2026-01-12 Vac weekly

Vac 2026/01/12 §

top highlights §

• Advanced DST Vaclab 2.0 lab deployment with new infrastructure components and updated documentation.
• Shipped multiple Nimble 1.0.0 fixes and continued core library improvements.
• Delivered SN Hub updates for TVL access, Karma UI, and vault ordering.

team highlights §

• BI: Expanded finance data extractions with BTC/Alchemy updates and refreshed reporting models.
• BI: Added Logos Circle Telegram extractions and updated forum data pipelines.
• DST: Closed chat protocol benchmark follow-up and documented new nWaku issues for Status.
• DST: Advanced Vaclab 2.0 deployment automation and published infrastructure updates.
• Infra: Strengthened CI reliability with backup/restore validation and cleanup automation.
• Infra: Continued Status app release tooling, signing, and Flatpak packaging work.
• Nim: Shipped multiple Nimble 1.0.0 fixes across SAT solver and metadata handling.
• Nim: Improved Nim core libraries with json-rpc flavors, docs tooling, and langserver updates.
• P2P: Progressed nim-libp2p maintenance with Kademlia fixes and refactors.
• P2P: Continued gossipsub extensions and c-bindings logos core groundwork.
• QA: Added RLN negative-path test coverage and advanced token-gated community tests.
• QA: Extended nim-libp2p Kad-DHT test suite with merges and reviews.
• RFC: Drafted the Bedrock anonymous leader reward RFC and advanced fork choice reviews.
• RFC: Continued rfc-index coordination and Nomos RFC iteration reviews.
• Sec: Completed security review catch-up across IFT, Status, and VAC repositories.
• Sec: Followed up on incidents and carried CodeQL/Dependabot planning into Q1.
• TKE: Advanced Logos digital twin modeling and validator behavior simulations.
• TKE: Progressed Nomos DSE stress-test work and tokenomics collaboration.
• Web: Shipped SN Hub updates for TVL access, Karma UI, and vault ordering.
• Web: Advanced translations, maintenance workflows, and wallet extension improvements.

vac:bi: §

• ift-ts:bi:finance:2026q1-finance-reporting-helper:impovement
  • Updated BTC and Alchemy extractions.
  • Updated models to include BTC and Alchemy data.
• ift-ts:bi:logos:2026q1-logos-circle-monitoring:telegram-monitoring
  • Added Telegram data extractions.
• ift-ts:bi:logos:2026q1-logos-circle-monitoring:dashboard-improvement
  • Investigated Luma API limits for non-Logos organizers.
  • Updated forum data extractions.
• misc
  • Updated data extraction configuration in GitHub.
  • Extracted PeopleOps data.
  • Reinstalled the Airbyte test environment.
  • Improved database dumps into the testing environment.
  • Adapted backup configuration to limit resource usage.

vac:dst: §

• admin/misc
  • OOO: 6 CC days.
  • Prepared research call presentation (YouTube recording).
  • Organized new tasks and future work.
• vac:dst:status:2025q4-status-evaluation:chat-protocol-benchmarks-followup
  • Closed the task and delivered the report.
  • Found additional issues beyond mixed contact request scenarios.
    • nWaku in Status makefile is incorrect.
    • nWaku in Status reports SDS issues.
• other notes
  • test: simplify SignalClient #7270
  • Deploy initial components via Ansible #1
  • Updated metrics for rust-libp2p test node #14
  • Added pubsub metrics for go-libp2p test node #13
  • Refactor to use configs and server #2
• vac:dst:waku:2025q4-waku-scaling:optimise-browser-bootstrapping
  • Closed the task from last week.
• vac:dst:waku:2025q4-waku-evaluation:nwaku-api-image
  • Expanded documentation significantly.
  • Addressed minor review comments.
  • pod-api-requester#2 merged.
• ift-ts:dst:ift:2026q1-dst-tooling:general-tooling
  • Add namespace param to VictoriaReaderBuilder query #186 opened.
  • Fixed 10ksim master issues with old Helm experiment imports.
  • Reorganized the deployments/ folder.
  • Designed bridges for transforming event logs into analysis inputs.
• ift-ts:dst:ift:2026q1-dst-lab:lab-deployment-code
  • Add Lab Components - Part 1 opened.
  • Deployed Rancher, Hubble, VictoriaMetrics, VictoriaLogs, Grafana, Longhorn, and HomePage via Fleet.
  • Used persistent, replicated Longhorn storage for Grafana, VictoriaMetrics, and VictoriaLogs.
  • Fixed Fleet ownership issues.
  • Managed KubeOVN and Cilium via Ansible to avoid Fleet bootstrap dependencies.
  • Updated README and tested on cloud VMs; HomePage reachable at home.vaclab.
  • Updated physical infra layer details in Vaclab 2.0 - Full Software Stack.

