Week 14 Dev Digest: DevShards Economics, Bridge Security Hardening, 21 Issues Closed

Overview

Week 14 (March 28 – April 3) delivered 21 closed issues and pull requests, with DevShards economics and bridge security dominating the workload. The team finalized the fee model for developer shards, deployed a batch of CertiK audit fixes for the Ethereum bridge, and shipped critical escrow safety patches.

DevShards Economics Take Shape

Three P0 issues drove the DevShards fee and reward architecture forward:

• Fee model implemented (#935, #965) — DevShards now charge create_fee + max_nonce × fee_per_nonce, creating an economic deterrent against network spam while keeping costs predictable for legitimate developers.
• Rewards research closed (#914) — The team completed research on reward distribution mechanics for shard operators.
• Warm key determinism (#913) — Fixed non-deterministic warm key authorization across hosts. Previously, hosts checking key validity at different times against the MainNet bridge could reach conflicting conclusions, breaking consensus.

Bridge & DKG Security Hardening

CertiK's ongoing bridge audit yielded actionable fixes deployed this week:

• DKG dealer consensus fix (#823, #825) — Patched a vulnerability where weak dealer approval in the BLS threshold signing process could enable a denial-of-service attack. The fix tightens dealer validation in phase_transitions.go and threshold_signing.go.
• Batch CertiK fixes (#988) — Resolved multiple findings from the bridge audit, including GEB-29 (weak dealer approval DoS).

Developer Access Simplified

• No more participant registration for inference (#744, #750) — The chain previously required a Participant record to send inference requests, even though the public key is already available from the Account record. The team removed this unnecessary gate, reducing friction for developers building on Gonka.

Escrow Safety Patch

• Fund-loss prevention (#980) — Fixed a critical bug in subnet escrow code introduced in v0.2.11: distributeUnsettledEscrow was logging SendCoinsFromModuleToAccount failures but returning nil, causing the Remover to delete the escrow record and permanently lock the failed validator's funds. The fix also adds missing overflow guards.

Maintenance Windows (WIP)

• Node maintenance scheduling (#993, #996) — Initial implementation and cleanup for scheduled maintenance windows, allowing node operators to signal planned downtime without triggering slashing penalties. Work continues toward #927.

Validation, Slashing & Infrastructure

• Model group validation fix (#853) — Validation no longer silently drops when model group data is missing; errors surface correctly.
• Enforced tokens error handling (#833) — Incorrect enforced token format now returns proper 400/422 responses with validation context.
• Legacy slashing alignment (#940) — Aligned legacy validator slashing with the required collateral semantics introduced in v0.2.11.
• MLNode 3.0.12-post6 (#990) — Updated the default MLNode version with PoC stability improvements.
• Circuit breaker enhancement (#974, #975) — Intra-epoch circuit breaker now uses reputation-adjusted executor selection, routing traffic away from nodes with high miss rates within the same epoch rather than waiting for the next one.

Transaction Fees Reverted

• GIP for spam prevention rolled back (#937, #978) — The governance-controlled minimum gas price proposal was merged then reverted. The feature introduced a TxFeeChecker replacing the nil fee checker that allows zero-fee transactions. The team pulled it back, likely to refine the approach before re-introducing fees on the zero-gas network.

By the Numbers

What to Watch

• DevShards moving from economics to testnet activation
• Maintenance windows feature completion (#927)
• Transaction fee GIP likely to return in revised form
• Continued CertiK audit fix deployments