Vac R&D Roadmaps and Reports

Search

SearchSearch

2025-07 Vac monthly

Aug 08, 2025, 16 min read

P2P

highlights

  • AutoTLS development is complete (hidden behind feature flag)
  • Gossipsub 1.4 development is complete (hidden behind feature flag)
  • Dropped 1.6 support for nim-libp2p
  • Added daily job for testing nimbus with latest nim-libp2p
  • Performance improvements on nim-libp2p due to refactors
  • nim-libp2p presentation done @ LibP2P day

report

  • ift:2025q3-gossipsub-perf-improvements
    • Overview:
      • Focused on finalizing the gossipsub blogpost.
      • Completed implementation of push-based messaging in gossipsub v1.4 and wrapped work on message rotation, with testing in progress.
      • Conducted deep dive into ethereum p2p interface specs, DAS approaches, and beam chain roadmap, with particular attention to dissemination, sampling, and peer coordination mechanisms.
    • Completed tasks:
      • vac:p2p:ift:2025q2-gossipsub-perf-improvements:gossipsub-1_4-impl
      • vac:p2p:ift:2025q2-gossipsub-perf-improvements:stream-prioritization
    • Delivered deliverables:
  • vac:p2p:ift:2025q3-nimlibp2p-mix:mix-core
    • Overview:
      • Refactors to make mix production ready and decoupled from higher layer protocols
      • Currently working on SURBs
    • Delivered deliverables:
      • vacp2p/mix#52 refactor: integrate mix-waku-integ and poc/gossipsub
  • vac:p2p:ift:2025q3-nimlibp2p-maintenance:maintenance
    • Overview:
      • Addressed performance regressions, current gains ~55%.
      • Contributed several cleanup and refactor PRs across quic, noise, yamux, and switch.
      • Hid autotls under compile flag hygiene.
      • Setup of a nix flake for nim-libp2p repo
      • Started to look into porting nim-quic to boringssl/aws-lc without cmake.
      • Fixed CI issues, improved test coverage, and assisted in peer connection and benchmarking analysis.
      • Prepared v1.12.0 release with fixes to quic transport issues and test stability.
      • Dropped support of nim 1.6
    • Delivered deliverables:
  • vac:p2p:ift:2025q2-nimlibp2p-autotls
    • Overview:
      • Addressed feedback on the AutoTLS client spec
      • Made key fixes enabling certificate installation and usage in WebSocket transport.
    • Completed tasks:
      • vac:p2p:ift:2025q2-nimlibp2p-autotls:certificate-installation
    • Delivered deliverables:
      • libp2p/specs#682 Add AutoTLS client spec (pending approval)
      • AutoTLS is available as part of nim-libp2p v1.12.0 release
  • vac:p2p:ift:2025q3-nimlibp2p-kad-dht
    • Overview:
      • Development of kad-dht resumed after having being paused due to working on mix-core and maintenance
      • Current focus is on implementing PUT_VALUE and GET_VALUE methods
      • Started work on discovery interface for KadDHT
    • Delivered deliverables:
  • vac:p2p:ift2025q3-nimlibp2p-universal-connectivity-app
    • Overview:
      • Initiated the development of the universal connectivity app, focusing on direct connection to peers since KademliaDHT is still under active development.
      • Limited availability of TUI libs in nim difficult the development of the app
  • misc/admin

Tokenomics

highlights

  • Studied and implemented tier derivation logic using relational definitions and thresholds; demonstrated via a Streamlit dashboard.
  • Reviewed and discussed block rewards, blockspace design, and NomosDA specs in collaboration with the Nomos team.
  • Analyzed ecosystem design trade-offs between independent-token and unified-token models across growth, synergy, P–A alignment, and value capture.
  • Proposed a hybrid ecosystem model to balance systemic risk and efficiency, bridging the autonomy-cohesion spectrum.
  • Defined and modeled BU token backing strategies using pegging and emission rates linked to LOGOS token allocations.
  • Designed flexible BU financial architectures supporting both independent token issuance and pure LOGOS-denominated models.
  • Modeled LOGOS–BU arbitrage dynamics across multi-venue liquidity paths (LOGOS/ETH, BU/ETH, Treasury) under price shock conditions.
  • Designed and evaluated a redemption throttling system using the Swing Adjustment Factor to mitigate fast value extraction during arbitrage windows.

