Blockchain Roadmap
Technical Architecture & Development Timeline
Blockchain Architecture & Roadmap
Complete Technical Specification & Development Timeline
Version: 1.2
Last Updated: December 26, 2025
Framework: Anchor 0.32.0 | Solana Program 2.0
Current Network: Solana Devnet (Testing Only)
Target Network: Solana Mainnet
License: MIT Open Source
App Status: MVP Testing (~95% Complete)
TL;DR - Quick Summary
Architecture: 5-layer system designed for zero-friction user experience with enterprise-grade security.
Layers:
- ●Mobile Layer: Native wallet integration, passkeys, secure storage
- ●Gasless Layer: Users don't need SOL for transactions
- ●Security Layer: TPIN, social recovery, emergency controls
- ●AI Layer: Smart onboarding, natural language actions
- ●On-Chain Layer: 11 smart contracts on Solana
Current Status: Phase 1 complete on Devnet. MVP Testing underway (~95%). NOT on mainnet. Security audit NOT started.
Roadmap:
- ●Phase 1 (Complete): Foundation - 11 contracts deployed to Devnet
- ●MVP Testing (Current): App testing & debugging, UI/UX refinements
- ●Phase 2 (2025 Q4): Security - Audits, penetration testing
- ●Phase 3 (2026 Q1): Mainnet - Staged deployment
- ●Phase 4 (2026 Q2+): Scale - Optimization, advanced features
Decentralization: Starting centralized for security, progressively decentralizing over 3 phases.
Development Status Notice
This document describes our technical architecture and development roadmap. All smart contracts are currently deployed to Solana Devnet only—NOT mainnet. The roadmap timeline represents targets, not commitments. Development timelines in blockchain projects are notoriously difficult to predict. Features and dates may change based on technical challenges, security audit findings, and market conditions.
Roadmap Disclaimer
| Item | Status | Meaning |
|---|---|---|
| Phase 1: Foundation | ✅ Complete (Devnet) | Contracts deployed to Devnet, tested |
| MVP Testing | ✅ In Progress (~95%) | App testing, debugging, UI/UX refinements |
| Security Audit | Not Started | Required before mainnet |
| Mainnet Deployment | Not Complete | Depends on successful audit |
| Timeline Dates | Targets Only | Subject to change |
Important: "Phase 1 Complete" means contracts are deployed to Devnet and tests are passing. It does NOT mean production-ready or audited.
1. Architecture Overview
1.1 Layered Architecture
ViWoApp uses a 5-layer architecture designed for zero-friction onboarding while maintaining enterprise-grade security:
| Layer | Components | Purpose |
|---|---|---|
| 📱 MOBILE LAYER | Mobile Wallet Adapter, Passkeys, Seed Vault | Native mobile-first UX |
| ↓ | ||
| ⛽ GASLESS LAYER | Paymaster, Session Keys, Fee Converter | Zero-friction transactions |
| ↓ | ||
| 🔒 SECURITY LAYER | TPIN, Social Recovery, Emergency Module | Enterprise-grade protection |
| ↓ | ||
| 🤖 AI LAYER | Onboarding, NL Actions, Content Moderation | Intelligent assistance |
| ↓ | ||
| ⛓️ ON-CHAIN LAYER | VCoin, veVCoin, Staking, Governance, SSCRE, Identity, 5A, Content, ViLink, Gasless | Solana smart contracts |
1.2 On-Chain vs Off-Chain Decisions
| Component | Location | Rationale |
|---|---|---|
| Identity (SAS attestation) | On-chain | Portable, minimal data |
| 5A Scores | On-chain (oracle) | Verifiable, periodic snapshots |
| Content tracking hash | On-chain | Proof of existence |
| Content data | Off-chain (IPFS) | High volume, large data |
| Engagement tracking | Off-chain | High frequency |
| Staking | On-chain | Financial, trustless |
| Governance | On-chain | Transparent voting |
| Rewards claims | On-chain (merkle) | Verifiable distribution |
| Badges | On-chain (cNFT) | Compressed NFTs |
| Advertising payments | Off-chain | USD-denominated |
| Exchange | Jupiter SDK | Existing infrastructure |
| Session management | On-chain | Scoped temporary keys |
1.3 External Protocol Integrations
| Protocol | Purpose | Integration Point |
|---|---|---|
| Jupiter DEX | Token swaps | Exchange module |
| Squads Multisig | Treasury management | Treasury operations |
| Solana Realms | DAO governance | Governance voting |
| Pyth Network | Price feeds | Gasless fee conversion |
| Metaplex Bubblegum | Compressed NFTs | Badge system |
| Solana Attestation Service | Identity verification | Identity protocol |
| Wormhole | Cross-chain (future) | Bridge operations |
2. Layer Specifications
2.1 Mobile Layer
The Mobile Layer provides native mobile-first experiences using Solana Mobile Stack.
