Changelog
Week of May 18, 2026
New features
Reineira settlement loop
End-to-end payout flow for confidential inference is now live. Tasks that complete a verified quorum result automatically settle against a confidential escrow, so agents and node operators get paid as part of the same transaction that finalizes the result — no separate settlement step.- New
PayoutClaimerresolver contract on Arbitrum Sepolia handles claim submission and disbursement. InferenceGateandResultRegistryupdated to plug into the settlement path.- ICL exposes settlement-aware quorum and chain services so the coordinator can drive payouts end-to-end.
Confidential escrow primitive
Agents can now fund a task in advance through a confidential escrow that releases on a verified result. This lets you pre-pay for inference, set quorum-dependent payout conditions, and avoid trusting a single off-chain settler.- New escrow scripts make it straightforward to create and fund an escrow for a task.
- The
IConfidentialEscrowinterface defines the standard contract shape for resolvers that gate payouts on inference results.
Text inference wizard
The text inference flow in the demo frontend is now a guided wizard. You can step through encrypting your prompt, submitting it, watching quorum progress, and revealing the decrypted answer without leaving the page.Updates
- ICL internal API — the coordinator’s internal router gained new endpoints for driving the settlement loop and surfacing claim state, so node operators and integrators can observe payouts in flight.
- End-to-end test coverage — a full E2E test now exercises encrypt → submit → quorum → settlement → claim in one run, so regressions in the settlement path get caught before release.
- Result commitment hardening —
ResultRegistrynow exposes a stable interface (IResultRegistry) for resolvers and downstream contracts to consume, making it easier to build custom payout logic on top of verified results.
Bug fixes
- Inference API client — fixed a missing field in the text inference request payload that could cause the wizard to stall before submission.
- Chain service — result registry calls now use the updated commitment shape end-to-end; nodes no longer hit decode errors when reading recent results.
Wave 4 — Previous Release
Major Changes
1. NodeRegistry Contract (Arbitrum Sepolia)
New unified node registry deployed:| Contract | Address | Purpose |
|---|---|---|
| NodeRegistry (proxy) | 0x72C0Ead949Fd2C346598a30AF1A69c3c5Cb86082 | Unified node registration, heartbeat, staking |
| NodeRegistry (impl) | 0x3E008352F5c35fC0030Eded4C8013C7d7F4c3282 | Implementation contract |
register(tier, attestationHash, expiresAt, models)— node self-registration with optional stakeheartbeat()— on-chain liveness proofisActive(node)— checks attestation expiry + heartbeat recencyupdateAttestation(...)— ICL can update a node’s attestation hash/tierwithdrawStake()— node can exit and reclaim stake
2. Interactive Attestation CLI
blindference-node attest without --mock now presents an interactive menu:
- Option 1: Mock attestation with
weloveblindference - Option 2: TEE/TPM — explains hardware requirements, offers dev TEE simulation with custom key
--tee-key <key> overrides the default mock key.
After ICL attestation, the CLI asks for on-chain registration with gas estimation.
3. Blindference-Node PyPI Package
A standalone Python package for operators joining the network:- Published as
blindference-nodeon PyPI (v0.3.0+) - Auto-publish workflow: tags
v*trigger GitHub Actions → PyPI - Supports both
bridgemode (TypeScript CoFHE subprocess) andpythonmode (direct HTTP) - Auto-re-attestation: nodes self-heal on startup and via watchdog (no manual intervention)
- Configuration-driven: single
BLINDFERENCE_NODE_CONFIG_PATHJSON file controls all behavior
2. Professional Documentation Site
Mintlify-powered docs atblindference/docs/:
- Compute section (8 pages): Node operator quickstart, installation, configuration, attestation, running, monitoring, troubleshooting, rewards
- Build section (9 pages + 2 examples): Agent developer quickstart, architecture, CoFHE encryption, ICL API, contracts, deployment, risk-scoring example, text-inference example
- API Reference: Full ICL REST API documentation
- Resources: Changelog, contract addresses, troubleshooting
