Vac 2025/09/29 §
highlights §
- QA: Status-go Waku functional testing progressed with multiple bugs reported and new community membership tests added.
- QA: Waku RLN contract property-based fuzz testing (PR 40) in review; new adversarial security simulations planned.
- QA: Waku interop Lite protocol tester updated per feedback; new scenarios added and reports shared; task pending further confirmation.
- QA: Waku rendezvous tests retested after fix but still failing; reopening planned.
- QA: Nim-libp2p Gossipsub performance tests advanced with QUIC scenario merged and multiple refactors in final review.
- QA: Status desktop QA ongoing across maintenance, notifications debugging, syncing devices with Igor, Squish upgrade, and Qt6 migration analysis.
- QA: Status mobile QA merged several Appium test PRs, advanced password reset test, and began investigating CI workflow issues.
- ACZ: Released Zerokit v0.9.0.
- ACZ: Delivered next iteration of libp2p-mix RFC by refactoring sphinx format.
- RFC: Completed the first iteration of Logos POC module specs, next step is reaching out for reviews.
vac:p2p: §
vac:p2p:ift:2025q4-nimlibp2p-kad-dht:bootstraping-and-lookup
vac:p2p:ift:2025q3-nimlibp2p-maintenance:maintenance
vac:p2p:ift:2025q4-nimlibp2p-quic:stabilization
- created new tests for testing quic nil pointer derference issues that only uses quic and chronos libraries
- server never stops opening stream when client ungracefully closes
- “out of memory” issue
- vacp2p/nim-quic#132 fix: stop opening stream after connection closes
- vacp2p/nim-quic#133 refactor: list raised errors
- vacp2p/nim-quic#134 fix: compile time warnings
- Call with DST to understand memory issues experienced in lab
vac:tke: §
vac:qa: §
status:2025q4-status-go-functional-testing:waku
waku:2025q4-rln-smart-contract-testing:property-based
waku:2025q3-interop-testing:liteprotocoltester
- Fixed review points on PR 138
- Added new scenarios and attached reports based on Zoltan’s feedback
- Task on hold pending confirmation
waku:2025q4-waku-testing:rendezvous
- Retested after Simon’s fix PR 132; still failing, issue reopening planned
status:2025q4-status-go-functional-testing:settings
- Built environment locally and explored structure
- Added wrappers for settings.go APIs
- Draft test opened in PR 6984
vac:2025q3-nim-libp2p-testing:gossipsub-performance
status:2025q4-status-qa-desktop:maintenance
- Debugged Linux notification test failures
- Investigated Windows syncing issue with Igor
- Updated to Squish 9.1 locally
- Issue 18954 - opened
status:2025q4-status-qa-desktop:qt6-migration
- Tested Qt 6.9.3 locally; found Issue 18947; upgrade paused pending decision
status:2025q4-status-qa-desktop:e2e-windows
(0%)
- Started PoC for testing non-status apps on CI with Squish (infra request)
status:2025q4-status-qa-mobile:port-tests
status:2025q4-status-qa-mobile:test-ci
- Investigating GitHub workflow issue
admin/misc
- Updated standup page with new Q4 tasks
- Interviews
- OOO: 7 CC Days
vac:dst: §
admin/misc
- Call with P2P team to show Quic issues in call
- DST Monthly
- Help with some Mix issues
vac:dst:status:2025q3-status-go-chat-protocol-benchmarks:relay-node-benchmark-2
- Had to improve how we manage sending RPCs to status
vac:dst:status:2025q3-status-go-chat-protocol-benchmarks:cleanup-resources
- Merge missing PRs and update some minor parts
vac:dst:nomos:2025q3-nomos-scaling:nomos-deployment-test
vac:dst:vac:2025q3-libp2p-evaluation:mix-re-evaluation
- Notion Mixnet Report
- Error
Too many connections
error. Solved with withMaxConnections
- Error
Unable to establish outgoing link in internalConnect
- Warning
no destination read behavior for codec tid=12 codec=/meshsub/1.2.0
vac:dst:waku:2025q3-waku-evaluation:js-waku-follow-up
vac:dst:ift:2025q3-dst-tooling:deployment-refactor
vac:dst:waku:2025q3-waku-theoretical-analysis:bandwidth
vac:dst:waku:2025q3-waku-theoretical-analysis:message-dissemination
vac:dst:ift:2025q3-dst-tooling:nim-libp2p-cron-removal
vac:dst:ift:2025q3-dst-tooling:nim-libp2p-dst-node-refactor
vac:sc: §
vac:acz: §
ift:2025q4-de-mls-tesnet:de-mls-maintaining
- Start to prepare code base for multi-steward
ift:2025q3-zerokit:release
ift:2025q3-rln-status-l2:stress-test
- Benchmark on 128 Core CPU server - results here
ift:2025q4-rln-status-l2:multi-tree
ift:2025q4-ift-zk-calls:ift-zk-call-1
- Began work on zk call slides.
nes:2025q4-nescience-consulting:consensus-survey
- Began consensus survey with Avalanche, HotStuff and Tendermint.
ift:2025q4-zerokit:ffi-rework
- Started implementing this task PR
ift:2025q4-rln-status-l2:maintaining
ift:2025q4-zerokit:zerokit-maintaining
- Merged this PR
- Reviewed these PR, PR
- code review for PR
- Updated binary name generaion in CI PR
ift:2025q3-discovery-exploration:disc-ng-specs
ift:2025q3-rln-status-l2:rln-spec-maintain
ift:2025q3-libp2p-mix-testnet:update-rfc
nes:2025q4-nescience-consulting:account-security
- Started to review document on NSSAv0.1 security and cryptographic assumptions.
