ElastOS World Computer Development Update, March 24, 2026

This was the most technically dense week in ElastOS history. In seven days, the team shipped 48 commits across 253 files, adding over 36,000 lines of code – including five brand-new Rust security modules, a complete video streaming pipeline, and universal file viewers that let PC2 open virtually any file type in the world. The entire creator-to-consumer pipeline is now verified end-to-end with real money: a creator can encrypt content, list it for sale, and a buyer can purchase and watch protected video – all without leaving PC2.

What Shipped: The Big Picture

Eight major systems went from idea to working product in a single week:

1. Secure Viewer & dDRM Hardening A built-in app that opens protected files in a secure lockbox – the file never leaks outside it.
2. PC2 Media Runtime Watch DRM-protected videos inside PC2, just like Netflix or Disney+, no special plugins needed.
3. Lit Protocol Chipotle Migration Swapped a bloated 1.2MB security library for a clean 450-line fix – 99% less complexity.
4. Local Media Encoding Pipeline One-click tool for creators: drop in a video, get back an encrypted, ready-to-stream file.
5. Universal Asset Viewers PC2 can now open 3D models, spreadsheets, fonts, and zip files – all inside the secure sandbox.
6. Elacity Market Full Feature Set 15 new marketplace features: track earnings, manage two wallets, and run your channel – all in one place.
7. ElastOS Runtime v0.20 A secure Linux runtime where every app and AI agent starts with zero permissions until granted.
8. Five New Rust/WASM Security Crates Custom encryption modules that lock and unlock data entirely inside sealed, tamper-proof sandboxes.

In parallel, the Elastos DAO ecosystem made significant progress – the Infinity proposal was finalised, work began on bringing ELA to popular EVM chains, and the DAO LLC name change was initiated.

1. Secure Viewer and dDRM Hardening

The core challenge with digital content protection has always been the same: once a file reaches your device, it can be copied. The team solved this by building a dedicated dDRM Viewer that works like an armored display case – you can see the content, but you never touch the original file. When you double-click a protected .ddrm file in PC2, here is what happens behind the scenes:

• The encrypted file is fetched from distributed storage
• Your ownership is verified on-chain – the system checks your wallet to confirm you actually purchased access
• The file is decrypted inside a sealed Rust/WASM sandbox (think of it as an armored room inside your computer)
• The sandbox renders the content as pixels on your screen – like viewing a painting through museum glass
• The original decrypted file is immediately destroyed, and the encryption keys are zeroed from memory

The result: you see the image, read the document, or hear the music – but the raw file never exists anywhere it could be copied. Every old code pathway that could have leaked raw files was found and permanently removed this week.

2. PC2 Media Runtime: Protected Video That Just Works

Watching a two-hour movie is different from viewing a photo – you cannot decrypt the entire file before pressing play. The Media Runtime solves this using the same technology that powers Disney+ and Netflix: the video is split into tiny encrypted chunks, and each chunk is decrypted a fraction of a second before it plays, then immediately discarded.

What makes this special is that it works without any browser plugins or special hardware. Netflix requires Widevine (a Google-controlled module built into your browser). Spotify requires its own app. The PC2 Media Runtime needs nothing extra – it works in any web view, on any device.

• Adaptive quality switching – automatically picks the best video quality for your connection speed, just like switching between 720p and 1080p on YouTube
• Full playback controls – keyboard shortcuts, seeking, auto-hiding controls, and music-only mode for audio content
• Files open from your filesystem – double-click a .edrm file and it opens directly in the media player
• Creator-to-consumer pipeline verified end-to-end – a creator mints protected video, a buyer purchases it, downloads it, and watches it with full DASH streaming. Tested with real transactions

This is what makes decentralized streaming possible. Creators serve content directly from their own nodes. No central server. No 30% cut to Apple or Google.

