/.changelog/5022.feature.md b/.changelog/5022.feature.md
deleted file mode 100644
index fee22b1001f..00000000000
--- a/.changelog/5022.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/staking: reduce DebondingDelegationsFor scanning
diff --git a/.changelog/5023.breaking.md b/.changelog/5023.breaking.md
deleted file mode 100644
index b517764afb0..00000000000
--- a/.changelog/5023.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: efficient `DelegationsFor` query
-
-A reverse delegation mapping is added to the staking state that makes
-querying outgoing delegations efficient.
diff --git a/.changelog/5024.internal.md b/.changelog/5024.internal.md
deleted file mode 100644
index 9d668b0fba1..00000000000
--- a/.changelog/5024.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Ignore CVE-2022-44797 until tendermint uses newer btcd
diff --git a/.changelog/5025.breaking.md b/.changelog/5025.breaking.md
deleted file mode 100644
index eb5d4ea3c14..00000000000
--- a/.changelog/5025.breaking.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/p2p: Include chain context in p2p protocol names
-
-Chain context was included in p2p protocol and topic names as until now
-it was impossible to distinguish mainnet and testnet names from each other.
-Unique names will also ease peer discovery as now we can use one seed node
-for multiple nets.
diff --git a/.changelog/5026.internal.md b/.changelog/5026.internal.md
deleted file mode 100644
index 799586463e5..00000000000
--- a/.changelog/5026.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.25.1, go-libp2p-pubsub to 0.9.0
diff --git a/.changelog/5029.internal.md b/.changelog/5029.internal.md
deleted file mode 100644
index 53556cfb374..00000000000
--- a/.changelog/5029.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: update dependencies
diff --git a/.changelog/5030.internal.md b/.changelog/5030.internal.md
deleted file mode 100644
index 74a2a9583c6..00000000000
--- a/.changelog/5030.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-Bump Go to 1.19.3
diff --git a/.changelog/5031.internal.md b/.changelog/5031.internal.md
deleted file mode 100644
index 27770a0cf9c..00000000000
--- a/.changelog/5031.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-rust: update dependencies
diff --git a/.changelog/5032.trivial.md b/.changelog/5032.trivial.md
deleted file mode 100644
index bb245bba97d..00000000000
--- a/.changelog/5032.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-docs: Fix broken link to tendermint transaction format
diff --git a/.changelog/5033.internal.md b/.changelog/5033.internal.md
deleted file mode 100644
index 78e78581402..00000000000
--- a/.changelog/5033.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump Tendermint to v0.34.23
diff --git a/.changelog/5034.breaking.md b/.changelog/5034.breaking.md
deleted file mode 100644
index 2fe6c877cdf..00000000000
--- a/.changelog/5034.breaking.md
+++ /dev/null
@@ -1,9 +0,0 @@
-governance: Support delegator votes
-
-Adds support for delegators to vote and override the validator votes as
-described in [ADR 0020].
-
-<!-- markdownlint-disable line-length -->
-[ADR 0020]:
-  https://github.com/oasisprotocol/adrs/blob/main/0020-governance-delegator-votes.md
-<!-- markdownlint-enable line-length -->
diff --git a/.changelog/5035.internal.md b/.changelog/5035.internal.md
deleted file mode 100644
index 2bf64e3dcc8..00000000000
--- a/.changelog/5035.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump oasis-cbor to 0.5.1
diff --git a/.changelog/5037.internal.md b/.changelog/5037.internal.md
deleted file mode 100644
index dde43427b99..00000000000
--- a/.changelog/5037.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tendermint-rs to 0.29.0
diff --git a/.changelog/5038.breaking.md b/.changelog/5038.breaking.md
deleted file mode 100644
index e000eab3476..00000000000
--- a/.changelog/5038.breaking.md
+++ /dev/null
@@ -1,10 +0,0 @@
-go/common/sgx/pcs: Add support for blacklisting FMSPCs
-
-PCS quote policy now supports blacklisting of FMSPCs. Quotes with blacklisted
-FMSPC description of the TCB of the platform a runtime enclave is running
-on won't get verified and remote attestation will fail. This is specially
-useful if we want to block CPUs or platforms which security vulnerability
-has just been exposed. FMSPCs can be added or removed from the global
-default quote policy by changing registry parameter `TEEFeatures` via change
-parameters proposals. The blacklist can also be overridden per-runtime in SGX
-constraints.
diff --git a/.changelog/5049.feature.md b/.changelog/5049.feature.md
deleted file mode 100644
index 46369d33318..00000000000
--- a/.changelog/5049.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-registry: Add MaxRuntimeDeployments parameter
diff --git a/.changelog/5050.breaking.1.md b/.changelog/5050.breaking.1.md
deleted file mode 100644
index b0d0814ffcb..00000000000
--- a/.changelog/5050.breaking.1.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/scheduler: include entity IDs in consensus validators state
-
-Validator lists in scheduler consensus state now include entity and node
-identifiers.
diff --git a/.changelog/5050.breaking.2.md b/.changelog/5050.breaking.2.md
deleted file mode 100644
index abedcbac453..00000000000
--- a/.changelog/5050.breaking.2.md
+++ /dev/null
@@ -1 +0,0 @@
-`EntityID` is added to items in scheduler `GetValidators` API response
diff --git a/.changelog/5053.bugfix.md b/.changelog/5053.bugfix.md
deleted file mode 100644
index 0345d820157..00000000000
--- a/.changelog/5053.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Properly handle state root verification on backup nodes
diff --git a/.changelog/5055.breaking.md b/.changelog/5055.breaking.md
deleted file mode 100644
index 7aed8bbe7c2..00000000000
--- a/.changelog/5055.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/consensus: Always return ErrInvalidArgument on tx deserialization failures
-
-Before, some modules were returning non-specific errors on tx deserialization
-failures, which resulted in them being assigned to module "unknown", code 1.
diff --git a/.changelog/5056.breaking.md b/.changelog/5056.breaking.md
deleted file mode 100644
index 6734ec2936e..00000000000
--- a/.changelog/5056.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: Limit maximum allowance amount based on total supply
-
-Request for updating allowance above total supply now fails with
-`ErrAllowanceGreaterThanSupply`.
diff --git a/.changelog/5057.trivial.md b/.changelog/5057.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5066.breaking.md b/.changelog/5066.breaking.md
deleted file mode 100644
index 5499c1e361c..00000000000
--- a/.changelog/5066.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus/keymanager: Skip expired nodes
diff --git a/.changelog/5068.bugfix.md b/.changelog/5068.bugfix.md
deleted file mode 100644
index 23b223ae822..00000000000
--- a/.changelog/5068.bugfix.md
+++ /dev/null
@@ -1,11 +0,0 @@
-runtime/consensus/tendermint/verifier: Correctly compare headers
-
-Since the store may have an earlier (non-canonical, but valid) version
-of the block available, we need to only compare the actual header and
-not the commits/signatures.
-
-This is because it can happen that during the immediate sync the light
-block does not yet contain all of the commits (but only just enough to
-be valid, e.g. 2/3+) and this gets stored in the light block store.
-Later on (e.g. during a query) the presented light block may have the
-full set of commits.
diff --git a/.changelog/5070.cfg.md b/.changelog/5070.cfg.md
deleted file mode 100644
index 4e88bf4690f..00000000000
--- a/.changelog/5070.cfg.md
+++ /dev/null
@@ -1,99 +0,0 @@
-Configuration changes
-
-The node now supports a configuration file that holds all the settings
-that were previously available via command-line options.
-The command-line options themselves have been removed in favor of
-the config file.
-
-The config file supports environment variable substitution using
-the `envsubst` package
-([usage information](https://github.com/a8m/envsubst#docs)).
-
-The following options have been removed:
-
-- `consensus.tendermint.mode` in favor of using the global node mode (`mode`).
-
-- `runtime.mode` in favor of using the global node mode (`mode`).
-
-- `worker.client.port` as it is no longer needed.
-
-- `worker.registration.force_register` as it is deprecated.
-
-The following options have been renamed:
-
-- `datadir` to `common.data_dir`.
-
-- `log.file` to `common.log.file`.
-
-- `log.format` to `common.log.format`.
-
-- `log.level` to `common.log.level`.  The log level is now a map of module
-to log level.  Use the `default` module to map the default log level.
-
-- `debug.rlimit` to `common.debug.rlimit`.
-
-- `debug.allow_root` to `common.debug.allow_root`.
-
-- `pprof.bind` to `pprof.bind_address`.
-
-- `consensus.tendermint.*` to `consensus.*`.
-
-- `consensus.tendermint.core.listen_address` to `consensus.listen_address`.
-
-- `consensus.tendermint.core.external_address` to
-`consensus.external_address`.
-
-- `consensus.tendermint.log.debug` to `consensus.log_debug`.
-
-- `consensus.tendermint.light_client.trust_period` to
-`consensus.state_sync.trust_period`.
-
-- `consensus.tendermint.seed.debug.disable_addr_book_from_genesis` to
-`consensus.debug.disable_addr_book_from_genesis`.
-
-- `consensus.tendermint.sentry.upstream_address` to
-`consensus.sentry_upstream_addresses`.
-
-- `consensus.tendermint.upgrade.stop_delay` to
-`consensus.upgrade_stop_delay`.
-
-- `consensus.tendermint.supplementarysanity.*` to
-`consensus.supplementary_sanity.*`.
-
-- `consensus.tendermint.p2p.persistent_peer` to
-`consensus.p2p.persistent_peers`.
-
-- `consensus.tendermint.p2p.unconditional_peer` to
-`consensus.p2p.unconditional_peers`.
-
-- `ias.proxy.address` to `ias.proxy_addresses`.
-
-- `ias.debug.skip_verify` to `ias.debug_skip_verify`.
-
-- `runtime.sandbox.binary` to `runtime.sandbox_binary`.
-
-- `runtime.sgx.loader` to `runtime.sgx_loader`.
-
-- `runtime.history.pruner.*` to `runtime.history_pruner.*`.
-
-- `worker.sentry.addresses` to `runtime.sentry_addresses`.
-
-- `worker.tx_pool.*` to `runtime.tx_pool.*`.
-
-- `worker.keymanager.*` to `keymanager.*`.
-
-- `worker.keymanager.runtime.id` to `keymanager.runtime_id`.
-
-- `worker.registration.*` to `registration.*`.
-
-- `worker.sentry.*` to `sentry.*`.
-
-- `worker.sentry.control.authorized_pubkey` to
-`sentry.control.authorized_pubkeys`.
-
-- `worker.storage.*` to `storage.*`.
-
-- `worker.storage.public_rpc.enabled` to `storage.public_rpc_enabled`.
-
-- `worker.storage.checkpoint_sync.disabled` to
-`storage.checkpoint_sync_disabled`.
diff --git a/.changelog/5074.bugfix.md b/.changelog/5074.bugfix.md
deleted file mode 100644
index a42caa521af..00000000000
--- a/.changelog/5074.bugfix.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/control/status: Take storage into account for last retained round
-
-When local storage is available (e.g. in stateful nodes), the report should
-only include a round for which storage is available.
diff --git a/.changelog/5075.internal.md b/.changelog/5075.internal.md
deleted file mode 100644
index f06d40d9212..00000000000
--- a/.changelog/5075.internal.md
+++ /dev/null
@@ -1,13 +0,0 @@
-runtime/src/enclave_rpc: Add support for insecure key manager RPC requests
-
-The key manager uses encrypted sessions to authenticate clients and protect
-sensitive data. The number of sessions is limited, thus susceptible to DoS
-attacks. A malicious client can establish multiple sessions in parallel,
-preventing other clients from making requests. Furthermore, since each
-session is encrypted, the exchanged messages cannot be read or modified.
-For public key requests this is not ideal as one would want to cache the
-responses locally and serve them to other clients to unburden the manager.
-Large quotes also cannot be removed from the exchanged messages if we are
-sure that the recipient can obtain them through some other means. Supporting
-insecure key manager RPC requests solves some of the before mentioned problems
-and leaves space for further optimizations.
diff --git a/.changelog/5078.trivial.md b/.changelog/5078.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5079.feature.md b/.changelog/5079.feature.md
deleted file mode 100644
index 9d36b4a67f2..00000000000
--- a/.changelog/5079.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/worker/keymanager: Show current key manager policy in the node status
diff --git a/.changelog/5080.feature.md b/.changelog/5080.feature.md
deleted file mode 100644
index c0b0af05c00..00000000000
--- a/.changelog/5080.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/worker/keymanager: Show global key manager status in node status
diff --git a/.changelog/5083.internal.md b/.changelog/5083.internal.md
deleted file mode 100644
index 9414f38c2d2..00000000000
--- a/.changelog/5083.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/p2p/PeerManager: enable subscribing to peer updates
-
-Adds `WatchUpdates` method to the `PeerManager` which allows subscribing to
-peer updates (peers being added or removed).
diff --git a/.changelog/5085.breaking.1.md b/.changelog/5085.breaking.1.md
deleted file mode 100644
index 9d99bde4bc2..00000000000
--- a/.changelog/5085.breaking.1.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus: Implement libp2p backed light client sync protocol
diff --git a/.changelog/5085.breaking.2.md b/.changelog/5085.breaking.2.md
deleted file mode 100644
index 464fca6a8bf..00000000000
--- a/.changelog/5085.breaking.2.md
+++ /dev/null
@@ -1,3 +0,0 @@
-go/consensus: Remove `consensus.LightClientBackend`
-
-All methods were merged into the `consensus.ClientBackend`.
diff --git a/.changelog/5085.cfg.md b/.changelog/5085.cfg.md
deleted file mode 100644
index fd7c2f4537b..00000000000
--- a/.changelog/5085.cfg.md
+++ /dev/null
@@ -1,4 +0,0 @@
-Use libp2p backed light client for Tendermint state sync
-
-The `"consensus.tendermint.state_sync.consensus_node"` flag is removed. P2P
-peers for state sync are automatically selected.
diff --git a/.changelog/5087.internal.md b/.changelog/5087.internal.md
deleted file mode 100644
index 799586463e5..00000000000
--- a/.changelog/5087.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.25.1, go-libp2p-pubsub to 0.9.0
diff --git a/.changelog/5088.breaking.1.md b/.changelog/5088.breaking.1.md
deleted file mode 100644
index f1903ce5142..00000000000
--- a/.changelog/5088.breaking.1.md
+++ /dev/null
@@ -1 +0,0 @@
-go/registry: event `RuntimeEvent` is renamed to `RuntimeStartedEvent`
diff --git a/.changelog/5088.breaking.2.md b/.changelog/5088.breaking.2.md
deleted file mode 100644
index f5d4ef0e170..00000000000
--- a/.changelog/5088.breaking.2.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/registry: Added `RuntimeSuspendedEvent`
-
-The event is emitted whenever an active runtime is suspended. On resume, the
-existing `RuntimeStartedEvent` is emitted.
diff --git a/.changelog/5088.feature.md b/.changelog/5088.feature.md
deleted file mode 100644
index ba87660851f..00000000000
--- a/.changelog/5088.feature.md
+++ /dev/null
@@ -1,3 +0,0 @@
-go/registry: Add WatchEvents method
-
-Method for following emitted registry event was added to the registry backend.
