Vac 2025/08/18
highlights
- QA: Progressed on Status Backend with accounts service tests (Phase 1) and framework improvements (schema validation refactor).
- QA: Continued Status Desktop release testing and introduced app load time tracking tests.
- QA: Completed GossipSub performance PR merges and advanced Yamux testing.
- QA: Expanded Waku interop REST API coverage with admin endpoint tests.
- DST: Discovered a bug in Grafana thanks to Infra team
- SC: Participated in another security audit contest
- RFC Most of planned Nomos RFCs got the green light and will be merged this week after a sanity check.
vac:p2p:
vac:p2p:ift:2025q3-nimlibp2p-mix:mix-core- vacp2p/mix#73 feat: create surbs
- Continue work on SURBs
- Focus this week was on sender side flow (entry)
- Exit SIDE flow WIP
- vacp2p/mix#73 feat: create surbs
vac:p2p:ift:2025q3-nimlibp2p-kad-dht:bootstraping-and-lookup- vacp2p/nim-libp2p#1624 feat(kad-dht): findPeer
- initial kad-dht followup near completion
vac:p2p:ift:2025q2-nimlibp2p-universal-connectivity-app- UI
- Handle peers leaving and joining
- text fields scrolling
- text fields focusing
- receiving messages
- Ctrl+C handling (leave terminal untouched afterwards)
- File exchange
- send files
- receive files
- Fix key verification logic nim-libp2p#1618
- UI
vac:p2p:ift:2025q2-nimlibp2p-kad-dht:data-storage- putval pr merged, subject to the created follow-up
- putval followup dht tyes refactor merged?
- dht followup exception refinement almost merged
- merged key-refactor to not track hash-state
- dependency-inject hash-impl in “private” api to make this change testable
- this was following a discussion about the where the decision responsibility for hash-impl lies
vac:p2p:ift:2025q3-nimlibp2p-maintenance:maintenance- vacp2p/nim-libp2p#1615 fix: don’t check for errors as
close()will only contain futures that raise[] - vacp2p/nim-libp2p#1616 fix: compilation warning on yamux due to using
CatchableErr - investigated and fixing quic race condition when reading
- fix: race condition when reading and receiving eof nim-quic#91
- fix(framesorter): send eof always nim-quic#94
- chore(perf): follow up for PR#1600 nim-libp2p#1620
- solution is not complete; started refactoring quic states in attempt to simplify logic
- fix(quic): race errors when stopping transport nim-libp2p#1614
- submitted spec clarification pr
- vacp2p/nim-libp2p#1615 fix: don’t check for errors as
misc/admin- 2 cc 1d OoO
vac:tke:
vac:qa:
status:2025q3-status-go-functional-testing:critical-flowsstatus:2025q3-status-go-functional-testing:framework-improvementswaku:2025q3-interop-testing:REST-APIs-Extendedwaku:2025q3-interop-testing:rendezvous-peer-discovery- Used Simon’s example; paused to focus on REST API tasks
vac:2025q3-nim-libp2p-testing:gossipsub-performancevac:2025q3-nim-libp2p-testing:yamux- test(yamux): Add header unit tests - in review
status:2025q3-status-qa-desktop:app-load-time- PR 18592 — started wallet loading time tests
status:2025q3-status-qa-desktop:release-testing- Committed changes to PR 18532 (blocked by issues)
- Tested new nwaku build
- Opened Issue 18555 and follow-up
- Tested PR 18539
- Tested 2.35 RC2
- Tested PR 18558
- Opened Issue 18569
- Investigated crash on adding without account to total balance
status:2025q3-status-qa-mobile:framework-adjustments- Submitted PR of initial framework for review after feedback
status:2025q3-status-qa-documentation:requirements-framework- Started basic data model for headless CMS
admin/misc- OOO: 8 cc Days
- Reviewed candidates in the pipeline
- Interview with one candidate
vac:dst:
admin/misc- 1 CC OOO Thursday 14th and Friday 15th
- Created lab usage information notion page
- Published research blog on GossipSub improvements comparison
- Looked into Probelab collaboration document
- Call with Infra for debugging Grafana issue. Found a bug. Pending to create Issue in grafana repo.
vac:dst:vac:2025q3-libp2p-evaluation:regression-testing- Work in lab issues
vac:dst:ift:2025q3-dst-tooling:python-uv- Changed requirements for uv
- Removed unused functionalities
- Github PR: In review
vac:dst:waku:2025q3-dst-tooling:improve-tooling- Improved special character replacement when doing queries
- Update getenr version to support quering different services
- Add debug mode for store_msg_retriever (still in review)
- Workdir experiments track
- Events log (merged)
vac:dst:ift:2025q3-dst-tooling:deployment-updates- Organize repo (merged)
vac:dst:waku:2025q3-waku-evaluation:js-waku- Upgraded
getEnr.tplandgetAddress.tplso it can be used to generate k8s deployment template for jswaku - jswaku nodes aren’t seeing other nodes (wip)
- Upgraded
vac:dst:ift:2025q3-dst-tooling:shadow-integration-scaffold- worked with nimlibp2p deployments, played around with deployment yaml files, deployment scripts
- Used K9s and kubeconfig to lookinto/access running pods/behavior
vac:sc:
vac:sc:ift:2025q3-fv-tools-research- started applying Kontrol to out staking repo
vac:sc:status:2025q3-maintaining-status-contracts- Finalized PR 240
- Researched new migration stategy for StakeVault
- Using new initializer and updating factory: https://github.com/vacp2p/staking-reward-streamer/pull/243
- Found possible code redundancy in StakeManager
ift:2025q3-security-audits- Audited Malda protocol (contest)
- Reviewed confirmed submittions from pike-tapio contest
ift:2025q3-sc-learnup-sessions- More lending protocol research for learnup session
vac:acz:
ift:2025q3-zerokit:zerokit-maintaining- Reviewed external PR for Contribution guide
ift:2025q3-de-mls-tesnet:consensus-layer- Working on consensus testing and code quality PR
ift:2025q3-zerokit:pmtree-config-builder- Improved the PmTreeConfig initialization process using the builder pattern PR.