Components:
| Component | Purpose | ViWoApp Usage | Status |
|---|---|---|---|
| Mobile Wallet Adapter | Universal wallet connection | Single sign-on | Planned |
| Passkey Authentication | Biometric login | No seed phrases | ✅ Backend Implemented |
| Seed Vault | Hardware-backed storage | Secure key management | Planned |
| Solana dApp Store | Distribution | 0% platform fee | Planned |
| Solana Pay | QR/NFC payments | Marketplace payments | Planned |
Implementation Note: Passkey authentication (WebAuthn/FIDO2) is now implemented in the backend with full register/verify/list/delete endpoints. The frontend onboarding flow includes biometric setup using
expo-local-authentication.
PasskeyWallet Account Structure:
| Field | Type | Description |
|---|---|---|
| user_id | [u8; 32] | Derived from passkey |
| webauthn_credential_id | Vec<u8> | WebAuthn credential |
| public_key | Pubkey | Derived wallet key |
| recovery_guardians | Vec<Pubkey> | Social recovery contacts |
| guardian_threshold | u8 | Required signatures |
| created_at | i64 | Creation timestamp |
| last_used | i64 | Last use timestamp |
| seed_phrase_exported | bool | Always false |
| device_attestations | Vec<[u8; 64]> | Device bindings |
| bump | u8 | PDA bump |
Instructions:
- ●
register_passkey_wallet- Create passkey-based wallet - ●
add_recovery_guardian- Add trusted contact - ●
initiate_social_recovery- Start recovery process - ●
complete_social_recovery- Finalize with signatures - ●
bind_device/unbind_device- Device management
2.2 Gasless Layer
The Gasless Layer eliminates friction by abstracting transaction fees.
GaslessTransactionConfig (Singleton):
| Field | Type | Description |
|---|---|---|
| authority | Pubkey | Admin wallet |
| fee_payer_wallet | Pubkey | Platform fee payer |
| vcoin_sol_price_feed | Pubkey | Pyth oracle |
| daily_subsidy_budget_sol | u64 | Daily subsidy limit |
| daily_subsidy_used_sol | u64 | Used today |
| subsidized_actions | u16 | Bitmap of free actions |
| vcoin_fee_rate_bps | u16 | Fee markup basis points |
| session_key_enabled | bool | Always true |
| max_session_duration_hours | u16 | 24h default |
| paused | bool | Emergency stop |
| bump | u8 | PDA bump |
Fee Deduction Methods:
pub enum FeeDeductionMethod {
PlatformSubsidized, // Platform pays 100%
VCoinDeduction, // User's VCoin balance
SplitPayment(u8), // Percentage split
StakeDeduction, // From staked amount
RewardDeduction(u8), // From claimed rewards
}Eligible Actions:
| Action | Priority | Fee Method |
|---|---|---|
| Account creation | P0 | 100% subsidized |
| Reward claims | P0 | 1% from rewards |
| Staking | P0 | From stake |
| Governance voting | P0 | 100% subsidized |
| Tips/transfers | P1 | From amount |
| Content registration | P1 | Energy system |
| Vouch actions | P1 | From stake |
Session Key Scope Bitmap:
bit 0: ContentCreate (0x0001)
bit 1: ContentEdit (0x0002)
bit 2: ContentDelete (0x0004)
bit 3: EngagementAction (0x0008)
bit 4: TipCreator (0x0010)
bit 5: ClaimRewards (0x0020)
bit 6: FollowUser (0x0040)
bit 7: VouchUser (0x0080)
bit 8: VoteGovernance (0x0100)
bit 9: StakeVCoin (0x0200)
Presets:
SOCIAL_BASIC = 0x00CF // Create, engage, tip, follow
CONTENT_CREATOR = 0x002F // Create, edit, delete, claim
FULL_ACCESS = 0x03FF // All actionsImplementation Note: Session key management is now implemented in the backend (
security/session-key.service.ts). The service supports all three presets (SOCIAL_BASIC, CONTENT_CREATOR, FULL_ACCESS), with create/list/revoke endpoints. Session keys are stored in theUserSessiondatabase model with expiry tracking and action bitmap validation.
2.3 Security Layer
Enterprise-grade protection with TPIN and social recovery.
