0xMiden · mmagician · Mar 11, 2026 · Mar 11, 2026 · Mar 11, 2026 · Mar 12, 2026
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -32,7 +32,7 @@ license      = "MIT"
 readme       = "README.md"
 repository   = "https://github.com/0xMiden/node"
 rust-version = "1.93"
-version      = "0.14.0-alpha.8"
+version      = "0.14.0-beta.4"
 
 # Optimize the cryptography for faster tests involving account creation.
 [profile.test.package.miden-crypto]
@@ -47,35 +47,33 @@ debug = true
 
 [workspace.dependencies]
 # Workspace crates.
-miden-large-smt-backend-rocksdb = { path = "crates/large-smt-backend-rocksdb", version = "=0.14.0-alpha.8" }
-miden-node-block-producer       = { path = "crates/block-producer", version = "=0.14.0-alpha.8" }
-miden-node-db                   = { path = "crates/db", version = "=0.14.0-alpha.8" }
-miden-node-grpc-error-macro     = { path = "crates/grpc-error-macro", version = "=0.14.0-alpha.8" }
-miden-node-ntx-builder          = { path = "crates/ntx-builder", version = "=0.14.0-alpha.8" }
-miden-node-proto                = { path = "crates/proto", version = "=0.14.0-alpha.8" }
-miden-node-proto-build          = { path = "proto", version = "=0.14.0-alpha.8" }
-miden-node-rpc                  = { path = "crates/rpc", version = "=0.14.0-alpha.8" }
-miden-node-store                = { path = "crates/store", version = "=0.14.0-alpha.8" }
+miden-large-smt-backend-rocksdb = { path = "crates/large-smt-backend-rocksdb", version = "=0.14.0-beta.4" }
+miden-node-block-producer       = { path = "crates/block-producer", version = "=0.14.0-beta.4" }
+miden-node-db                   = { path = "crates/db", version = "=0.14.0-beta.4" }
+miden-node-grpc-error-macro     = { path = "crates/grpc-error-macro", version = "=0.14.0-beta.4" }
+miden-node-ntx-builder          = { path = "crates/ntx-builder", version = "=0.14.0-beta.4" }
+miden-node-proto                = { path = "crates/proto", version = "=0.14.0-beta.4" }
+miden-node-proto-build          = { path = "proto", version = "=0.14.0-beta.4" }
+miden-node-rpc                  = { path = "crates/rpc", version = "=0.14.0-beta.4" }
+miden-node-store                = { path = "crates/store", version = "=0.14.0-beta.4" }
 miden-node-test-macro           = { path = "crates/test-macro" }
-miden-node-utils                = { path = "crates/utils", version = "=0.14.0-alpha.8" }
-miden-node-validator            = { path = "crates/validator", version = "=0.14.0-alpha.8" }
-miden-remote-prover-client      = { path = "crates/remote-prover-client", version = "=0.14.0-alpha.8" }
+miden-node-utils                = { path = "crates/utils", version = "=0.14.0-beta.4" }
+miden-node-validator            = { path = "crates/validator", version = "=0.14.0-beta.4" }
+miden-remote-prover-client      = { path = "crates/remote-prover-client", version = "=0.14.0-beta.4" }
 # Temporary workaround until <https://github.com/rust-rocksdb/rust-rocksdb/pull/1029>
 # is part of `rocksdb-rust` release
-miden-node-rocksdb-cxx-linkage-fix = { path = "crates/rocksdb-cxx-linkage-fix", version = "=0.14.0-alpha.8" }
+miden-node-rocksdb-cxx-linkage-fix = { path = "crates/rocksdb-cxx-linkage-fix", version = "=0.14.0-beta.4" }
 
