ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance
Maintain nim-libp2p through improvements, bug fixes, and user support
Description
Continue supporting and maintaining the nim-libp2p repository through ongoing improvements, refactoring, and bug fixes. This includes a range of ad-hoc tasks critical to sustaining code quality, overall stability, correct functionality, and performance of the project. Additionally, it provides a platform for addressing small developer requests, ensuring that nim-libp2p remains functional and usable for its primary users, Nimbus and Waku, as their needs evolve.
Task List
Maintenance
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:maintenance - owner: rramos
- status: in progress (44%)
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Maintain the nim-libp2p repository via improvements, refactors, and bug fixes.
Deliverables
- vacp2p/nim-libp2p#2307 chore(copilot): add more instructions
- vacp2p/nim-libp2p#2331 fix(floodsub): increase timeout for large message transfer in FloodSub message size validation 2
- vacp2p/nim-lsquic#83 fix: shutdown and stream lifecycle handling
- vacp2p/nim-libp2p#2312 chore: bump deps
- vacp2p/nim-libp2p#2309 chore: use latest deps used on projects instead of just the latest deps
- vacp2p/nim-lsquic#81 feat: StreamReset
- vacp2p/nim-libp2p#2304 fix(ci): new delete action cache job
- vacp2p/nim-lsquic#79 feat: benchmarks
- vacp2p/nim-lsquic#78 fix: call engine_process synchronously if possible, otherwise defer to ticker event loop
- vacp2p/nim-libp2p#2244 chore: remove unused ngtcp2 dependency from pinned list
- vacp2p/nim-libp2p#2235 chore: update CI timeouts
- vacp2p/nim-libp2p#2228 fix(mix): avoid creation of random
- vacp2p/nim-libp2p#2227 chore: change the run schedule of Daily i386 job
- vacp2p/nim-libp2p#2226 refactor(mix): add
Delaytype - vacp2p/nim-libp2p#2221 chore(ai): add copilot instructions to avoid sleepAsync
- vacp2p/nim-libp2p#2219 chore(ci): remove discord notify
- vacp2p/nim-libp2p#2216 fix: nil pointer dereference issues caused when sha256 is used in ref object
- vacp2p/nim-libp2p#2214 fix(ci): make daily jobs setup consistent with ci.yml
- vacp2p/nim-libp2p#2211 chore(test): utilize rng() template
- vacp2p/nim-libp2p#2197 chore: reduce log level for noisy “too many channels created” log
- vacp2p/nim-libp2p#2056 chore: remove semaphore
- vacp2p/nim-libp2p#2294 feat: network simulation
- vacp2p/nim-libp2p#2286 feat(builder):
withPrivateAddressFilter - vacp2p/nim-libp2p#2279 chore(deps): use lsquic nimble package
- nim-lang/packages#3326 Add lsquic package to
packages.json - vacp2p/nim-libp2p#2298 chore: add code formatting guidelines to instructions
- vacp2p/nim-libp2p#2277 chore: update API stability and experimental extensions section
- vacp2p/nim-libp2p#2272 fix(mix): track and cancel handleMixMessages futures
- vacp2p/nim-libp2p#2255 test(mix): fix flaky test “rate limit exceeded - message rejected at intermediate node”
- vacp2p/nim-libp2p#2259 test(gossipsub): fix flaky test when peers should be dropped in same heartbeat as publish
- vacp2p/nim-libp2p#2263 test(transports): fix flaky test “server writes after EOF”
- vacp2p/nim-libp2p#2271 fix: add asyncSleep before dial in “mount unstarted protocol” test to fix Windows flakiness
- vacp2p/nim-libp2p#2273 test(transports): replace sleepAsync with write loop in “server writes after EOF”
- vacp2p/nim-libp2p#2289 fix(gossipsub): flaky scoring test
- vacp2p/nim-libp2p#2262 fix(autotls): letsencrypt challenge type change
- vacp2p/nim-libp2p#2266 fix(bump): waku vendor init failing
- logos-messaging/logos-delivery#3812 chore: bump nim-jwt version
- vacp2p/nim-libp2p#2295 feat: extend libp2p_network_bytes and agents traffic metrics to all transports
- vacp2p/nim-libp2p#2293 chore: bump nph to v0.7.0
- vacp2p/nim-libp2p#2297 chore: update copilot instructions to reflect latest repository state
- vacp2p/nim-libp2p#2370 fix(pubsub): track pending sends without adding backpressure
- vacp2p/nim-libp2p#2368 feat(pubsub): reduce publish-time message copies with sink
- status-im/nimbus-eth2#7775 feat: quic transport support
- vacp2p/nim-libp2p#2283 feat: reset stream