TPINVerification (PDA per user):
| Field | Type | Description |
|---|---|---|
| user | Pubkey | Wallet address |
| device_attestation | [u8; 64] | TEE attestation |
| app_signature | [u8; 64] | App binding signature |
| pin_hash | [u8; 32] | Hashed TPIN |
| pin_attempts_remaining | u8 | Max 5 attempts |
| locked_until | i64 | Lockout timestamp |
| high_value_threshold | u64 | VCoin amount for TPIN |
| bump | u8 | PDA bump |
High-Value Actions Requiring TPIN:
| Action | Threshold | TPIN Required |
|---|---|---|
| Withdraw staked VCoin | Any amount | Always |
| Tips | > 1000 VCoin | Yes |
| Proposal creation | Any | Always |
| Delegation changes | Any | Always |
| Social recovery | Any | Always |
| Full access session | Any | Always |
2.4 AI Layer
Intelligent assistance for onboarding and natural language actions.
Implementation Note (Day 6): The AI Assistant is now fully implemented:
- ●OpenAI GPT-4 integration complete
- ●6 natural language actions operational (TIP, FOLLOW, STAKE, CLAIM, CHECK_SCORE, SWAP)
- ●Chat persistence and history tracking
- ●4 REST API endpoints deployed
- ●Combined with Day 2 onboarding (6-screen flow with 5A introduction)
- ●Ready for production use
Supported AI Actions:
pub enum AIAssistantAction {
// Onboarding (100% Complete - Day 2)
ExplainFeatures, // "What is 5A scoring?" ✅ Welcome Quest screen
GuideSetup, // Step-by-step guide ✅ Onboarding flow
SuggestFirstActions, // Recommendations (Planned)
// Execution (100% Complete - Day 6)
ExecuteTip, // "Tip @creator 50 VCoin" ✅ GPT-4 + backend
ExecuteStake, // "Stake 1000 VCoin" ✅ GPT-4 + backend
ExecuteVote, // "Vote yes on proposal 42" (Planned)
ExecuteClaim, // "Claim my rewards" ✅ GPT-4 + backend
ExecuteFollow, // "Follow @creator" ✅ GPT-4 + backend
ExecuteSwap, // "Swap 10 SOL to VCoin" ✅ GPT-4 + backend
CheckScore, // "What's my 5A score?" ✅ GPT-4 + backend
// Content (Planned)
AnalyzeContent, // AI detection
SuggestTags, // Auto-tagging
ModerateContent, // Safety checks
}API Endpoints (Day 6):
| Endpoint | Description |
|---|---|
POST /ai/chat | Natural language conversation |
POST /ai/execute | Execute parsed action |
GET /ai/recent | Recent action history |
GET /ai/suggestions | Smart suggestions |
Natural Language Flow (Implemented):
| Step | Actor | Action |
|---|---|---|
| 1️⃣ | User | "Tip @alice 50 VCoin" |
| 2️⃣ | GPT-4 | Parse intent: TIP action |
| 3️⃣ | AI Service | Extract: target=@alice, amount=50 |
| 4️⃣ | AI Service | Resolve: @alice → User ID |
| 5️⃣ | AI Service | Build TIP instruction |
| 6️⃣ | AI Service | "Send 50 VCoin to @alice?" |
| 7️⃣ | User | Confirm |
| 8️⃣ | Backend | Execute with session key |
| ✅ | Success | ✓ Sent 50 VCoin to @alice |
3. Token-2022 Implementation
3.1 VCoin Token Extensions
| Extension | Purpose | Configuration |
|---|---|---|
| Transfer Hook | Auto-update 5A scores | Custom hook program |
| Permanent Delegate | Slashing bad actors | Governance multisig |
| Confidential Transfers | Private tip amounts | ZK-encrypted |
| Metadata | On-chain metadata | Name, symbol, URI |
3.2 Transfer Hook Implementation
pub struct VCoinTransferHook;
impl TransferHook for VCoinTransferHook {
fn on_transfer(
ctx: Context<OnTransfer>,
amount: u64,
) -> Result<()> {
let sender = &ctx.accounts.sender;
let receiver = &ctx.accounts.receiver;
// 1. Update 5A Activity score for sender
if amount >= MIN_ACTIVITY_THRESHOLD {
increment_activity_score(sender)?;
}
// 2. Record tip for SSCRE calculations
if is_tip_transaction(&ctx) {
record_tip_engagement(sender, receiver, amount)?;
}
// 3. Anti-wash trading detection
if detect_wash_trading_pattern(sender, receiver, amount)? {
emit!(WashTradingDetected { ... });
}
// 4. Update engagement trust score
update_engagement_trust(sender, receiver)?;
Ok(())
}
}3.3 Permanent Delegate (Slashing)
pub struct SlashingAuthority {
pub authority: Pubkey, // Governance multisig
pub slash_executor: Pubkey, // Authorized executor
pub max_slash_pct: u16, // 5000 = 50% max