ift:2025q3-rln-status-l2:maintaining- Created this issue issue for unimplemented user registration feature.
- Extended timeout to prevent panic and separated the Anvil feature for the prover service’s testcase PR.
- Added a CI workflow and resolved Clippy warnings for the prover service PR.
- Updated dependency versions and reduced the build size for the prover PR.
- Clippy cleanups - merged
- Zeroize secret key - merged
ift:2025q3-rln-status-l2:sc-testing- Reviewed PR - merged
- Reviewed PR 2
- Addressed PR review feedback and merged this PR (completed task).
ift:2025q2-zerokit:zerokit-maintaining- Explore Rust + ffi (expecting to improve Zerokit ffi bindings)
- Create repository rust_ffi_examples
ift:2025q3-de-mls-tesnet:multi-steward-rfcift:2025q3-rln-status-l2:rln-spec-maintain- Think on how we can add decentralized slashing feature on our arhitecture.
nes:2025q3-nescience-consulting:key-protocol-spec- Reviewed specs document
nes:2025q3-nescience-consulting:nomos-deep-dive- Reviewed document
admin/misc- 1 cc is ooo for 1 day (bank holiday)
- 1 cc is ooo for 3 days (sick leave)
vac:rfc:
vac:rfc:waku:2025q3-rfc-iteration:qaku- Continued work on qaku rfc, should have first draft next week - https://github.com/waku-org/specs/pull/77
- Started to review the OPchan repo
vac:rfc:waku:2025q3-rfc-iteration- Created list for next Waku RFC updates confirmed with Hanno: 21/WAKU2-FAULT-TOLERANT-STORE, 34/WAKU2-PEER-EXCHANGE, WAKU2-NOISE-SESSIONS, WAKU2-NOISE
admin/misc- Reviewed ETH-MLS-OFFCHAIN RFC pr - https://github.com/vacp2p/rfc-index/pull/166
vac:rfc:nomos:2025q3-rfc-iteration:da-network- Finished up and received review; will work on the latest comment (close to merge) - https://github.com/vacp2p/rfc-index/pull/160.
vac:rfc:nomos:2025q3-rfc-iteration:p2p-network- Reworked and received review: can be merged (with a small enhancement that doesn’t stop merge) - https://github.com/vacp2p/rfc-index/pull/169
vac:rfc:nomos:2025q3-rfc-iteration:da-encoding- Finished and recieved review: can be merged - https://github.com/vacp2p/rfc-index/pull/156
vac:rfc:nomos:2025q3-rfc-iteration:hardware-requirements- Finished and received review: can be merged once the surplus stuff is deleted - https://github.com/vacp2p/rfc-index/pull/172
vac:rfc:nomos:2025q3-rfc-iteration:sdp- Received feedack and can be merged: https://github.com/vacp2p/rfc-index/pull/157
vac:rfc:codex:2025q3-rfc-iteration- Started checking https://github.com/codex-storage/codex-docs-obsidian/tree/main/10%20Notes and https://hackmd.io/team/codex-storage?nav=overview according to the plans of Codex team.
vac:sec:
ift:2025q3-cicd-security-review:status-design-reviews- Triaged vulnerabilities and performed security testing as part of Status security review (issue#692)
- Mapped CI/CD trust boundaries across top-5 components and linked findings w/ Dependabot/CodeQL
ift:2025q3-vulma-and-ir:incidents- Conducted interviews and gathered artifacts for SNT phishing case
ift:2025q3-finance-automation- Mass PO improvements
- Ran different scenarios (http call from Iplicit) & identified 2 options
- Mass PO improvements
ift:2025q3-iam-operations:remove-unnecessary-users- Tested workflow for verifying inactive users in Notion
- Tested workflow for verifying inactive users in Google
ift:2025q3-security-automation- Continued development for workflow for web3 security alerts
vac:nes:
-
vac:nes:2025q3:state-separation-architecture-poc:specs- Polished the sequencer specs document and added signatures and KDF.
- Implemented an Shake256 cipherstream using R0.
- Implemented an Shake256 cipherstream with 33 bytes using R0.
- Added pseudocode doc for the sequencer specs.
-
state-separation-architecture-poc:wallet -
vac:nes:2025q3:state-separation-architecture-poc:specs-impl