diff --git a/.changelog/5092.bugfix.md b/.changelog/5092.bugfix.md
deleted file mode 100644
index d5d05c8e37a..00000000000
--- a/.changelog/5092.bugfix.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/runtime/registry: Fix watching policy updates
-
-When multiple key managers were running, the last known status of the
-runtime's key manager was overwritten with each status update. On runtime
-(re)starts, this resulted in the wrong policy being set.
diff --git a/.changelog/5092.feature.md b/.changelog/5092.feature.md
deleted file mode 100644
index 644c3e2d2c2..00000000000
--- a/.changelog/5092.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime/src/enclave_rpc: Verify RPC quotes with key manager quote policy
diff --git a/.changelog/5094.internal.md b/.changelog/5094.internal.md
deleted file mode 100644
index 8f5fb8cfbad..00000000000
--- a/.changelog/5094.internal.md
+++ /dev/null
@@ -1,6 +0,0 @@
-runtime/src/protocol: Deserialize unknown rhp messages as invalid
-
-Runtime-host protocol terminated the reader thread when failed to deserialize
-a runtime message on the Rust side (e.g. when `Body` enum contained an unknown
-field). Decoding is now more robust as these messages are deserialized as
-invalid and latter discarded and logged as malformed by the handler.
diff --git a/.changelog/5095.internal.md b/.changelog/5095.internal.md
deleted file mode 100644
index 565a426645c..00000000000
--- a/.changelog/5095.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump golang.org/x/net to 0.13.0
diff --git a/.changelog/5098.trivial.md b/.changelog/5098.trivial.md
deleted file mode 100644
index 27892318804..00000000000
--- a/.changelog/5098.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-go/runtime/host/sgx: Fix SGX device search order
diff --git a/.changelog/5099.trivial.md b/.changelog/5099.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5100.breaking.1.md b/.changelog/5100.breaking.1.md
deleted file mode 100644
index 41cff4369a1..00000000000
--- a/.changelog/5100.breaking.1.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/registry: Remove Consensus RPC role from Node descriptors
-
-As of [#5085](https://github.com/oasisprotocol/oasis-core/pull/5085) the role
-is unused.
diff --git a/.changelog/5100.breaking.2.md b/.changelog/5100.breaking.2.md
deleted file mode 100644
index a976074321d..00000000000
--- a/.changelog/5100.breaking.2.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/registry: Remove TLS Addresses from Node descriptors
-
-As of [#5085](https://github.com/oasisprotocol/oasis-core/pull/5085) the TLS
-addresses are unused. Albeit also unused, the TLS public keys remain part
-of node descriptors.
diff --git a/.changelog/5100.internal.md b/.changelog/5100.internal.md
deleted file mode 100644
index f89d758d996..00000000000
--- a/.changelog/5100.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/grpc: remove unused gRPC code
-
-Removes a lot of unneeded gRPC code since no runtime or consensus protocols
-use it for communication anymore.
diff --git a/.changelog/5101.feature.md b/.changelog/5101.feature.md
deleted file mode 100644
index a93cbc8cfa6..00000000000
--- a/.changelog/5101.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-keymanager/src/client: Fetch public keys using insecure RPC requests
diff --git a/.changelog/5102.breaking.1.md b/.changelog/5102.breaking.1.md
deleted file mode 100644
index 251ec427b6f..00000000000
--- a/.changelog/5102.breaking.1.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: Add MinCommissionRate parameter
-
-Also included support for updating the parameter via
-`ConsensusParameterChanges` governance proposal.
diff --git a/.changelog/5102.breaking.2.md b/.changelog/5102.breaking.2.md
deleted file mode 100644
index 3606f53c4f8..00000000000
--- a/.changelog/5102.breaking.2.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: Add escrow requirement for updating commission schedule
-
-To prevent bloating the commission schedule state, the commission schedule can
-only be updated for entities with enough stake to register a validator node.
diff --git a/.changelog/5102.feature.md b/.changelog/5102.feature.md
deleted file mode 100644
index 2260fc60c70..00000000000
--- a/.changelog/5102.feature.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: Add `CommissionScheduleAddresses` method
-
-The new method returns addresses of accounts with non-empty commission
-schedule configured.
diff --git a/.changelog/5104.feature.md b/.changelog/5104.feature.md
deleted file mode 100644
index 51c83040568..00000000000
--- a/.changelog/5104.feature.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/consensus: Add missing early exits when simulating transactions
-
-Some transactions were missing the early exit after gas accounting when
-simulating transactions.
diff --git a/.changelog/5106.internal.md b/.changelog/5106.internal.md
deleted file mode 100644
index dde43427b99..00000000000
--- a/.changelog/5106.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tendermint-rs to 0.29.0
diff --git a/.changelog/5107.bugfix.md b/.changelog/5107.bugfix.md
deleted file mode 100644
index 09a9732a241..00000000000
--- a/.changelog/5107.bugfix.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go/consensus: Ensure state has the correct chain context
-
-Previously one could accidentally copy state from one network but use a
-genesis document from a different one, causing state corruption during
-Tendermint block replay.
-
-There is now a check to ensure we abort early.
diff --git a/.changelog/5108.feature.md b/.changelog/5108.feature.md
deleted file mode 100644
index 0b9af5539e4..00000000000
--- a/.changelog/5108.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/common/sgx/pcs: Add support for PCS v4 and TCB info v3
diff --git a/.changelog/5111.bugfix.md b/.changelog/5111.bugfix.md
deleted file mode 100644
index d995839f407..00000000000
--- a/.changelog/5111.bugfix.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/runtime/registry: Fix key manager (quote) policy updates
-
-When a key manager (quote) policy update fails, the host should retry the
-update until the policy is updated. For example, when using Tendermint as
-a backend service, the first update will always fail because the consensus
-verifier sees new blocks with a one-block delay.
diff --git a/.changelog/5112.breaking.md b/.changelog/5112.breaking.md
deleted file mode 100644
index 0315f897ee5..00000000000
--- a/.changelog/5112.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/registry: Add optional bundle checksum to runtime deployments
diff --git a/.changelog/5113.breaking.md b/.changelog/5113.breaking.md
deleted file mode 100644
index 61c62975384..00000000000
--- a/.changelog/5113.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/sgx/ias: Add support for blacklisting GIDs
diff --git a/.changelog/5114.breaking.md b/.changelog/5114.breaking.md
deleted file mode 100644
index dfa29e5e545..00000000000
--- a/.changelog/5114.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/registry: Support changing a runtime's owner
diff --git a/.changelog/5117.bugfix.md b/.changelog/5117.bugfix.md
deleted file mode 100644
index ff3d47cfa7d..00000000000
--- a/.changelog/5117.bugfix.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/tendermint: Change order of events returned from GetEvents()
-
-The new order reflects the order in which the events were
-generated during block execution.
diff --git a/.changelog/5120.internal.md b/.changelog/5120.internal.md
deleted file mode 100644
index 36d41639650..00000000000
--- a/.changelog/5120.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tokio to 1.29.1
diff --git a/.changelog/5121.internal.md b/.changelog/5121.internal.md
deleted file mode 100644
index 7b0d1989853..00000000000
--- a/.changelog/5121.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-crypto/x25519: Add type-safe X25519 private/public key types
diff --git a/.changelog/5123.bugfix.md b/.changelog/5123.bugfix.md
deleted file mode 100644
index 996e160af80..00000000000
--- a/.changelog/5123.bugfix.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/worker/client: Better handle latest round queries with verification
-
-When a query is requesting to be executed against the latest round and
-the runtime reports a consensus verifier error, use an earlier round
-instead as the latest round may not yet be verifiable by the light
-client as it needs to wait for the validator signatures.
diff --git a/.changelog/5125.feature.md b/.changelog/5125.feature.md
deleted file mode 100644
index 827fc9bbc11..00000000000
--- a/.changelog/5125.feature.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/common/node: Add runtime encryption key (REK)
-
-The new key allows enclaves to publish encrypted data on-chain to an enclave
-instance.
diff --git a/.changelog/5127.breaking.md b/.changelog/5127.breaking.md
deleted file mode 100644
index 589dd42e550..00000000000
--- a/.changelog/5127.breaking.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/common/node: Cleanup VRF configuration as it is mandatory
-
-Simplify types by removing the ability for a node's VRF to be nil. Note
-that in practice (e.g. in all existing deployments) it was already
-mandatory as registering a node without it set would always fail.
diff --git a/.changelog/5128.internal.md b/.changelog/5128.internal.md
deleted file mode 100644
index 73b675a69e3..00000000000
--- a/.changelog/5128.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Refactor consensus verifier predicates
diff --git a/.changelog/5131.internal.md b/.changelog/5131.internal.md
deleted file mode 100644
index 69d95e1137b..00000000000
--- a/.changelog/5131.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-ci: Explicitly use Ubuntu 22.04 for release builds
-
-This avoids the situation when ubuntu-latest gets changed to something
-else, possibly imposing a different set of dependencies.
diff --git a/.changelog/5134.bugfix.md b/.changelog/5134.bugfix.md
deleted file mode 100644
index 7e1c1dbd4ec..00000000000
--- a/.changelog/5134.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Fix verification of blocks between two trusted heights
diff --git a/.changelog/5135.internal.md b/.changelog/5135.internal.md
deleted file mode 100644
index e55605a93db..00000000000
--- a/.changelog/5135.internal.md
+++ /dev/null
@@ -1,6 +0,0 @@
-runtime/src/protocol: Remove consensus version compatibility check
-
-Consensus version check was a sanity check which didn't allow dump-restore
-upgrades. The removal did no harm as the consensus version was never
-authenticated and light clients use the verifier to check state compatibility
-and authenticity.
diff --git a/.changelog/5140.trivial.md b/.changelog/5140.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5141.internal.md b/.changelog/5141.internal.md
deleted file mode 100644
index a32c3136a3d..00000000000
--- a/.changelog/5141.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-docker: Bump base image to Ubuntu 22.04
diff --git a/.changelog/5146.internal.md b/.changelog/5146.internal.md
deleted file mode 100644
index 9c0d3149923..00000000000
--- a/.changelog/5146.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Attempt to flush buffers before aborting
diff --git a/.changelog/5148.bugfix.md b/.changelog/5148.bugfix.md
deleted file mode 100644
index f2eff964b23..00000000000
--- a/.changelog/5148.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Clear verification trace after block verification
diff --git a/.changelog/5149.internal.md b/.changelog/5149.internal.md
deleted file mode 100644
index fb4c4818a03..00000000000
--- a/.changelog/5149.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Simplify the LRU-backed consensus verifier light store
diff --git a/.changelog/5150.internal.md b/.changelog/5150.internal.md
deleted file mode 100644
index 984a0ebcc25..00000000000
--- a/.changelog/5150.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Reduce the size of the light block LRU store
diff --git a/.changelog/5155.trivial.md b/.changelog/5155.trivial.md
deleted file mode 100644
index 6d5f7de37b4..00000000000
--- a/.changelog/5155.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-Fix build documentation typo
diff --git a/.changelog/5156.feature.md b/.changelog/5156.feature.md
deleted file mode 100644
index 21f6b63e719..00000000000
--- a/.changelog/5156.feature.md
+++ /dev/null
@@ -1,7 +0,0 @@
-runtime/src/enclave_rpc: Support calls to explicit key manager members
-
-Key manager enclaves can now request a host to talk not only to a randomly
-chosen key manager instance, but also to a specific instance. The identity
-of the remote node is verified only in Noise sessions. In these, the enclave
-obtains the other instance's trusted RAK from the consensus layer and compares
-it to the one used throughout the session.
diff --git a/.changelog/5158.feature.md b/.changelog/5158.feature.md
deleted file mode 100644
index 798df16876d..00000000000
--- a/.changelog/5158.feature.md
+++ /dev/null
@@ -1,6 +0,0 @@
-keymanager: Add forward-secrecy to ephemeral keys
-
-Deriving ephemeral keys from the key manager's master secret did not guarantee
-forward secrecy. In order to fulfill this requirement, we needed ephemeral
-secrets that are randomly generated on every epoch and distributed securely
-amongst enclave executors.
diff --git a/.changelog/5159.bugfix.md b/.changelog/5159.bugfix.md
deleted file mode 100644
index 31722f98426..00000000000
--- a/.changelog/5159.bugfix.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/consensus/tendermint/apps/keymanager: Fix committee construction
-
-Previously, a node was added to the key manager committee if the node's first
-registered key manager runtime passed validation and matched the key manager
-status. From now on, all supported versions of the key manager runtime must
-pass this check.
diff --git a/.changelog/5160.bugfix.md b/.changelog/5160.bugfix.md
deleted file mode 100644
index 4027f624186..00000000000
--- a/.changelog/5160.bugfix.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/worker/client: Ensure block round is synced to storage
-
-Previously the transaction inclusion checks could attempt to inspect a
-block that the node has not yet synced, triggering an error.
diff --git a/.changelog/5161.bugfix.md b/.changelog/5161.bugfix.md
deleted file mode 100644
index 0d8fd6c9bd6..00000000000
--- a/.changelog/5161.bugfix.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go/worker/compute: Do not drop valid proposals
-
-Previously valid proposals could be dropped instead of being forwarded
-via the P2P gossip when the local node's consensus view was slightly
-behind even though the proposal was valid. With smaller committees and
-certain topologies this could result in some nodes not getting the
-proposals.
diff --git a/.changelog/5163.trivial.md b/.changelog/5163.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5166.breaking.md b/.changelog/5166.breaking.md
deleted file mode 100644
index 1515e45bc06..00000000000
--- a/.changelog/5166.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/keymanager/api: Move key manager gas costs
-
-Consensus parameters were added to the key manager state and key manager gas
-costs were moved from the registry state to the key manager state.
diff --git a/.changelog/5168.internal.md b/.changelog/5168.internal.md
deleted file mode 100644
index aeac857c665..00000000000
--- a/.changelog/5168.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus/supplementarysanity: Fix checks for legacy validators
diff --git a/.changelog/5169.trivial.md b/.changelog/5169.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5170.trivial.md b/.changelog/5170.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5171.trivial.md b/.changelog/5171.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5173.trivial.md b/.changelog/5173.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5176.trivial.md b/.changelog/5176.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5177.bugfix.md b/.changelog/5177.bugfix.md
deleted file mode 100644
index cb48e4e6429..00000000000
--- a/.changelog/5177.bugfix.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/registry/api: Fix node registration when TEE not available
-
-Previously, registration skipped the TEE hardware verification if a node
-registered without TEE capability.
diff --git a/.changelog/5180.internal.md b/.changelog/5180.internal.md
deleted file mode 100644
index 799586463e5..00000000000
--- a/.changelog/5180.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.25.1, go-libp2p-pubsub to 0.9.0
diff --git a/.changelog/5182.trivial.md b/.changelog/5182.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5187.bugfix.md b/.changelog/5187.bugfix.md
deleted file mode 100644
index 3266a25ee45..00000000000
--- a/.changelog/5187.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/runtime: Also re-attest based on MaxAttestationAge
diff --git a/.changelog/5188.feature.md b/.changelog/5188.feature.md
deleted file mode 100644
index f7fb695b766..00000000000
--- a/.changelog/5188.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/runtime: Reduce downtime for TEE runtime upgrades
diff --git a/.changelog/5190.internal.md b/.changelog/5190.internal.md
deleted file mode 100644
index dde43427b99..00000000000
--- a/.changelog/5190.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tendermint-rs to 0.29.0
diff --git a/.changelog/5191.internal.md b/.changelog/5191.internal.md
deleted file mode 100644
index 3abf301410e..00000000000
--- a/.changelog/5191.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-docker: Bump cargo-tarpaulin to 0.25.0
diff --git a/.changelog/5192.trivial.md b/.changelog/5192.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5194.trivial.md b/.changelog/5194.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5195.internal.md b/.changelog/5195.internal.md
deleted file mode 100644
index bca52ec9c36..00000000000
--- a/.changelog/5195.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p-pubsub to 0.9.1
diff --git a/.changelog/5196.feature.md b/.changelog/5196.feature.md
deleted file mode 100644
index 0a580ac2359..00000000000
--- a/.changelog/5196.feature.md
+++ /dev/null
@@ -1,58 +0,0 @@
-keymanager/src/runtime: Support master secret rotations
-
-Key managers now have the ability to rotate the master secret
-at predetermined intervals. Each rotation introduces a new generation,
-or version, of the master secret that is sequentially numbered, starting
-from zero. These rotations occur during key manager status updates, which
-typically happen during epoch transitions. To perform a rotation,
-one of the key manager enclaves must publish a proposal for the next
-generation of the master secret, which must then be replicated by
-the majority of enclaves. If the replication process is not completed
-by the end of the epoch, the proposal can be replaced with a new one.