vac:infra: §

• lido
  • Researched ETHGas relay error volume.
  • Removed ETHGas and Interstate relays from Hoodi nodes.
  • Submitted LIDO Q4 datasheet and emergency contact form.
• rocketpool
  • Debugged spam submissions from the oDAO node.
  • Upgraded Rocketpool nodes to the latest release.
• nimbus
  • Improved Nimbus-eth1 benchmarking reports and added metrics.
  • Added Consul alerts for Nimbus-eth1 benchmarking failures.
  • Researched running benchmarks via Jenkins instead of timers.
• waku
  • Investigated Waku node RLN registration issues.
• ci
  • Wrote backup and restore docs for Gitea and Harbor.
  • Performed test restores for Gitea and Harbor.
  • Adjusted GitHub Comment Manager formatting for large counts.
  • Ordered additional macOS hosts for Nomos GitHub Actions and Jenkins.
  • Started work on building and signing Logos App POC releases.
• status
  • Fixed Waku library integration with status-go; tests remain broken.
  • Redirected old Logos storage and messaging project sites.
  • Set up iOS and Android signing and release processes for the new app.
  • Continued Flatpak packaging for Status Desktop Linux app.
  • Deployed upgraded Matterbridge fork with updated status-go.
  • Adjusted Status bridge account permissions.
  • Cleaned up CI from leftover status-go test containers.
  • Added automatic cleanup of those containers to jobs.
• proxy
  • Removed obsolete Nodefleet and Grove backend endpoints.
• sites
  • Fixed Navbar CORS issue on https://ecosystem.logos.co/.
  • Fixed Watchtower issues with private Docker repos (Logos Press Enginer).
  • Researched Discourse registration email delivery failures; no issues found.
• misc
  • Continued comms around the new Vac DST research Kubernetes cluster.
  • Completed deployment of the CiviCRM service for Logos.
  • Finished setup of the Discord UTM bot.

vac:nim: §

• ift-ts:nim:ift:2026q1-nimble:nimble-1.0.0
  • Compute nim checksum from stdlib.
  • Set Nim URL in metadata for binaries; skipped checksum verification for Nim in lock files (platform-specific).
  • Fix Nim requirements filtered during SAT selection; added tests for Nim version requirements.
  • Fix special versions replacing tagged versions in SAT solver.
  • Use git show for version enumeration with declarative parser fallback.
• ift-ts:nim:ift:2026q1-nim-core-libs:language-server-editor-integration
  • Bump deps and formatting checks.
• ift-ts:nim:ift:2026q1-nim-core-libs:json-rpc
  • nim-json-rpc#259 added custom JSON flavors for client and server APIs.
• ift-ts:nim:ift:2025q4-nim-core-libs:command-line-parsers
  • nimbus-eth2#7826 used confutils obsolete for deprecated beacon node options.
• ift-ts:nim:ift:2026q1-nim-core-libs:docs
  • Compared mdBook vs nimibook for documentation.
  • Optimized mdBook build time for intops and Chronos (nim-chronos#612).
• vac:nim:ift:2025q4-nim-core-libs:cpu-integer-library
  • nim-intops#8 refactoring.
  • nim-intops#9 book updates.
  • nim-intops#11 benchmarks.
• vac:nim:ift:2025q4-nim-ide-tooling:langserver-maintenance
  • langserver#372 graceful shutdown in nimsuggest.