 # miden-base aka protocol dependencies. These should be updated in sync.
-miden-block-prover    = { version = "=0.14.0-alpha.2" }
-miden-protocol        = { default-features = false, version = "=0.14.0-alpha.2" }
-miden-standards       = { version = "=0.14.0-alpha.2" }
-miden-testing         = { version = "=0.14.0-alpha.2" }
-miden-tx              = { default-features = false, version = "=0.14.0-alpha.2" }
-miden-tx-batch-prover = { version = "=0.14.0-alpha.2" }
+miden-block-prover    = { version = "=0.14.0-rc.1" }
+miden-protocol        = { default-features = false, version = "=0.14.0-rc.1" }
+miden-standards       = { version = "=0.14.0-rc.1" }
+miden-testing         = { version = "=0.14.0-rc.1" }
+miden-tx              = { default-features = false, version = "=0.14.0-rc.1" }
+miden-tx-batch-prover = { version = "=0.14.0-rc.1" }
 
 # Other miden dependencies. These should align with those expected by miden-base.
-miden-air = { features = ["std", "testing"], version = "0.20" }
-
-miden-crypto = { version = "0.19.7" }
+miden-crypto = { version = "0.23" }
 
 # External dependencies
 anyhow            = { version = "1.0" }
@@ -147,3 +145,5 @@ should_panic_without_expect  = "allow" # We don't care about the specific panic
 # Configure `cargo-typos`
 [workspace.metadata.typos]
 files.extend-exclude = ["*.svg"] # Ignore SVG files.
+
+[patch.crates-io]
-
-[patch.crates-io]
-
-[patch.crates-io]
diff --git a/bin/genesis/Cargo.toml b/bin/genesis/Cargo.toml
@@ -21,7 +21,7 @@ anyhow          = { workspace = true }
 clap            = { workspace = true }
 fs-err          = { workspace = true }
 hex             = { workspace = true }
-miden-agglayer  = { version = "=0.14.0-alpha.2" }
+miden-agglayer  = { version = "=0.14.0-rc.1" }
 miden-protocol  = { features = ["std"], workspace = true }
 miden-standards = { workspace = true }
 rand            = { workspace = true }

diff --git a/bin/genesis/src/main.rs b/bin/genesis/src/main.rs
@@ -13,9 +13,9 @@ use miden_protocol::account::{
     AccountStorageMode,
     AccountType,
 };
-use miden_protocol::crypto::dsa::falcon512_rpo::{self, SecretKey as RpoSecretKey};
-use miden_protocol::crypto::rand::RpoRandomCoin;
-use miden_protocol::utils::Deserializable;
+use miden_protocol::crypto::dsa::falcon512_poseidon2::{self, SecretKey as FalconSecretKey};
+use miden_protocol::crypto::rand::RandomCoin;
+use miden_protocol::utils::serde::Deserializable;
 use miden_protocol::{Felt, ONE, Word};
 use miden_standards::AuthMethod;
 use miden_standards::account::wallets::create_basic_wallet;
@@ -71,7 +71,7 @@ fn run(
     let bridge_admin = create_basic_wallet(
         rand::random(),
         AuthMethod::SingleSig {
-            approver: (bridge_admin_pub.into(), AuthScheme::Falcon512Rpo),
+            approver: (bridge_admin_pub.into(), AuthScheme::Falcon512Poseidon2),
         },
         AccountType::RegularAccountImmutableCode,
         AccountStorageMode::Public,
@@ -83,7 +83,7 @@ fn run(
     let ger_manager = create_basic_wallet(
         rand::random(),
         AuthMethod::SingleSig {
-            approver: (ger_manager_pub.into(), AuthScheme::Falcon512Rpo),
+            approver: (ger_manager_pub.into(), AuthScheme::Falcon512Poseidon2),
         },
         AccountType::RegularAccountImmutableCode,
         AccountStorageMode::Public,
@@ -104,14 +104,14 @@ fn run(
 