-
-The following metrics have been added:
-
-- `oasis_worker_keymanager_consensus_ephemeral_secret_epoch_number`
-  is the epoch number of the latest ephemeral secret.
-
-- `oasis_worker_keymanager_consensus_master_secret_generation_number`
-  is the generation number of the latest master secret.
-
-- `oasis_worker_keymanager_consensus_master_secret_rotation_epoch_number`
-  is the epoch number of the latest master secret rotation.
-
-- `oasis_worker_keymanager_consensus_master_secret_proposal_generation_number`
-  is the generation number of the latest master secret proposal.
-
-- `oasis_worker_keymanager_consensus_master_secret_proposal_epoch_number`
-  is the epoch number of the latest master secret proposal.
-
-- `oasis_worker_keymanager_enclave_ephemeral_secret_epoch_number`
-  is the epoch number of the latest ephemeral secret loaded into the enclave.
-
-- `oasis_worker_keymanager_enclave_master_secret_generation_number`
-  is the generation number of the latest master secret as seen by the enclave.
-
-- `oasis_worker_keymanager_enclave_master_secret_proposal_generation_number`
-  is the generation number of the latest master secret proposal loaded
-  into the enclave.
-
-- `oasis_worker_keymanager_enclave_master_secret_proposal_epoch_number`
-  is the epoch number of the latest master secret proposal loaded
-  into the enclave.
-
-- `oasis_worker_keymanager_enclave_generated_master_secret_generation_number`
-  is the generation number of the latest master secret generated
-  by the enclave.
-
-- `oasis_worker_keymanager_enclave_generated_master_secret_epoch_number`
-  is the epoch number of the latest master secret generated by the enclave.
-
-- `oasis_worker_keymanager_enclave_generated_ephemeral_secret_epoch_number`
-  is the epoch number of the latest ephemeral secret generated by the enclave.
-
-The following metrics have had runtime labels added:
-
-- `oasis_worker_keymanager_compute_runtime_count`,
-
-- `oasis_worker_keymanager_policy_update_count`.
diff --git a/.changelog/5197.trivial.md b/.changelog/5197.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5198.internal.md b/.changelog/5198.internal.md
deleted file mode 100644
index 82d7ed0e330..00000000000
--- a/.changelog/5198.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-keymanager: Add support for master secret generations
-
-Refactored key manager's init method to be able to support multiple
-generations of the master secret.
diff --git a/.changelog/5199.internal.md b/.changelog/5199.internal.md
deleted file mode 100644
index 9727c36b480..00000000000
--- a/.changelog/5199.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go/keymanager/api: Add signed encrypted master secret
diff --git a/.changelog/5200.feature.md b/.changelog/5200.feature.md
deleted file mode 100644
index 86c21edf85b..00000000000
--- a/.changelog/5200.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-Move halt epoch from genesis to node-local configuration
diff --git a/.changelog/5201.internal.md b/.changelog/5201.internal.md
deleted file mode 100644
index 3a4ac664089..00000000000
--- a/.changelog/5201.internal.md
+++ /dev/null
@@ -1,3 +0,0 @@
-runtime: Always use host node ID when verifying freshness with RAK
-
-This avoids an initial scan over all the nodes in the registry.
diff --git a/.changelog/5204.feature.md b/.changelog/5204.feature.md
deleted file mode 100644
index ef2aa26b961..00000000000
--- a/.changelog/5204.feature.md
+++ /dev/null
@@ -1,6 +0,0 @@
-keymanager/src/runtime: Verify and modify init request
-
-The init request was never verified against the consensus layer state and,
-therefore, was not trustworthy. To make this request more informative and
-easily verifiable against consensus, it was extended to include all key
-manager status fields.
diff --git a/.changelog/5212.trivial.md b/.changelog/5212.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5213.internal.md b/.changelog/5213.internal.md
deleted file mode 100644
index 6500e59a2d1..00000000000
--- a/.changelog/5213.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-rust: Bump tempfile to 3.4.0
diff --git a/.changelog/5214.internal.md b/.changelog/5214.internal.md
deleted file mode 100644
index a87d50bb4c4..00000000000
--- a/.changelog/5214.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Use a limited multi-threaded Tokio runtime in SGX
diff --git a/.changelog/5215.internal.md b/.changelog/5215.internal.md
deleted file mode 100644
index ca0b0293c03..00000000000
--- a/.changelog/5215.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-keymanager: Support policies in unsafe builds
diff --git a/.changelog/5218.internal.md b/.changelog/5218.internal.md
deleted file mode 100644
index b049bc55556..00000000000
--- a/.changelog/5218.internal.md
+++ /dev/null
@@ -1,10 +0,0 @@
-go/worker/keymanager: Optimize enclave initialization
-
-Enclave initialization was moved into its own goroutine to avoid blocking
-the main loop of the key manager worker. Once initialization is completed,
-the resulting state of the enclave is compared to the latest key manager
-status. If the latter has changed, initialization is performed again.
-
-This will be useful when we deploy master secret rotation since new secrets
-may be generated while old secrets are being replicated which can result
-in an outdated state once initialization finishes.
diff --git a/.changelog/5220.internal.md b/.changelog/5220.internal.md
deleted file mode 100644
index 72ecebff5a3..00000000000
--- a/.changelog/5220.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Refactor Tokio runtime constructor
diff --git a/.changelog/5223.trivial.md b/.changelog/5223.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5224.internal.md b/.changelog/5224.internal.md
deleted file mode 100644
index 322d660c18f..00000000000
--- a/.changelog/5224.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-docker: Switch to ghcr.io for container registry
diff --git a/.changelog/5228.internal.md b/.changelog/5228.internal.md
deleted file mode 100644
index 3f665568b3c..00000000000
--- a/.changelog/5228.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-Bump Go to 1.20.2
diff --git a/.changelog/5233.trivial.md b/.changelog/5233.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5234.internal.md b/.changelog/5234.internal.md
deleted file mode 100644
index f69e2f280c2..00000000000
--- a/.changelog/5234.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tendermint-rs to 0.30.0
diff --git a/.changelog/5237.cfg.md b/.changelog/5237.cfg.md
deleted file mode 100644
index b3396400f00..00000000000
--- a/.changelog/5237.cfg.md
+++ /dev/null
@@ -1,21 +0,0 @@
-Configuration file migration
-
-To migrate your node's YAML config file from the old format
-to the new, you can use the node's `config migrate` subcommand.
-Pass the path to the old config file with `--in` and specify
-the new config file name with `--out`.
-
-For example:
-`oasis-node config migrate --in old.yaml --out new.yaml`.
-
-The migration subcommand logs the various changes it makes and
-warns you if a config option is no longer supported, etc.
-At the end, any unknown sections of the input config file are
-printed to the terminal to give you a chance to review them
-and make manual changes if required.
-
-Note that the migration subcommand does not preserve comments
-and order of sections from the input YAML config file.
-You should always carefully read the output of this command,
-as well as compare the generated config file with the
-original before using it.
diff --git a/.changelog/5237.internal.md b/.changelog/5237.internal.md
deleted file mode 100644
index 180b7aa669d..00000000000
--- a/.changelog/5237.internal.md
+++ /dev/null
@@ -1,12 +0,0 @@
-go/oasis-node/cmd/config: Add the migrate subcommand
-
-A new `migrate` subcommand is added to the node's `config`
-command.  This subcommand can be used to automatically migrate
-the old YAML config file into the new format introduced in
-commit 2a132b3.
-
-The subcommand logs the various changes it makes and warns the
-user if a config option is no longer supported, etc.
-At the end, any unknown sections of the input config file are
-printed to the terminal to give the user a chance to review
-them and make manual changes if appropriate.
diff --git a/.changelog/5239.bugfix.md b/.changelog/5239.bugfix.md
deleted file mode 100644
index 81ae7275f5d..00000000000
--- a/.changelog/5239.bugfix.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/runtime/host/sgx: Update QE target info during re-attestation
-
-This allows the node to continue working in case aesmd is upgraded while
-the node is running. In this case the Quoting Enclave identity can
-change and this requires the target info to be updated.
diff --git a/.changelog/5244.trivial.md b/.changelog/5244.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5245.feature.md b/.changelog/5245.feature.md
deleted file mode 100644
index 1393adafb7d..00000000000
--- a/.changelog/5245.feature.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go: Cache TCB bundles and lower refreshing frequency
-
-Mainly this means the node will make significantly fewer requests for
-fetching TCB bundles. Because these are now stored locally in the
-persistent store, this mechanism also enables a degree of tolerance
-against transient fetch failures in cases where a stored bundle is still
-valid.
diff --git a/.changelog/5246.trivial.md b/.changelog/5246.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5247.trivial.md b/.changelog/5247.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5248.bugfix.md b/.changelog/5248.bugfix.md
deleted file mode 100644
index ab3b2a78d04..00000000000
--- a/.changelog/5248.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/worker/client: Also treat literal latest round as latest
diff --git a/.changelog/5251.trivial.md b/.changelog/5251.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5252.trivial.md b/.changelog/5252.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5254.feature.md b/.changelog/5254.feature.md
deleted file mode 100644
index 17392b26d6f..00000000000
--- a/.changelog/5254.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/runtime/host/sgx: Add metrics for attestations
diff --git a/.changelog/5255.trivial.md b/.changelog/5255.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5256.feature.md b/.changelog/5256.feature.md
deleted file mode 100644
index 53ff21b8147..00000000000
--- a/.changelog/5256.feature.md
+++ /dev/null
@@ -1,13 +0,0 @@
-go/control/api: Improve node registration status clarity
-
-Three new fields have been added to the node's control status output
-under the registration status section:
-
-- `last_attempt_successful` - true if the last registration attempt
-succeeded.
-- `last_attempt_error_message` - error message if the last registration
-attempt failed.
-- `last_attempt` - time of the last registration attempt.
-
-Also, if the registration descriptor is expired, it is no longer
-shown in the output.
diff --git a/.changelog/5258.trivial.md b/.changelog/5258.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5259.trivial.md b/.changelog/5259.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5260.bugfix.md b/.changelog/5260.bugfix.md
deleted file mode 100644
index 7a0c2249aa2..00000000000
--- a/.changelog/5260.bugfix.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/worker/compute/executor: Do not propose batch on epoch transition
-
-Previously a compute node could propose a new batch just before the
-epoch transition happened, resulting in computation that will be
-discarded anyway.
diff --git a/.changelog/5261.breaking.md b/.changelog/5261.breaking.md
deleted file mode 100644
index 790c2bdac38..00000000000
--- a/.changelog/5261.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/roothash: Treat failure indications as stragglers
diff --git a/.changelog/5262.feature.md b/.changelog/5262.feature.md
deleted file mode 100644
index a08a9f7adfa..00000000000
--- a/.changelog/5262.feature.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/worker/storage: Add storage worker status message
-
-A status message that shows the current state of the storage worker
-was added to the node's storage worker's status output.
-This enables the node operator to quickly check if the storage worker
-is still initializing, syncing checkpoints, or syncing rounds.
diff --git a/.changelog/5264.feature.md b/.changelog/5264.feature.md
deleted file mode 100644
index 8d2a0f5d13a..00000000000
--- a/.changelog/5264.feature.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/worker/compute: Optimize backup worker commit submission
-
-Backup compute workers now observe any gossiped commitments and pre-empt
-consensus when it is obvious that there will be a discrepancy declared.
diff --git a/.changelog/5265.trivial.md b/.changelog/5265.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5267.feature.md b/.changelog/5267.feature.md
deleted file mode 100644
index d4199078231..00000000000
--- a/.changelog/5267.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-tests: Support cross-version upgrade tests
diff --git a/.changelog/5268.internal.md b/.changelog/5268.internal.md
deleted file mode 100644
index 7137cab1997..00000000000
--- a/.changelog/5268.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Switch to CometBFT v0.34.27
diff --git a/.changelog/5271.trivial.md b/.changelog/5271.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5272.internal.md b/.changelog/5272.internal.md
deleted file mode 100644
index a32dd44c7c4..00000000000
--- a/.changelog/5272.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go: Remove timecache replace directive in go.mod file
-
-The replace directive for github.com/whyrusleeping/timecache has been removed
-since the go-libp2p-pubsub library version 0.9.3 no longer utilizes it.
diff --git a/.changelog/5273.internal.md b/.changelog/5273.internal.md
deleted file mode 100644
index 4405a145cb1..00000000000
--- a/.changelog/5273.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go: Remove flatbuffers replace directive in go.mod file
-
-The replace directive for github.com/google/flatbuffers has been removed
-since the badger library version 3.2103.4 uses the same version 1.12.1.
diff --git a/.changelog/5274.breaking.md b/.changelog/5274.breaking.md
deleted file mode 100644
index 04322a64cae..00000000000
--- a/.changelog/5274.breaking.md
+++ /dev/null
@@ -1,12 +0,0 @@
-go/roothash: Optimize and refactor commitment pool processing
-
-The commitment pool processing has been optimized and refactored to improve
-code readability:
-
-- The discrepancy detection has been modified to immediately switch to
-  the resolution mode when two commits differ, eliminating the necessity
-  to wait for the proposer's commitment.