report

  • vac:tke:status:karma-incentives

    • Overview:
      • The work studies how tiers are defined, how they stand relatively and how we can algorithmically derive the tier threshold composition given these relations. This is practically demoed in the streamlit dashboard.
    • Completed tasks:
      • vac:tke:status:karma-incentives:karma-tiers

  • vac:tke:nomos:macroeconomy

    • Overview:
      • Reviewed block rewards, blockspace, and NomosDA specifications after long discussions with Nomos team
    • Completed tasks:
      • vac:tke:nomos:macroeconomy:review-block-rewards
      • vac:tke:nomos:macroeconomy:review-blockspace
      • vac:tke:nomos:macroeconomy:review-nomos-da

  • vac:tke:ift:logos-token

    • Overview:
      • Comparison between two token ecosystem models: independent tokens vs unified token. The trade-off is autonomy vs. cohesion, with major implications for growth, synergies, principal-agent alignment, and value capture.
      • Conclusion favors a hybrid approach: while the unified model offers efficiency and synergy, it concentrates systemic risk. The independent model preserves flexibility and isolates failure, but suffers from fragmentation and inefficiencies.
      • Modeling how Business Units can back their tokens with LOGOS: pegging and emission rates to link BU and LOGOS token supply and control backing levels—ranging from full to partial backing or none.
      • Modeling flexible financial design: by allowing BUs to choose their own backing structures (e.g., fixed-rate fully backed or loosely backed models), the framework supports both independent token issuance and pure LOGOS utility token use.
      • Modeling arbitrage flow between LOGOS and BU tokens through a multi-pool setup (LOGOS/ETH, BU/ETH, Treasury) to show how fixed exchange rates can be exploited during price shocks — providing a path to enforce price alignment through arbitrage.
      • Introduction of redemption throttling via Swing Adjustment Factor: a dynamic mechanism that slows down redemptions as queue pressure builds, deterring rapid value leakage and controlling arbitrage intensity through progressively deferred token redemptions.
    • Completed tasks:
      • vac:tke:ift:logos-token:formal-model
      • vac:tke:ift:logos-token:redemption-window
      • vac:tke:ift:logos-token:ecosystem-research
      • vac:tke:ift:logos-token::logos-poc

QA

highlights

  • Delivered complete Waku Store Sync test suite and enhanced 12h endurance job for Go bindings.
  • Hardened JS-Waku filter tests under various network stress conditions.
  • Completed first batch of Keycard Shell integration tests, started multichain wallet testing.
  • Implemented onboarding flow tests, framework improvements, and group chat tests for status-go.
  • Achieved major Gossipsub coverage milestone and started performance testing with multiple PRs.
  • Investigated WakuCannary peer connection failures and opened blocker issues.
  • Cleaned up Status Desktop tests, fixed critical release issues, and reduced nightly runtime.
  • Started Android Appium framework and prepared roadmap for future work.

report

  • waku:2025q3-interop-testing:jswaku-filter-hardening

    • Overview:
      • Extended reliability testing under network conditions and refactored fixtures.
    • Delivered Deliverables:

  • waku:2025q3-interop-testing:maintenance

    • Overview:
      • Updated interop tests to align with latest nwaku changes.
    • Delivered Deliverables:

  • waku:2025q3-interop-testing:wakucannary

    • Overview:
      • Built app locally and investigated remote peer connection failures.
    • Delivered Deliverables:

  • waku:2025q3-waku-sync-int-testing:integration

    • Overview:
      • Confirmed store-sync functionality and added corner case tests.
    • Delivered Deliverables:

  • waku:2025q3-waku-go-bindings-testing:12hlongevity

    • Overview:
      • Enhanced CI scripts for endurance, logged memory usage, and filtered unstable tests.
    • Delivered Deliverables:

  • status:2025q3-status-go-functional-testing:framework-improvements

    • Overview:
      • Improved test fixtures and resolved reliability failures.
    • Delivered Deliverables:

  • status:2025q3-status-go-functional-testing:group-chats-tests

    • Overview:
      • Added group chat functional tests, identified and reported crash.
    • Delivered Deliverables:

  • status:2025q3-status-go-functional-testing:status-based-on-nwaku

  • keycard:2025q3-keycard-testing:shell-tests

    • Overview:
      • Completed single chain tests, logged results, opened issues, started multichain testing.
    • Delivered Deliverables:

  • vac:2025q3-nim-libp2p-testing:gossipsub-completion

  • vac:2025q3-nim-libp2p-testing:gossipsub-performance

    • Overview:
      • Initiated performance testing with PoC, base scenario, runner, and aggregation script.
    • Delivered Deliverables:

  • status:2025q3-status-qa-desktop:maintenance

  • status:2025q3-status-qa-desktop:release-testing

  • status:2025q3-status-qa-mobile:framework-adjustments

    • Overview:
      • Advanced Appium framework with CI integration, environment manager, and roadmap.
    • Delivered Deliverables:

  • status:2025q3-status-qa-mobile:port-tests

    • Overview:
      • Finalized local setup for mobile tests, built Android/iOS apps.
    • Delivered Deliverables:
      • Local testing environments configured

  • admin/misc

    • Time Off:
      • OOO: 25 CC days

DST

highlights

  • First report for status chat protocol benchmarks finished
  • Found reproducible issues for nwaku Store protocol

report

SC

highlights

  • Yield bridge work has been taken over by Linea
  • Presented Constant Function Market Makers
  • Participated in audit contest

report

  • status:2025q2-sn-native-bridge-yield-bearing-module
    • Implemented first agreed upon changes in codebase
    • Linea later changed their roadmap, causing them to taking the lead on this project
  • vac:sc:ift:2025q3-fv-tools-research
    • Looked into Certora alternatives
    • Ported some rules to tool called “Kontrol” to assess feasibility and features
    • Completed tasks
      • This is ongoing
    • Deliverables
      • Summary of findings will be reported ones done
  • status:2025q2-karma-rln:karma-tiers
    • Overhauled KarmaTiers contract based on discussion with Status L2 team
    • Completed tasks
      • status:2025q2-karma-rln:karma-tiers:implementation
    • Deliverables
  • ift:2025q3-security-audits
    • Participated in contest
    • Two protocols, stable swap and lending pools
    • Completed tasks
      • ift:2025q3-security-audits:2025-07
    • Deliverables
      • No deliverables yet as contest is being judged
  • ift:2025q3-sc-learnup-sessions
    • Held and recorded learn up session on Constant Function Market Makers
    • Completed tasks
      • ift:2025q3-sc-learnup-sessions:2025-07
    • Deliverables

ACZ

highlights

  • Zerokit has new improved CI
  • Zerokit has new rln-wasm feature where stateless feature enablement is standardized.

report

RFC

highlights

report

Nim

highlights

  • Continue work in Road to Nimble 1.0
  • Nimble build system now supports NIMBLE_COMMIT

Security

highlights

  • Reviewed and updated the Master Wallet Index documentation
  • Remove users and groups no longer needed in critical services and apps
  • Completed Keycard incidents secrets rotations and related IR investigations
  • Completed updates to IR process documentation and distributed with relevant teams
  • Completed browser package and wallet security review (Status-doc)
  • Conducted wallet architecture and design review discussion with Status team
  • Fixed issues with Expensify PO process
  • Mass PO monthly compensation dev workflow finalized

report

  • ift:2025q2-secure-treasury-management:signatory-registry-implementation

    • Implement and maintain a secure registry of signers and wallet owners within the organization
    • Output: - Collected and verify signatory information based on new schema - Secure access to the protected signatory registry (secure vault) - Review security setup of the Matrix org server, rooms, chats, devices and users
      • Tasks:
        • ift:2025q2-signatory-registry:signatory-vault-deployment
        • ift:2025q2-signatory-registry:signatory-data-verification

  • ift:2025q3-secure-treasury-management:multisig-secondary-interface-deployment

    • Avoid having a unique interface to access multisig wallets and lose access to funds in case of outage of the primary UI
    • Output:
      • Reviewed and tested Safe CLI
      • Reviewed and tested Onchain Den
    • Tasks:
      • ift:2025q3-multisig-secondary-interface-deployment:evaluate-potential-alternatives
      • ift:2025q3-multisig-secondary-interface-deployment:test-new-interfaces

