LayerFoo

We will one day reach a point where people feel nostalgic towards the AI slop being produced today

Mid 2020s AI slop nostalgia

@CJFloresH @agustin_avenali Remove the wizard and I like it

@agustin_avenali Que voten por esta opción

Nueva Zelanda🇳🇿 gastó millones de dólares en 2016 en un referéndum histórico para cambiar su bandera, demasiado parecida a la de Australia. Resultado: se quedaron con la misma de siempre, por 56,7%. Así era la otra opción:

@subcivic @infomeh How about a durag

@layerfoo @infomeh maybe a headband

goggle beanies feel like the obvious form factor for AR wearables -on/off screen -distributed weight -aura

@scaling01 "building AI cybersecurity stuff"

these kind of statements will get you arrested in 2 years

@signulll You can tell brodie chill

contemplating the implications of fable.

@aman_gif of an xbox controller none the less lmfao

the concept of putting a watermark on a 0-shot model output

@serbobross @AdamZiz @icobeast Maybe reflect on your own internal environment

@AdamZiz @layerfoo @icobeast They can’t prove it without the upgrade lol. And if they do it and it’s been exploited, what then ? Do you just eat shit forever remembering this altercation of advocating for the mentally ill developers of the world ?

@layerfoo @icobeast Probably bc they aren’t retarded and knew how to print and sell small amounts.

@serbobross @icobeast There’s no incentive for them to slowly sell, the longer you wait the more chance another actor discovers the same vulnerability

So what happens if they finish this proof for ZEC to show the infinite mint bug wasn’t used, and end up realizing it was used

@workinpro The knowledge cutoff doesn’t matter when it can search the internet and the chat doesn’t matter when we can’t see it’s thinking trace Get it to find another vulnerability and I bet it can’t

Thats not how it works. You can check the thinking traces to see if search was used. Thats why I provided the chat link. This is the same way the erdos problem was solved by a teenager without a mathematics background. The knowledge cutoff of the model also doesn’t change. chatgpt.com/share/6a222b1d…

I was able to replicate finding the Zcash Orchard vulnerability using GPT 5.5 without a harness and little to no steering (except for passing the files). GPT 5.5 is consistently able to find this vulnerability. Opus 4.8 released on May 25th, and the vulnerability was found one day later, on May 26th. GPT 5.5 released on April 23rd, meaning someone could’ve found the vulnerability using GPT 5.5 for an entire month. (Link to chat in next post)

If you find a vuln like this (and you're an evil scumbag) then you'll be interested in counterfeiting and dumping the money as fast as possible. You can't know how many other people discovered the same flaw, and as soon as it is discovered or someone else starts dumping counterfeit ZEC on the market, you begin running out of time quickly. Thus, you'd expect that if anyone could find a vuln they'd exploit it right away, and we'd see it because the shielded pool would quickly drain and the market would dump. But despite the massive amounts of liquidity available, neither of those happened.

look i'm not trying to pile on because i think at least a good chunk of people bought into this really believing in it, but here's a simple question: how are you not giga-fucked if you can't even prove if something has been exploited or not, possibly resulting in infinite coins minted in the past which you can't even detect today or at any time in the future? is this the situation we are looking at here? am i misstating it?