-
-- The discrepancy resolution process was redesigned to fail as soon
-  as it becomes evident that no group of votes can attain the majority,
-  such as when there are too many failures.
diff --git a/.changelog/5279.trivial.md b/.changelog/5279.trivial.md
deleted file mode 100644
index e137408c9fd..00000000000
--- a/.changelog/5279.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-docker/aesmd: Update Intel SGX package signing key
diff --git a/.changelog/5280.internal.md b/.changelog/5280.internal.md
deleted file mode 100644
index 00c8ffd2c15..00000000000
--- a/.changelog/5280.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump CometBFT to v0.37.1
diff --git a/.changelog/5282.breaking.md b/.changelog/5282.breaking.md
deleted file mode 100644
index 29895fea7b1..00000000000
--- a/.changelog/5282.breaking.md
+++ /dev/null
@@ -1,3 +0,0 @@
-go/roothash/commitment: Refactor executor commitment header
-
-The embedded compute results header struct has been changed to a field.
diff --git a/.changelog/5282.internal.md b/.changelog/5282.internal.md
deleted file mode 100644
index 1258442a546..00000000000
--- a/.changelog/5282.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-runtime/consensus/roothash: Implement executor commitment structures
-
-Structures and functions related to executor commitments were added
-in order to be used later for executor commitment verification.
diff --git a/.changelog/5283.trivial.md b/.changelog/5283.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5285.internal.md b/.changelog/5285.internal.md
deleted file mode 100644
index 08049ff9ed8..00000000000
--- a/.changelog/5285.internal.md
+++ /dev/null
@@ -1,6 +0,0 @@
-go/consensus/tendermint: Implement {Prepare,Process}Proposal
-
-This also makes the nodes execute the proposal in the prepare/process
-phase such that advanced modification (e.g. including meta transactions
-based on results) and validation (e.g. rejecting blocks with invalid
-transactions) becomes possible.
diff --git a/.changelog/5286.internal.md b/.changelog/5286.internal.md
deleted file mode 100644
index 89c47d5cbbd..00000000000
--- a/.changelog/5286.internal.md
+++ /dev/null
@@ -1,3 +0,0 @@
-go: Update fixgenesis command
-
-Make the fixgenesis command update a few more consensus parameters.
diff --git a/.changelog/5287.breaking.md b/.changelog/5287.breaking.md
deleted file mode 100644
index 632bc4147ea..00000000000
--- a/.changelog/5287.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/upgrade: Check all pending upgrades if we reached the upgrade epoch
diff --git a/.changelog/5287.trivial.md b/.changelog/5287.trivial.md
deleted file mode 100644
index 4193903fe6a..00000000000
--- a/.changelog/5287.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-go/upgrade: Clear completed upgrades before deleting state
diff --git a/.changelog/5289.bugfix.md b/.changelog/5289.bugfix.md
deleted file mode 100644
index f8a700d625e..00000000000
--- a/.changelog/5289.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/oasis-node/cmd/ias: Regenerate TLS certificate on startup
diff --git a/.changelog/5291.internal.md b/.changelog/5291.internal.md
deleted file mode 100644
index fb6d26591e2..00000000000
--- a/.changelog/5291.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Rename Tendermint to CometBFT
diff --git a/.changelog/5292.breaking.md b/.changelog/5292.breaking.md
deleted file mode 100644
index dd434d325e3..00000000000
--- a/.changelog/5292.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus: Add block metadata to allow same-block state validation
diff --git a/.changelog/5294.breaking.md b/.changelog/5294.breaking.md
deleted file mode 100644
index 081ca184110..00000000000
--- a/.changelog/5294.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/consensus: Add provable events
diff --git a/.changelog/5296.trivial.md b/.changelog/5296.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5297.internal.md b/.changelog/5297.internal.md
deleted file mode 100644
index da1f74d7621..00000000000
--- a/.changelog/5297.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.28.1
diff --git a/.changelog/5299.internal.md b/.changelog/5299.internal.md
deleted file mode 100644
index 04651347e4a..00000000000
--- a/.changelog/5299.internal.md
+++ /dev/null
@@ -1,8 +0,0 @@
-go/consensus/cometbft: Use generic data directory names
-
-The following subdirectories under the node's data directory have been
-renamed:
-
-- `tendermint` to `consensus`
-- `tendermint/abci-state` to `consensus/state`
-- `tendermint-seed` to `seed` (on seed nodes only)
diff --git a/.changelog/5300.feature.md b/.changelog/5300.feature.md
deleted file mode 100644
index b9bce0507e7..00000000000
--- a/.changelog/5300.feature.md
+++ /dev/null
@@ -1,5 +0,0 @@
-runtime/consensus/tendermint/verifier: Support same-block validation
-
-The post-execution state of the latest consensus block is now verified
-using the block metadata transaction, effectively eliminating any block
-delay for state verification.
diff --git a/.changelog/5301.feature.md b/.changelog/5301.feature.md
deleted file mode 100644
index b4ff984fb13..00000000000
--- a/.changelog/5301.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/control: Add runtime provisioner type to host status output
diff --git a/.changelog/5302.trivial.md b/.changelog/5302.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5303.trivial.md b/.changelog/5303.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5304.feature.md b/.changelog/5304.feature.md
deleted file mode 100644
index 5193928688c..00000000000
--- a/.changelog/5304.feature.md
+++ /dev/null
@@ -1,9 +0,0 @@
-go/oasis-test-runner: Run the test runner and scenarios for limited time
-
-The test runner and scenarios can now be configured to run for a limited
-duration using the following flags:
-
-- `timeout`: the maximum allowable total duration for all scenarios,
-
-- `scenario_timeout`: the maximum allowable duration for an individual
-  scenario.
diff --git a/.changelog/5306.internal.md b/.changelog/5306.internal.md
deleted file mode 100644
index 08baa1aeed1..00000000000
--- a/.changelog/5306.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump cometbft to v0.37.2-oasis1
diff --git a/.changelog/5307.internal.md b/.changelog/5307.internal.md
deleted file mode 100644
index af357ebd9b3..00000000000
--- a/.changelog/5307.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/oasis-test-runner: Build key manager runtime with trust root
-
-The runtime trust-root scenarios now build not only the simple key/value
-but also the key manager runtime with an embedded trust root.
diff --git a/.changelog/5311.trivial.md b/.changelog/5311.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5313.trivial.md b/.changelog/5313.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5316.trivial.md b/.changelog/5316.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5318.internal.md b/.changelog/5318.internal.md
deleted file mode 100644
index 05eb25aa557..00000000000
--- a/.changelog/5318.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go: Remove TLS certificate rotation
-
-We use libp2p for all communication now, so TLS certificate rotation is
-no longer needed.
diff --git a/.changelog/5319.bugfix.md b/.changelog/5319.bugfix.md
deleted file mode 100644
index 18b9b2d45d6..00000000000
--- a/.changelog/5319.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-staking: Fix reward distribution when common pool is exhausted
diff --git a/.changelog/5320.feature.md b/.changelog/5320.feature.md
deleted file mode 100644
index 7702a460397..00000000000
--- a/.changelog/5320.feature.md
+++ /dev/null
@@ -1,5 +0,0 @@
-go/worker/keymanager/status: Show active version of the km runtime
-
-The status of the key manager was updated to include a new attribute called
-`active_version`, which stores the version number of the currently deployed
-key manager runtime. If no deployment is active, the value is set to null.
diff --git a/.changelog/5321.bugfix.md b/.changelog/5321.bugfix.md
deleted file mode 100644
index 774e52df69d..00000000000
--- a/.changelog/5321.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/storage/mkvs: Fix commit of nil entries
diff --git a/.changelog/5323.trivial.md b/.changelog/5323.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5324.trivial.md b/.changelog/5324.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5325.internal.md b/.changelog/5325.internal.md
deleted file mode 100644
index fed54afa16d..00000000000
--- a/.changelog/5325.internal.md
+++ /dev/null
@@ -1,4 +0,0 @@
-tests/upgrade: Test master secrets
-
-The upgrade scenario was enhanced to test runtime and key manager upgrades,
-trust roots and master secret rotations.
diff --git a/.changelog/5326.bugfix.md b/.changelog/5326.bugfix.md
deleted file mode 100644
index 1c0d601efe8..00000000000
--- a/.changelog/5326.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-storage/sync: don't immediately trigger more round fetches on failures
diff --git a/.changelog/5327.feature.md b/.changelog/5327.feature.md
deleted file mode 100644
index 02f1a2710a0..00000000000
--- a/.changelog/5327.feature.md
+++ /dev/null
@@ -1,13 +0,0 @@
-go/p2p: implement various metrics collection
-
-The following Prometheus metrics were added:
-
-- `oasis_p2p_peers`
-- `oasis_p2p_blocked_peers`
-- `oasis_p2p_connections`
-- `oasis_p2p_topics`
-- `oasis_p2p_protocols`
-
-See [metrics documentation] for descriptions of metrics.
-
-[metrics documentation]: https://docs.oasis.io/core/oasis-node/metrics
diff --git a/.changelog/5330.internal.md b/.changelog/5330.internal.md
deleted file mode 100644
index 36d41639650..00000000000
--- a/.changelog/5330.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump tokio to 1.29.1
diff --git a/.changelog/5331.trivial.md b/.changelog/5331.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5332.trivial.md b/.changelog/5332.trivial.md
deleted file mode 100644
index d163354fa01..00000000000
--- a/.changelog/5332.trivial.md
+++ /dev/null
@@ -1 +0,0 @@
-go/oasis-node/cmd/config/migrate: Add runtime P2P seed address too
diff --git a/.changelog/5334.breaking.md b/.changelog/5334.breaking.md
deleted file mode 100644
index 407c414ed18..00000000000
--- a/.changelog/5334.breaking.md
+++ /dev/null
@@ -1,10 +0,0 @@
-go/consensus/roothash: Track runtime proposer liveness
-
-The roothash application now monitors the runtime proposer liveness, which
-runtimes can utilize to penalize proposers with insufficient commitments.
-To activate penalties for such nodes, the executor committee parameters
-need to be updated by configuring the following setting:
-
-- `MaxMissedProposalsPercent`: The maximum percentage of proposed rounds
-  in an epoch that can fail for a node to be considered live. Zero means
-  that all proposed rounds can fail.
diff --git a/.changelog/5335.bugfix.md b/.changelog/5335.bugfix.md
deleted file mode 100644
index 55f039e1beb..00000000000
--- a/.changelog/5335.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/common/cbor: Relax CBOR decoding for gRPC/RHP endpoints
diff --git a/.changelog/5337.internal.md b/.changelog/5337.internal.md
deleted file mode 100644
index 565a426645c..00000000000
--- a/.changelog/5337.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump golang.org/x/net to 0.13.0
diff --git a/.changelog/5338.internal.md b/.changelog/5338.internal.md
deleted file mode 100644
index d5d18ddbdd6..00000000000
--- a/.changelog/5338.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.29.2
diff --git a/.changelog/5339.internal.md b/.changelog/5339.internal.md
deleted file mode 100644
index d5d18ddbdd6..00000000000
--- a/.changelog/5339.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.29.2
diff --git a/.changelog/5348.trivial.md b/.changelog/5348.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5351.internal.1.md b/.changelog/5351.internal.1.md
deleted file mode 100644
index 2a1848f4b75..00000000000
--- a/.changelog/5351.internal.1.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump ed25519-dalek to 2.0.0
diff --git a/.changelog/5351.internal.2.md b/.changelog/5351.internal.2.md
deleted file mode 100644
index 665ef14358f..00000000000
--- a/.changelog/5351.internal.2.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump sha2 to 0.10.7, hmac to 0.12.1
diff --git a/.changelog/5351.internal.3.md b/.changelog/5351.internal.3.md
deleted file mode 100644
index b99f5c535f1..00000000000
--- a/.changelog/5351.internal.3.md
+++ /dev/null
@@ -1 +0,0 @@
-runtime: Bump rsa to 0.9.2
diff --git a/.changelog/5352.breaking.md b/.changelog/5352.breaking.md
deleted file mode 100644
index 69f32e39ba9..00000000000
--- a/.changelog/5352.breaking.md
+++ /dev/null
@@ -1,4 +0,0 @@
-go/staking: Enable changing the reward schedule
-
-The ability to change the reward schedule in the staking consensus
-parameters through a governance vote was added.
diff --git a/.changelog/5354.breaking.md b/.changelog/5354.breaking.md
deleted file mode 100644
index 774acc8e3b2..00000000000
--- a/.changelog/5354.breaking.md
+++ /dev/null
@@ -1,7 +0,0 @@
-go/worker/compute/executor/committee: Support backup proposers
-
-Starting now, all executor committee workers are permitted to schedule
-transactions, each with distinct per-round priority. Priority dictates
-the time after which a worker can propose a new batch. The consensus
-layer tracks all published executor commitments and tries to build
-a new runtime block on a proposal with the highest priority.
diff --git a/.changelog/5355.internal.md b/.changelog/5355.internal.md
deleted file mode 100644
index c39a4b0f47a..00000000000
--- a/.changelog/5355.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go-libp2p to 0.30.0
diff --git a/.changelog/5356.internal.md b/.changelog/5356.internal.md
deleted file mode 100644
index 0a3b8a6c6c1..00000000000
--- a/.changelog/5356.internal.md
+++ /dev/null
@@ -1 +0,0 @@
-go: Bump go to 1.21.0
diff --git a/.changelog/5357.breaking.md b/.changelog/5357.breaking.md
deleted file mode 100644
index 98eea381abc..00000000000
--- a/.changelog/5357.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-Add observer node role
diff --git a/.changelog/5359.breaking.md b/.changelog/5359.breaking.md
deleted file mode 100644
index 4b24021f663..00000000000
--- a/.changelog/5359.breaking.md
+++ /dev/null
@@ -1,6 +0,0 @@
-roothash: Store past runtime state and I/O roots in consensus state
-
-A new roothash consensus parameter was added (`MaxPastRootsStored`),
-which enables storing runtime state and I/O roots for the past
-`MaxPastRootsStored` rounds in the consensus state.
-This enables easier cross-runtime communication.
diff --git a/.changelog/5360.breaking.md b/.changelog/5360.breaking.md
deleted file mode 100644
index 378c62a09ff..00000000000
--- a/.changelog/5360.breaking.md
+++ /dev/null
@@ -1 +0,0 @@
-go/oasis-node: Move "debug fix-genesis" subcommand to "genesis migrate"
diff --git a/.changelog/5361.bugfix.md b/.changelog/5361.bugfix.md
deleted file mode 100644
index ee77bc86130..00000000000
--- a/.changelog/5361.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/worker/common: Reset runtime provisioned status on failure
diff --git a/.changelog/5365.breaking.md b/.changelog/5365.breaking.md
deleted file mode 100644
index 9d89025488b..00000000000
--- a/.changelog/5365.breaking.md
+++ /dev/null
@@ -1,7 +0,0 @@
-scheduler: Add option to change voting power distribution
-
-The ability to change the voting power distribution via consensus
-governance was added.