- vacp2p/nim-libp2p#2390 refactor: unify default DNS servers under dnsresolver
- vacp2p/nim-libp2p#2376 fix: prevent GossipSub from relaying messages back to original source
- vacp2p/nim-libp2p#2374 fix: truncated
identify: decoded messagelog due to unbounded address list - vacp2p/nim-libp2p#2377 chore: move interop ignore items to their own gitignore
- vacp2p/nim-libp2p#2379 fix: replace generic
payloadlog key with descriptive names in pubsub - vacp2p/nim-libp2p#2375 chore: add clang-format linter for cbind/ C code
- vacp2p/nim-libp2p#2389 fix: propagate shortAgent through wrapped connection chain to restore peer metrics
- vacp2p/nim-libp2p#2365 chore: removing
.public.pragma - vacp2p/nim-libp2p#2366 chore: removing deprecated things
- vacp2p/nim-libp2p#2386 chore(readme): license cosmetics
- vacp2p/nim-libp2p#2382 docs: add new items to navigation and reminder
- vacp2p/nim-libp2p#2381 ci(docs): use stable nim version
- vacp2p/nim-libp2p#2347 ci: add timeout for
coverageworkflow - vacp2p/nim-libp2p#2355 chore: remove runAfter
- vacp2p/nim-libp2p#2399 fix(ci): codecov test clashing T type
- vacp2p/nim-libp2p#2360 fix(muxer): accept loop stuck
- vacp2p/nim-libp2p#2361 feat(kad): hide connection info
- vacp2p/nim-libp2p#2380 fix(ci): failing on nim < 2.2.6
- vacp2p/nim-libp2p#2345 fix(kad): race in randomFind
- vacp2p/nim-libp2p#2164 chore(kad): handle dial failed exception
- vacp2p/nim-libp2p#2428 chore(MultiAddress): memory optimization
- vacp2p/nim-libp2p#2418 chore(identify): cosmetics improvement
- vacp2p/nim-libp2p#2414 test: stabilize flaky
Heartbeat::catch up on slow heartbeattiming assertion - vacp2p/nim-libp2p#2423 test(websocket): stabilize WebSocket EOF write assertion in stream transport tests
- vacp2p/nim-libp2p#2447 test: drop
untilTimeoutand standardize oncheckUntilTimeout - vacp2p/nim-libp2p#2445 test: fix flaky service-discovery test for two advertisers on one service
- vacp2p/nim-libp2p#2442 chore: drop
newStandardSwitchandnewStandardSwitchBuilderfrom public API - vacp2p/nim-libp2p#2407 fix(daily): cover traffic leaking channels
- vacp2p/nim-libp2p#2410 fix(autotls): withAutotls independent ordering
- vacp2p/nim-libp2p#2396 chore: remove old nim hacks
- status-im/nim-websock#193 chore: expose HTTP accept primitives
KAD-DHT optimizations
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:kad-dht-optimizations - owner: gabe
- status: in progress (25%)
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Implement KAD-DHT optimizations and follow-up hardening work for nim-libp2p.
Deliverables
- PRs / Issues / Reports
Peerstore Address TTL
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:peerstore-address-ttl - owner: gabe
- status: in progress (80%)
- start-date: 2026/05/01
- end-date: 2026/05/05
Description
Add TTL support for addresses stored in the peerstore. Addresses should no longer be stored indefinitely by default. Instead, use different TTLs depending on how trustworthy the address is:
- use shorter TTLs for unverified addresses, like those coming from discovery mechanism or from identify (unless it’s the address used in the active connection),
- longer TTLs for addresses that have been confirmed as valid or successfully connected to,
- infinite TTL when explicitly requested.
Deliverables
- Peerstore support for address TTLs
- Different TTL policies for unverified, validated, connected, and permanent addresses
- Expiration logic to remove stale addresses automatically
IdentifyPush
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:identify-push - owner: vlado
- status: done
- start-date: 2026/04/01
- end-date: 2026/05/12
Description
Enable the IdentifyPush protocol so connected peers receive protocol and address updates when local capabilities change. Maintain a set of connected peers that advertise the IdentifyPush protocol. After running Identify on a peer, if its protocol list includes the IdentifyPush codec, store its peer ID in that set. If the peer disconnects or later re-identifies without that protocol, remove it. Whenever our multiaddresses change or new protocols are mounted, send IdentifyPush updates to every peer in the set.
