Vac R&D Roadmaps and Reports

Search

SearchSearch

2025-05 Vac monthly

Jun 10, 2025, 13 min read

Vac Monthly Report 2025/05

P2P

highlights

  • Completed performance evaluations for GossipSub v1.4, v1.4+stagger, PPPt, 2.0
  • Daily CI jobs are back online
  • Submitted GossipSub v1.4 article on arxiv
  • Release v1.10.0 and v1.10.1 with QUIC transport support
  • PoC implementations for push-pull phase transition and GossipSub v2.0

report

  • ift:2025q1-gossipsub-perf-improvements
  • vac:p2p:ift:2025q2-nimlibp2p-autotls
    • Overview:
      • Created AutoTLS client spec (PR to libp2p/specs pending some additional local reviews)
      • Following tasks are finalized, pending PR review:
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:acme-registration
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:certificate-request-challenge
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:notify-autotls-broker
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:notify-challenge-completion
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:finalize-cert
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:certificate-request-auth
        • vac:p2p:ift:2025q2-nimlibp2p-autotls:dns-challenge
        • Tasks are implemented in nim-libp2p#1358
      • vac:p2p:ift:2025q2-nimlibp2p-autotls:certificate-installation in progress
  • vac:p2p:ift:2025q2-nimlibp2p-kad-dht
    • Overview:
      • The following tasks are in progress:
        • vac:p2p:ift:2025q2-nimlibp2p-kad-dht:routing-and-rpc
        • vac:p2p:ift:2025q2-nimlibp2p-kad-dht:bootstraping-and-lookup
      • Implemented FIND_NODE, still missing some tests to demonstrate it works correctly
      • Bootstrapping process implemented to populate routing table on start
      • Added bucket management to routing table
      • Progress can be tracked in nim-libp2p#1324
  • vac:p2p:ift:2025q2-nimlibp2p-webtransport:http3-client
    • Overview:
      • Implemented client barebones, realized that this commitment will require using its own implementation of quic. nim-quic does not extend easily to something like webtransport.
  • vac:p2p:ift:2025q2-nimlibp2p-maintenance:maintenance
  • vac:p2p:acz:2025q2-acz-consulting:libp2p-mix-consulting
    • Overview:
      • Troubleshoot compilation issues
      • Assist in debugging reasons behind incorrect number of streams metric
  • vac:p2p:vac:2025q2-test-coverage:qa-consulting
    • Overview:
      • Provided assistance to QA team in the form of code reviews for test suite improvements
  • misc/admin

Tokenomics (public version)

highlights

  • Designed Ghost Tokenomics and assisted the team with their strategic decisions.
  • Led cross-functional collaboration for Codex Incentivized Testnet.
  • Defined a token emission schedule based on key performance indicators (KPIs).
  • Contributed to Codex strategy with data analysis on their competitors growth.
  • Coordinated with SN and ACZ teams to clarify open questions about Karma minting and RLN registration.
  • Evaluated how the optimal control framing could be applied to real token emission models (e.g., Nomos and Codex).
  • Reviewed and contributed to an integrated fundraising spreadsheet model for the TGE group.
  • Gathered insights on expected gas usage on KARMA
  • Attended ETHPrague and ETHGlobal Prague conferences