-The two options currently available are linear (the original, where
-voting power is linearly proportional to the stake) and sqrt (new,
-where voting power is proportional to the square root of the stake).
diff --git a/.changelog/5366.trivial.md b/.changelog/5366.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5368.trivial.md b/.changelog/5368.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5369.trivial.md b/.changelog/5369.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5370.trivial.md b/.changelog/5370.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5372.feature.md b/.changelog/5372.feature.md
deleted file mode 100644
index 6be49d10e84..00000000000
--- a/.changelog/5372.feature.md
+++ /dev/null
@@ -1 +0,0 @@
-go/sgx/ias: Add support for v5 AVR
diff --git a/.changelog/5375.bugfix.md b/.changelog/5375.bugfix.md
deleted file mode 100644
index f8a700d625e..00000000000
--- a/.changelog/5375.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/oasis-node/cmd/ias: Regenerate TLS certificate on startup
diff --git a/.changelog/5376.feature.md b/.changelog/5376.feature.md
deleted file mode 100644
index 985c5b5718d..00000000000
--- a/.changelog/5376.feature.md
+++ /dev/null
@@ -1,17 +0,0 @@
-go/oasis-node/cmd: Deprecate subcommands in favor of Oasis CLI
-
-The following `oasis-node` subcommands have been deprecated and should no
-longer be used in favor of the [Oasis CLI]:
-
-- `consensus *`
-- `control runtime-stats`
-- `debug bundle *`
-- `governance *`
-- `keymanager *`
-- `registry *`
-- `signer *`
-- `stake *`
-
-They will be removed in a future release.
-
-[Oasis CLI]: https://docs.oasis.io/general/manage-tokens/cli/
diff --git a/.changelog/5378.trivial.md b/.changelog/5378.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5379.trivial.md b/.changelog/5379.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5381.trivial.md b/.changelog/5381.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5383.trivial.md b/.changelog/5383.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5384.doc.md b/.changelog/5384.doc.md
deleted file mode 100644
index 8df4d62b869..00000000000
--- a/.changelog/5384.doc.md
+++ /dev/null
@@ -1 +0,0 @@
-docs: Use "chapter" and "section" terms consistently
diff --git a/.changelog/5385.trivial.md b/.changelog/5385.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5386.trivial.md b/.changelog/5386.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5387.trivial.md b/.changelog/5387.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.changelog/5389.bugfix.md b/.changelog/5389.bugfix.md
deleted file mode 100644
index 113c2c71681..00000000000
--- a/.changelog/5389.bugfix.md
+++ /dev/null
@@ -1 +0,0 @@
-go/registry: Do not verify node TEE capabilities during genesis
diff --git a/.changelog/5390.bugfix.md b/.changelog/5390.bugfix.md
deleted file mode 100644
index efac82cc7f0..00000000000
--- a/.changelog/5390.bugfix.md
+++ /dev/null
@@ -1,9 +0,0 @@
-host/sgx/epid: ensure consistent IAS proxy usage for attestation
-
-Refactors the IAS proxy client to expose separate clients for each configured
-IAS proxy, instead of load-balancing internally between endpoints on a
-per-request basis.
-
-This is required because the attestation procedure requires three calls to
-the IAS endpoint (`GetSPIDInfo`, `GetSigRL`, `VerifyEvidence`) which should
-all interact with the same endpoint.
diff --git a/.changelog/5393.trivial.md b/.changelog/5393.trivial.md
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/.punch_version.py b/.punch_version.py
index b2246e26790..88eb1fd8e38 100644
--- a/.punch_version.py
+++ b/.punch_version.py
@@ -1,3 +1,3 @@
-year = '22'
-minor = 2
+year = '23'
+minor = 0
 micro = 0
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ef88868cc30..2ff9d3ead31 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,1336 @@ The format is inspired by [Keep a Changelog].
 
 <!-- TOWNCRIER -->
 
+## 23.0 (2023-10-10)
+
+| Protocol          | Version   |
+|:------------------|:---------:|
+| Consensus         | 7.0.0     |
+| Runtime Host      | 5.1.0     |
+| Runtime Committee | 5.0.0     |
+
+### Removals and Breaking Changes
+
+- go/registry: Remove support for deprecated PVSS based random beacon
+  ([#4394](https://github.com/oasisprotocol/oasis-core/issues/4394))
+
+  Remove the backward compatibility placeholder `DeprecatedBeacon` field
+  from the node descriptor.
+  The PVSS backend is no longer present in 22.x and so the field is now
+  removed, and even genesis registrations without a VRF signing key will
+  be rejected.
+
+- go/consensus/tendermint/apps/beacon: Do gas accounting earlier
+  ([#4667](https://github.com/oasisprotocol/oasis-core/issues/4667))
+
+  The VRF proof submission tx has gas use happen too late, and can in certain
+  circumstances underestimate the amount of gas the tx will cost.
+
+- go/common/crypto/signature: Use ECVRF v16
+  ([#4668](https://github.com/oasisprotocol/oasis-core/issues/4668))
+
+  The IETF draft was updated, so use the newer method of calculating proofs.
+  This is incompatible with the v10 proof derivation/verification, however
+  beta values for a given input will be identical.
+
+- go/staking/api: Add burn address
+  ([#4755](https://github.com/oasisprotocol/oasis-core/issues/4755))
+
+  Transfers to `oasis1qzq8u7xs328puu2jy524w3fygzs63rv3u5967970` will be
+  treated as an explicit token burn (transfer amount deducted from the
+  source's general balance and destroyed).
+
+  The private key of the address is unknown, and the address is marked
+  as reserved so the address can not be used as the source address for
+  any transactions.
+
+- go/consensus/tendermint: Fix liveness tracking for primary+backup
+  ([#4798](https://github.com/oasisprotocol/oasis-core/issues/4798))
+
+  In case a node is both in primary and backup compute committee and doesn't
+  submit a commit but there was no discrepancy, the node should still be
+  treated as failed.
+
+- go/registry: Validate `SoftwareVersion` field in node descriptor
+  ([#5012](https://github.com/oasisprotocol/oasis-core/issues/5012))
+
+- go/staking/api: Specify slashed debonding amount in `TakeEscrowEvent`
+  ([#5016](https://github.com/oasisprotocol/oasis-core/issues/5016))
+
+  The event now contains the `DebondingAmount` field.
+
+- go/roothash/api: Support governance actions via roothash messages
+  ([#5021](https://github.com/oasisprotocol/oasis-core/issues/5021))
+
+  This allows runtimes to vote on and submit consensus governance proposals.
+
+- go/staking: Make `DelegationsFor()` query efficient
+  ([#5023](https://github.com/oasisprotocol/oasis-core/issues/5023))
+
+  A reverse delegation mapping is added to the staking state that makes
+  querying outgoing delegations efficient.
+
+- go/p2p: Include chain context in p2p protocol names
+  ([#5025](https://github.com/oasisprotocol/oasis-core/issues/5025))
+
+  Chain context was included in p2p protocol and topic names as until now
+  it was impossible to distinguish Mainnet and Testnet names from each other.
+  Unique names will also ease peer discovery as now we can use one seed node
+  for multiple networks.
+
+- governance: Support delegator votes
+  ([#5034](https://github.com/oasisprotocol/oasis-core/issues/5034))
+
+  Adds support for delegators to vote and override the validator votes as
+  described in [ADR 0020].
+
+  <!-- markdownlint-disable line-length -->
+  [ADR 0020]:
+    https://github.com/oasisprotocol/adrs/blob/main/0020-governance-delegator-votes.md
+  <!-- markdownlint-enable line-length -->
+
+- go/common/sgx/pcs: Add support for blacklisting FMSPCs
+  ([#5038](https://github.com/oasisprotocol/oasis-core/issues/5038))
+
+  PCS quote policy now supports blacklisting of FMSPCs.
+
+  Quotes for systems with blacklisted FMSPC description of the TCB won't get
+  verified and remote attestation will fail.
+
+  This is specially useful if we want to block CPUs or platforms for which a
+  new security vulnerability has just been disclosed from running a runtime
+  enclave.
+
+  FMSPCs can be added or removed from the global default quote policy by
+  changing registry parameter `TEEFeatures` via change parameters proposals.
+  The blacklist can also be overridden per-runtime in SGX constraints.
+
+- go/scheduler/api: Add `EntityID` to consensus validator's state
+  ([#5050](https://github.com/oasisprotocol/oasis-core/issues/5050))
+
+  Validator lists in scheduler consensus state now include entity and node
+  identifiers.
+
+- go/consensus: Always return `ErrInvalidArgument` on tx deserialization fails
+  ([#5055](https://github.com/oasisprotocol/oasis-core/issues/5055))
+
+  Previously, some modules were returning non-specific errors on tx
+  deserialization failures, which resulted in them being assigned to module
+  "unknown", code 1.
+
+- go/staking: Limit maximum allowance amount based on total supply
+  ([#5056](https://github.com/oasisprotocol/oasis-core/issues/5056))
+
+  Request for updating allowance above total supply now fails with
+  `ErrAllowanceGreaterThanSupply`.
+
+- go/consensus/keymanager: Skip expired nodes
+  ([#5066](https://github.com/oasisprotocol/oasis-core/issues/5066))
+
+- go/consensus: Implement libp2p backed light client sync protocol
+  ([#5085](https://github.com/oasisprotocol/oasis-core/issues/5085))
+
+- go/consensus: Remove `consensus.LightClientBackend`
+  ([#5085](https://github.com/oasisprotocol/oasis-core/issues/5085))
+
+  All methods were merged into the `consensus.ClientBackend`.
+
+- go/registry: Rename `RuntimeEvent` event to `RuntimeStartedEvent`
+  ([#5088](https://github.com/oasisprotocol/oasis-core/issues/5088))
+
+- go/registry: Add `RuntimeSuspendedEvent` event
+  ([#5088](https://github.com/oasisprotocol/oasis-core/issues/5088))
+
+  The event is emitted whenever an active runtime is suspended. On resume,
+  the existing `RuntimeStartedEvent` is emitted.
+
+- go/registry: Remove TLS addresses from node's descriptor
+  ([#5100](https://github.com/oasisprotocol/oasis-core/issues/5100))
+
+  As of [#5085](https://github.com/oasisprotocol/oasis-core/pull/5085), the
+  TLS addresses are unused. Albeit also unused, the TLS public keys remain
+  par of the node's descriptor.
+
+- go/registry: Remove Consensus RPC role from node's descriptor
+  ([#5100](https://github.com/oasisprotocol/oasis-core/issues/5100))
+
+  As of [#5085](https://github.com/oasisprotocol/oasis-core/pull/5085), the
+  role is unused.
+
+- go/staking: Add `MinCommissionRate` parameter
+  ([#5102](https://github.com/oasisprotocol/oasis-core/issues/5102))
+
+  This parameter enforces the network-wide minimum commission rate an account
+  can configure.
+
+  Also include support for updating the parameter via
+  `ConsensusParameterChanges` governance proposal.
+
+- go/staking: Add escrow requirement for updating commission schedule
+  ([#5102](https://github.com/oasisprotocol/oasis-core/issues/5102))
+
+  To prevent bloating the commission schedule state, the commission schedule
+  can only be updated for entities with enough stake to register a validator
+  node.
+
+- go/registry: Add optional bundle checksum to runtime deployments
+  ([#5112](https://github.com/oasisprotocol/oasis-core/issues/5112))
+
+  Currently, it is not used, but it could be used for verification of
+  automatically distributed runtime bundles in the future.
+
+- go/sgx/ias: Add support for blacklisting GIDs
+  ([#5113](https://github.com/oasisprotocol/oasis-core/issues/5113))
+
+  GID black list is a list of blocked platform EPID group IDs.
+
+- go/registry: Support changing a runtime's owner
+  ([#5114](https://github.com/oasisprotocol/oasis-core/issues/5114))
+
+  The current owner can sign and submit a `registry.RegisterRuntime` txn
+  which sets a new entity as the owner of the runtime.
+
+- go/common/node: Cleanup node's VRF configuration as it is mandatory
+  ([#5127](https://github.com/oasisprotocol/oasis-core/issues/5127))
+
+  Simplify types by removing the ability for a node's VRF to be nil. Note
+  that in practice (e.g. in all existing deployments) it was already
+  mandatory as registering a node without it set would always fail.
+
+- go/keymanager/api: Move key manager gas costs
+  ([#5166](https://github.com/oasisprotocol/oasis-core/issues/5166))
+
+  Consensus parameters were added to the key manager state and key manager gas
+  costs were moved from the registry state to the key manager state.
+
+- go/roothash: Treat failure indications as stragglers
+  ([#5261](https://github.com/oasisprotocol/oasis-core/issues/5261))
+
+   If it is already known that the number of valid commitments will not exceed
+   the required threshold, there is no need to wait for the discrepancy timer
+   to expire. Instead, proceed directly to the discrepancy resolution mode,
+   regardless of any additional commitments.
+
+- go/roothash: Optimize and refactor commitment pool processing
+  ([#5274](https://github.com/oasisprotocol/oasis-core/issues/5274))
+
+  The commitment pool processing has been optimized and refactored to improve
+  code readability:
+
+  - The discrepancy detection has been modified to immediately switch to
+    the resolution mode when two commits differ, eliminating the necessity
+    to wait for the proposer's commitment.
+
+  - The discrepancy resolution process was redesigned to fail as soon
+    as it becomes evident that no group of votes can attain the majority,
+    such as when there are too many failures.
+
+- go/roothash/commitment: Refactor executor commitment header
+  ([#5282](https://github.com/oasisprotocol/oasis-core/issues/5282))
+
+  The embedded compute results header struct has been changed to a field.
+
+- go/upgrade: Check all pending upgrades if we reached the upgrade epoch
+  ([#5287](https://github.com/oasisprotocol/oasis-core/issues/5287))
+
+- go/consensus: Add block metadata to allow same-block state validation
+  ([#5292](https://github.com/oasisprotocol/oasis-core/issues/5292))
+
+- go/consensus: Add provable events
+  ([#5294](https://github.com/oasisprotocol/oasis-core/issues/5294))
+
+  Provable events are event types which can be proven and included in the
+  event proof tree.
+
+- go/consensus/roothash: Track runtime proposer liveness
+  ([#5334](https://github.com/oasisprotocol/oasis-core/issues/5334))
+
+  The roothash application now monitors the runtime proposer liveness, which
+  runtimes can utilize to penalize proposers with insufficient commitments.
+  To activate penalties for such nodes, the executor committee parameters
+  need to be updated by configuring the following setting:
+
+  - `MaxMissedProposalsPercent`: The maximum percentage of proposed rounds
+    in an epoch that can fail for a node to be considered live. Zero means
+    that all proposed rounds can fail.
+
+- go/staking: Enable changing the reward schedule
+  ([#5352](https://github.com/oasisprotocol/oasis-core/issues/5352))
+
+  Add ability to change the staking reward schedule through a governance vote.
+
+- go/worker/compute/executor/committee: Support backup proposers
+  ([#5354](https://github.com/oasisprotocol/oasis-core/issues/5354))
+
+  All executor committee workers are now permitted to schedule transactions,
+  each with distinct per-round priority. Priority dictates the time after
+  which a worker can propose a new batch. The consensus layer tracks all
+  published executor commitments and tries to build a new runtime block on a
+  proposal with the highest priority.
+
+- go/common/node: Add observer node role
+  ([#5357](https://github.com/oasisprotocol/oasis-core/issues/5357))
+
+  The observer role is meant for so called client or read-only nodes that
+  follow the chain (consensus and/or runtimes) and can also access the
+  confidential state.