  • ift:2025q3-secure-treasury-management:wallet-policy-update

    • Revalidate, update and/or create policies, processes and procedures around web3 security and wallet management
    • Output:
      • Reviewed and updated the Signatory Add runbook
      • Reviewed and updated the Master Wallet Index documentation
      • Reviewed Wallet Classification Policy (update in progress)
    • Tasks:
      • ift:2025q3-wallet-policy-update:review-existing-documentation
      • ift:2025q3-wallet-policy-update:write-and-review-new-version

  • ift:2025q3-iam-operations

    • Mediate access to DeFi protocols and smart contracts to Investment Roles
    • Remove users and groups no longer needed in critical services and apps
    • Output:
      • Removed users no longer needed in Github. [Reference]
      • Completed extracting user details for user management (GitHub, Discord, Google)
      • Continued workflows for identifying, verifying and removing access for leavers from systems
    • Tasks:
      • ift:2025q3-iam-operations:remove-unnecessary-users
      • ift:2025q3-security-automation:access-revalidation

  • ift:2025q3-incident-response-and-vulnerability-management

    • Identify, assess, prioritize, and mitigate security vulnerabilities across the org infrastructure and programs.
    • Identify, respond to, and resolve security incidents, with clear communication, ensuring minimal disruption to business operations.
    • Output:
      • Completed Keycard incidents secrets rotations and related IR investigations
      • Finalized secrets and credentials rotations
      • Followed up recent SNT phishing attempt; coordinate with stakeholders for evidence gathering and response
      • Finalized pending work circulate Keycard incident post-mortem documentation
      • Completed updates to IR process documentation and distributed with relevant teams
      • Continue work on unresolved Dependabot and CodeQL findings; focus on critical repositories and high/medium issues
    • Tasks:
      • ift:2025q3-security-operations:incident-response
      • ift:2025q3-security-operations:vulnerability-management
      • ift:2025q3-vulma-and-ir:remediation-tracking

  • ift:2025q3-cicd-security-improvement /ift:2025q3-threat-modelling-and architecture-design-reviews

    • Review security requirements and protocols in the design and architecture of software
    • Output:
      • Completed security requirements review for Status wallet and desktop (issue#692) (GitHub issue remains open)
      • Posted review comments and held discussions for Status security design (issue#692)
      • Worked on defining scope, requirements, and pre-audit evaluation for Status external audit request
      • Completed browser package and wallet security review (Status-doc)
      • Conducted wallet architecture and design review discussion with Status team
    • Tasks:
      • ift:2025q2-cicd-security-review:status-design-reviews

  • ift:2025q3-training-and-awareness-program:web3-security-guidelines

    • Provide security guidelines and best practices about web3 and wallet management
    • Output:
      • Prepared web3 education material to be shared across the org (1st wave: Finance and POps)
    • Tasks:
      • ift:2025q3-awareness-program:web3-security-essentials

  • ift:2025q3-finance-workflow-automation

    • Develop and/or support with development of new automations for Finance.
    • Output:
      • Fixed issues with Expensify PO process
      • Mass PO monthly compensation dev workflow finalized
    • Tasks:
      • ift:2025q3-finance-automation

  • ift:2025q3-security-workflow-automation

    • Design, deploy and maintain automated workflows to support critical Security Ops and procedures
    • Output:
      • Validated concept for n8n workflow
      • Added new reports to the master wallet index
      • Added signing accounts module to the repo
    • Tasks:
      • ift:2025q3-security-automation:automatic-wallet-index-updates

Nescience

highlights

  • Investigated and chosen a zkVM that fits NSSA’s needs.
  • Investigated and settled on a model for public and private state.
  • Implemented a complete version of sequencer.
  • Implemented a PoC for selective privacy.
  • Result-wise, we have settled on Risczero as the best fit for NSSA and also designed the public and private states and accounts that allows us to use selective privacy within the architecture. Our code was also improved by working on and advanced version of the sequencer as well as adding integration tests.

report

Graph View

Backlinks

  • No backlinks found