IFT-TS 2026/03/30 §

top highlights §

• SEC started LEZ security audit, built the interactive security checklist for IFT core contributors, and created the Security Guidelines page.
• TKE prepared Logos model parameters with BI, defined a first LEZ fee-market model, and advanced investor-facing token work.
• NIM landed new Nimble 0.22.3 release, progressing protobuf-serialization fixes and integration with libp2p, core-libs maintenance, and Chronos documentation.

team highlights §

• BI: Updated Status Apple Store metrics and linked them with Google Analytics 4 for campaign analytics.
• BI: Refreshed Status Network monitoring and continued Logos app-download and GitHub release extraction work.
• DST: Finished a scalable KAD-DHT evaluation plan and documented hop-collection and latency issues.
• DST: Compared jemalloc-backed IBD and non-IBD blockchain nodes and documented continued memory-growth findings.
• DST: Converted metrics and plotting from YAML to Python and cleaned up the deployment-analysis bridge work.
• DST: Extended vaclab health monitoring with krew packaging, intra-node benchmarks, and new hardware dashboards.
• NIM: Landed Nimble cleanup, backport, and patch-release work across the 1.0.0 stream.
• NIM: Advanced protobuf serialization with default-option handling, conformance tests, negative-varint fixes, and RendezVous adoption work.
• NIM: Continued core-libs maintenance through borrow/carry helpers, dependency bumps, and compiler or CLI fixes.
• NIM: Progressed Chronos documentation and language-server integration fixes.
• P2P: Merged a broad maintenance batch across nim-libp2p, nim-lsquic, and Nimbus QUIC support.
• P2P: Added support for listening on many QUIC addresses ahead of the next maintenance stream.
• P2P: Finished the gossipsub 1.4 preamble-extension refactor.
• P2P: Added follow-up improvements to the gossipsub partial-messages extension.
• QA: Continued token-gated community functional testing with review feedback and complexity-audit work.
• QA: Progressed messaging maintenance through RLN refactoring and flaky-test fixes.
• QA: Re-tested Logos Delivery Python bindings and documented missing APIs, publish failures, and metrics-thread issues.
• QA: Advanced Status desktop and mobile E2E maintenance, including Activity Center tests and light-client messaging fixes.
• QA: Added status-go maintenance changes and nim-libp2p transport-interop test-plan work.
• RFC: Reviewed several RFC index pull requests and prepared the next 1/COSS update.
• RFC: Continued adversary-spec updates and completed retrospective follow-up work.
• SC: Updated exact-output swap work with overflow fixes and added supporting tests.
• SC: Iterated on AMM completion work for PR 371 and LP delta fixes.
• SC: Opened the initial lez-programs repository setup and continued ATA-program integration work.
• SEC: Shared the draft LEZ security audit with the dev team.
• SEC: Built the interactive security checklist for IFT core contributors.
• SEC: Created the Security Guidelines page and requested production merge.
• SEC: Continued repository-wide security reviews, Keycard remediation validation, and dependency or incident triage.
• TKE: Prepared Logos model parameters with BI and continued deployment planning for the macroeconomic model.
• TKE: Defined an initial LEZ fee-market model and advanced stablecoin and RFP review work.
• TKE: Progressed fundraising and token work with investor-data-room drafting and LBP review.
• TKE: Continued xPrize and broader ecodev process work, including Builder Hub shaping and RFP reviews.
• WEB: Continued SN Hub Hoodi migration and opened proof-of-work RPC auth.
• WEB: Fixed stake-page visibility and loading-state issues in SN Hub while keeping max-stake fixes under retest.
• WEB: Progressed the wallet-extension dApp-connection flow.
• WEB: Advanced the community-curation monorepo migration and Status Network blog updates.
• WEB: Delivered maintenance and content work across free.technology, Logos sites, and Builder’s Hub.

ift-ts:bi: §

• ift-ts:bi:status:2026q1-uss-status
  • Updated Apple Store metrics and linked current data with Google Analytics 4 for campaign analytics.
  • Continued community-monitoring work on status-bot.
• ift-ts:bi:status-network
  • Updated Status Network testnet monitoring in Grafana.
• ift-ts:bi:keycard
  • Researched Shopify analytics updates.
• ift-ts:bi:logos:2026q1-logos-github-monitoring
  • Continued extracting Logos app download and GitHub release data.
• ift-ts:bi:finance
  • Fixed a small data issue.