pub requires_appeal_period: bool, // Always true
pub appeal_period_days: u8, // 7 days
}
// Slashing can directly reclaim tokens without user signature
// Used only after appeal period for confirmed bad actors3.4 veVCoin (Soulbound)
veVCoin Token Configuration:
| Property | Value |
|---|---|
| Token Name | veVCoin (Vote-Escrowed VCoin) |
| Token Standard | Token-2022 |
| Mint Authority | Staking Program |
| Burn Authority | Staking Program |
| Transfer | DISABLED (true soulbound) |
Token-2022 Extensions:
| Extension | Purpose |
|---|---|
| Non-Transferable | Makes token soulbound |
| Permanent Delegate | Burn on unstake |
| Metadata | Token metadata support |
4. Protocol Specifications
4.1 Identity Protocol
Identity (PDA per user):
| Field | Type | Description |
|---|---|---|
| owner | Pubkey | Wallet address |
| did_hash | [u8; 32] | Off-chain verifiable DID |
| verification_level | u8 | 0-4 levels |
| verification_hash | [u8; 32] | Proof hash |
| username | [u8; 32] | Unique username |
| sas_attestation_id | Pubkey | SAS attestation link |
| created_at | i64 | Creation timestamp |
| is_active | bool | Account status |
| bump | u8 | PDA bump |
Verification Levels:
| Level | Name | Requirements | Benefits |
|---|---|---|---|
| 0 | None | Wallet only | Basic access |
| 1 | Basic | Email + Phone | Enhanced limits |
| 2 | KYC | Documents | Full features |
| 3 | Full | KYC + Biometric | Premium access |
| 4 | Enhanced | UniqueHuman | Maximum trust |
4.2 5A Protocol
Implementation Note: The 5A scoring engine is now fully implemented in the backend with:
- ●5 individual star calculators with weighted algorithm
- ●Streak HP gamification system (+15% active, -20% missed)
- ●Score history tracking with daily snapshots
- ●7 REST API endpoints for score management
- ●Automatic hourly recalculation via cron job
- ●Frontend dashboard with radar chart visualization
UserScore (PDA per user):
| Field | Type | Description |
|---|---|---|
| user | Pubkey | Wallet address |
| authenticity | u16 | 0-10000 (0-100%) |
| accuracy | u16 | 0-10000 (0-100%) |
| agility | u16 | 0-10000 (0-100%) |
| activity | u16 | 0-10000 (0-100%) |
| approved | u16 | 0-10000 (0-100%) |
| composite_score | u16 | Weighted average |
| last_updated | i64 | Update timestamp |
| is_private | bool | ZK privacy option |
| bump | u8 | PDA bump |
VouchRecord (PDA per vouch):
| Field | Type | Description |
|---|---|---|
| voucher | Pubkey | Vouching user |
| vouchee | Pubkey | Vouched user |
| vouch_stake | u64 | 5 VCoin staked |
| status | u8 | Pending/Success/Fail |
| created_at | i64 | Creation timestamp |
| evaluation_at | i64 | 90 days later |
| outcome_evaluated | bool | Evaluation complete |
| bump | u8 | PDA bump |
4.3 Staking Protocol
StakingPool (Singleton PDA):
| Field | Type | Description |
|---|---|---|
| authority | Pubkey | Admin wallet |
| vcoin_mint | Pubkey | VCoin mint |
| vevcoin_mint | Pubkey | veVCoin mint |
| pool_vault | Pubkey | Token vault |
| total_staked | u64 | Total VCoin staked |
| total_stakers | u64 | Active stakers |
| paused | bool | Emergency pause |
| bump | u8 | PDA bump |
| vault_bump | u8 | Vault PDA bump |
UserStake (PDA per user):
| Field | Type | Description |
|---|---|---|
| owner | Pubkey | Staker wallet |
| staked_amount | u64 | VCoin staked |
| lock_duration | i64 | Lock period (seconds) |
| lock_end | i64 | Unlock timestamp |
| stake_start | i64 | Lock start time |
| tier | u8 | 0-4 (None to Platinum) |
| ve_vcoin_amount | u64 | Minted veVCoin |
| bump | u8 | PDA bump |
Tier Calculation:
| Tier | Name | Minimum Stake |
|---|---|---|
| 0 | None | < 1,000 VCoin |
| 1 | Bronze | ≥ 1,000 VCoin |
| 2 | Silver | ≥ 5,000 VCoin |
| 3 | Gold | ≥ 20,000 VCoin |
| 4 | Platinum | ≥ 100,000 VCoin |
Formula: veVCoin = staked × (lock_duration / 4_years) × tier_boost
4.4 Governance Protocol
Proposal (PDA per proposal):
| Field | Type | Description |
|---|---|---|
| id | u64 | Unique proposal ID |
| proposer | Pubkey | Creator wallet |
