vac:p2p:ift:2025q4-nimlibp2p-quic
Maintain nim-libp2p through improvements, bug fixes, and user support
Description
In Q3 we discovered critical deficiencies in nim-quic, including runtime instability and excessive memory use during testing. As a result, we cannot safely deploy quic in production. in parallel, we identified OpenSSL as a long-term liability and will migrate to AWS-LC or Boringssl to reduce dependencies and improve maintainability.
Task List
Quic Stabilization
- fully qualified name:
vac:p2p:ift:2025q4-nimlibp2p-quic:stabilization - owner: vlado/rramos
- status: done
- start-date: 2025/10/01
- end-date: 2025/12/30
Description
Resolve runtime crashes, race conditions and excessive memory use in nim-quic. Target outcome is that quic can be enabled and run stably in both nimbus and waku test environments.
Schedule note: Dates reflect quarter bounds; update when actual timing is known.
Deliverables
- vacp2p/nim-lsquic#51 chore(nimble): task improvements
- vacp2p/nim-lsquic#48 chore: remove duplicate nim deps
- vacp2p/nim-lsquic#49 ci: add orc check
- vacp2p/nim-lsquic#50 ci: add linters
- vacp2p/nim-lsquic#46 revert: use makefile for windows
- vacp2p/nim-lsquic#44 chore: export via root file
- vacp2p/nim-lsquic#43 chore: remove unused proc
receive - vacp2p/nim-lsquic#42 refactor: export everything via api file
- vacp2p/nim-lsquic#41 refactor: simplify ConnectionManager
- vacp2p/nim-lsquic#40 fix: use absolute path for windows assembly
- vacp2p/nim-lsquic#38 chore: use makefile for windows
- vacp2p/nim-lsquic#37 chore: improvements
- vacp2p/nim-libp2p#1876 feat(transports): lsquic
- vacp2p/nim-libp2p#1966 fix: close streams concurrently
- status-im/nim-eth#834 feat(nat): support multiple ports
- vacp2p/nim-libp2p#1968 test(gossipsub): making tests more robust pr9
- vacp2p/nim-libp2p#1965 test(gossipsub): making tests more robust pt8
- vacp2p/nim-libp2p#1963 test(gossipsub): making tests more robust pt7
- vacp2p/nim-libp2p#1950 test(gossipsub): making tests more robust pt6
- vacp2p/nim-libp2p#1947 test(gossipsub): making tests more robust pt5
- test(gossipsub): making tests more robust pt4
- test(gossipsub): making tests more robust pt3
- test(gossipsub): making tests more robust pt2
- test(gossipsub): make test more robust
- chore(pubsub): improvements
- feat: windows asm
- fix: use assembly files in linux and mac
- fix: client certs must be cached in server when connection is made
- various: simplify timer, use locks, and avoid copying on write
- refactor: native udp for sending
- refactor: readInto
- feat: optimize send loop for release mode
- chore(many_queue): get() raises CancelledError
- fix(quic): muxer handling
- chore(config.nims): add errors
- chore(many_queue): add test and new()
- test(transports): fix muxer handling
- test: split tests
- feat: add ManyQueue
- vacp2p/nim-libp2p#1877: QuicMuxer is created without upgrader
- vacp2p/nim-lsquic#8: perf tests and fix: pin connections and streams
- vacp2p/nim-lsquic#7: fix TODOs
- vacp2p/nim-lsquic#6: feat stream write
- vacp2p/nim-lsquic#5: feat stream read
- vacp2p/nim-lsquic#4: feat close / abort stream
- vacp2p/nim-lsquic#3: feat stream lifecycle - creation
- vacp2p/nim-lsquic#2: feat connections
- vacp2p/nim-lsquic#1: chore test github actions
- vacp2p/nim-libp2p#1846: use negotiated protocol in pubsub connection lookups
- vacp2p/nim-libp2p#1844: quic wildcard resolver fixes
- vacp2p/nim-libp2p#1839: quic EOF handling fixes
- PR 175: fix timeout handling
- PR 174: refactor send pipeline
- PR 167: fix blocked streams
- PR 162: acknowledge packets faster
- PR 163: fix no-defects handling
Replace OpenSSL by AWS-LC / BoringSSL
- fully qualified name:
vac:p2p:ift:2025q4-nimlibp2p-quic:openssl-replacement - owner: rramos
- status: done
- start-date: 2025/10/01
- end-date: 2025/10/15
Description
Replace the openssl dependency in nim-quic and related libraries with BoringSSL or AWS-LC. The goal is to reduce the need of runtime dependencies by statically linking any of these libraries
Schedule note: Dates reflect quarter bounds; update when actual timing is known.
Deliverables
- vacp2p/nim-ngtcp2#22 feat: compile boringssl using assembly files (except windows)
- vacp2p/nim-ngtcp2#21 feat: replace picotls by BoringSSL
- vacp2p/nim-quic#140 feat: use BoringSSL
- vacp2p/nim-libp2p#1782 chore: remove libp2p_quic_support compile flag, and openssl dependency
- vacp2p/nim-libp2p#1761 feat: use BoringSSL for certificate ops