ift-ts:dst: §

• ift-ts:dst:ift:2026q1-dst-tooling:general-tooling
  • Merged vacp2p/10ksim#212, #213, #214, #215, and vacp2p/dst-libp2p-test-node#17.
  • Kept vacp2p/dst-libp2p-test-node#18 and #16 in review, and continued repository restructuring in vacp2p/10ksim#208.
• ift-ts:dst:anoncomms:2026q1-anoncomms-evaluation:kad-dht
  • Documented the KAD-DHT plan, identified issues with hop collection and large latencies, and opened vacp2p/dst-libp2p-test-node#19.
  • Published supporting nim-libp2p branch and 10ksim analysis branch.
• ift-ts:dst:blockchain:2026q1-blockchain-evaluation:consumption
  • Deployed jemalloc-backed IBD and non-IBD nodes and documented the memory investigation in Notion.
  • Confirmed jemalloc keeps memory lower and more stable, while memory growth still continues; next step is voucher-management optimization.
• ift-ts:dst:ift:2026q1-dst-tooling:deployment-analysis-bridge
  • Cleaned up the bridge work in vacp2p/10ksim#216 after closing #209 in favor of the new PR.
• ift-ts:dst:ift:2026q1-libp2p-evaluation:regression-testing
  • Started nim-libp2p plots and documented work-in-progress results in Notion.
• ift-ts:dst:ift:2026q1-dst-tooling:analysis-yaml-refactor
  • Converted metrics and plotting flows from YAML to Python and continued cleanup.
• ift-ts:dst:ift:2026q1-dst-lab:lab-health-monitoring
  • Opened vacp2p/vaclab-k8s-plugins#8 with intra-node benchmarking, tainted-node exclusions, krew packaging, and installation instructions.
  • Opened vacp2p/vaclab-2#22 with intra-node throughput panels and a node-hardware dashboard.
• ift-ts:dst:ift:2026q1-dst-lab:analyze-current-stack
  • Added metal-01 as a tainted worker node and fixed Longhorn persistent-volume creation by disabling multipathd.
  • Awaited approval to move monitoring components and related volumes onto metal-01.
• other notes
  • Reviewed more CVs, ran a pair-programming interview, and prepared the DST retrospective and Q2 commitments.
  • Investigated Logos Messaging v0.38.0-rc.0 questions and the de-MLS assumption for new work.

ift-ts:nim: §

• ift-ts:nim:ift:2026q1-nimble:nimble-1.0.0
  • Merged Nimble cleanup, backport, and release work in nim-lang/nimble#1651, #1645, #1644, #1643, and #1641, and shipped a patch release.
  • Reviewed community PRs.
• ift-ts:nim:ift:2026q1-nim-core-libs:libp2p-protobuf-serialization
  • Added pbNone(default(T)), pbSome(value) for default options, proto2 conformance coverage, avoidance of repeated packed defaults, and negative int32 varint fixes in status-im/nim-protobuf-serialization#65, #64, #62, #63, and #61.
  • Continued RendezVous adoption in vacp2p/nim-libp2p#2166.
• ift-ts:nim:ift:2026q1-nim-core-libs:maintenance
  • Updated dependency and compiler compatibility work across vacp2p/nim-libp2p#2199, status-im/nim-testutils#66, vacp2p/nim-jwt#1, vacp2p/bearssl_pkey_decoder#1, and status-im/nim-confutils#118.
  • Reworked borrow/carry-only helpers in vacp2p/nim-intops#27, updated status-im/nim-stint#176, reviewed nim-lang/nimble#1622, released nim-intops 1.0.8, and removed add_submodule.sh in status-im/nimbus-build-system#113.
• ift-ts:nim:ift:2026q1-nim-core-libs:docs
  • Continued the Chronos HTTP server tutorial in status-im/nim-chronos#622 and selected nim-unittest2 as the next documentation target.
• ift-ts:nim:ift:2026q1-nim-core-libs:language-server-editor-integration
  • Fixed Chronos inlay hints in status-im/nim-chronos#621.

ift-ts:p2p: §

• ift-ts:p2p:ift:2026q1-nimlibp2p-maintenance:maintenance
  • Merged maintenance and compatibility work in vacp2p/nim-libp2p#2196, #2197, #2191, vacp2p/nim-lsquic#76, #75, #70, vacp2p/nim-libp2p#2125, and #2059.
  • Got Nimbus QUIC support working through status-im/nimbus-eth2#7775, ran it in Kurtosis, and investigated CI dependency failures.
• ift-ts:p2p:ift:2026q2-nimlibp2p-maintenance:quic-maddrs
  • Added support for listening on many addresses in vacp2p/nim-libp2p#2193.
• ift-ts:p2p:ift:2026q1-nimlibp2p-gossipsub-extensions:partial-messages
  • Added more generic misbehavior callbacks in vacp2p/nim-libp2p#2187 and new penalty cases in #2188.
• ift-ts:p2p:ift:2026q1-nimlibp2p-gossipsub-extensions:1-4-extension
  • Added the preamble extension in vacp2p/nim-libp2p#2179.
• other notes
  • Interviewed 2 candidates.
  • Reported that the gossipsub extensions stream is fully finished, including partial messages and experimental extensions.