report

  • vac:tke:ift:ghost:ad-hoc
    • Overview:
      • Authored a document outlining Ghost tokenomics.
      • Held discussions with Ghost team to refine the framework and direction
    • Completed tasks:
      • vac:tke:ift:ghost:ad-hoc:potential-tokenomics
  • vac:tke:codex:cdx-launch
    • Overview:
      • Cross-functional collaboration: Held meetings with Codex, Finance, and IR teams to discuss the incentivized testnet.
      • Contributed to data analysis on competitor growth, likely to inform Codex strategy and benchmarking.
    • Completed tasks:
      • vac:tke:codex:cdx-launch:review-testnet
      • vac:tke:codex:cdx-launch:competitor-analysis
  • vac:tke:status:karma-incentives
    • Overview:
      • Analyzed Linea data to derive meaningful parameters for Karma rewards.
      • Wrote a report outlining the methodology and findings.
    • Completed tasks:
      • vac:tke:status:karma-incentives:linea-txs
      • vac:tke:status:karma-incentives:linea-usage
  • vac:tke:nomos:macroeconomy
    • Overview:
      • Continued modeling Nomos block rewards and explored integration with optimal minting control work.
      • Created introductory documents explaining the pros and cons of different reward mechanisms.
      • Prepared and submitted the stake estimation document for revision.
      • Reviewed the Blend Protocol v1 documentation.
      • Evaluated lottery specs and transaction inclusion reward mechanisms.
    • Completed tasks:
      • vac:tke:nomos:macroeconomy:preliminary-block-rewards
      • vac:tke:nomos:macroeconomy:block-rewards
      • vac:tke:nomos:macroeconomy:tfms-primer
      • vac:tke:nomos:macroeconomy:revision-economic-model
  • vac:tke:ift:tokenomics-research-forum
    • Overview:
      • Continued analysis of token valuation metrics throughout PLS Regression.
      • Conducted research on optimal control and minting strategies.
      • Designed grant mechanisms under the “Grantico” concept.
    • Completed tasks:
      • vac:tke:ift:tokenomics-research-forum:token-sales-opt
      • vac:tke:ift:tokenomics-research-forum:minting-control
      • vac:tke:ift:tokenomics-research-forum:grantico
  • vac:tke:ift:support-to-ift-units
    • Overview:
      • Review of past discussions and proposal on Logos as a basket of tokens.
      • Explored and documented: potential token baskets, joint value accrual mechanisms, various token distribution models and mechanics.
      • Proposed and iterated on a TGE checklist
      • Reviewed and contributed to an integrated fundraising spreadsheet model for the TGE group.
    • Completed tasks:
      • vac:tke:ift:support-to-ift-units:tge
      • vac:tke:ift:support-to-ift-units::logos-basket-review

QA

highlights

  • Considerable progress was made to cover Gossipsub in nim-libp2p repo
  • Go-waku removed from waku-interop-test workflows
  • Several issues found for waku-go-bindings

report

DST

highlights

  • Found a list of issues for quic implementation in nimlibp2p
  • Multiple analysis and measurements on mix protocol, found two possible issues, devs are investigating
  • Greatly improved DST tooling for experiments and analysis

report

  • admin/misc
    • 1 CC Onboarding
    • 1 CC Out of Office Friday 16
    • 1 CC Out of Office Monday 19
  • vac:dst:ift:2025q2-dst-tooling
  • vac:dst:vac:2025q2-libp2p-evaluation
    • Overview
      • Regression report for nimlibpep 1.10.0
      • Analyzed mix message propagation times
      • Analyzed distribution of messages inside/outside mix
      • Performed comparison between mix and non-mix scenarios
      • Found possible issue regarding mix-gossipsub instance in the same node
      • Found weird times for mix propagation
    • Delivered deliverables
    • Completed tasks
      • vac:dst:vac:2025q2-libp2p-evaluation:mix-analysis
  • vac:dst:ift:2025q2-dst-research-destination
    • Overview:
      • Started planning for EF project grant

SC

highlights

  • Yield bridge design completed, implementation started
  • Status communities contracts now deployed on Polgon POS Mainnet and Amoy
  • Status Network Karma slashing capabilities done
  • KarmaRLN implementation almost done (enables gasless transactions on SN)
  • Presented Provably Rootless EIP-7702 Proxies in learnup session

report

ACZ

highlights

  • Having improved Zerokit with tree optimizations, wasm parallizations also semaphore comparison.