3. Lit Protocol Chipotle: A 99% Reduction in Complexity

Lit Protocol is the security partner that holds encryption keys for protected content inside tamper-proof hardware. They are upgrading their entire system from “Datil” to “Chipotle,” and the old one shuts down in April 2026. The team finished migrating ahead of the deadline. The old integration required a massive 1.2MB SDK with persistent connections, complex authentication ceremonies, and heavy browser dependencies. The new one? A single 450-line client. One request in, one answer out.

• Important discovery: Content protected with the old system uses completely different cryptography from the new one – they are not compatible. So we built automatic detection: each piece of content remembers which system protected it, and the server routes it through the correct pathway
• All hardcoded API keys and secrets were removed from source code – a major security improvement
• A feature flag lets us switch between old and new systems instantly if anything goes wrong

4. Creator Encoding Pipeline: From Raw Video to Protected Stream

Until this week, protecting video content required multiple manual steps across different tools. The new encoding pipeline does everything in one shot:

1. Take any video file – MP4, MOV, MKV, whatever you have
2. Transcode it – the pipeline automatically picks the best encoder for your hardware (NVIDIA GPU acceleration if available, software encoding otherwise)
3. Fragment and encrypt – the video is split into small chunks and each one is encrypted with AES-128-CTR (the same standard used by banks)
4. Package for streaming – the encrypted chunks are wrapped in DASH format so they can be streamed adaptively
5. Upload to distributed storage – the finished package goes to IPFS, where it is stored across multiple computers instead of one company’s server

The encryption step is particularly noteworthy: it runs entirely inside a Rust/WASM sandbox called cenc-encrypt. The plaintext video never touches Node.js or your browser – it stays inside the sealed environment from start to finish. FFmpeg support was added to install scripts for macOS, Linux, and Windows.

5. Universal Asset Viewers: Open Anything

PC2 completed what the team calls “Tier 1 Universal Asset Viewers” – meaning it can now open, decrypt, and display every major file type entirely inside the secure sandbox:

• 3D Models (GLB, glTF, OBJ, STL, FBX) – an interactive viewer with wireframe mode, surface normals, auto-rotate, and the ability to take screenshots of your 3D models
• Datasets (CSV, TSV) – a paginated table viewer with search and column statistics, so you can browse spreadsheet data without needing Excel
• Fonts (TTF, OTF, WOFF2) – a live type specimen showing the full alphabet, sample text, and different sizes
• Archives (ZIP) – a file tree showing contents, sizes, and file types without extracting

Combined with the existing image, PDF, text, audio, and video viewers, PC2 can now handle virtually any digital content you throw at it. Every viewer runs inside the secure sandbox – protected content never leaves the armored environment.

Two new Rust crates power this: ipfs-assemble (which handles large file assembly inside WASM, cutting memory usage in half) and mp4-split (which processes video container formats entirely inside the sandbox). The maximum file size for in-sandbox decryption was raised from 50MB to 200MB.

6. Elacity Market: 15 Features in One Sprint

The marketplace inside PC2 went from functional to feature-complete this week, shipping 15 distinct improvements:

• Dual-wallet display – shows both your regular wallet and smart account balances on every asset, so you always know exactly what you can spend
• Earnings and Revenue page – a dedicated tab showing all your earnings across assets, channels, and offers, with one-click withdrawals
• My Channels hub – a centralized place to manage all your content channels
• Scarcity badges – “Low Stock” and “Sold Out” indicators appear automatically based on remaining supply
• Activity history – full transaction history for every asset
• Publish and unpublish controls – take content on and off the marketplace without deleting it
• Unified .ddrm format – one file extension now covers both media (video, audio) and non-media (documents, 3D models) with smart format detection

The marketplace now rivals centralised platforms in functionality – but with a fundamental difference: creators keep 100% of their revenue (minus a small protocol fee), and no company can remove their content or change the rules.