+
+  Previously, such nodes didn't register and access to confidential state
+  was guarded by key managers white-listing specific client nodes.
+
+  With the introduction of observer node role, confidential state access is
+  now transparently managed in-protocol, allowing confidential observer nodes
+  to register and be subject to the usual constraints.
+
+- go/roothash/api: Store past runtime state and I/O roots in consensus state
+  ([#5359](https://github.com/oasisprotocol/oasis-core/issues/5359))
+
+  Add `MaxPastRootsStored` roothash consensus parameter which specifies the
+  maximum number of past runtime state and I/O roots to store in the consensus
+  state.
+
+  This enables easier cross-runtime communication.
+
+- go/oasis-node/cmd: Move `debug fix-genesis` command to `genesis migrate`
+  ([#5360](https://github.com/oasisprotocol/oasis-core/issues/5360))
+
+- go/scheduler/api: Add ability to change voting power distribution
+  ([#5365](https://github.com/oasisprotocol/oasis-core/issues/5365))
+
+  The voting power distribution can now be changed via consensus governance.
+
+  The two options currently available are:
+
+  - `VotingPowerDistributionLinear` (voting power is linearly proportional to
+    the stake, i.e. the existing distribution),
+  - `VotingPowerDistributionSqrt` (voting power is proportional to the square
+    root of the stake, a new option added now).
+
+### Configuration and Operational Changes
+
+- go/consensus/tendermint: Refactor seed node and peer addresses
+  ([#4964](https://github.com/oasisprotocol/oasis-core/issues/4964))
+
+  Previously, a seed node was a Tendermint backend-specific construct which
+  only supported a single service.
+  To provide support for other services, the seed node has been refactored and
+  peer addresses have been generalized.
+
+  This brings the following configuration changes.
+
+  Seed nodes:
+
+  - The `consensus.tendermint.mode` setting was removed.
+
+    To configure a node to be a seed node, set the new top-level `mode`
+    setting to `seed`.
+
+  Non-seed nodes:
+
+  - The `consensus.tendermint.seed` setting was removed and replaced with
+    `p2p.seeds` setting.
+
+  - The `consensus.tendermint.p2p.unconditional_peer_ids` setting was renamed
+    to `consensus.p2p.unconditional_peers`.
+
+  General:
+
+  - Persistent peers and seed nodes' addresses were generalized and now have
+    the following form: `pubkey@IP:port`, where `pubkey` represents a node's
+    p2p public key (the previous form was `ID@IP:port` where `ID` represents
+    a node's Tendermint ID which is a truncated sha256 hash of a node's p2p
+    public key).
+
+    This affects the `p2p.seeds`, `consensus.p2p.persistent_peers`
+    and `consensus.sentry_upstream_addresses` settings.
+
+  - Similarly, peers are now identified through p2p public keys which affects
+    the `consensus.p2p.unconditional_peers` setting (previously,
+    they used Tendermint IDs).
+
+  Tendermint-specific configuration of a seed node stayed the same. The node
+  can still be tuned through `consensus.p2p.*` settings.
+
+- go/worker/common/p2p: Refactor P2P package
+  ([#4996](https://github.com/oasisprotocol/oasis-core/issues/4996))
+
+  In preparation for extending the use of our P2P network to consensus-related
+  services (previously, it was only used for runtime services), move the P2P
+  package to the root of the hierarchy and rename its configuration settings.
+
+  The following changes were made to the p2p configuration:
+
+  - The `worker.` prefix has been dropped.
+
+  - Settings pertaining to the same feature were grouped under the same prefix.
+
+  - The `worker.client.addresses` setting was removed (it is no longer
+    needed).
+
+  Below is the list of modified settings that can be used to configure the
+  P2P network:
+
+  - `p2p.port`
+
+  - `p2p.registration.addresses`
+
+  - `p2p.gossipsub.peer_outbound_queue_size`
+
+  - `p2p.gossipsub.validate_queue_size`
+
+  - `p2p.gossipsub.validate_concurrency`
+
+  - `p2p.gossipsub.validate_throttle`
+
+  - `p2p.connection_manager.max_num_peers`
+
+  - `p2p.connection_manager.peer_grace_period`
+
+  - `p2p.connection_manager.persistent_peers`
+
+  - `p2p.connection_gater.blocked_peers`
+
+  - `p2p.peer_manager.connectedness_low_water`
+
+- go/oasis-node: Always start libp2p node
+  ([#4995](https://github.com/oasisprotocol/oasis-core/issues/4995))
+
+  As validators now participate in the P2P network, the configuration of
+  publicly routable p2p addresses through `worker.p2p.addresses` setting is
+  now mandatory in a production setting.
+
+- go/consensus: Use libp2p-backed light client for Tendermint state sync
+  ([#5085](https://github.com/oasisprotocol/oasis-core/issues/5085))
+
+  Remove the `consensus.tendermint.state_sync.consensus_node` setting as it
+  has become obsolete. P2P peers for state sync are automatically selected.
+
+- Rework configuration handling and apply consistent setting naming
+  ([#5070](https://github.com/oasisprotocol/oasis-core/issues/5070))
+
+  The node now supports a configuration file that holds all the settings
+  that were previously available via command-line options.
+
+  The command-line options themselves have been removed in favor of
+  the config file.
+
+  The config file supports environment variable substitution using
+  the `envsubst` package
+  ([usage information](https://github.com/a8m/envsubst#docs)).
+
+  The following settings have been removed:
+
+  - `consensus.tendermint.mode` in favor of using the global node mode (`mode`).
+
+  - `runtime.mode` in favor of using the global node mode (`mode`).
+
+  - `worker.client.port` as it is no longer needed.
+
+  - `worker.registration.force_register` as it has been deprecated.
+
+  The following settings have been renamed:
+
+  - `datadir` to `common.data_dir`.
+
+  - `log.file` to `common.log.file`.
+
+  - `log.format` to `common.log.format`.
+
+  - `log.level` to `common.log.level`.
+
+    The log level is now a map of module to log level.
+
+    Use the `default` module to map the default log level.
+
+  - `debug.rlimit` to `common.debug.rlimit`.
+
+  - `debug.allow_root` to `common.debug.allow_root`.
+
+  - `pprof.bind` to `pprof.bind_address`.
+
+  - `consensus.tendermint.*` to `consensus.*`.
+
+  - `consensus.tendermint.core.listen_address` to `consensus.listen_address`.
+
+  - `consensus.tendermint.core.external_address` to
+    `consensus.external_address`.
+
+  - `consensus.tendermint.log.debug` to `consensus.log_debug`.
+
+  - `consensus.tendermint.light_client.trust_period` to
+    `consensus.state_sync.trust_period`.
+
+  - `consensus.tendermint.seed.debug.disable_addr_book_from_genesis` to
+    `consensus.debug.disable_addr_book_from_genesis`.
+
+  - `consensus.tendermint.sentry.upstream_address` to
+    `consensus.sentry_upstream_addresses`.
+
+  - `consensus.tendermint.upgrade.stop_delay` to
+    `consensus.upgrade_stop_delay`.
+
+  - `consensus.tendermint.supplementarysanity.*` to
+    `consensus.supplementary_sanity.*`.
+
+  - `consensus.tendermint.p2p.persistent_peer` to
+    `consensus.p2p.persistent_peers`.
+
+  - `consensus.tendermint.p2p.unconditional_peer` to
+    `consensus.p2p.unconditional_peers`.
+
+  - `ias.proxy.address` to `ias.proxy_addresses`.
+
+  - `ias.debug.skip_verify` to `ias.debug_skip_verify`.
+
+  - `runtime.sandbox.binary` to `runtime.sandbox_binary`.
+
+  - `runtime.sgx.loader` to `runtime.sgx_loader`.
+
+  - `runtime.history.pruner.*` to `runtime.history_pruner.*`.
+
+  - `worker.sentry.addresses` to `runtime.sentry_addresses`.
+
+  - `worker.tx_pool.*` to `runtime.tx_pool.*`.
+
+  - `worker.keymanager.*` to `keymanager.*`.
+
+  - `worker.keymanager.runtime.id` to `keymanager.runtime_id`.
+
+  - `worker.registration.*` to `registration.*`.
+
+  - `worker.sentry.*` to `sentry.*`.
+
+  - `worker.sentry.control.authorized_pubkey` to
+    `sentry.control.authorized_pubkeys`.
+
+  - `worker.storage.*` to `storage.*`.
+
+  - `worker.storage.public_rpc.enabled` to `storage.public_rpc_enabled`.
+
+  - `worker.storage.checkpoint_sync.disabled` to
+    `storage.checkpoint_sync_disabled`.
+
+- go/oasis-node/cmd/config: Support configuration file migration
+  ([#5237](https://github.com/oasisprotocol/oasis-core/issues/5237))
+
+  To migrate a node's YAML config file from the old (i.e. Oasis Core 22.2.x)
+  to the new (i.e. Oasis Core 23.0) format, you can use the newly added
+  `oasis-node config migrate` command.
+
+  Pass the path to the old configuration file with `--in` flag and specify the
+  desired path to the new configuration file with `--out` flag, for example:
+
+  ```
+  oasis-node config migrate --in old.yaml --out new.yaml
+  ```
+
+  The `oasis-node config migrate` command logs the various changes it makes
+  and warns if a config option is no longer supported, etc.
+
+  At the end, any unknown sections of the input config file are printed to the
+  terminal so one has a chance to review them and make the manual changes (if
+  needed).
+
+  Note that the `oasis-node config migrate` command does not preserve comments
+  and the order of sections in the inputted YAML file. One needs to copy/amend
+  the new configuration file manually.
+
+  One should always carefully read the output of this command, as well as
+  compare the generated config file with the original before using it.
+
+- go/genesis: Move halt epoch from genesis to node-local configuration
+  ([#5200](https://github.com/oasisprotocol/oasis-core/issues/5200))
+
+  It can be configured through the new `consensus.halt_epoch` setting.
+
+- go/oasis-node/cmd/debug: Update `oasis-node debug fixgenesis`` command
+  ([#5286](https://github.com/oasisprotocol/oasis-core/issues/5286))
+
+  Make the `oasis-node debug fixgenesis` command update a few more consensus
+  parameters.
+
+- go: Transition to [CometBFT], a fork of Tendermint
+  ([#5033](https://github.com/oasisprotocol/oasis-core/issues/5033),
+   [#5268](https://github.com/oasisprotocol/oasis-core/issues/5268),
+   [#5280](https://github.com/oasisprotocol/oasis-core/issues/5280),
+   [#5291](https://github.com/oasisprotocol/oasis-core/issues/5291),
+   [#5299](https://github.com/oasisprotocol/oasis-core/issues/5299),
+   [#5306](https://github.com/oasisprotocol/oasis-core/issues/5306))
+
+  Transition to a more maintained fork of the Tendermint BFT protocol.
+  Also update Tendermint / CometBFT version to 0.37.2.
+
+  As part of the transition, use more generic data directory names.
+  The following subdirectories under the node's data directory have been
+  renamed:
+
+  - `tendermint` to `consensus`
+  - `tendermint/abci-state` to `consensus/state`
+  - `tendermint-seed` to `seed` (on seed nodes only)
+
+  [CometBFT]: https://cometbft.com/
+
+- go: Remove TLS certificate rotation
+  ([#5318](https://github.com/oasisprotocol/oasis-core/issues/5318))
+
+  We use libp2p for all communication now, so TLS certificate rotation is
+  no longer needed.
+
+### Deprecations
+
+- go/oasis-node/cmd: Deprecate `oasis-node` subcommands in favor of Oasis CLI
+  ([#5376](https://github.com/oasisprotocol/oasis-core/issues/5376))
+
+  The following `oasis-node` subcommands have been deprecated in favor of the
+  new [Oasis CLI] and will be removed in a future Oasis Core release:
+
+  - `consensus *`
+  - `control runtime-stats`
+  - `debug bundle *`
+  - `governance *`
+  - `keymanager *`
+  - `registry *`
+  - `signer *`
+  - `stake *`
+
+  [Oasis CLI]: https://docs.oasis.io/general/manage-tokens/cli/
+
+### Features
+
+- go/p2p: Bootstrap libp2p peers using seed nodes
+  ([#4981](https://github.com/oasisprotocol/oasis-core/issues/4981))
+
+  Seed nodes can now bootstrap libp2p peers. Bootstrapping can be enabled or
+  disabled using a new configuration setting named
+  `p2p.discovery.bootstrap.enable`
+  which can be used on seed nodes as well as non-seed nodes (e.g. clients,
+  key managers). The latter can also configure how frequently peers are fetched
+  from the seed nodes with the `p2p.discovery.bootstrap.retention_period`
+  setting.
+
+- go/oasis-node: Always start libp2p node
+  ([#4995](https://github.com/oasisprotocol/oasis-core/issues/4995))
+
+  Validator nodes were previously not part of our P2P network as it consisted
+  only of nodes that had runtimes configured. Always starting the libp2p node
+  makes them available for consensus-related services.
+
+  As validators now participate in the P2P network, the configuration of
+  publicly routable p2p addresses through `worker.p2p.addresses` setting is
+  now mandatory in a production setting.
+
+- go/p2p/rpc: Add support for consensus-wide libp2p protocols
+  ([#5000](https://github.com/oasisprotocol/oasis-core/issues/5000))
+
+- go/staking: Reduce `DelegationsTo()` scanning
+  ([#5011](https://github.com/oasisprotocol/oasis-core/issues/5011))
+
+  The escrow address is the first part of the key so we can seek to it.
+
+- go/staking: Specify slashed debonding amount in `TakeEscrowEvent`
+  ([#5016](https://github.com/oasisprotocol/oasis-core/issues/5016))
+
+  The newly introduced `DebondingAmount` field lets observers distinguish how
+  much was slashed from the active escrow pool and how much from the debonding
+  escrow pool.
+
+- go/staking: Reduce `DebondingDelegationsFor()` scanning
+  ([#5022](https://github.com/oasisprotocol/oasis-core/issues/5022))
+
+  `DebondingDelegationsFor` keys are ordered by `delegatorAddr`. Once past it,
+  it is unnecessary to scan further.
+
+- go/registry: Add `MaxRuntimeDeployments` parameter
+  ([#5049](https://github.com/oasisprotocol/oasis-core/issues/5049))
+
+  It specifies the maximum number of runtime deployments.
+
+- go/worker/keymanager: Show current key manager policy in the node's status
+  ([#5079](https://github.com/oasisprotocol/oasis-core/issues/5079))
+
+- go/worker/keymanager: Show global key manager status in the node's status
+  ([#5080](https://github.com/oasisprotocol/oasis-core/issues/5080))
+
+- go/registry: Add `WatchEvents()` method
+  ([#5088](https://github.com/oasisprotocol/oasis-core/issues/5088))
+
+  It can be used to follow the emitted registry events.
