vac:p2p:ift:2025q4-nimlibp2p-quic
Maintain nim-libp2p through improvements, bug fixes, and user support
Description
In Q3 we discovered critical deficiencies in nim-quic, including runtime instability and excessive memory use during testing. As a result, we cannot safely deploy quic in production. in parallel, we identified OpenSSL as a long-term liability and will migrate to AWS-LC or Boringssl to reduce dependencies and improve maintainability.
Task List
Quic Stabilization
- fully qualified name:
vac:p2p:ift:2025q4-nimlibp2p-quic:stabilization - owner: vlado/rramos
- status: in progress (75%)
- start-date: 2025/10/01
- end-date: 2025/12/31
Description
Resolve runtime crashes, race conditions and excessive memory use in nim-quic. Target outcome is that quic can be enabled and run stably in both nimbus and waku test environments.
Schedule note: Dates reflect quarter bounds; update when actual timing is known.
Deliverables
- test(gossipsub): making tests more robust pt4
- test(gossipsub): making tests more robust pt3
- test(gossipsub): making tests more robust pt2
- test(gossipsub): make test more robust
- chore(pubsub): improvements
- feat: windows asm
- fix: use assembly files in linux and mac
- fix: client certs must be cached in server when connection is made
- various: simplify timer, use locks, and avoid copying on write
- refactor: native udp for sending
- refactor: readInto
- feat: optimize send loop for release mode
- chore(many_queue): get() raises CancelledError
- fix(quic): muxer handling
- chore(config.nims): add errors
- chore(many_queue): add test and new()
- test(transports): fix muxer handling
- test: split tests
- feat: add ManyQueue
- vacp2p/nim-libp2p#1877: QuicMuxer is created without upgrader
- vacp2p/nim-lsquic#8: perf tests and fix: pin connections and streams
- vacp2p/nim-lsquic#7: fix TODOs
- vacp2p/nim-lsquic#6: feat stream write
- vacp2p/nim-lsquic#5: feat stream read
- vacp2p/nim-lsquic#4: feat close / abort stream
- vacp2p/nim-lsquic#3: feat stream lifecycle - creation
- vacp2p/nim-lsquic#2: feat connections
- vacp2p/nim-lsquic#1: chore test github actions
- vacp2p/nim-libp2p#1846: use negotiated protocol in pubsub connection lookups
- vacp2p/nim-libp2p#1844: quic wildcard resolver fixes
- vacp2p/nim-libp2p#1839: quic EOF handling fixes
- PR 175: fix timeout handling
- PR 174: refactor send pipeline
- PR 167: fix blocked streams
- PR 162: acknowledge packets faster
- PR 163: fix no-defects handling
Replace OpenSSL by AWS-LC / BoringSSL
- fully qualified name:
vac:p2p:ift:2025q4-nimlibp2p-quic:openssl-replacement - owner: rramos
- status: done
- start-date: 2025/10/01
- end-date: 2025/10/15
Description
Replace the openssl dependency in nim-quic and related libraries with BoringSSL or AWS-LC. The goal is to reduce the need of runtime dependencies by statically linking any of these libraries
Schedule note: Dates reflect quarter bounds; update when actual timing is known.
Deliverables
- vacp2p/nim-ngtcp2#22 feat: compile boringssl using assembly files (except windows)
- vacp2p/nim-ngtcp2#21 feat: replace picotls by BoringSSL
- vacp2p/nim-quic#140 feat: use BoringSSL
- vacp2p/nim-libp2p#1782 chore: remove libp2p_quic_support compile flag, and openssl dependency
- vacp2p/nim-libp2p#1761 feat: use BoringSSL for certificate ops