report

  • ift:2025q2-de-mls-tesnet
  • ift:2025q2-zerokit
    • Overview:
      • Enchange the tree optimiztion by parallel execution
      • Completed RLN bottleneck investigation
      • Completed wasm paralelization
      • Completed latest Semaphore examination inlcuding comparison with Zerokit
      • On-hold for witness calculator task due to blocker from iden3 due to these issues 1 and 2.
    • Delivered deliverables:
    • Completed tasks:
      • ift:2025q2-zerokit:parallel-computation-study
      • ift:2025q2-zerokit:rln-execution-bottleneck
      • ift:2025q2-zerokit:semaphore-parts-bench
  • ift:2025q2-rln-status-l2
    • Overview:
      • Creating RLN deployment specs will be delivered soon
      • Releasing prover and RPC node implementations
    • Delivered deliverables:
  • ift:2025q2-ift-zk-calls
  • ift:2025q2-libp2p-mix-testnet
  • nes:2025q2-nescience-consulting
    • Overview:
      • Finished creating unified Q1 research Docs.
    • Delivered deliverables:
    • Completed tasks:
      • nes:2025q2-nescience-consulting:unifying-q1-docs

RFC

highlights

report

Nim

highlights

  • Tooling release Nimlangserver v1.12.0 and vscode extension v1.8.x
  • Started initial work for nimble 1.0.0

Security

highlights

  • Updated permissions and scope into the required DeFi strategies
  • Triaged of Status-321 and Status-322 new vulnerabilities
  • Investigated reports concerning Discord AI bots and confirmed bans
  • Defined a new signatory db schema and revalidated the current authorised signers
  • Evaluated and selected new hardware wallets models (that support clear signing) for treasury/custody activities
  • Finalized Codex modular contract threat scenarios based on discussions during the Offsite
  • Master Wallet Index 2025q2 update
  • Updated the software catalogue by capturing data from Expensify
  • Improved GitHub Actions access controls and secret management
  • Tracked and resolved issues identified in projects via Dependabot and CodeQL

report

  • ift:2025q2-iam-operations

    • Mediate access to DeFi protocols and smart contracts to the Investment roles and smart accounts
    • Remove unnecessary users (leavers, external users, bots and service accounts) and roles/groups in critical services and apps
    • Output:
      • Removed users no longer needed in Github and BambooHR. [Reference]
      • Removed malicious bots from Discord. [Reference]
      • Modified scope and approvals into the pendle investment strategy. [Reference]
      • Modified scope and approvals into the cowswap investment strategy. [Reference]
      • Modified scope and approvals into the pendle-merkle investment strategy. [Reference]
    • Tasks:
      • ift:2025q2-iam-operations:inv-pendle-update
      • ift:2025q2-iam-operations:inv-cowswap-update
      • ift:2025q2-iam-operations:inv-pendle-merkle-update
      • ift:2025q2-iam-operations:remove-unnecessary-users

  • ift:2025q2-security-operations

    • Identify, assess, prioritize, and mitigate security vulnerabilities across the org infrastructure and programs.
    • Identify, respond to, and resolve security incidents, with clear communication, ensuring minimal disruption to business operations.
    • Output:
      • Triaged of Status-321 and Status-322 new vulnerabilities
      • Validated on Status-318 incident resolution
      • Investigated reports concerning Discord AI bots and confirm bans. [Reference]
      • Investigated and tracked remediation of CI/CD vulnerabilities related to dangerous runners.
    • Tasks:
      • ift:2025q2-security-operations:incident-response
      • ift:2025q2-security-operations:vulnerability-management

  • ift:2025q2-custody-improvement-plan:signatory-registry-implementation

    • Implement and maintain a registry of signers and wallet owners within the organization
    • Output:
      • Revalidated the current list of authorized signatories. [Reference]
      • Defined a new signatory schema (attributes to be recorded, excluding names or any other value that could expose the real identity of a signer).[Reference]
      • Collected and verify signatory information based on new schema
    • Tasks:
      • ift:2025q2-signatory-registry:signer-scheme-definition
      • ift:2025q2-signatory-registry:signer-inventory-revalidation
      • ift:2025q2-custody-improvement-plan:mpc-solution-review