| title_hash | [u8; 32] | Title hash (off-chain) |
| proposal_type | u8 | Proposal category |
| votes_for | u128 | Yes votes |
| votes_against | u128 | No votes |
| votes_abstain | u128 | Abstain votes |
| status | u8 | Active/Passed/Failed |
| is_private_voting | bool | ZK voting enabled |
| start_time | i64 | Voting start |
| end_time | i64 | Voting end |
| execution_time | i64 | +48h timelock |
| executed | bool | Execution status |
| bump | u8 | PDA bump |
Voting Power Formula:
base_votes = sqrt(vevcoin_balance) // Quadratic
five_a_boost = 1.0 + (five_a_score / 10000) // 1x to 2x
tier_mult = [1.0, 1.0, 2.0, 5.0, 10.0] // By tier
effective_votes = base_votes × five_a_boost × tier_multPrivateVotingConfig (ZK Voting - PDA per proposal):
| Field | Type | Description |
|---|---|---|
| proposal | Pubkey | Linked proposal |
| encryption_pubkey | Pubkey | Threshold encryption key |
| decryption_threshold | u8 | 3-of-5 committee |
| decryption_committee | [Pubkey; 5] | Committee members |
| reveal_completed | bool | Decryption done |
| aggregated_for | u128 | Encrypted yes votes |
| aggregated_against | u128 | Encrypted no votes |
| bump | u8 | PDA bump |
4.5 SSCRE Protocol
RewardsPoolConfig (Singleton PDA):
| Field | Type | Description |
|---|---|---|
| authority | Pubkey | Admin wallet |
| vcoin_mint | Pubkey | VCoin mint |
| pool_vault | Pubkey | Rewards vault |
| oracles | [Pubkey; 5] | Merkle submitters |
| oracle_count | u8 | Active oracles |
| current_epoch | u32 | Current epoch |
| total_distributed | u64 | All-time distributed |
| remaining_reserves | u64 | Remaining in pool |
| paused | bool | Emergency pause |
| circuit_breaker_active | bool | Circuit breaker |
| bump | u8 | PDA bump |
EpochDistribution (PDA per epoch):
| Field | Type | Description |
|---|---|---|
| epoch | u32 | Epoch number |
| merkle_root | [u8; 32] | Claim verification |
| total_allocation | u64 | Epoch allocation |
| claims_count | u32 | Number of claims |
| claimed_amount | u64 | Amount claimed |
| start_timestamp | i64 | Epoch start |
| end_timestamp | i64 | +90 days expiry |
| finalized | bool | Epoch finalized |
| bump | u8 | PDA bump |
5. Security Architecture
5.1 Global Emergency Shutdown
GlobalEmergencyState (Singleton PDA):
| Field | Type | Description |
|---|---|---|
| authority | Pubkey | 3-of-5 multisig |
| backup_authority | Pubkey | 5-of-7 governance |
| is_emergency | bool | Emergency active |
| emergency_level | u8 | 0=Normal, 1=Partial |
| triggered_at | i64 | Trigger timestamp |
| triggered_by | Pubkey | Triggering wallet |
| reason_hash | [u8; 32] | Reason hash |
| affected_protocols | u16 | Protocol bitmap |
| auto_resume_at | i64 | 0 = manual only |
| total_shutdowns | u32 | Historical count |
| bump | u8 | PDA bump |
Protocol Pause Bitmap:
| Bit | Protocol | Hex |
|---|---|---|
| 0 | SSCRE Rewards | 0x0001 |
| 1 | Staking | 0x0002 |
| 2 | Governance | 0x0004 |
| 3 | Content Registry | 0x0008 |
| 4 | 5A Protocol | 0x0010 |
| 5 | Identity | 0x0020 |
| 6 | Exchange | 0x0040 |
| 7 | Vouch System | 0x0080 |
| 8 | Delegation | 0x0100 |
| 9 | Treasury | 0x0200 |
| 10 | Cross-Chain Bridge | 0x0400 |
Presets:
| Name | Protocols | Hex |
|---|---|---|
| FULL_SHUTDOWN | All protocols | 0x07FF |
| FINANCIAL_ONLY | SSCRE + Staking + Treasury | 0x0243 |
| SOCIAL_ONLY | Content + 5A + Vouch + Identity | 0x00B8 |
Emergency Levels:
| Level | Name | Description | Resume Authority |
|---|---|---|---|
| 0 | Normal | All operational | N/A |
| 1 | Partial | Selected paused | 3-of-5 multisig |
| 2 | Full | All paused | Governance vote |
5.2 Emergency Response Matrix
| Scenario | Protocols to Pause | Level |
|---|---|---|
| Smart contract vulnerability | All (0x07FF) | 2 |
| Oracle manipulation | 5A + SSCRE (0x0011) | 1 |
| Governance attack | Governance + Delegation | 1 |
| Economic exploit | Staking + Treasury | 1 |
| Bridge compromise | Cross-Chain only | 1 |
5.3 Security Features
| Feature | Implementation |
|---|---|
| Authority checks | All admin functions |
