The new 2025 year has just begun, and it is time to share our plans for Core Network development in the coming year.

In 2025, the core network development will continue along the plan set out in 2024. We will capitalize on all the learning and insights gathered in 2024, and attack the more difficult problems.

This year, we decided to split the core network roadmap into three lanes: Security, Scalability and Features.

Security

MRENCLAVE

On the Security lane, 2025 will be dedicated to gradual transition to MRENCLAVE sealing

During 2024, we have completed the development and the initial testing of the MRENCLAVE transition, as outlined in Vlad’s blog post here.

MRENCLAVE rollout will be done in two stages. First, the network will be moved from MRSIGNER sealing to MRENCLAVE sealing.

In the second phase, actual upgrade and passing the keys from existing MRENCLAVE to a new MRENCLAVE will be completed.

The last step of the transition will include the rotation of network seed - this last step will finalize the transition.

Delayed Write Buffers for SNIP tokens

An additional important improvement in overall security of Secret Network is the gradual upgrade of SNIP-20 tokens to the new Delayed Write Buffers version that addresses potential side-channel attack issues and greatly improves the privacy of our Confidential Tokens.

Delayed Write Buffers, along with HEAPS, SNIP Notifications and Blanket permits are developed by the StarShell team, supported by the Secret Labs grant program. 

Scalability

During 2024, there were a lot of community discussions about the need to improve the scalability of the network.

We will be addressing it in several ways during 2025.

Minimum Hardware Requirements

Given the addition of EVM, and the additional sgx memory that will need, we will be introducing certain minimum hardware requirements for the network validators. This will be further researched jointly by SNF and Slabs to benchmark the performance improvements that will result from moving our nodes to newer hardware, and considering the implications of adding EVM.

New WASM engine

In 2024, we have started research on how we can integrate a more advanced WASM engine, such as Wasmer and Wasmtime, to Secret. It appears that the path to achieving this lies through integrating Gramine - a library OS that can run inside a TEE and can emulate the operating system. Gramine essentially solves the compatibility problem, allowing more advanced WASM engines to run inside Intel SGX without much modification.

According to benchmarks performed on basic hashing routines, Wasmer and Wasmtime show a 18x and 15x performance improvement over our existing Wasm3 runtime, respectively. One of the main reasons being that Wasm3 is an interpreter, while Wasmer and WasmTime support compilation of code.

The project of moving to Gramine + Wasmer poses several challenges, such as the need to update the smart-contract management infrastructure to accommodate storing compiled code, the need to rewrite all the interfaces between our Cosmos application and the Enclave, and potentially more unknowns.

We expect to produce an initial POC of the Gramine solution in Q2, and given it is successful, to move to full implementation in the second half of the year.

As an interesting side effect, implementing Gramine will allow decoupling of SGX. In Gramine, the communication with the enclave is performed using gRPC, so the enclave doesn’t have to reside on the same machine as the Cosmos application. This can open the door to non-SGX validator nodes that use a remote SGX instance to run the calculations. Additional research and benchmarking will be required to validate the feasibility and practicality of this solution.

SNIP Notifications

SNIP notifications allow apps and wallets to subscribe to Tendermint WebSocket events and receive notifications from contracts. This is more responsive than polling the contracts, and also significantly reduces the load on RPC nodes.

HEAPS

H.E.A.P.S. - (Fully) Homomorphically Encrypted & Authenticated Private Storage is an L2 storage mechanism for Secret contracts that is private, unidirectional (contracts can write, clients can read), authenticated and oblivious (i.e. free of storage access patterns)

HEAPS will provide an alternative source from which clients can retrieve private data associated with their account, for example SNIP balances, without the need to query Secret Validator nodes.

HEAPS storage can be implemented as part of the Secret node.

Planned Features

The Features category addresses various improvements to the network. 

Prior to building the roadmap, we collected feature requests from our community members, and took them into account when building the roadmap

EVM Compatibility

In 2024, we laid some of the groundwork for adding full EVM support to Secret Network. We plan to continue working on this and release EVM support during 2025. However, we believe that network scalability needs to be addressed before adding EVM support, so we will get to implementing EVM after the new WASM engine is deployed.

IBC Wrapping

IBC tokens passed to Secret by standard bridges appear on Secret unwrapped. Some community members requested automated IBC wrapping for such tokens. However, after hsome consideration we came to a conclusion that such automatic wrapping would introduce multiple potential issues. Instead, we will be implementing a much simpler feature, improving the Wrapping UX by allowing the user to wrap all of their non-confidential IBC tokens in one transaction

Blanket Permits for SNIP-20

Blanket Permits improve the UX by allowing the user to issue a single permit to all SNIP tokens, including ones that will be created in the future. The detailed description of the functionality can be found here.

Cron Module

Cron module is a useful feature that offers a mechanism to add cron schedules via governance proposals to execute arbitrary CosmWasm messages. This will allow Secret developers to implement interesting use cases such as DCA trading strategies, arbitrage bots and more. 

Additional Features 

The following features are tentatively planned for implementation in 2025. The actual implementation will depend on progress with other features, network state and market conditions. 

Fee Abstraction

Fee abstraction allows the gas fees to be paid in coins other than SCRT. This can be useful for example in cases where users bridge certain coins to Secret Network via IBC and want to perform certain activities, but do not have SCRT coins to pay gas with.

We will be doing some more research to evaluate the actual demand for this feature, and will also consider alternative solutions, such as automatic fee grant to all new wallets holding IBC denoms and no SCRT.

More information about Fee Abstraction is available here

Gas Lanes

Gas Lanes allows separating transactions by type and prioritizing certain types of transactions over others. For example, native transactions such as SCRT transfers and staking can be prioritized over smart contract executions.

The Gas Lanes feature is implemented in Skip Block SDK.

Fee Market

Also developed by Skip, The feemarket module is an implementation of the Additive Increase Multiplicative Decrease (AIMD) EIP-1559 feemarket.

Essentially, it adjusts the gas price based on how congested the network is, improving the network economics and validator revenue.

More information about feemarket module is available here

Conclusion

In 2025, we will continue investing in network scalability, security and features, building on the groundwork started in 2024.

MRENCLAVE migration and upgrading the WASM engine are key infrastructure undertakings that will make the network more resilient, secure and ready for heavy loads.