7. WASM/Rust Performance: Faster, Smaller, More Secure

Five Rust/WASM crates now power all cryptographic operations inside PC2: cenc-decrypt, cenc-encrypt, ipfs-assemble, mp4-split, and ddrm-renderer. This week the team made them significantly faster and more secure:

• 20-40% faster crypto operations – achieved by switching from size-optimised to speed-optimised compilation where performance matters most
• 8.3% smaller binaries – the dDRM renderer shrank by 482KB by removing error-handling overhead that is unnecessary inside a sandbox
• Smart build pipeline – each crate now uses different optimisation levels depending on whether speed or size matters more for its specific job
• Decryption keys zeroed from memory immediately after use – even a memory inspection tool cannot read the keys after decryption completes

This is the kind of work that users never see directly, but it makes everything else – the viewer, the video player, the marketplace – feel noticeably faster and more responsive.

8. Road to ElastOS Runtime v2.0: Zero-Trust by Default

The team published ElastOS Runtime v0.20.0-rc10 – a signed Linux runtime that introduces a fundamentally different approach to app security. Instead of giving an app access to everything and hoping it behaves, the runtime starts every app, AI agent, and tool with zero permissions. Each one must explicitly request exactly what it needs – and you decide what to grant.

• Capability-based security – think of it like a building where every door is locked by default. Each app gets a specific keycard that only opens the exact rooms it needs. An AI agent that reads your calendar gets a token for calendar access – it cannot read your files, use your network, or interact with other apps
• Signed capsule pipeline – every app is cryptographically signed so you can verify nothing has been tampered with, like a wax seal on a letter
• Three execution surfaces proven working – native binaries, WASM sandboxes, and micro virtual machines all run on the same runtime
• Platform verified on Linux x86_64, ARM (aarch64), Windows Subsystem for Linux (WSL), and NVIDIA Jetson edge AI boards
• Core commands working – elastos setup, elastos chat, elastos share, elastos open, and elastos share –public
• AI agent support – an agent can be given a short-lived token to perform a specific task (like suggesting meeting times from your calendar) without ever seeing anything else on your system

Install from the public gateway: curl -fsSL https://elastos.elacitylabs.com/install.sh | bash

9. Elastos DAO and Ecosystem

Beyond the core engineering, several important ecosystem developments progressed this week:

• Infinity proposal finalised – audits shared with the Elastos DAO Secretariat; the Elastos Infinity team is now officially part of the ecosystem
• DAO name change initiated – Cyber Republic DAO LLC is becoming Elastos DAO LLC
• G-20 Group partnership renewed – 3-month contract extension
• ELA multi-chain expansion started – work has officially begun to bring ELA to popular EVM chains, beginning with Base
• Critical bridge limitation resolved – after extensive research, a path was found to bring ELA to Base via the Elastos DAO Council as bridge operator
• ETH ELA contract research – evaluating whether to migrate or upgrade the current Ethereum ELA contract
• New main chain indexer – work started on an improved main chain explorer experience

What’s Next

• Complete Chipotle migration for video – bring the new Lit Protocol security system to protected video and music streaming
• Peer-to-peer content trading – buy and sell protected content directly between nodes, removing the last centralised piece of the pipeline
• AI Model Marketplace – protect, sell, and download AI models as encrypted digital assets that run locally on your own hardware
• ELA on Base – continue the multi-chain expansion so ELA is available on the chains where users and liquidity already live
• Community creator testing – open the Creator Dashboard to community members for real-world feedback on the full mint-to-sell flow

Try ElastOS

• Desktop Launcher (Mac and Linux): Download Launcher
• Terminal Install (Mac/Linux): curl -fsSL https://raw.githubusercontent.com/Elacity/pc2.net/main/scripts/start-local.sh | bash
• NVIDIA Jetson: cd ~ && git clone https://github.com/Elacity/pc2.net.git && cd pc2.net && sudo bash scripts/install-arm.sh
• Docs: docs.ela.city | GitHub: github.com/Elacity/pc2.net
• Network Map: map.ela.city | Portal: portal.ela.city
• DAO Proposal: Keystone Fund Mandate
• Shipping Report: GitHub Discussion