vac:p2p: §

• ift-ts:p2p:ift:2026q1-nimlibp2p-maintenance:maintenance
  • nim-libp2p#2017 refactor(kad): iterative search and CID handling.
  • Investigated LastSeenBook issues; proposed LastSeenOutBook alternative.
  • nim-libp2p#2007 avoid exposing ConnManager impl details.
• ift-ts:p2p:ift:2026q1-nimlibp2p-cbindings:core
  • nim-libp2p#2009 config parameters for c-bindings.
  • nim-libp2p#1976 stream read/write fixes.
• ift-ts:p2p:ift:2026q1-nimlibp2p-gossipsub-extensions:extensions
  • nim-libp2p#2000 extensions control message.
• ift-ts:p2p:ift:2026q1-nimlibp2p-logos-core:core
  • Created the logos-co/logos-libp2p-module repo based on logos-co/logos-waku-module.
• admin/misc
  • nim-libp2p#2016 getValue/getProvider updatePeers fix (likely superseded by #2017).
  • nim-libp2p#2015 chunks ignored in getValue.
  • nim-libp2p#2008 bootstrap findNode to all non-empty buckets.
  • nim-libp2p#2001 fix(utility): taking an extra element.
  • nim-libp2p#1982 refactor find and lookupstate.

vac:qa: §

• ift-ts:qa:anoncomms:2026q1-anoncomms-testing:rln-negative-paths
  • test: RLN proof verification failure cases in review.
  • test: Rate-limit validation and resource error tests in review.
• ift-ts:qa:status:2026q1-status-go-functional-testing:7128
  • test: Token gated communities - TC 7128 may need refactor to Anvil.
• ift-ts:qa:status:2026q1-status-go-functional-testing:7129
  • test: Token gated communities - TC 7129 - PoC.
• ift-ts:qa:messaging:2026q1-messaging-testing:network-conditions
  • logos-messaging-interop-tests#151 added latency and packet loss tests.
  • Added APIs to support networking command tests.
  • Found sender-side delay; issue pending messaging team confirmation.
• admin/misc
  • OOO: 6 CC days.
• ift-ts:qa:ift:2026q1-nim-libp2p-testing:kad-dht
  • nim-libp2p#2014 find and lookup tests in review.
  • nim-libp2p#1996 key conversion merged.
  • nim-libp2p#1998 routing table and refresh bucket merged.
  • nim-libp2p#2005 GetProviders hanging fix merged.
  • nim-libp2p#2006 lookup random PeerId per non-empty bucket.
  • nim-libp2p#2003 flaky GetProviders test.
• ift-ts:qa:status:2026q1-status-qa-mobile:release-testing
  • Retested status-desktop#19549 keycard info drawer on Android.
• ift-ts:qa:status:2025q4-status-qa-mobile:maintenance
  • Confirmed status of jobs with Sid (infra-ci/issues/222, status-desktop#19163).
• ift-ts:qa:status:2025q4-status-go-functional-testing:maintenance
  • test: simplify SignalClient under review; consider async approach.
  • Introduce asyncio into Python SDK scoped to SignalClient work.

vac:rfc: §

• admin/misc
  • OOO: 2.5 CC days.
• ift-ts:rfc:nomos:2026q1-rfc-iteration:bedrock-anonymous-leader-reward
  • Bedrock Anonymous Leader Reward RFC draft (rfc-index#251).
• ift-ts:rfc:nomos:2026q1-rfc-iteration
  • Reviewed Fork Choice Rule and second iteration OPChan.

vac:sc: §

• admin/misc
  • OOO: 10 CC days.

