Entros_docs
Roadmap

Near-term

Active sprint—what ships next as the audit clears and integrator pilots come online.

Near-term work is structured around three milestones: external audit, mainnet deployment, and the integrator-facing surface area filling out.

External security audit

A full audit of the three on-chain programs by an established Solana auditor (OtterSec, Neodyme, or Asymmetric Research). The audit gates mainnet deployment. Expected timeline: 6–10 weeks engagement, plus remediation.

The pre-audit hardening work is captured in the protocol's internal AUDIT.md and the public security program. Findings discovered during internal red-teaming are remediated and re-tested before the external engagement begins.

Standalone display primitives

The verification trigger shipped as @entros/verify — a popup-pattern React component that opens a window to entros.io, runs the 12-second capture, and posts the verified payload back. Five lines of JSX, runs against the canonical flow, no redirect.

The remaining packaging work is on the display primitives. EntrosGate (route guard) and EntrosBadge (Trust Score pill) are still copy-source single-file components; the near-term plan is a standalone @entros/react package that consolidates them as drop-ins. Until then, the canonical sources live in the entros.io repo and stay in sync with the on-chain layout.

Native Solana Mobile build

A React Native package and platform-specific native builds for iOS and Android. The capture quality on mobile is materially higher than desktop—IMU at higher sampling rates, native microphone access, authentic touch dynamics.

The Solana Mobile (Seeker) integration is the central piece: Mobile Wallet Adapter for the wallet connection, Seed Vault for keypair handling, and a notifications path for re-verification reminders aligned to the score decay curve.

Integrator pilots

Three production integrator pilots, one each across the three composability surfaces:

  • A Realms DAO using the voter-weight plugin
  • An airdrop or referral protocol using SAS attestations
  • An AI-agent platform gating registrations on operator Trust Score

These pilots inform the threshold-setting documentation and surface real-world edge cases that internal testing misses.

Mainnet deployment

After the external audit lands and remediations are in place, the three programs deploy to mainnet. Devnet remains live for development; mainnet is the production surface. Program IDs are immutable across the deployment—devnet IDs and mainnet IDs match where the deployment authority chooses, with documented exceptions for any program-id-derived PDA surface.

Where to look next

Where the protocol is today

What's live on devnet, what's in npm, what's documented.

Medium-term

After mainnet—decentralization of the Anonymity Ring, validator economics, multi-chain reads.

On this page

External security auditStandalone display primitivesNative Solana Mobile buildIntegrator pilotsMainnet deploymentWhere to look next