| PDA seeds | Prevent collisions |
| Reentrancy guards | Token transfers |
| Timelock | 48h governance execution |
| Oracle signatures | Verified on-chain |
| Merkle proofs | Prevent double-claims |
| 3-of-5 multisig | Treasury operations |
| TPIN verification | High-value actions |
| Social recovery | Lost passkey recovery |
| Session key limits | Scoped, time-limited |
| ZK private voting | Prevent vote buying |
| Permanent delegate | Slashing without signature |
6. Performance & Scalability
6.1 Alpenglow Upgrade (2025)
Impact: Transaction finality from 12.8s → 150-200ms
| Feature | Current | With Alpenglow |
|---|---|---|
| Tip confirmation | ~13s | <200ms |
| Reward claims | ~13s | <200ms |
| Content post | ~13s | <200ms |
| Governance vote | ~13s | <200ms |
6.2 Firedancer Validator
| Benefit | Description |
|---|---|
| 10x+ performance | Higher TPS capacity |
| Network resilience | Client diversity |
| Lower latency | Faster processing |
6.3 Address Lookup Tables
Size Reduction:
- ●Without ALTs: 32 bytes per account
- ●With ALTs: 1-2 bytes per account
- ●Complex governance tx: 1280 → 256 bytes
6.4 Performance Targets
| Metric | Current Target | With Upgrades |
|---|---|---|
| Onboarding time | <50 seconds | <30 seconds |
| Action confirmation | <15 seconds | <500ms |
| Max concurrent users | 100K | 1M+ |
7. Development Roadmap
7.1 Phase 1: Foundation (Months 1-6) — DEVNET COMPLETE + MVP TESTING
Clarification: "Complete" means deployed to Devnet with passing tests. Security audits and mainnet deployment are separate milestones. Currently in MVP Testing phase.
| Milestone | Status | Deliverables | Notes |
|---|---|---|---|
| Smart Contracts | ✅ Devnet | 11 programs deployed | Unaudited |
| Token-2022 Integration | ✅ Devnet | VCoin + veVCoin | Working on Devnet |
| Testing Suite | ✅ Complete | 477+ tests passing | 377 blockchain + 100 backend |
| SDK Development | ✅ Beta | @viwoapp/sdk v0.1.x | API may change |
| Devnet Deployment | ✅ Complete | 11/11 programs | Testing only |
| Mobile App | ✅ MVP Testing | 30+ screens | ~95% complete |
| Backend API | ✅ MVP Testing | 35+ NestJS modules | ~95% complete |
| 5A Scoring Engine | ✅ 100% Complete | Backend + Frontend | Dashboard + gamification |
| Session Key Service | ✅ 100% Complete | 3 presets | Full implementation |
| Passkey Auth | ✅ 100% Complete | WebAuthn/FIDO2 | Full CRUD support |
| Onboarding Flow | ✅ 100% Complete | 6-screen flow | Passkey setup included |
| Behavior Analytics | ✅ 100% Complete | Personas, churn | Full implementation |
| Staking Protocol | ✅ 100% Complete | veVCoin, tiers, benefits | Backend complete (Day 4) |
| SSCRE Rewards | ✅ 100% Complete | 6-layer hierarchy | Backend complete (Day 4) |
| Vouch System | ✅ 100% Complete | 3-vouch, trust, clusters | Backend complete (Day 5) |
| Governance Module | ✅ 100% Complete | Proposals, voting, delegates | Backend complete (Day 6) |
| Exchange/Jupiter | ✅ 100% Complete | DEX integration | Backend complete (Day 6) |
| AI Assistant | ✅ 100% Complete | GPT-4, 6 actions | Backend complete (Day 6) |
| Energy System | ✅ 100% Complete | Rate limiting | Backend complete (Day 6) |
| Recommendations | ✅ 100% Complete | 5A-weighted feed | Backend complete (Day 6) |
| Backend Testing | ✅ 100% Complete | 100+ integration tests | Days 6-7 |
| Security Audit | ⏳ Not Started | Required for mainnet | High priority |
| Mainnet Deployment | ⏳ Not Started | Depends on audit | Target: 2026 |
7.2 Phase 2: Growth (Months 7-18)
| Milestone | Timeline | Deliverables | Status |
|---|---|---|---|
| Mobile App Beta | Month 9 | iOS + Android | 🔄 In Progress |
| Governance v1 | Month 8 | veVCoin voting | ✅ Complete (Day 6) |
| Jupiter Integration | Month 10 | DEX swaps | ✅ Complete (Day 6) |
| NFT Minting | Month 9 | Creator NFTs | 🔄 Planned |
| Identity SDK v1 | Month 18 | MIT-licensed APIs | 🔄 Planned |
Ahead of Schedule: Governance v1 and Jupiter Integration were completed in Day 6 ahead of the original timeline.