ift-ts:qa: §

• ift-ts:qa:status:2026q1-status-go-functional-testing:7129
  • Continued status-im/status-go#7359, added a backend complexity audit, and kept review feedback moving.
• ift-ts:qa:messaging:2026q1-messaging-testing:maintenance
  • Continued RLN-test refactoring in logos-messaging/logos-delivery-interop-tests#164 and tracked the blocker in logos-messaging/logos-delivery#3779.
  • Opened logos-messaging/logos-delivery-interop-tests#167 to reduce flakiness by stabilizing node setup.
• ift-ts:qa:messaging:2026q1-messaging-testing:python-bindings
  • Re-tested recent changes, confirmed missing .so APIs and unresolved metrics issues, and documented 3 issues in logos-messaging/logos-delivery-python-bindings#4.
• ift:2026q2-nim-libp2p-testing:interop-test-plans
  • Exposed known-error input in libp2p/test-plans#842, updated unified-testing transport workflows in vacp2p/nim-libp2p#2185, kept #2195 in review, and progressed #2189.
• ift-ts:qa:status:2026q1-status-qa-desktop:maintenance
  • Merged or tracked scrolling, channel creation, Qt 6.11, StatusInput, PR 19887, and NavBar spacing fixes in status-im/status-app#20287, #20288, #20249, #20247, #20154, #20224, and #20221.
• ift-ts:qa:status:2026q1-status-qa-desktop:activity-center-and-notifications
  • Added Activity Center QML component tests in status-im/status-app#20267.
• ift-ts:qa:status:2026q1-status-qa-mobile:maintenance
  • Improved Appium timing in status-im/status-app#20308, updated gate tests in #20266, and logged the light-client messaging regression in status-im/status-go#7393.
• ift-ts:qa:status:2026q1-status-go-functional-testing:maintenance
  • Made review changes in status-im/status-go#7372, progressed parallel teardown in #7376, and updated Anvil-based deposit E2E tests in status-im/status-web#1066.
• other notes
  • OOO: 3 CC days.

ift-ts:rfc: §

• ift-ts:rfc:ift:2026q1-rfc-index-maintenance:maintenance
  • Reviewed vacp2p/rfc-index#299, #300, #298, and #297.
  • Continued 1/COSS changes and adversary-spec updates for the next version.
• other notes
  • Completed retro follow-up in Notion and Miro.

ift-ts:sc: §

• ift-ts:sc:logos:2026q1-amm-fee-system-and-swap-improvements:exact-output-swap
  • Updated the exact-output swap PR in logos-blockchain/logos-execution-zone#406 with overflow fixes and tests.
• ift-ts:sc:logos:2026q2-amm-program-completion:complete-pr-371
  • Iterated on logos-blockchain/logos-execution-zone#371 and the related follow-up #373.
• ift-ts:sc:logos:2026q2-amm-program-completion:fix-remove-lp-delta
  • Worked on logos-blockchain/logos-execution-zone#420.
• other notes
  • Continued reorganizing LEE and LSSA docs from Notion into Obsidian.
  • Added the Associated Token Account program with wallet CLI and tutorial in logos-blockchain/logos-execution-zone#387.
  • Opened initial repository setup in logos-blockchain/lez-programs#1 and kept integration tests in progress.
  • Updated logos-blockchain/logos-execution-zone#300 according to review comments and opened the SC Q2 commitments PR vacp2p/roadmap#424.