  • ift:2025q2-custody-improvement-plan:signing-devices-upgrade

    • Upgrade to most secure signing devices to perform org wallet ops
    • Output:
      • Consolidate the current inventory of devices used to sign transactions in org wallets. [Reference]
      • Evaluate and select new hardware wallets models (that support clear signing) for treasury/custody activities. [Reference]
    • Tasks:
      • ift:2025q2-signing-devices-upgrade:device-inventory-update
      • ift:2025q2-signing-devices-upgrade:device-selection-and-testing

  • ift:2025q2-audit-plan-refinement

    • Refined the smart contract testing plan, including Codex modular contract threat scenarios
    • Output:
      • Wrote test cases with foundry to test Codex smart contracts
      • Performed a security gap analysis based on the latest repository updates
      • Expanded test coverage to include edge cases and non-happy paths for Codex contracts
      • Performed fuzzing and invariant testing with Foundry.
      • Penetration testing and code reviewing activities in the Codex repos
    • Tasks:
      • codex:2025q2-audit-plan-refinement:smart-contract-threat-mapping
      • codex:2025q2-audit-plan-refinement:smart-contract-internal-testing

  • ift:2025q2-security-workflow-automation

    • Design, deploy and maintain automated workflows to support critical Security Ops and procedures
    • Output:
      • Updated the software catalogue by capturing data from Expensify and implementing a notification system for expiration dates. [Reference]
      • Developed a function to update the master wallet index when on-chain data changes are detected (signatories, threshold, etc). [Reference]
      • 2025q2 Master Wallet Index update. [Reference]
    • Tasks:
      • ift:2025q2-security-automation:app-catalogue-update-from-expensify
      • ift:2025q2-security-automation:automatic-wallet-index-updates
      • ift:2025q2-automate-wallet-index-update:add-update-function-to-handler

  • ift:2025q2-cicd-security-review

    • Improve GitHub Actions access controls and secret management.
    • Output:
      • Audited reusable workflows for security gaps.
      • Reviewed existing PATs and hardened them to prevent token exposure and misuse.
      • Tracked and resolved issues identified in projects via Dependabot and CodeQL.
      • Reviewed and enhance branch protection configurations for key repositories.
      • Automated the processing of secret scanning notifications and alerts.
    • Tasks:
      • ift:2025q2-cicd-security-review:gha-hardening
      • ift:2025q2-cicd-security-review:cicd-security-hardening

  • ift:2025q2-sec-infra-maintenance

    • Ensure the ongoing maintenance and optimization of our security infrastructure
    • Output:
      • Created a POC workflow structure, main and subprocess
      • Finalized tests and activated the n8n on premise backup workflow. [Reference]
    • Tasks:
      • ift:2025q2-sec-infra-maintenance:n8n-onprem-workflow-backup

  • admin\misc

    • Discussions and catchup with Status,VAC,Keycard,Logos and Codex teams

Nescience

Highlights

  • Revised all Q1 research tasks output and drafted some conclusion to take decisions regarding several aspects of the architecture, mainly: shielded executions, deshielded executions, privacy flags, UTXOs, and nullifiers.
  • Improved the UTXO model (research) and updated its implementation (engineering).
  • Started exploring account-based model and started sketching their integration into NSSA.
  • Started formalizing NSSA components.
  • Engineering wise, implemented private smart contract state model, private state provability, and methods for sc.
  • Also implemented persistent state storage in datebase, stable seriallization for sparse Merkle trees and snapshooting mechanisms.
  • Result-wise, we have improved our architecture components by focusing on the UTXO model, the SE and DE models, and acoount-based model for NSSA. Our code was also improved by adding a lot of functionalities and features matching the conducted research.

Report

Graph View

Backlinks

  • No backlinks found