+
+- runtime/src/enclave_rpc: Verify RPC quotes with key manager quote policy
+  ([#5092](https://github.com/oasisprotocol/oasis-core/issues/5092))
+
+- keymanager/src/client: Fetch public keys using insecure RPC requests
+  ([#5101](https://github.com/oasisprotocol/oasis-core/issues/5101))
+
+- go/staking: Add `CommissionScheduleAddresses()` method
+  ([#5102](https://github.com/oasisprotocol/oasis-core/issues/5102))
+
+  It can be used to obtain the addresses of accounts with a non-empty
+  commission schedule.
+
+- go/consensus: Add missing early exits when simulating transactions
+  ([#5104](https://github.com/oasisprotocol/oasis-core/issues/5104))
+
+  Some transactions were missing the early exit after gas accounting when
+  simulating transactions.
+
+- go/common/sgx/pcs: Add support for PCS v4 and TCB info v3
+  ([#5108](https://github.com/oasisprotocol/oasis-core/issues/5108))
+
+- go/common/node: Add runtime encryption key (REK)
+  ([#5125](https://github.com/oasisprotocol/oasis-core/issues/5125))
+
+  The new key allows enclaves to publish encrypted data on-chain to an enclave
+  instance.
+
+- runtime/src/enclave_rpc: Support calls to explicit key manager members
+  ([#5156](https://github.com/oasisprotocol/oasis-core/issues/5156))
+
+  Key manager enclaves can now request a host to talk not only to a randomly
+  chosen key manager instance, but also to a specific instance. The identity
+  of the remote node is verified only in Noise sessions. In these, the enclave
+  obtains the other instance's trusted RAK from the consensus layer and compares
+  it to the one used throughout the session.
+
+- keymanager: Add forward-secrecy to ephemeral keys
+  ([#5158](https://github.com/oasisprotocol/oasis-core/issues/5158))
+
+  Deriving ephemeral keys from the key manager's master secret did not guarantee
+  forward secrecy. In order to fulfill this requirement, we needed ephemeral
+  secrets that are randomly generated on every epoch and distributed securely
+  amongst enclave executors.
+
+- go/runtime: Reduce downtime for TEE runtime upgrades
+  ([#5188](https://github.com/oasisprotocol/oasis-core/issues/5188))
+
+- keymanager/src/runtime: Support master secret rotations
+  ([#5196](https://github.com/oasisprotocol/oasis-core/issues/5196))
+
+  Key managers now have the ability to rotate the master secret
+  at predetermined intervals. Each rotation introduces a new generation,
+  or version, of the master secret that is sequentially numbered, starting
+  from zero. These rotations occur during key manager status updates, which
+  typically happen during epoch transitions. To perform a rotation,
+  one of the key manager enclaves must publish a proposal for the next
+  generation of the master secret, which must then be replicated by
+  the majority of enclaves. If the replication process is not completed
+  by the end of the epoch, the proposal can be replaced with a new one.
+
+  The following metrics have been added:
+
+  - `oasis_worker_keymanager_consensus_ephemeral_secret_epoch_number`
+    is the epoch number of the latest ephemeral secret.
+
+  - `oasis_worker_keymanager_consensus_master_secret_generation_number`
+    is the generation number of the latest master secret.
+
+  - `oasis_worker_keymanager_consensus_master_secret_rotation_epoch_number`
+    is the epoch number of the latest master secret rotation.
+
+  - `oasis_worker_keymanager_consensus_master_secret_proposal_generation_number`
+    is the generation number of the latest master secret proposal.
+
+  - `oasis_worker_keymanager_consensus_master_secret_proposal_epoch_number`
+    is the epoch number of the latest master secret proposal.
+
+  - `oasis_worker_keymanager_enclave_ephemeral_secret_epoch_number`
+    is the epoch number of the latest ephemeral secret loaded into the enclave.
+
+  - `oasis_worker_keymanager_enclave_master_secret_generation_number`
+    is the generation number of the latest master secret as seen by the enclave.
+
+  - `oasis_worker_keymanager_enclave_master_secret_proposal_generation_number`
+    is the generation number of the latest master secret proposal loaded
+    into the enclave.
+
+  - `oasis_worker_keymanager_enclave_master_secret_proposal_epoch_number`
+    is the epoch number of the latest master secret proposal loaded
+    into the enclave.
+
+  - `oasis_worker_keymanager_enclave_generated_master_secret_generation_number`
+    is the generation number of the latest master secret generated
+    by the enclave.
+
+  - `oasis_worker_keymanager_enclave_generated_master_secret_epoch_number`
+    is the epoch number of the latest master secret generated by the enclave.
+
+  - `oasis_worker_keymanager_enclave_generated_ephemeral_secret_epoch_number`
+    is the epoch number of the latest ephemeral secret generated by the enclave.
+
+  The following metrics have had runtime labels added:
+
+  - `oasis_worker_keymanager_compute_runtime_count`,
+
+  - `oasis_worker_keymanager_policy_update_count`.
+
+- keymanager/src/runtime: Verify and modify init request
+  ([#5204](https://github.com/oasisprotocol/oasis-core/issues/5204))
+
+  The init request was never verified against the consensus layer state and,
+  therefore, was not trustworthy. To make this request more informative and
+  easily verifiable against consensus, it was extended to include all key
+  manager status fields.
+
+- go/oasis-node/cmd/config: Add `oasis-node config migrate` command
+  ([#5237](https://github.com/oasisprotocol/oasis-core/issues/5237))
+
+  Add `oasis-node config migrate` command to help migrate a node's YAML config
+  file from the old (i.e. Oasis Core 22.2.x) to the new (i.e. Oasis Core 23.0)
+  format introduced in commit [2a132b3].
+
+  The command logs the various changes it makes and warns if a config option
+  is no longer supported, etc.
+
+  At the end, any unknown sections of the input config file are printed to the
+  terminal so one has a chance to review them and make the manual changes (if
+  needed).
+
+- go/runtime/host/sgx: Cache TCB bundles and lower refreshing frequency
+  ([#5245](https://github.com/oasisprotocol/oasis-core/issues/5245))
+
+  The node will now make significantly fewer requests for fetching TCB
+  bundles. Because these are now stored locally in the persistent store, this
+  mechanism also enables a degree of tolerance against transient fetch
+  failures in cases where a stored bundle is still valid.
+
+- go/runtime/host/sgx: Add metrics for attestations
+  ([#5254](https://github.com/oasisprotocol/oasis-core/issues/5254))
+
+- go/control: Improve node registration status clarity
+  ([#5256](https://github.com/oasisprotocol/oasis-core/issues/5256))
+
+  Three new fields have been added to the `oasis-node control status`'s output
+  under the registration status section:
+
+  - `last_attempt_successful` - true if the last registration attempt
+  succeeded.
+  - `last_attempt_error_message` - error message if the last registration
+  attempt failed.
+  - `last_attempt` - time of the last registration attempt.
+
+  Also, if the registration descriptor has expired, it is no longer
+  shown in the output.
+
+- go/control: Add storage worker status message to control status
+  ([#5262](https://github.com/oasisprotocol/oasis-core/issues/5262))
+
+  A status message that shows the current state of the storage worker has been
+  added to the `oasis-node control status`'s storage worker status report.
+
+  This enables the node operator to quickly check if the storage worker
+  is still initializing, syncing checkpoints, or syncing rounds.
+
+- go/worker/compute: Optimize backup worker commit submission
+  ([#5264](https://github.com/oasisprotocol/oasis-core/issues/5264))
+
+  Backup compute workers now observe any gossiped commitments and preempt
+  consensus when it is obvious that there will be a discrepancy declared.
+
+- tests: Support cross-version upgrade tests
+  ([#5267](https://github.com/oasisprotocol/oasis-core/issues/5267))
+
+- runtime/consensus/tendermint/verifier: Support same-block validation
+  ([#5300](https://github.com/oasisprotocol/oasis-core/issues/5300))
+
+  The post-execution state of the latest consensus block is now verified
+  using the block metadata transaction, effectively eliminating any block
+  delay for state verification.
+
+- go/control: Add runtime provisioner type to control status
+  ([#5301](https://github.com/oasisprotocol/oasis-core/issues/5301))
+
+  Add `provisioner` field to `oasis-node control status`'s output under
+  `runtimes.<RUNTIME-ID>`.
+
+- go/oasis-test-runner: Run the test runner and scenarios for limited time
+  ([#5304](https://github.com/oasisprotocol/oasis-core/issues/5304))
+
+  The test runner and scenarios can now be configured to run for a limited
+  duration using the following flags:
+
+  - `timeout`: the maximum allowable total duration for all scenarios,
+
+  - `scenario_timeout`: the maximum allowable duration for an individual
+    scenario.
+
+- go/worker/keymanager/status: Show active version of the key manager runtime
+  ([#5320](https://github.com/oasisprotocol/oasis-core/issues/5320))
+
+  Running `oasis-node control status` command for a key manager node now
+  includes the `active_version` field which stores the version number of the
+  currently deployed key manager runtime.
+  If no deployment is active, the value is set to null.
+
+- go/p2p: implement various metrics collection
+  ([#5327](https://github.com/oasisprotocol/oasis-core/issues/5327))
+
+  The following Prometheus metrics were added:
+
+  - `oasis_p2p_peers`
+  - `oasis_p2p_blocked_peers`
+  - `oasis_p2p_connections`
+  - `oasis_p2p_topics`
+  - `oasis_p2p_protocols`
+
+  See [metrics documentation] for descriptions of metrics.
+
+  [metrics documentation]: https://docs.oasis.io/core/oasis-node/metrics
+
+- go/sgx/ias: Add support for v5 AVR
+  ([#5372](https://github.com/oasisprotocol/oasis-core/issues/5372))
+
+### Bug Fixes
+
+- go/runtime/txpool: Republish sooner if republish limit is reached
+  ([#5003](https://github.com/oasisprotocol/oasis-core/issues/5003))
+
+  This fixes a case where some portion of a batch of transaction would take a
+  long time to be published if there are no new transactions incoming.
+
+- go/worker/common: Reorder state determination checks
+  ([#5005](https://github.com/oasisprotocol/oasis-core/issues/5005))
+
+  Otherwise the shown state would be misleading, e.g. showing that it is
+  waiting for runtime host being provisioned while it is actually blocked
+  in initialization like storage sync.
+
+- go/p2p/rpc: Fix multi call dispatch to different peers
+  ([#5005](https://github.com/oasisprotocol/oasis-core/issues/5005))
+
+- go/storage/mkvs/checkpoint: Exclude initial version when pruning
+  ([#5005](https://github.com/oasisprotocol/oasis-core/issues/5005))
+
+- go/worker/storage: Fix case when checkpoint sync disabled but forced
+  ([#5005](https://github.com/oasisprotocol/oasis-core/issues/5005))
+
+  If checkpoint sync is disabled but sync has been forced (e.g. because
+  the state at genesis is non-empty), we must request to sync the
+  checkpoint at genesis as otherwise we will jump to a later state which
+  may not be desired given that checkpoint sync has been explicitly
+  disabled via configuration.
+
+- go/p2p/rpc: Fix peer grading when context is canceled
+  ([#5007](https://github.com/oasisprotocol/oasis-core/issues/5007))
+
+  When method `CallMulti()` finishes early, the requests in progress are
+  canceled and unfairly recorded as failed.
+
+- go/p2p/rpc: Fix memory leak when RPC multi call finishes early
+  ([#5007](https://github.com/oasisprotocol/oasis-core/issues/5007))
+
+  When method `CallMulti()` finishes early, the result channel is never
+  cleared. Therefore, the channel never closes and leaves one go routine
+  hanging.
+
+- go/common/workerpool: Fix memory leak when workerpool is stopped early
+  ([#5008](https://github.com/oasisprotocol/oasis-core/issues/5008))
+
+  When workerpool is stopped, the job channel might still contain jobs which
+  haven't been processed. Therefore, the channel never closes and leaves one
+  Go routine hanging.
+
+- runtime: Properly handle state root verification on backup nodes
+  ([#5053](https://github.com/oasisprotocol/oasis-core/issues/5053))
+
+- runtime/consensus/tendermint/verifier: Correctly compare headers
+  ([#5068](https://github.com/oasisprotocol/oasis-core/issues/5068))
+
+  Since the store may have an earlier (non-canonical, but valid) version
+  of the block available, we need to only compare the actual header and
+  not the commits/signatures.
+
+  This is because it can happen that during the immediate sync the light
+  block does not yet contain all of the commits (but only just enough to
+  be valid, e.g. 2/3+) and this gets stored in the light block store.
+  Later on (e.g. during a query) the presented light block may have the
+  full set of commits.
+
+- go/control/status: Take storage into account for last retained round
+  ([#5074](https://github.com/oasisprotocol/oasis-core/issues/5074))
+
+  When local storage is available (e.g. in stateful nodes), the
+  `oasis-node control status`'s output should only include a round for which
+  storage is available.
+
+- go/runtime/registry: Fix watching policy updates
+  ([#5092](https://github.com/oasisprotocol/oasis-core/issues/5092))
+
+  When multiple key managers were running, the last known status of the
+  runtime's key manager was overwritten with each status update. On runtime
+  (re)starts, this resulted in the wrong policy being set.
+
+- go/consensus: Ensure state has the correct chain context
+  ([#5107](https://github.com/oasisprotocol/oasis-core/issues/5107))
+
+  Previously, one could accidentally copy state from one network but use a
+  genesis document from a different one, causing state corruption during
+  Tendermint block replay.
+
+  There is now a check to ensure we abort early.
+
+- go/runtime/registry: Fix key manager (quote) policy updates
+  ([#5111](https://github.com/oasisprotocol/oasis-core/issues/5111))
+
+  When a key manager (quote) policy update fails, the host should retry the
+  update until the policy is updated. For example, when using Tendermint as
+  a backend service, the first update will always fail because the consensus
+  verifier sees new blocks with a one-block delay.
+
+- go/tendermint: Change order of events returned from `GetEvents()`
+  ([#5117](https://github.com/oasisprotocol/oasis-core/issues/5117))
+
+  The new order reflects the order in which the events were
+  generated during block execution.
+
+- go/worker/client: Better handle latest round queries with verification
+  ([#5123](https://github.com/oasisprotocol/oasis-core/issues/5123))
+
+  When a query is requesting to be executed against the latest round and
+  the runtime reports a consensus verifier error, use an earlier round
+  instead as the latest round may not yet be verifiable by the light
+  client as it needs to wait for the validator signatures.
+
+- runtime: Fix verification of blocks between two trusted heights
+  ([#5134](https://github.com/oasisprotocol/oasis-core/issues/5134))
+
+- runtime: Clear verification trace after block verification
+  ([#5148](https://github.com/oasisprotocol/oasis-core/issues/5148))
+
+- go/consensus/tendermint/apps/keymanager: Fix committee construction
+  ([#5159](https://github.com/oasisprotocol/oasis-core/issues/5159))
+
+  Previously, a node was added to the key manager committee if the node's first
+  registered key manager runtime passed validation and matched the key manager
+  status. From now on, all supported versions of the key manager runtime must
+  pass this check.
+
+- go/worker/client: Ensure block round is synced to storage
+  ([#5160](https://github.com/oasisprotocol/oasis-core/issues/5160))
+
+  Previously, the transaction inclusion checks could attempt to inspect a
+  block that the node has not yet synced, triggering an error.