- Dark Blindference theme (
#0d0d0dbackground, white/zinc-400 accents) - Auto-validation CI: checks
mint.jsonnavigation, page existence, logo paths, broken links
3. Full Quorum Test Passed
End-to-end operational validation with 3 nodes + ICL:- ICL selected leader + 2 verifiers correctly
- All 3 nodes received task assignments and claimed successfully
- Nodes processed through CoFHE decrypt → IPFS fetch → inference pipeline
- ICL bugs discovered and fixed during live quorum testing
4. ICL Production Hardening
Critical fixes found during quorum testing:- In-memory DB operators:
_matches()now supports$or,$in,$eq,$ne,$gt,$gte,$lt,$lte - Assignment dispatch:
_get_pending_assignments()returnstask_id(notrequest_id) - Pydantic compatibility:
get_assignments()usesgetattr()for model field access - Hex handle parsing:
claim_task()parses0x-prefixed handles withint(val, 16) - MongoDB Atlas persistence:
USE_MONGO=truewith fallback to in-memory when unavailable HEARTBEAT_GRACE_SECONDS: 300: ICL can restart without losing active nodes (was 3600)
5. Branding Cleanup
Removed all hackathon-era “Wave” naming:wave2_network/→network/(all path references updated)Wave3Popup.tsx→ProtocolUpdatePopup.tsxWAVE2_SUBMISSION.md→SUBMISSION.mdfhenix-fhe.md→FHE_INTEGRATION.mdLLM_CONTEXT.md→CONTEXT.md- No “Wave 2”, “Wave 3”, “wave2”, “wave3” references remain in source or docs
Contract Deployments (Arbitrum Sepolia)
| Contract | Address | Purpose |
|---|---|---|
| PromptKeyStore | 0x1E22dD12f448B15f1Ca8560fB6B4463834FaAf73 | Text inference key storage |
| ResultRegistry | 0xCebd831eCd00915E299b8Ef2666cAbf942dc7150 | On-chain result commitment |
| NodeRegistry | 0x72C0Ead949Fd2C346598a30AF1A69c3c5Cb86082 | Unified node registration (proxy) |
| NodeAttestationRegistry | 0xB54e019e9717a8Ed4746bA9d7F1A3F83cf0a35E0 | Legacy operator attestation |
| ExecutionCommitmentRegistry | 0xcd45aefE9a16772528fa30B7d47958a95e83440C | Task dispatch |
| ReputationRegistry | 0xdaDb4D46D231d3fe6D3754E0861c8bCD36aF0604 | Operator scoring |
| AgentConfigRegistry | 0x85aE035d6a94c006B5d0808cAdF47F5c22536996 | Model configuration |
| RewardAccumulator | 0xFa25Fb53eF8dAc88E4f43bB7558Cf3930Bf3e817 | Reward distribution |
| BlindferenceInputVault | 0x8dD7B2A9B69C76A69d33B2DF46426Cbe657a902b | CoFHE ACL input vault |
Bug Fixes
- ICL in-memory DB: Full MongoDB operator support (
$or,$in,$eq,$ne,$gt,$gte,$lt,$lte) - Assignment dispatch:
_get_pending_assignments()returnstask_idfor correct node lookups - Pydantic model handling:
get_assignments()usesgetattr()instead of.get()on Pydantic objects - Hex handle parsing:
claim_taskhandles0x-prefixed hex strings withint(val, 16) - ICL quorum preview: Returns proper leader/verifier addresses when operators are active
- Node CoFHE default:
get_cofhe_client()defaults toCoFHEBridgeClient, mock mode fully removed - Frontend mock removal:
MockCoFHEClientclass deleted, all code paths use real CoFHE - Vite optimizeDeps: Only
tfheexcluded;@cofhe/sdkpre-bundled for CJS interop - TFHE WASM: Absolute path
/node_modules/tfhe/tfhe_bg.wasm?urlsurvives cache invalidation
Technical Decisions
- NodeRegistry contract: Unified registration replaces NodeAttestationRegistry + NodeOperatorRegistry combo
- On-chain heartbeat every 10 days: Minimal gas while still providing objective liveness to external contracts
- ICL heartbeat every 60s: Free REST call keeps node eligible for real-time job dispatch
blindference-nodePyPI package: standalone distribution for operator onboarding- Mintlify over Docusaurus: better dark mode default, built-in search, modern components
- Docs split into Compute (node operators) and Build (agent developers): two distinct audiences
HEARTBEAT_GRACE_SECONDS: 300: balances ICL restart resilience vs stale-node detection- Node CoFHE mode
bridge(TypeScript subprocess) is default;python(direct HTTP) is alternative fheKeyStorage: nullprevents stale IndexedDB cache serialization errorsenvironment: 'MOCK'on chain config: local ZK proof verification only (ciphertexts are real FHE)
Wave 3 — CoFHE SDK Alignment & Text Inference
Major Changes
1. Confidential Text Inference Pipeline
- Browser-side AES-256 encryption: User prompts encrypted locally before leaving device
- Pinata/IPFS blob storage: Encrypted prompts stored off-chain, only ciphertext handles on-chain