     // Write .mac files.
     let bridge_admin_secrets = bridge_admin_secret
-        .map(|sk| vec![AuthSecretKey::Falcon512Rpo(sk)])
+        .map(|sk| vec![AuthSecretKey::Falcon512Poseidon2(sk)])
         .unwrap_or_default();
     AccountFile::new(bridge_admin, bridge_admin_secrets)
         .write(output_dir.join("bridge_admin.mac"))
         .context("failed to write bridge_admin.mac")?;
 
     let ger_manager_secrets = ger_manager_secret
-        .map(|sk| vec![AuthSecretKey::Falcon512Rpo(sk)])
+        .map(|sk| vec![AuthSecretKey::Falcon512Poseidon2(sk)])
         .unwrap_or_default();
     AccountFile::new(ger_manager, ger_manager_secrets)
         .write(output_dir.join("ger_manager.mac"))
@@ -156,11 +156,11 @@ path = "bridge.mac"
 }
 
 /// Generates a new Falcon512 keypair using a random seed.
-fn generate_falcon_keypair() -> (falcon512_rpo::PublicKey, RpoSecretKey) {
+fn generate_falcon_keypair() -> (falcon512_poseidon2::PublicKey, FalconSecretKey) {
     let mut rng = ChaCha20Rng::from_seed(rand::random());
     let auth_seed: [u64; 4] = rng.random();
-    let mut coin = RpoRandomCoin::new(Word::from(auth_seed.map(Felt::new)));
-    let secret_key = RpoSecretKey::with_rng(&mut coin);
+    let mut coin = RandomCoin::new(Word::from(auth_seed.map(Felt::new)));
+    let secret_key = FalconSecretKey::with_rng(&mut coin);
     let public_key = secret_key.public_key();
     (public_key, secret_key)
 }
@@ -170,11 +170,11 @@ fn generate_falcon_keypair() -> (falcon512_rpo::PublicKey, RpoSecretKey) {
 fn resolve_pubkey(
     hex_pubkey: Option<&str>,
     label: &str,
-) -> anyhow::Result<(falcon512_rpo::PublicKey, Option<RpoSecretKey>)> {
+) -> anyhow::Result<(falcon512_poseidon2::PublicKey, Option<FalconSecretKey>)> {
     if let Some(hex_str) = hex_pubkey {
         let bytes =
             hex::decode(hex_str).with_context(|| format!("invalid hex for {label} public key"))?;
-        let pubkey = falcon512_rpo::PublicKey::read_from_bytes(&bytes)
+        let pubkey = falcon512_poseidon2::PublicKey::read_from_bytes(&bytes)
             .with_context(|| format!("failed to deserialize {label} public key"))?;
         Ok((pubkey, None))
     } else {
@@ -199,7 +199,7 @@ fn bump_nonce_to_one(mut account: Account) -> anyhow::Result<Account> {
 mod tests {
     use miden_node_store::genesis::config::GenesisConfig;
     use miden_protocol::crypto::dsa::ecdsa_k256_keccak::SecretKey;
-    use miden_protocol::utils::Serializable;
+    use miden_protocol::utils::serde::Serializable;
 
     use super::*;
 

diff --git a/bin/network-monitor/src/assets/counter_program.masm b/bin/network-monitor/src/assets/counter_program.masm
@@ -1,6 +1,6 @@
 # Counter program for network monitoring with note authentication
 # Storage layout:
-# - OWNER_SLOT: authorized wallet account id as [prefix, suffix, 0, 0]
+# - OWNER_SLOT: authorized wallet account id as [suffix, prefix, 0, 0]
 # - COUNTER_SLOT: counter value (u64)
 
 use miden::core::sys
@@ -19,10 +19,10 @@ const OWNER_SLOT = word("miden::monitor::counter_contract::owner")
 pub proc increment
     # Ensure the note sender matches the authorized wallet.
     push.OWNER_SLOT[0..2] exec.active_account::get_item
-    # => [owner_prefix, owner_suffix, 0, 0]
+    # => [owner_suffix, owner_prefix, 0, 0]
 