+
+- go/worker/compute: Do not drop valid proposals
+  ([#5161](https://github.com/oasisprotocol/oasis-core/issues/5161))
+
+  Previously, valid proposals could be dropped instead of being forwarded
+  via the P2P gossip when the local node's consensus view was slightly
+  behind even though the proposal was valid. With smaller committees and
+  certain topologies this could result in some nodes not getting the
+  proposals.
+
+- go/registry/api: Fix node registration when TEE not available
+  ([#5177](https://github.com/oasisprotocol/oasis-core/issues/5177))
+
+  Previously, registration skipped the TEE hardware verification if a node
+  registered without TEE capability.
+
+- go/runtime: Also re-attest based on `MaxAttestationAge`
+  ([#5187](https://github.com/oasisprotocol/oasis-core/issues/5187))
+
+- go/runtime/host/sgx: Update Quoting Enclave target info during re-attestation
+  ([#5239](https://github.com/oasisprotocol/oasis-core/issues/5239))
+
+  This allows the node to continue working in case aesmd is upgraded while
+  the node is running. In this case the Quoting Enclave identity can
+  change and this requires the target info to be updated.
+
+- go/worker/client: Also treat literal latest round as latest
+  ([#5248](https://github.com/oasisprotocol/oasis-core/issues/5248))
+
+- go/worker/compute/executor: Do not propose batch on epoch transition
+  ([#5260](https://github.com/oasisprotocol/oasis-core/issues/5260))
+
+  Previously, a compute node could propose a new batch just before the
+  epoch transition happened, resulting in computation that will be
+  discarded anyway.
+
+- go/oasis-node/cmd/ias: Regenerate TLS certificate on startup
+  ([#5289](https://github.com/oasisprotocol/oasis-core/issues/5289),
+   [#5375](https://github.com/oasisprotocol/oasis-core/issues/5375))
+
+- go/staking: Fix reward distribution when common pool is exhausted
+  ([#5319](https://github.com/oasisprotocol/oasis-core/issues/5319))
+
+  Handle scenario where reward schedule hasn't completed yet, but the common
+  pool has already been exhausted.
+
+- go/storage/mkvs: Fix commit of `nil` entries
+  ([#5321](https://github.com/oasisprotocol/oasis-core/issues/5321))
+
+- go/worker/storage/sync: Backoff when storage sync starts failing
+  ([#5341](https://github.com/oasisprotocol/oasis-core/issues/5341))
+
+  Fixes the case where if storage requests start failing (e.g. due to network
+  errors) the storage worker would crazily retry requests - using lots of CPU
+  and filling up the logs.
+
+- go/common/cbor: Relax CBOR decoding for gRPC/RHP endpoints
+  ([#5335](https://github.com/oasisprotocol/oasis-core/issues/5335))
+
+- go/worker/common: Reset runtime provisioned status on failure
+  ([#5361](https://github.com/oasisprotocol/oasis-core/issues/5361))
+
+- go/registry: Do not verify node TEE capabilities during genesis
+  ([#5389](https://github.com/oasisprotocol/oasis-core/issues/5389))
+
+- go/runtime/host/sgx/epid: Ensure consistent IAS proxy usage for attestation
+  ([#5390](https://github.com/oasisprotocol/oasis-core/issues/5390))
+
+  Refactors the IAS proxy client to expose separate clients for each configured
+  IAS proxy, instead of load-balancing internally between endpoints on a
+  per-request basis.
+
+  This is required because the attestation procedure requires three calls to
+  the IAS endpoint (`GetSPIDInfo`, `GetSigRL`, `VerifyEvidence`) which should
+  all interact with the same endpoint.
+
+### Documentation Improvements
+
+- docs: Use "chapter" and "section" terms consistently
+  ([#5384](https://github.com/oasisprotocol/oasis-core/issues/5384))
+
+### Internal Changes
+
+- go/p2p: Improve peer manager's peer handling
+  ([#5002](https://github.com/oasisprotocol/oasis-core/issues/5002))
+
+  Previously, peer manager connected to all nodes in the registry which had
+  multiple drawbacks (connections got pruned, no protocol selection, no peer
+  discovery). This was changed so that peers are connected depending
+  on the supported protocols and the number of peers in a protocol/topic
+  is regulated in a controlled fashion.
+
+- go/p2p/rpc: Refactor RPC calls
+  ([#5007](https://github.com/oasisprotocol/oasis-core/issues/5007))
+
+  Previously, peer manager and RPC client were too tightly coupled. The
+  client also didn't support simple RPC calls which call exactly one peer.
+
+- runtime/src/enclave_rpc: Add support for insecure key manager RPC requests
+  ([#5075](https://github.com/oasisprotocol/oasis-core/issues/5075))
+
+  The key manager uses encrypted sessions to authenticate clients and protect
+  sensitive data. The number of sessions is limited, thus susceptible to DoS
+  attacks. A malicious client can establish multiple sessions in parallel,
+  preventing other clients from making requests. Furthermore, since each
+  session is encrypted, the exchanged messages cannot be read or modified.
+  For public key requests this is not ideal as one would want to cache the
+  responses locally and serve them to other clients to unburden the manager.
+  Large quotes also cannot be removed from the exchanged messages if we are
+  sure that the recipient can obtain them through some other means. Supporting
+  insecure key manager RPC requests solves some of the before mentioned problems
+  and leaves space for further optimizations.
+
+- go/p2p/rpc: Enable subscribing to peer updates
+  ([#5083](https://github.com/oasisprotocol/oasis-core/issues/5083))
+
+  Adds `WatchUpdates()` method to the `PeerManager` which allows subscribing to
+  peer updates (peers being added or removed).
+
+- runtime/src/protocol: Deserialize unknown RHP messages as invalid
+  ([#5094](https://github.com/oasisprotocol/oasis-core/issues/5094))
+
+  Runtime-host protocol terminated the reader thread when failed to deserialize
+  a runtime message on the Rust side (e.g. when `Body` enum contained an unknown
+  field). Decoding is now more robust as these messages are deserialized as
+  invalid and latter discarded and logged as malformed by the handler.
+
+- go/grpc: Remove unused gRPC code
+  ([#5100](https://github.com/oasisprotocol/oasis-core/issues/5100))
+
+  Removes a lot of unneeded gRPC code since no runtime or consensus protocols
+  use it for communication anymore.
+
+- crypto/x25519: Add type-safe X25519 private/public key types
+  ([#5121](https://github.com/oasisprotocol/oasis-core/issues/5121))
+
+- runtime: Refactor consensus verifier predicates
+  ([#5128](https://github.com/oasisprotocol/oasis-core/issues/5128))
+
+- ci: Explicitly use Ubuntu 22.04 for release builds
+  ([#5131](https://github.com/oasisprotocol/oasis-core/issues/5131))
+
+  This avoids the situation when ubuntu-latest gets changed to something
+  else, possibly imposing a different set of dependencies.
+
+- runtime/src/protocol: Remove consensus version compatibility check
+  ([#5135](https://github.com/oasisprotocol/oasis-core/issues/5135))
+
+  Consensus version check was a sanity check which didn't allow dump-restore
+  upgrades. The removal did no harm as the consensus version was never
+  authenticated and light clients use the verifier to check state compatibility
+  and authenticity.
+
+- runtime: Attempt to flush buffers before aborting
+  ([#5146](https://github.com/oasisprotocol/oasis-core/issues/5146))
+
+- runtime: Simplify the LRU-backed consensus verifier light store
+  ([#5149](https://github.com/oasisprotocol/oasis-core/issues/5149))
+
+- runtime: Reduce the size of the light block LRU store
+  ([#5150](https://github.com/oasisprotocol/oasis-core/issues/5150))
+
+- go/consensus/supplementarysanity: Fix checks for legacy validators
+  ([#5168](https://github.com/oasisprotocol/oasis-core/issues/5168))
+
+- keymanager: Add support for master secret generations
+  ([#5198](https://github.com/oasisprotocol/oasis-core/issues/5198))
+
+  Refactored key manager's init method to be able to support multiple
+  generations of the master secret.
+
+- go/keymanager/api: Add signed encrypted master secret
+  ([#5199](https://github.com/oasisprotocol/oasis-core/issues/5199))
+
+- runtime: Always use host node ID when verifying freshness with RAK
+  ([#5201](https://github.com/oasisprotocol/oasis-core/issues/5201))
+
+  This avoids an initial scan over all the nodes in the registry.
+
+- runtime: Use a limited multi-threaded Tokio runtime in SGX
+  ([#5214](https://github.com/oasisprotocol/oasis-core/issues/5214))
+
+- keymanager: Support policies in unsafe builds
+  ([#5215](https://github.com/oasisprotocol/oasis-core/issues/5215))
+
+  The key manager settings configured in the policy can now be tested on non-SGX
+  builds as well. This simplifies tests, as default values can be configured in
+  the test fixtures (e.g. master secret rotation period).
+
+- go/worker/keymanager: Optimize enclave initialization
+  ([#5218](https://github.com/oasisprotocol/oasis-core/issues/5218))
+
+  Enclave initialization was moved into its own goroutine to avoid blocking
+  the main loop of the key manager worker. Once initialization is completed,
+  the resulting state of the enclave is compared to the latest key manager
+  status. If the latter has changed, initialization is performed again.
+
+  This will be useful when we deploy master secret rotation since new secrets
+  may be generated while old secrets are being replicated which can result
+  in an outdated state once initialization finishes.
+
+- runtime: Refactor Tokio runtime constructor
+  ([#5220](https://github.com/oasisprotocol/oasis-core/issues/5220))
+
+- docker: Switch to ghcr.io for container registry
+  ([#5224](https://github.com/oasisprotocol/oasis-core/issues/5224))
+
+- runtime/consensus/roothash: Implement executor commitment structures
+  ([#5282](https://github.com/oasisprotocol/oasis-core/issues/5282))
+
+  Structures and functions related to executor commitments were added
+  in order to be used later for executor commitment verification.
+
+- go/consensus/tendermint: Implement `{Prepare,Process}Proposal`
+  ([#5285](https://github.com/oasisprotocol/oasis-core/issues/5285))
+
+  This also makes the nodes execute the proposal in the prepare/process
+  phase such that advanced modification (e.g. including meta transactions
+  based on results) and validation (e.g. rejecting blocks with invalid
+  transactions) becomes possible.
+
+- go/oasis-test-runner: Build key manager runtime with trust root
+  ([#5307](https://github.com/oasisprotocol/oasis-core/issues/5307))
+
+  The runtime trust-root scenarios now build not only the simple key/value
+  runtime but also the key manager runtime with an embedded trust root.
+
+- tests/upgrade: Test master secrets
+  ([#5325](https://github.com/oasisprotocol/oasis-core/issues/5325))
+
+  The upgrade scenario was enhanced to test runtime and key manager upgrades,
+  trust roots and master secret rotations.
+
+- Bump Go to 1.21.0
+  ([#5030](https://github.com/oasisprotocol/oasis-core/issues/5030),
+   [#5228](https://github.com/oasisprotocol/oasis-core/issues/5228),
+   [#5356](https://github.com/oasisprotocol/oasis-core/issues/5356))
+
+- go: Remove timecache replace directive in `go.mod` file
+  ([#5272](https://github.com/oasisprotocol/oasis-core/issues/5272))
+
+  The replace directive for github.com/whyrusleeping/timecache has been removed
+  since the go-libp2p-pubsub library version 0.9.3 no longer utilizes it.
+
+- go: Remove flatbuffers replace directive in `go.mod` file
+  ([#5273](https://github.com/oasisprotocol/oasis-core/issues/5273))
+
+  The replace directive for github.com/google/flatbuffers has been removed
+  since the badger library version 3.2103.4 uses the same version 1.12.1.
+
+- go: Ignore CVE-2022-44797 until tendermint uses newer btcd
+  ([#5024](https://github.com/oasisprotocol/oasis-core/issues/5024))
+
+- go: Bump golang.org/x/net to 0.13.0
+  ([#5095](https://github.com/oasisprotocol/oasis-core/issues/5095),
+   [#5337](https://github.com/oasisprotocol/oasis-core/issues/5337))
+
+- go: Bump go-libp2p-pubsub to 0.9.1
+  ([#5180](https://github.com/oasisprotocol/oasis-core/issues/5180),
+   [#5195](https://github.com/oasisprotocol/oasis-core/issues/5195))
+
+- go: Bump go-libp2p to 0.30.0
+  ([#5026](https://github.com/oasisprotocol/oasis-core/issues/5026),
+   [#5087](https://github.com/oasisprotocol/oasis-core/issues/5087),
+   [#5180](https://github.com/oasisprotocol/oasis-core/issues/5180),
+   [#5297](https://github.com/oasisprotocol/oasis-core/issues/5297),
+   [#5338](https://github.com/oasisprotocol/oasis-core/issues/5338),
+   [#5339](https://github.com/oasisprotocol/oasis-core/issues/5339),
+   [#5355](https://github.com/oasisprotocol/oasis-core/issues/5355))
+
+- runtime: Bump serde_json to 1.0.87
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- runtime: Bump futures to 0.3.25
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- runtime: Bump arbitrary to 1.2.0
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- runtime: Bump oasis-cbor to 0.5.1
+  ([#5035](https://github.com/oasisprotocol/oasis-core/issues/5035))
+
+- runtime: Bump tendermint-rs to 0.30.0
+  ([#5037](https://github.com/oasisprotocol/oasis-core/issues/5037),
+   [#5106](https://github.com/oasisprotocol/oasis-core/issues/5106),
+   [#5190](https://github.com/oasisprotocol/oasis-core/issues/5190),
+   [#5234](https://github.com/oasisprotocol/oasis-core/issues/5234))
+
+- runtime: Bump tokio to 1.29.1
+  ([#5120](https://github.com/oasisprotocol/oasis-core/issues/5120),
+   [#5330](https://github.com/oasisprotocol/oasis-core/issues/5330))
+
+- runtime: Bump tempfile to 3.4.0
+  ([#5213](https://github.com/oasisprotocol/oasis-core/issues/5213))
+
+- runtime: Bump ed25519-dalek to 2.0.0
+  ([#5351](https://github.com/oasisprotocol/oasis-core/issues/5351))
+
+- runtime: Bump rsa to 0.9.2
+  ([#5351](https://github.com/oasisprotocol/oasis-core/issues/5351))
+
+- runtime: Bump sha2 to 0.10.7, hmac to 0.12.1
+  ([#5351](https://github.com/oasisprotocol/oasis-core/issues/5351))
+
+- runtime-loader: Bump clap to 4.0.22
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- runtime-loader: Bump futures to 0.3.25
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- keymanager: Bump futures to 0.3.25
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- tools: Bump clap to 4.0.22
+  ([#5031](https://github.com/oasisprotocol/oasis-core/issues/5031))
+
+- docker: Bump base image to Ubuntu 22.04
+  ([#5141](https://github.com/oasisprotocol/oasis-core/issues/5141))
+
+- docker: Bump cargo-tarpaulin to 0.25.0
+  ([#5191](https://github.com/oasisprotocol/oasis-core/issues/5191))
+
 ## 22.2 (2022-10-13)
 
 | Protocol          | Version   |