Deliverables
- IdentifyPush protocol is mounted and used
- vacp2p/nim-libp2p#2440 refactor(IdentifyPusher): as Service
- vacp2p/nim-libp2p#2439 feat(PeerInfo): add observer
- vacp2p/nim-libp2p#2412 feat: identify pusher
Quic Multiaddress Support
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:quic-maddrs - owner: vlado
- status: done
- start-date: 2026/04/01
- end-date: 2026/04/02
Description
Add support for multiple QUIC v1 multiaddresses in the QUIC transport.
Deliverables
- vacp2p/nim-libp2p#2193 feat(quic): add support for listening on many addresses
Kademlia Interop tests
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:kademlia-interop-tests - owner: not assigned yet
- status: not started
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Integrate libp2p test plans’ Kad-DHT interop tests as part of the CI tests executed on each PR. If these tests are available during Q2, integrate them into CI. Otherwise, prepare the CI integration work and defer execution until the tests are available. This task was originally planned for 2026q1, but the Kademlia interop tests were not available.
Deliverables
- New github workflow:
Interoperability Tests / Run Kad-dht interoperability tests
ORC in CI
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:orc-ci - owner: not assigned yet
- status: not started
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Nimbus is evaluating ORC. Some previous work has already been done in this regard in
- https://github.com/vacp2p/nim-libp2p/issues/2077
- https://github.com/vacp2p/nim-libp2p/pull/2148 Nim 2.2.8 cannot be used with ORC at the moment, but the fix has already been applied to the Nim branch that will become 2.2.10. Once Nim 2.2.10 is available, test this version and memory model to ensure nim-libp2p works with ORC. If Nim 2.2.10 is not released during Q2, prepare the CI changes and defer execution to the next quarter.
Deliverables
nim-libp2p CI jobs work with both --mm:refc and --mm:orc
Exception trace cleanup
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:exception-review - owner: not assigned yet
- status: not started
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Review runtime exception traces emitted by nim-libp2p and related libraries in connection, transport, and protocol paths
when those surface through nim-libp2p logs. Focus on the highest-noise
or least-actionable exceptions, decide whether each one of them should stay as
is, be downgraded, be deduplicated, or be handled without logging them, and
implement the agreed changes.
Deliverables
- Reviewed list of targeted exception, affected code paths, and the chosen action for each
- PRs or filed issues for the changes in
nim-libp2pand any library that needs an update - Reduced noisy or redundant exception logs in the targeted high-frequency paths
WSS handler socket leak
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:wss-socket-leak - owner: not assigned yet
- status: not started
- start-date: 2026/04/01
- end-date: 2026/06/30
Description
Review how to complete logos-delivery#3634, validate the proposed solutions already documented in the related PRs and discussions, and decide whether nim-libp2p should take ownership of part of the fix. This should also assess whether Chronos accept concurrency work is required as part of the solution. Some related work available is:
Deliverables
- Agreed technical direction for
logos-delivery#3634 - Ownership decision between nim-libp2p and the relevant dependent components
- Follow-up issue or PR breakdown, including Chronos work if needed
Large RSA key limit
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:large-rsa-key-limit - owner: not assigned yet
- status: not started
- start-date: 2026/05/01
- end-date: 2026/06/30
Description
Fix vacp2p/nim-libp2p#1327
by rejecting RSA keys that are too large to parse or verify safely. This should
protect nodes from resource exhaustion attacks where a malicious peer sends an
oversized RSA key and forces expensive signature verification. Use the
go-libp2p fix in
libp2p/go-libp2p#2454 as
guidance, including the <= 8192 bit maximum.
Deliverables
- Maximum RSA key size enforced during key parsing and generation
- Tests for accepted RSA keys and rejected oversized RSA keys
- Documentation or changelog note describing the compatibility/security behavior
Sink performance exploration
- fully qualified name:
ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:sink-performance-exploration - owner: richard
- status: not started
- start-date: 2026/05/01
- end-date: 2026/06/30
Description
Explore using Nim sink parameters in internal code paths where ownership
transfer can reduce unnecessary copies and improve memory performance. This is
tracked in
vacp2p/nim-libp2p#1641.
Maintain backward compatibility for public APIs.
Deliverables
- Benchmarked list of candidate internal hot paths
- PRs applying
sinkwhere the ownership semantics are clear and beneficial - Tests or benchmarks showing no behavioral regression
- No public API break.