     exec.active_note::get_sender
-    # => [sender_prefix, sender_suffix, owner_prefix, owner_suffix, 0, 0]
+    # => [sender_suffix, sender_prefix, owner_suffix, owner_prefix, 0, 0]
 
     exec.account_id::is_equal
     # => [are_equal, 0, 0]

diff --git a/bin/network-monitor/src/counter.rs b/bin/network-monitor/src/counter.rs
@@ -16,7 +16,7 @@ use miden_protocol::account::auth::AuthSecretKey;
 use miden_protocol::account::{Account, AccountFile, AccountHeader, AccountId};
 use miden_protocol::assembly::Library;
 use miden_protocol::block::{BlockHeader, BlockNumber};
-use miden_protocol::crypto::dsa::falcon512_rpo::SecretKey;
+use miden_protocol::crypto::dsa::falcon512_poseidon2::SecretKey;
 use miden_protocol::note::{
     Note,
     NoteAssets,
@@ -28,13 +28,13 @@ use miden_protocol::note::{
     NoteType,
 };
 use miden_protocol::transaction::{InputNotes, PartialBlockchain, TransactionArgs};
-use miden_protocol::utils::Deserializable;
+use miden_protocol::utils::serde::Deserializable;
 use miden_protocol::{Felt, Word};
 use miden_standards::account::interface::{AccountInterface, AccountInterfaceExt};
 use miden_standards::code_builder::CodeBuilder;
 use miden_standards::note::{NetworkAccountTarget, NoteExecutionHint};
 use miden_tx::auth::BasicAuthenticator;
-use miden_tx::utils::Serializable;
+use miden_tx::utils::serde::Serializable;
 use miden_tx::{LocalTransactionProver, TransactionExecutor};
 use rand::{Rng, SeedableRng};
 use rand_chacha::ChaCha20Rng;
@@ -122,15 +122,19 @@ async fn fetch_counter_value(
         .find(|slot| slot.slot_name == COUNTER_SLOT_NAME.as_str())
         .context(format!("counter slot '{}' not found", COUNTER_SLOT_NAME.as_str()))?;
 
-    // The counter value is stored as a Word, with the actual u64 value in the last element
+    // The counter value is stored as a Word, with the actual u64 value in the first element
     let slot_value: Word = counter_slot
         .commitment
         .as_ref()
         .context("missing storage slot value")?
         .try_into()
         .context("failed to convert slot value to word")?;
 
-    let value = slot_value.as_elements().last().expect("Word has 4 elements").as_int();
+    let value = slot_value
+        .as_elements()
+        .first()
+        .expect("Word has 4 elements")
+        .as_canonical_u64();
 
     Ok(Some(value))
 }
@@ -321,7 +325,7 @@ async fn setup_increment_task(
         .await?
         .unwrap_or(wallet_account_file.account.clone());
 
-    let AuthSecretKey::Falcon512Rpo(secret_key) = wallet_account_file
+    let AuthSecretKey::Falcon512Poseidon2(secret_key) = wallet_account_file
         .auth_secret_keys
         .first()
         .expect("wallet account file should have one auth secret key")
@@ -821,7 +825,8 @@ async fn create_and_submit_network_note(
     rng: &mut ChaCha20Rng,
 ) -> Result<(String, AccountHeader, BlockNumber)> {
     // Create authenticator for transaction signing
-    let authenticator = BasicAuthenticator::new(&[AuthSecretKey::Falcon512Rpo(secret_key.clone())]);
+    let authenticator =
+        BasicAuthenticator::new(&[AuthSecretKey::Falcon512Poseidon2(secret_key.clone())]);
 
     let account_interface = AccountInterface::from_account(wallet_account);
 