@P3b7_ Fix your app lol

👉For 4 years, 1 day, and 10 hours, anyone who understood the Orchard circuit could have minted ZEC out of thin air, silently, with no on-chain signature. The bug was disclosed this week. It was found by an AI-driven audit running Opus 4.8, not by an attacker. 1. Call the bug what it is Two lines in halo2's variable-base scalar multiplication gadget used assign_advice() where copy_advice() was required. As a result, the diversified-address integrity check pk_d = [ivk]·g_d could be satisfied for arbitrary inputs. A malicious prover could spend the same note multiple times with different nullifiers, i.e. counterfeit ZEC inside the Orchard pool, undetectable on-chain because the privacy of the ZK proof hides exactly the inputs that would reveal the attack. We do not know whether it was exploited. We will probably never know. 2. Four years. Multiple audits. Top-tier reviewers. Orchard was reviewed by some of the strongest cryptographers in the field before activation. They missed it. Earlier automated audits with Opus 4.7 missed it. Opus 4.8 catches it in roughly 1 in 4 runs when prompted generically. The bug is hard. And ZK inflation bugs are not new. Zcash itself shipped a counterfeiting vulnerability in Sprout (BCTV14) that survived years before being silently neutralized during Sapling. Similar soundness issues have appeared in circom, halo2, and rollup verifiers since. The pattern is consistent: when the protocol is private, exploitation is undetectable. You patch the bug and hope. 3. What Zcash did right This was a textbook decentralized incident response: ▶️Audit: a full AI-assisted soundness audit of halo2 + Orchard, scoped end-to-end. ▶️Discover: the agent flagged the missing constraint and worked out the algebra to turn it into an exploit. A working RPC-level PoC in ~6 hours, mostly waiting on tokens. ▶️Coordinate: a soft fork disabling Orchard, prepared and distributed without leaking the bug, activated 2 days and 15 hours after acknowledgement. Coordinating a soft fork across miners, exchanges, and nodes without disclosing why is genuinely hard. They did it. ▶️Disclose: timeline, code lines, math, open questions. No spin. Worth naming explicitly: Zcash's turnstile invariant caps the value that can ever leave a shielded pool by the value that entered it. Privacy and verifiability inside the same protocol. That is not an accident. That is good engineering, and it is what kept the worst case bounded. 4. The economics of security just changed AI does not change whether bugs like this exist. It changes the cost of finding them. I wrote about this x.com/P3b7_/status/2…: a missing constraint in a 4-year-old production ZK circuit used to require a top-tier cryptographer with months of context. It now requires a few tokens, an API key, and a well-framed prompt. The defender benefits. The attacker benefits more, they only need to find it once, and they never disclose. Orchard is the optimistic version of this story: defense got there first. The pessimistic version is the one we cannot rule out, because the chain is private by design. 5. The only real exit You do not patch your way out of this asymmetry. You raise the floor. Formal verification of consensus-critical circuits, every assign_advice audited by SAT solvers and AI for under-constraint, as the reporter himself recommends. Proof-grade engineering that used to be too expensive is now cheap enough to be mandatory. Hardware roots of trust, secure enclaves, certified secure elements, WYSIWYS. Cryptographic guarantees the user can actually verify, not promises a host can lie about. Continuous AI-assisted audit of every consensus-critical commit, re-run immediately on the release of any new frontier model. Zcash didn't just patch a bug. They demonstrated the new defensive playbook: AI-driven audits, decentralized coordination, radical transparency, verifiable invariants. That is the direction the rest of the industry needs to follow. And those who don't raise the bar for security will be rekt in this new world. Stay safe. Stay honest about your trust assumptions.

If you find a vuln like this (and you're an evil scumbag) then you'll be interested in counterfeiting and dumping the money as fast as possible. You can't know how many other people discovered the same flaw, and as soon as it is discovered or someone else starts dumping counterfeit ZEC on the market, you begin running out of time quickly. Thus, you'd expect that if anyone could find a vuln they'd exploit it right away, and we'd see it because the shielded pool would quickly drain and the market would dump. But despite the massive amounts of liquidity available, neither of those happened.

Shorted ZEC because I think it's a 20% chance this is the LUNA of this cycle

If you find a vuln like this (and you're an evil scumbag) then you'll be interested in counterfeiting and dumping the money as fast as possible. You can't know how many other people discovered the same flaw, and as soon as it is discovered or someone else starts dumping counterfeit ZEC on the market, you begin running out of time quickly. Thus, you'd expect that if anyone could find a vuln they'd exploit it right away, and we'd see it because the shielded pool would quickly drain and the market would dump. But despite the massive amounts of liquidity available, neither of those happened. Instead, as soon as a very plausible first-responder found it (Taylor does cutting edge security research for us, and has worked with us for over 10 years) they shut the pool down and fixed it. (As an aside, while it's of no comfort to the average person, I can assure you all of the people who found this vulnerability and patched it are the most honest people I've ever met in my life.) I'm keeping my money where my mouth is though and promise to keep the vast majority of my net worth in the Orchard pool until I announce publicly otherwise! :)

I think this proliferates Open source software is no longer safe

@based16z If the bug wasn’t exploited Zcash comes away stronger because the core devs prioritise making the orchard pool supply cryptographically verifiable reducing this risk in the future

Goodalexander disproved zcash fud at the lows?

@life_smol @Dogetoshi Have you ever tried to prompt it for exploits?

@layerfoo @Dogetoshi You do realise gpt 5.5 is an equivalent model without those restrictions available to everyone?

A single security researcher with a $20 Claude subscription found an infinite mint exploit on Zcash? Yah after Mythos releases it’s over.