ift-ts:sec: §

• ift:2026q1-awareness-program:web3-security-essentials
  • Created the Security Guidelines page and requested merge into the production page.
• ift:2026q1-cicd-security-review:security-checklist-development
  • Built the interactive security checklist for IFT core contributors, covering communication security, Web3 wallets, AI and LLM safety, and privacy.
• ift:2026q2-degoogling:sign-in-dependencies-review
  • Evaluated Okta and Auth0 providers and updated onboarding docs to encourage the deGoogling initiative.
• ift:2026q1-iam-operations:defi-strategy-access-control
  • Executed the whitelisting request for updating Morpho Sentora settings.
• ift:2026q1-cicd-security-review:pr-and-commit-reviews
  • Performed security reviews across IFT repositories, with focus on cryptography, key management, authentication flows, Keycard firmware, Waku protocol changes, and Status wallet signing flows.
• ift:2026q1-cicd-security-review:keycard-remediation-validation
  • Continued validating Keycard audit fixes, reviewed new remediation PRs, and tested memory-safety and bounds-checking edge cases.
• ift:2026q1-vulma-and-ir:dependency-and-alert-triage
  • Triaged new CodeQL and Dependabot alerts, assessed exploitability, and coordinated high-priority dependency updates.
• ift:2026q1-vulma-and-ir:incident-monitoring
  • Monitored new security incidents, followed up on resolved ones, reviewed anomalies, and updated incident documentation.
• ift:2026q1-vulma-and-ir:bug-bounty-triage
  • Triaged bug bounty submissions across Waku, Status, and IFT projects and coordinated validation and remediation.
• ift:2026q1-finance-automation-bug fixing & support
  • Monitored Finance executions daily and verified expense PO generation.
• ift:2026q1-security-automation:refine -app-catalogue-update-from-expensify
  • Monitored duplicate-data scenarios in the automated application-catalogue update flow.
• ift:2026q1-security-automation:identify & post sec related news
  • Finalized the DigiBastion news-snippet workflow and investigated a source database for a trained AI agent.
• ift:2026q1-lez-security-review:security-audit-onboarding
  • Defined the audit process, completed the initial LEZ security audit draft, and shared findings with the dev team.
• other notes
  • Conducted the Q1 Security retrospective and drafted or validated Q2 objectives and task breakdowns.

ift-ts:tke: §

• vac:tke:ift:support-to-ift-units:explore-bi
  • Prepared a spreadsheet with Logos model parameters and coordinated with BI on deployment of the macroeconomic model.
• vac:tke:blockchain:stress-test:lez-fee-market
  • Defined the first fee-market version for LEZ.
• vac:tke:ift:support-to-ift-units:logos-stablecoin
  • Reviewed the RAI and HAI model and notebook, and authored the stablecoin RFP.
• vac:tke:ift:logos-token:fundraise
  • Met the new fundraising team member, caught up on the latest discussions, and wrote a Logos token doc for the investor data room.
• vac:tke:ift:ecodev::private-dex
  • Reviewed the RFP on GitHub and Juan’s draft.
• vac:tke:ift:ecodev::lending
  • Reviewed the RFP on GitHub.
• vac:tke:ift:logos-token:lbp
  • Studied the LBP work and implementation.
• vac:tke:ift:ecodev:xprize
  • Continued documenting the process, shaping the Builder Hub lambdaPrize section, coordinating new prizes, and detailing how Circles fits into lambdaPrize.
• vac:tke:ift:ecodev
  • Reviewed RFPs.
• other notes
  • OOO: 1 CC days.

ift-ts:web: §

• ift-ts:web:status:2026q1-sn-hub
  • Continued Hoodi migration in status-im/status-web#1060 with updated contracts and UI.
  • Opened proof-of-work RPC auth in status-im/status-web#1079 and coordinated with Infra and Andrey on the RPC proxy.
  • Fixed pre-deposit min/max visibility in status-im/status-web#1081, kept max-extension staking fixes under retest in #1076, removed stale skeleton conditions in #1083, and renamed APY to APR in #1080.
• ift-ts:web:status:2026q1-status-wallet-extension:dapp-connection
  • Continued the wallet-to-dApp connection flow in status-im/status-web#1033.
• ift-ts:web:status:2026q1-community-curation:migration-to-status-web-monorepo
  • Continued the community-curation monorepo migration in status-im/status-web#1077 and published a Vercel preview.
• ift-ts:web:status:2026q1-sn-website
  • Continued showing all published posts on /blog in status-im/status-web#1084.
• ift-ts:web:ift:2026q1-maintenance:maintenance
  • Fixed the TypeScript 6.0 build with a multi-stage build in acid-info/free.technology#20 and commented out unused job-board mappings in #19.
  • Fixed thumbnail rendering and calendar-event details in logos-press-engine commit 2bb9977, completed the Builders Hub repo migration, and handled Logos.co PDF and IFT homepage content updates.
• ift-ts:web:logos:2026q1-logos-website
  • Implemented the Circles map using BI’s API in acid-info/logos#35.
• other notes
  • OOO: 4 CC days.