@@ -851,7 +856,7 @@ async fn create_and_submit_network_note(
 
     // Prove the transaction
     let prover = LocalTransactionProver::default();
-    let proven_tx = prover.prove(executed_tx).context("Failed to prove transaction")?;
+    let proven_tx = prover.prove(executed_tx).await.context("Failed to prove transaction")?;
 
     // Submit the proven transaction
     let request = ProvenTransaction {

diff --git a/bin/network-monitor/src/deploy/counter.rs b/bin/network-monitor/src/deploy/counter.rs
@@ -16,7 +16,7 @@ use miden_protocol::account::{
     StorageSlotName,
 };
 use miden_protocol::utils::sync::LazyLock;
-use miden_protocol::{Felt, FieldElement, Word};
+use miden_protocol::{Felt, Word};
 use miden_standards::code_builder::CodeBuilder;
 use miden_standards::testing::account_component::IncrNonceAuthComponent;
 use tracing::instrument;
@@ -46,15 +46,15 @@ pub fn create_counter_account(owner_account_id: AccountId) -> Result<Account> {
 
     let owner_id_slot = StorageSlot::with_value(
         OWNER_SLOT_NAME.clone(),
-        Word::from([Felt::ZERO, Felt::ZERO, owner_account_id_suffix, owner_account_id_prefix]),
+        Word::from([owner_account_id_suffix, owner_account_id_prefix, Felt::ZERO, Felt::ZERO]),
     );
 
     let counter_slot = StorageSlot::with_value(COUNTER_SLOT_NAME.clone(), Word::empty());
 
     let component_code =
         CodeBuilder::default().compile_component_code("counter::program", script)?;
 
-    let metadata = AccountComponentMetadata::new("counter::program").with_supports_all_types();
+    let metadata = AccountComponentMetadata::new("counter::program", AccountType::all());
     let account_code =
         AccountComponent::new(component_code, vec![counter_slot, owner_id_slot], metadata)?;
 

diff --git a/bin/network-monitor/src/deploy/mod.rs b/bin/network-monitor/src/deploy/mod.rs
@@ -11,15 +11,15 @@ use anyhow::{Context, Result};
 use miden_node_proto::clients::{Builder, RpcClient};
 use miden_node_proto::generated::rpc::BlockHeaderByNumberRequest;
 use miden_node_proto::generated::transaction::ProvenTransaction;
-use miden_protocol::account::{Account, AccountId, PartialAccount, PartialStorage, StorageMapKey};
+use miden_protocol::account::{Account, AccountId, PartialAccount, StorageMapKey};
 use miden_protocol::assembly::{
     DefaultSourceManager,
     Library,
     Module,
     ModuleKind,
     Path as MidenPath,
 };
-use miden_protocol::asset::{AssetVaultKey, AssetWitness, PartialVault};
+use miden_protocol::asset::{AssetVaultKey, AssetWitness};
 use miden_protocol::block::{BlockHeader, BlockNumber};
 use miden_protocol::crypto::merkle::mmr::{MmrPeaks, PartialMmr};
 use miden_protocol::note::NoteScript;
@@ -32,7 +32,7 @@ use miden_protocol::transaction::{
 };
 use miden_protocol::{MastForest, Word};
 use miden_tx::auth::BasicAuthenticator;
-use miden_tx::utils::Serializable;
+use miden_tx::utils::serde::Serializable;
 use miden_tx::{
     DataStore,
     DataStoreError,
@@ -203,7 +203,7 @@ pub async fn deploy_counter_account(counter_account: &Account, rpc_url: &Url) ->
 
     let prover = LocalTransactionProver::default();
 