7.3 Phase 3: Expansion (Months 19-36)
| Milestone | Timeline | Deliverables |
|---|---|---|
| Business Hub | Month 21 | Freelancing |
| Reputation API | Month 21 | Public queryable |
| Open SDK | Month 24 | Third-party integration |
| Enterprise Tools | Month 30 | B2B analytics |
| Global Expansion | Month 36 | Multi-language |
7.4 Feature Timeline Visualization
2025 Q4 ──┬── Smart Contracts Complete ✅
└── Devnet Deployment ✅
2026 Q1-Q2 ──┬── TGE Launch
├── Core Platform
├── 5A Policy v1
└── Identity Contracts (MIT)
2026 Q3 ──┬── DEX Integration (Jupiter)
├── Staking v1 (7% APY)
└── Mobile Apps Beta
2026 Q4 ──┬── Governance v1 (veVCoin)
├── NFT Minting
└── Tier-2 CEX Listings
2027 Q1 ──┬── Identity SDK v1
├── Cross-Platform
└── Advanced Analytics
2027 Q2 ──┬── Marketplace
├── Creator Tools
└── Business Hub
2027 Q3 ──┬── Reputation API Public
├── Freelance Platform
└── Open SDK Release
2027 Q4 ──┬── Tier-1 CEX Listings
└── Ecosystem Expansion8. Progressive Decentralization
8.1 Decentralization Milestones
| Month | Milestone | Team Control After |
|---|---|---|
| 0 | TGE Launch | 100% (emergency only) |
| 3 | Governance Beta | Team veto (7 days) |
| 6 | Governance Live | Team capped at 20% |
| 9 | Community Majority | Team capped at 15% |
| 12 | Full DAO | Team capped at 10% |
| 18 | Concentration Limit | No entity >5% veVCoin |
| 24 | Protocol Ownership | Upgrade auth → Governance |
| 30 | Operational Independence | Core team optional |
| 36 | Authority Revocation | Upgrade auth revoked |
| 48 | Full Decentralization | No privileged actors |
8.2 Decentralization Score
Score from 0-10000 (0-100%)
Higher = more decentralized = less centralization risk
Components:
├── Governance Control (max 2500 points)
│ ├── governance_live: +1000
│ ├── team_voting ≤20%: +500
│ ├── team_voting ≤10%: +500
│ └── team_voting ≤5%: +500
│
├── Concentration (max 2500 points)
│ ├── max_entity ≤10%: +500
│ ├── max_entity ≤5%: +500
│ ├── top_10 ≤30%: +500
│ ├── nakamoto ≥10: +500
│ └── unique_voters ≥1000: +500
│
├── Technical Control (max 2500 points)
│ ├── upgrade_auth = governance: +1000
│ ├── upgrade_auth revoked: +500
│ ├── multisig_threshold ≥5: +500
│ └── emergency = governance: +500
│
└── Operational (max 2500 points)
├── oracle_federation: +500
├── witness_network: +500
├── multiple_frontends: +500
├── multiple_rpc: +500
└── community_code: +5009. Estimated Development Effort
9.1 Protocol Development Hours
| Protocol/Component | Complexity | Est. Hours |
|---|---|---|
| Identity Protocol (SAS) | Medium | 60 |
| 5A Protocol (ZK Privacy) | High | 100 |
| Content Registry | Low | 40 |
| Staking Protocol (Token-2022) | High | 140 |
| Governance Protocol (ZK) | High | 140 |
| SSCRE Protocol | Medium | 80 |
| ViLink Protocol | Medium | 80 |
| Gasless Layer (Paymaster) | High | 120 |
| Mobile Layer (MWA + Passkeys) | High | 120 |
| Badge System (cNFT) | Medium | 60 |
| Security Modules | High | 160 |
| Testing & QA | Ongoing | 200 |
| TOTAL | ~1,300 hours |
9.2 Team Requirements
| Role | Count | Focus |
|---|---|---|
| Smart Contract Developers | 2-3 | Anchor/Rust |
| Backend Developers | 2 | NestJS/Node |
| Mobile Developers | 2 | React Native |
| DevOps/Security | 1 | Infrastructure |
| QA Engineers | 1 | Testing |
9.3 Audit Requirements
| Audit Type | Scope | Timeline |
|---|---|---|
| Smart Contract Audit | All 11 programs | 4-6 weeks |
| Economic Audit | Tokenomics model | 2-3 weeks |
| Security Audit | Infrastructure | 2-3 weeks |
| Penetration Testing | Full stack | 2 weeks |
Frequently Asked Questions (FAQ)
What blockchain does ViWoApp use?
