Overview
Week 18 of 2026 (April 27 to May 3) was a hardening week. Five PRs landed in the main gonka repo, 46 doc PRs landed in gonka-docs, and 80 GitHub issues were closed across the org. The headline is the v0.2.12 upgrade clearing the main branch, three more CertiK advisories closing on the Ethereum bridge, and a large internal deep-security audit pass that fixed dozens of error-handling, overflow, and resource-exhaustion gaps.
v0.2.12 Upgrade Activation
The long-running upgrade PR for the v0.2.12 binary release finally merged. The binary itself shipped on April 11, but the on-chain upgrade handler and the related infrastructure work landed in main this week.
gonkaPR #948 — Upgrade v0.2.12 merged on April 30. This wires the upgrade handler that nodes execute when the governance proposal triggers the new height.gonkaPR #1130 — MLNode config + skills merged on April 30, refining how MLNode is configured per node and adding skill-tagging hooks the API node can use to pick the right inference target.gonkaPR #1127 — docs: remove host_onboarding.md fee guide cleared a stale fee section that no longer applied after the v0.2.12 host accounting changes.
Multi-Model PoC, Continuous PoC, and the rest of the v0.2.12 feature set were already in the binary; this week was about making the upgrade safe to activate.
CertiK Audit: Three More Advisories Closed
The CertiK Ethereum bridge audit is now down to its final cleanup. PR #1115 — Certik audit fixes (GEB-59, GEB-60) and PR #1123 — geb-62 dispute order closed the three remaining tracked advisories:
- Issue #1111 (GEB-59) — a dispute-handling correctness fix in the bridge module
- Issue #1110 (GEB-60) — store-asymmetry fix in how bridge state is read versus written
- Issues #1109 / #1114 (GEB-62) — corrected ordering of dispute submissions to make outcomes deterministic across nodes
PR #737 — refactor(bridge): normalize hex fields and fix store asymmetries landed alongside, addressing a long-standing issue where hex-encoded fields in the bridge module were inconsistently stored. PR #1057 — fix(bridge): add TTL to warm key cache to prevent cache poisoning closes a separate cache-lifetime bug surfaced by the same audit pass.
Internal Deep Security Audit
A large internal review under issue #1079 — Deep Security Audit: BLS/DKG protocol, state machine consistency, and economic logic vulnerabilities closed this week, after the underlying fixes landed. The review focused on three classes of bug: error swallowing, integer overflow, and resource exhaustion. Representative fixes:
- PR #1051 — fix(claims): prevent permanent fund loss when reward payment fails: claim-payment failures used to silently advance state, leaving the participant unable to retry. The new path returns the failure and keeps the claim eligible.
- PR #1014 / #1015 — fix(subnet): add overflow guards for SubnetHostEpochStats and cost accumulation: host-stat counters were uint32 and could wrap under heavy load. They are now bounded with explicit guards.
- PR #1054 — fix(api): prevent internal error details from leaking to clients and PR #1055 — fix(api): add SSRF protection for executor URLs: API hardening to keep internal hostnames and stack traces out of client responses, and to block the API node from being used as an SSRF pivot.
- PR #1056 — fix(subnet): replace bulk rate limiter eviction with LRU-style eviction: the previous limiter wiped its entire table on overflow, which momentarily disabled rate limiting. LRU eviction keeps the cap in place under load.
- PR #1059 — fix(subnet): cap catch-up diffs to prevent CPU/memory exhaustion: a node coming back online could request an unbounded diff. The new cap keeps recovery within a fixed work budget.
About 30 small PRs in this batch landed under issue #883 (minor safety issues), #885 (non-deterministic queries), and #979 (devshards escrow). None of them are individually load-bearing, but the cumulative effect on node stability is the largest in any single week this year.
Multi-Model PoC Documentation
The gonka-docs repo accepted 46 PRs, almost all of them documenting the Multi-Model PoC feature shipped in v0.2.12. PR #995 — Add Multi-Model PoC section to documentation landed the initial structure; the long tail of Update multi_model_poc.md PRs (twelve in total) walked through editing rounds. PR #1020 — Bootstrap page and PR #1025 — Update kimi-bootstrap.md added a host-onboarding flow specific to the Kimi K2.6 model. The docs are now live at docs.gonka.ai.
By the Numbers
| Repo | PRs merged | Notable issues closed |
|---|---|---|
gonka |
5 | GEB-59, GEB-60, GEB-62, #1079 (deep audit) |
gonka-docs |
46 | Multi-Model PoC docs, Kimi bootstrap |
gonka-openai |
0 | — |
vllm |
0 | — |
bridge-geth |
0 | — |
bridge-prysm |
0 | — |
Org-wide closed issues: 80 (most of them PR-tracked, a few standalone audit findings).
Coming Up
PR #1134 — Proposal: PoC-decode was opened on April 30 and is the next big proposal in flight. PoC-decode aims to let validators verify inference correctness without re-running the model end-to-end, by checking the decoder step alone. PR #1136 — feat: deploy sentry overlays sets up sentry-node deployment templates so validators can put a public-facing relay in front of their consensus node. Both are draft-stage; expect them to land in the next week or two if review goes smoothly.