-    let proven_tx = prover.prove(executed_tx).context("Failed to prove transaction")?;
+    let proven_tx = prover.prove(executed_tx).await.context("Failed to prove transaction")?;
 
     let request = ProvenTransaction {
         transaction: proven_tx.to_bytes(),
@@ -288,18 +288,8 @@ impl DataStore for MonitorDataStore {
         account_id: AccountId,
         mut _block_refs: BTreeSet<BlockNumber>,
     ) -> Result<(PartialAccount, BlockHeader, PartialBlockchain), DataStoreError> {
-        let account = self.get_account(account_id)?.clone();
-        let partial_storage = PartialStorage::new_full(account.storage().clone());
-        let assert_vault = PartialVault::new_full(account.vault().clone());
-        let partial_account = PartialAccount::new(
-            account_id,
-            account.nonce(),
-            account.code().clone(),
-            partial_storage,
-            assert_vault,
-            account.seed(),
-        )
-        .expect("Partial account be valid");
+        let account = self.get_account(account_id)?;
+        let partial_account = PartialAccount::from(account);
 
         Ok((partial_account, self.block_header.clone(), self.partial_block_chain.clone()))
     }

diff --git a/bin/network-monitor/src/deploy/wallet.rs b/bin/network-monitor/src/deploy/wallet.rs
@@ -6,7 +6,7 @@ use anyhow::Result;
 use miden_node_utils::crypto::get_rpo_random_coin;
 use miden_protocol::account::auth::{AuthScheme, AuthSecretKey};
 use miden_protocol::account::{Account, AccountFile, AccountStorageMode, AccountType};
-use miden_protocol::crypto::dsa::falcon512_rpo::SecretKey;
+use miden_protocol::crypto::dsa::falcon512_poseidon2::SecretKey;
 use miden_standards::AuthMethod;
 use miden_standards::account::wallets::create_basic_wallet;
 use rand::{Rng, SeedableRng};
@@ -23,7 +23,7 @@ pub fn create_wallet_account() -> Result<(Account, SecretKey)> {
     let mut rng = ChaCha20Rng::from_seed(rand::random());
     let secret_key = SecretKey::with_rng(&mut get_rpo_random_coin(&mut rng));
     let auth = AuthMethod::SingleSig {
-        approver: (secret_key.public_key().into(), AuthScheme::Falcon512Rpo),
+        approver: (secret_key.public_key().into(), AuthScheme::Falcon512Poseidon2),
     };
     let init_seed: [u8; 32] = rng.random();
 
@@ -43,7 +43,7 @@ pub fn save_wallet_account(
     secret_key: &SecretKey,
     file_path: &Path,
 ) -> Result<()> {
-    let auth_secret_key = AuthSecretKey::Falcon512Rpo(secret_key.clone());
+    let auth_secret_key = AuthSecretKey::Falcon512Poseidon2(secret_key.clone());
     let account_file = AccountFile::new(account.clone(), vec![auth_secret_key]);
     account_file.write(file_path)?;
     Ok(())

diff --git a/bin/network-monitor/src/remote_prover.rs b/bin/network-monitor/src/remote_prover.rs
@@ -14,7 +14,7 @@ use miden_protocol::note::NoteType;
 use miden_protocol::testing::account_id::{ACCOUNT_ID_PUBLIC_FUNGIBLE_FAUCET, ACCOUNT_ID_SENDER};
 use miden_protocol::transaction::TransactionInputs;
 use miden_testing::{Auth, MockChainBuilder};
-use miden_tx::utils::Serializable;
+use miden_tx::utils::serde::Serializable;
 use serde::{Deserialize, Serialize};
 use tokio::sync::watch;
 use tokio::time::MissedTickBehavior;
@@ -278,7 +278,9 @@ pub async fn generate_mock_transaction() -> anyhow::Result<TransactionInputs> {
 
     // Create an account with basic authentication
     let account = mock_chain_builder
-        .add_existing_wallet(Auth::BasicAuth { auth_scheme: AuthScheme::Falcon512Rpo })
+        .add_existing_wallet(Auth::BasicAuth {
+            auth_scheme: AuthScheme::Falcon512Poseidon2,
+        })
         .context("Failed to add wallet to mock chain")?;
 
     // Create a fungible asset