vac:sec: §

• ift:2025q4-treasury-continuity-plan:signing-accounts-revalidation
  • Continued annual revalidation of signing accounts.
• ift:2026q1-cicd-security-review:catch-up-code-reviews
  • Caught up on PRs across IFT, Status, and VAC with focus on security-critical changes.
  • Reviewed cryptography, key management, and secret handling paths.
  • Re-audited serialization, parsing, and validation logic across Go, Nim, and JS.
  • Reviewed storage, persistence, and migration changes merged during freeze periods.
  • Examined dependency updates for transitive supply-chain risk.
  • Reviewed CI, GitHub Actions, and release workflow changes for permission drift or secret exposure.
• ift:2026q1-vulma-and-ir:incident-catch-up
  • Caught up on incidents opened, updated, or closed during the year-end period and confirmed remediation status.
  • Hunter finding: store nodes accepting far-future timestamps (waku-26).
  • Publicly accessible asset endpoint (Status-361).
  • Re-validated incident-related patches after subsequent merges.
  • Reviewed Q4 ecosystem and third-party incidents for shared risk.
  • Reviewed build logs, alerts, and CI outputs for anomalies after holiday releases.
  • Investigated potential Discord phishing attempt (Discord thread).
• ift:2026q1-vulma-and-ir:review-and-planning
  • Re-reviewed CodeQL and Dependabot findings carried over from Q4.
  • Dependabot alert: Next.js DoS with Server Components (status-web#277).
  • Dependabot alert: Next.js DoS with Server Components (status-web#276).
  • Dependabot alert: urllib3 decompression chain DoS (nimbus-eth2#48).
  • Dependabot alert: Next.js RCE via React Flight protocol (status-web#273).
  • Performed secondary reviews on PRs labeled security, infra, or hotfix.
  • Identified high-risk areas for deeper review and documented plans.
  • Aligned with maintainers on security review priorities and timelines.
• ift:2026q1-finance-automation-bug fixing & support
  • Monitored Finance executions daily.
  • Investigated new use cases.
• ift:2025q4-finance-automation-enhancements
  • Deployed new PO logic for duplicate identification.
  • Testing with real data pending before deployment.
• ift:2025q4-revalidation of github and discord handles
  • Tested options for retrieving missing identifiers via system data extraction.
• ift:2025q4-create hierarchy boards in miro
  • Fixed partial issues for new boards vs BBHR data.
  • Tested the new version.

vac:tke: §

• admin
  • Reviewed all projects and updated their status.
  • Updated the TKE landing page on Notion.
• misc
  • Continued LSSA tutorial deep dive.
• vac:tke:ift:logos-token:logos-digital-twin
  • Continued implementing Logos stock and flow diagrams in Machinations.
• vac:tke:blockchain:stress-test:realistic-validator-model
  • Started implementing a behavioral model for validators joining and leaving the system.
• vac:tke:ift:support-to-ift-units:reading-by-jarrad
  • Continued reading about virtual worlds and economies.
• vac:tke:blockchain:stress-test:nomos-dse
  • Reviewed the current proposal.
  • Met with the Nomos team to discuss simulations and next steps.
  • Planned to finalize simulations.
  • Updated the main DSE document with simulation results.
• vac:tke:ift:logos-token:fundraise
  • Met with the Fundraising team to discuss current state and next steps.
• vac:tke:ift:support-to-ift-units:explore-bi
  • Met with the BI team to discuss collaboration.
• vac:tke:ift:ecodev:xprize
  • XPrize analysis.
• vac:tke:ift:tokenomics-research-forum:betfundme
  • Investigated applications for token sales.

vac:web: §

• ift-ts:web:status:2026q1-sn-hub:proxy-api
  • TVL on VPN debugging.
  • Configured a bot protection bypass on Vercel for VPN access.
• ift-ts:web:status:2026q1-sn-hub:depositing
  • Change order of the vaults.
• ift-ts:web:status:2026q1-sn-hub:seo
  • Redirect /dashboard to /.
• ift-ts:web:status:2026q1-sn-hub:i18n
  • Add i18n to apps/hub.
• ift-ts:web:status:2026q1-sn-hub:karma-evolution
  • Implement Karma button in the top-nav.
  • Restricted Karma hooks to Status Network Sepolia.
  • Persisted Karma balance across network switches.
  • Enhance Karma Overview Card UI.
• ift-ts:web:status:2026q1-sn-website:translations
  • Setting up translations.
• admin/misc
  • OOO: 1 CC day.
  • Put GitHub issues on the timeline.
• ift-ts:web:ift:2026q1-maintenance:maintenance
  • Preview deploy workflow for external contributors.
  • Remove working directories from preview deploy.
  • Remove turbo telemetry from preview deploy.
  • Update preview deploy.
  • Recipients notification for email templates.
  • Pagination for LPE search results.
• ift-ts:web:status:2026q1-status-wallet-extension:lifi-swap-integration
  • Integrate LI.FI widget and polished the swap UI.
• ift-ts:web:status:2026q1-status-wallet-extension:global-password
  • Add password context and centralize session management.
• ift-ts:web:logos:2026q1-logos-forum
  • Explored forum statistics reports and Discourse Data Explorer for Comms.
  • Requested BI dashboard support (data-docs#139).
• ift-ts:web:logos:2026q1-contribute-portal:contribution-guidelines
  • Translate resources content to French.