- CoFHE key access control: AES key split into uint128 halves, each half CoFHE-encrypted and stored in
PromptKeyStore - Quorum decryption: Leader + 2 verifiers each receive CoFHE sharing permits to decrypt their key half
- Model inference: Nodes run identical inference via Groq Llama 3 or Google Gemini
- Output key escrow: Leader stores output AES key in PromptKeyStore for user-only decryption
- Frontend reveal: User decrypts output key via CoFHE and reveals generated text
2. CoFHE SDK Alignment
Updated to@cofhe/sdk@0.5.1 with critical fixes:
fheKeyStorage: nullin SDK config to prevent stale IndexedDB cache serialization errorsenvironment: 'MOCK'on chain config enables local ZK proof verification (ciphertexts are real FHE)useWorkers: false— ZK proof generation runs on main thread (Web Workers broken in Vite dev)- Absolute WASM URL path
/node_modules/tfhe/tfhe_bg.wasm?urlsurvives cache invalidation - Vite
optimizeDepsexcludes onlytfhe, pre-bundles@cofhe/sdknormally for CJS interop
3. Node Auto-Re-Attestation
- Auto-detect missing/expired attestation certificates on startup
- Automatically re-attest via ICL challenge/response
- Watchdog re-attests within 6 hours of expiry
- No CLI flag needed — default behavior
4. ICL Persistence and Resilience
- MongoDB Atlas integration for persistent operator records
HEARTBEAT_GRACE_SECONDS: 300(5 min) — ICL can restart without losing active nodes- In-memory fallback when MongoDB unavailable (local development)
- Fixed in-memory database query operators (
$or,$in, array membership)
5. Professional Documentation
- Removed all “Wave 2” / “Wave 3” branding from code and documentation
- Renamed
wave2_network/monorepo directory tonetwork/ - Comprehensive README, ARCHITECTURE.md, DEPLOYMENT.md
- Mintlify docs site with Compute and Build sections
Contract Deployments (Arbitrum Sepolia)
| Contract | Address | Added |
|---|---|---|
| PromptKeyStore | 0x1E22dD12f448B15f1Ca8560fB6B4463834FaAf73 | Text inference key storage |
| ResultRegistry | 0xCebd831eCd00915E299b8Ef2666cAbf942dc7150 | On-chain result commitment |
| NodeAttestationRegistry | 0xB54e019e9717a8Ed4746bA9d7F1A3F83cf0a35E0 | Operator attestation |
| ExecutionCommitmentRegistry | 0xcd45aefE9a16772528fa30B7d47958a95e83440C | Task dispatch |
| ReputationRegistry | 0xdaDb4D46D231d3fe6D3754E0861c8bCD36aF0604 | Operator scoring |
| AgentConfigRegistry | 0x85aE035d6a94c006B5d0808cAdF47F5c22536996 | Model configuration |
| RewardAccumulator | 0xFa25Fb53eF8dAc88E4f43bB7558Cf3930Bf3e817 | Reward distribution |
Bug Fixes
- ICL in-memory DB:
_matches()now supports MongoDB operators ($or,$in,$eq,$ne,$gt,$gte,$lt,$lte) and array membership queries - Assignment dispatch:
_get_pending_assignments()returnstask_id(notrequest_id) so node lookups succeed - Pydantic model handling:
get_assignments()usesgetattr()for Pydantic models instead of.get()which fails on objects - Hex handle parsing:
claim_tasknow parses0x-prefixed hex strings withint(val, 16)instead ofint(val) - ICL quorum preview: Returns proper leader/verifier addresses when operators are active
- Node CoFHE default:
get_cofhe_client()defaults toCoFHEBridgeClient, mock mode fully removed - Frontend mock removal:
MockCoFHEClientclass deleted, all code paths use real CoFHE
Wave 2 — Initial Implementation
Text Inference Foundation
- Added browser-side AES-256 prompt encryption
- Added Pinata/IPFS encrypted blob storage
- Added
PromptKeyStorecontract for CoFHE-encrypted key halves - Added node-side prompt key decryption under CoFHE ACL
- Added frontend text submission UI with Groq/Gemini model selection
- Added frontend output key decryption and answer reveal
- Added background demo stack scripts
Risk Scoring Foundation
- Initial confidential risk scoring pipeline
- Browser CoFHE feature encryption (credit score, loan amount, account age, defaults)
- Quorum consensus with 1 leader + 2 verifiers
- On-chain commitment and coverage via Reineira
- Multi-recipient sharing permit flow
Infrastructure Foundation
- Reineira protocol integration
- Fhenix CoFHE stack integration
- FastAPI ICL coordinator
- React/Vite frontend with wagmi wallet connection
- Node runtime with Groq/Gemini inference bridge
- Foundry contract suite with deployment scripts