# ElizaOS Weekly Newsletter (2026-04-21) **Week:** 2026-04-14 → 2026-04-20 ## 1) Executive Summary This week was all about **stability, security, and monetization paths**: 1. **Agent monetization got a big real-world push**: Elisym Labs shipped a new integration plugin that turns any **ElizaOS v1 agent into a paid provider** on a decentralized marketplace, complete with encrypted job flow and on-chain SOL payments. 2. **Core reliability continued to tighten up**: multiple dependency upgrades landed alongside important bug fixes—most notably a memory-management fix in the in-memory adapter and Discord routing fixes in LifeOps, improving day-to-day agent operations. 3. **Security awareness ramped up (for good reason)**: the community dealt with ongoing phishing attempts, a serious private vulnerability disclosure, and multiple reminders about what “official” does (and does not) look like in Discord. ## 2) Development Updates (Technical) ### Framework stability & maintenance - **Dependency refreshes across the stack** continued (TypeScript, Rust, Python, and mobile tooling). Notable updates mentioned in the daily digest include: - `@coral-xyz/borsh`, `gymnasium`, and **Capacitor monorepo** upgrades - Routine maintenance on **Uniswap v2/v3 SDKs**, `@types/node`, and **WASM-bindgen** crates - These updates are mostly unglamorous, but they’re what keep builds reproducible and agent deployments predictable. ### Critical bug fixes - **InMemoryDatabaseAdapter.updateMemories roomId handling fixed** A bug was identified where updating a memory’s `roomId` didn’t properly move it between room lists. That kind of issue can silently corrupt “what the agent remembers” in multi-room setups. - Fix tracked as: **PR #6965** (“handle roomId changes in InMemoryDatabaseAdapter.updateMemories”) - **LifeOps Discord routing fixes** The LifeOps app received routing corrections to improve message/command reliability (especially important for users running agents across multiple channels and connectors). - Fix tracked as: **PR #6971** (“lifeops discord routing + submodule bumps”) ### Commerce direction: from proposals to standards A new proposal was opened to **standardize agent commerce** (tool/service payments), while several older Merxex-related commerce proposals were reviewed and closed. Net: the project direction looks to be shifting from one-off integrations toward **a more general commerce protocol** that multiple marketplaces/providers can implement. ## 3) Community Spotlight (Discord) ### Paid agents in the wild: Elisym plugin release In **#coders**, `igor.peregudov` (Elisym Labs) released **`plugin-elizaos-elisym`** (published as `@elisym/plugin-elizaos`)—a notably complete integration with strong engineering hygiene: - Publishes “capability cards” over **Nostr (NIP-89)** - Accepts encrypted job requests via **NIP-90** - Executes jobs through an agent’s model or a **SKILL.md tool-use loop** - Collects **SOL payments on Solana** - Ships with **110 tests**, CI on every PR, and **GitHub Actions provenance signing** - A registry integration PR is open and needs review: **registry PR #346** Also worth calling out: when `stan0473` requested a naming convention change, the plugin was promptly renamed to match standards—exactly the kind of fast, collaborative iteration we want in ecosystem integrations. ### Security: private disclosure done right `kullai` raised potential vulnerabilities and asked about a bug bounty. The key takeaway: - **No bug bounty program currently exists** - The community (and `odilitime`) reinforced best practice: **security issues should be disclosed privately**, not via public issues/PRs `kullai` then **privately disclosed** details to `odilitime`, who confirmed receipt. If you’re security-minded and want to help, this is the model to follow. ### Repeated scam/phishing incidents (please read) The server saw multiple scam attempts: - Fake “airdrop” tags and impersonation links were flagged as scams; malicious accounts were removed. - A particularly painful incident: `nelsonlopes_` reported losing roughly **$700–900** and then additional funds via a **fraudulent support ticket** flow. Community guidance was consistent: **block/report**, and assume “support tickets” created by random accounts are hostile. **Rule of thumb:** if it’s an airdrop link, “migration help,” or “urgent support” in a random DM/thread—treat it as a scam until proven otherwise. ### Ecosystem clarity: ElizaOK, ElizaCloud, tokens In **#discussion**, `baogerbao` clarified: - **ElizaOK is built with ElizaCloud** - **ElizaOK has no separate token (for now)** - Users from ElizaOK “flow into” ElizaCloud Questions about the broader business model and token utility were deferred to `odilitime` for a deeper write-up. ## 4) Token Economics (AI16z token + auto.fun) ### AI16z migration status - **Migration is closed.** `odilitime` confirmed that if you missed the window, you **can’t migrate now**. ### Staking - Staking is **not currently available**, confirmed by moderators (`doriand0963`, `odilitime`). ### Chain availability - Token deployment was reiterated as available on **Solana, BSC, and Base**. ### auto.fun No concrete, source-backed product updates were surfaced in this week’s Discord summaries for **auto.fun**. If you’re watching auto.fun closely, the best signal right now is to monitor official announcements and avoid acting on “leaks” posted in chat. ## 5) Coming Soon Here’s what to keep on your radar: - **ElizaOS v3 is “nearly ready”** (per `satsbased`) and is expected to enable **agents that can generate revenue**—which pairs nicely with the broader “agent commerce” direction and marketplace integrations like Elisym. - **Registry expansion for paid-agent ecosystems**: review/merge activity on plugin registry PRs continues, with **PR #346** (Elisym integration) being the standout this week. - **Security process improvements**: given the private vuln disclosure + ongoing phishing, expect pressure to formalize: - a vulnerability disclosure policy - clearer “official support” guidance and anti-scam documentation ## 6) Resources **Key links & references from this week:** - Eliza examples directory (for “what can I build?” questions): https://github.com/elizaOS/eliza/tree/v2.0.0/examples - Elisym registry PR to review: **elizaos-plugins/registry #346** (plugin-elizaos-elisym) - Core bug fix (roomId memory handling): **elizaos/eliza #6965** - LifeOps Discord routing fix: **elizaos/eliza #6971** - Discord channels referenced: - Discussion: https://discord.com/channels/1253563208833433701/1253563209462448241 - Coders: https://discord.com/channels/1253563208833433701/1300025221834739744 If you can help with one thing this week: **review PR #346**, and keep reporting scams quickly so mods can remove them before someone gets hurt.