Add Default Time Limit to Indexer RPCs:feat: add default time cost limit on indexer rpc #5012This feature adds a default time-cost limit to indexer RPCs to cap linear-time queries and reduce the attack surface as data volume grows.
Async Message Sending in CKB Node: feat: relay use async send msg #5001Updates the relay to send messages asynchronously, preventing message drops during network congestion caused by limited send capacity.
Molecule
Generate FromIterator with Generic Types: feat: generate FromIterator with generic type molecule#105Allows a Molecule entity to be created from any iterator or Vec of items, automatically converting each item to the entity’s required type.
Performance improvements for get_cell_capacity RPC
Prioritize proposal tx in verification: Verify worker will pick proposal_tx first #5009Ensures that the verification worker processes proposal transactions first, giving them higher priority in the verification queue.
Solid update overall !
Great to see continued progress on reliability, light clients, CKB-VM security, and developer tooling.
These improvements clearly strengthen the foundation and move the network in the right direction.
Native App Support: Adds a native Android app support for CKB Light Client with direct JNI integration. (Link: PR #266)
SQLite Integration: Introduced support for SQLite as a storage backend for the light client, providing a more lightweight database option for mobile client environments. (Link: PR #267)
CKB-VM
SHA-2 Algorithm Breakthrough:
Optimized SHA256 and SHA512 implementations (located in ckb-vm-contrib/opt-lib) have achieved approximately 2.23× higher performance compared to standard implementations.
In specific performance test cases, cycle consumption was reduced from 232 million to 104 million, significantly lowering the cost of executing hash-intensive smart contracts. (Links: PR #40, PR #41)
Cryptography & Quantum Security
Mainnet Deployment: The Quantum Resistant Lock Script has been successfully deployed to the CKB Mainnet, enhancing the network’s resilience against future quantum computing threats. (Link: PR #16)
SPHINCS⁺ Verification Efficiency:
Integrated the optimized SHA-2 library into SPHINCS⁺, resulting in a roughly 40% performance improvement in verification costs across all parameter sets. (Link: Branch quick_sha2)
Verification Metrics (Cycle Consumption):
sha2-128s: 7.1M | sha2-128f: 20.6M
sha2-192s: 9.9M | sha2-192f: 30.5M
sha2-256s: 15.4M | sha2-256f: 29.6M
Ecosystem & Technical Support
Annual Dependency Audit: We have completed the annual security audit on the contract dependency libraries to track the stability of core dependencies.We evaluated Secp256k1, mbedTLS, and libecc, all of which had reported security issues in the past year. Since our usage is limited to core cryptographic algorithms (RSA, Secp256k1, Secp256r1), we are not affected. This reinforces the importance of minimizing third-party library usage to essential functionality to reduce risk.Secp256k1 and mbedTLS demonstrate strong security practices, performance, and test coverage, and are recommended for future contract development, while libecc is weaker and NOT recommended. Finally, recurring issues in C-based libraries suggest prioritizing Rust implementations, such as RustCrypto, whenever possible.
Added support for cargo-binstall within CKB to simplify the build and installation process for developers and node operators. (Link: PR #5089)
Optimized the logging for header synchronization, providing more granular visibility into synchronization timing to help identify potential bottlenecks in the sync process. (Link: PR #5086)
In Pipeline…
zkVM Development: Provided technical support for zkVM-related Proof of Concepts (PoC) projects, facilitating expanding Zero-Knowledge Proof applications on CKB.
CKB-VM assembly code in RV64IM
RocksDB Schema Optimization: By implementing a block-number prefixed key schema, write amplification was reduced from 15× down to 2×. This significantly enhances long-term node stability and storage throughput. (Links: Issue #5087, PR #5085)
OpenRPC JSON Specification (Draft): Added OpenRPC JSON spec for CKB RPC. Taking inspiration from Swagger and ReDoc, we also built a frontend for browsing and interacting with the RPC.
Log subscription API: Introduces a new RPC subscription topic for logs, providing real-time access to node logs via RPC, improving observability, debugging, and tooling such as ckb-tui: rpc: implement logs subscription #5092
Released a new AI-friendly smart-contract boilerplate designed to work well with AI coding assistants. It was used to build a collateralized loan contract with Claude Opus for approximately 2.2 USD in API cost.