- Prepared a document on NSSAv0.1 security and cryptographic assumptions.
admin/misc
vac:rfc: §
vac:rfc:ift:logos-poc
vac:rfc:codex:2025q4-rfc-iteration
- Picked up to work (and started researching Purchase and Sales Modules)
admin:misc
vac:nim: §
vac:nim:ift:2025q3-nim-core-libs:nim-cbor-serialization
vac:nim:ift:2025q3-nim-core-libs:compile-time-support-for-json-and-cbor
- Chronos regression in Nim devel found in libp2p https://github.com/nim-lang/Nim/issues/25202
vac:sec: §
ift:2025q3-awareness-program:web3-security-essentials
- Shared web3 news about crime, phishing, malware, hacks and IoC with Finance (Weekly Update)
ift:2025q3-wallet-policy-update:backup-and-recovery-policies
- Finished Backup and Recovery guidelines for critical assets (based on Threat Model)
ift:2025q3-continuity-plan:write-guides-and-best-practices
- Continued developing Operational Continuity guidelines based on Threat Model
ift:2025q3-awareness-program:signing-process-resilience-testing
- Continued testing and refining the multi-layer verification mechanisms in the Signing Process (All members)
ift:2025q2-iam-operations:defi-strategy-access-control:cap-money-protocol
- Added support for Cap Money protocol (CUSD and STCUSD) with scoped interactions
ift:2025q2-iam-operations:defi-strategy-access-control:nexus-patch
- Expanded Nexus Mutual integration
- Introduced a patched whitelist applying updated Nexus Mutual scoping across relevant contracts
ift:2025q3-cicd-security-review:status-design-reviews
- Completed validation of recent Status audit remediations to ensure all vulnerabilities were effectively patched
- Developed and executed PoC scripts to confirm fixed exploits are no longer reproducible
- Performed SBOM and dependency scans to detect any new or unexpected third-party additions
- Backported critical audit fixes to maintained release branches for consistency and security parity
ift:2025q3-vulma-and-ir:incidents
- Investigated organization GitHub Pages for phishing or injected scripts and removed suspicious content
- Collected and analyzed phishing attempts targeting X.com, extracting indicators of compromise (IOCs)
- Deployed lightweight detection checks to monitor new X.com mentions for suspicious URLs or activity
- Rotated exposed GitHub tokens and revoked unused integrations discovered during the investigation
ift:2025q3-vulma-and-ir:remediation-tracking
- Triaged Dependabot alerts, tested and merged verified safe dependency upgrades
- Evaluated recent supply chain CVEs and initiated mitigations for impacted repositories
- Audited CI/CD pipelines to confirm integrity protections (hash pinning, lockfiles) are enforced
ift:2025q3-iam-operations:remove-unnecessary-users
- Built workflows to test endpoints for Notion assets
- identify old pages
- identify access frequency and filter out inactive pages
- identify endpoint to archive old pages
ift:2025q4-Create hierarchy boards in Miro
- Repurposed workflow to use a step by step item generation in Miro
- Include new hierarchy report as data source
ift:2025q4-finance-automation-enhancements
- Hierarchy report - Finalized and delivered
- Identified reusable components from existing n8n worfklows
admin/misc
- Q3-2025 Retrospective
- Finished 4Q-2025 commitments and 2026 roadmap
vac:nes: §
-
state-separation-architecture-poc:validium
- Tried to run Nomos validium example on my machine anddid not succeeded. Also tried to run the local testnet and if was so difficult. Contacted Nomos and spent a significant amount of time to solve the issue. Problem is that they don’t have an image for macOs and had to configure mostly everything manually.
- Worked with Sergio on understanding how sovreign rollup examples are built and implemented in Nomos. Went through some documentation and code figured out how it works.
- Went through Celestia to understand how DA works.
- Wrote a small document about Validium, Nomos, and result interpretation.
-
state-separation-architecture-poc:cpc
- Researched how to make cross program calls work on NSSA. Finally, came up with a high level way to do it and discussed it briefly with Sergio.
- Worked on expanding the idea and the plan is to have a first version next week.
- Dived into the details of the Nomos validium and rollup examples.
- Ran a Nomos local testnet and learned how to disperse data into NomosDA.
-
vac:nes:2025q3:state-separation-architecture-poc:wallet-2
- Addressed the comments of PR 115 discussion in PR 119. While doing so I discovered some bugs and issues. Proposals to fix them are in
- PR 119: wallet improvements and some protocol deviation fixes,
- PR 120: inflation bug stemming from a missing check in the privacy circuit, and
- PR 121: account uniqueness for private accounts mechanism.
vac:web: §
vac:infra: §
- Deployed BNs and ELs for Nimbus Portal network fleet
- Adjusted Nimbus Portal fleet storage to be homogenous
- Improved memory alerting for LIDO fleet by taking ZFS into account
- Imported contributors list from BambooHR into OpenKM
- Added ENRTrees addresses to Waku fleets dashboard
- Preparing of proposal for LIDO fleet layout changes
- Fixed
status-go
benchmark issues by adjusted host size
- Researched Windows 10 in VirtualBox as alternative for E2E tests
- Implemented dry running Rocketpool rewards tree generation
- Cleanined up and merged PR for
bitcoinpodcast.com
Wordpress
- Implemented Kuma status pages for each Waku fleet
- Converted Holesky testnet Windows host to Hoodi testnet
- Upgraded all nodes on Holesky fleet before Fusaka fork
- Fihished deployment of Aztec L2 Sepolia testnet sequencer node
- Implemented ElasticSearch cleanup ILM policy, started Waku logs cleanup
- Research into ElasticSearch 8 upgrade
- Fixed issues with loading of Wazuh alerting rules
- Development of CLI tool for Airbyte
- Rollout of containerized Jenkins agents and builds
- Further implementation of unit tests for LIDO services
vac:bi: §