ViWoApp is built on Solana, utilizing the Anchor Framework 0.32.0 and SPL Token-2022 standard. Solana was chosen for its high throughput, low transaction costs, and excellent developer tooling.
What is the 5-layer architecture?
ViWoApp uses a 5-layer architecture: Mobile Layer (wallet, passkeys), Gasless Layer (transaction sponsoring), Security Layer (TPIN, recovery), AI Layer (smart assistance), and On-Chain Layer (11 smart contracts). This design enables Web2-like UX while maintaining blockchain security.
When will ViWoApp launch on mainnet?
Target mainnet launch is Q1-Q2 2026. This depends on completing security audits, which have not yet started. We will not deploy to mainnet until comprehensive audits are complete.
Are the smart contracts audited?
No. Smart contracts are deployed to Solana Devnet only and have NOT been professionally audited. Security audits are planned for late 2025/early 2026 before any mainnet deployment.
What is Token-2022?
Token-2022 is Solana's new token program that supports advanced features like transfer hooks, embedded metadata, and confidential transfers. VCoin uses Token-2022 to implement transfer fees on-chain.
What is progressive decentralization?
Rather than launching fully decentralized (which is risky), ViWoApp starts with team control for security and progressively transitions to community governance. Phase 1: Team control → Phase 2: Council governance → Phase 3: Full DAO with token voting.
How does the gasless system work?
Users can perform transactions without holding SOL. A paymaster smart contract sponsors gas fees, which are paid from platform revenue or deducted from token transfers. Users experience seamless transactions like Web2.
What are session keys?
Session keys are temporary, scoped permissions that allow the app to sign transactions on behalf of users for a limited time and action scope. This eliminates constant approval popups while maintaining security.
Can I build on ViWoApp's infrastructure?
Not yet. All protocols are in Devnet testing. We plan to open third-party integration in late 2026 after mainnet stability. The infrastructure will be MIT licensed and free to use.
How can I review the code?
All smart contract code is open source under MIT license on GitHub. You can also explore the SDK on npm.
What happens if there's a security issue?
The architecture includes emergency shutdown mechanisms, timelocks on critical operations, and a security council with multisig authority. Progressive decentralization means critical safeguards are in place before full DAO control.
Summary
ViWoApp's blockchain architecture is designed for:
- ●Zero-Friction UX - Gasless transactions, session keys, passkey auth
- ●Enterprise Security - Multi-layer protection, emergency shutdown, TPIN
- ●Sustainable Economics - SSCRE 6-layer funding, deflationary design
- ●Ecosystem Value - Reusable infrastructure, MIT licensed
- ●Progressive Decentralization - Clear milestones to full DAO
Current Status:
- ●11 smart contracts deployed to Devnet (not mainnet)
- ●477+ tests passing (377 blockchain + 100 backend, automated tests, not security audit)
- ●SDK published to npm (beta v0.1.x)
- ●App MVP ~95% complete (Testing & Debugging phase)
- ●MVP Core Features 100% complete (5A, Passkey, Session Keys, Onboarding)
- ●Security audit required before mainnet deployment
Framework: Anchor 0.32.0 | Solana Program 2.0
License: MIT Open Source
GitHub: github.com/MohaMehrzad/VCoin-V2
SDK: @viwoapp/sdk (Beta)
Current Network: Solana Devnet (Testing Only)
App Status: MVP Testing (~95% Complete)
MVP Core Features: 5A Engine, Passkey Auth, Session Keys, Onboarding - 100% Complete
Mainnet Status: Not Deployed — Pending Audit
Final Note: This roadmap represents our development plan and architectural vision. Blockchain development involves significant technical complexity and uncertainty. All timelines are targets, not guarantees. We are committed to security and will not rush mainnet deployment before thorough auditing is complete.
Want to Learn More?
Explore our other documentation or join our community to stay updated on development progress.