Sabitlenmiş Tweet
matthew
34.8K posts
matthew
@_matthew_
father, husband, american abroad. i build companies and software and stuff. optimist 🇺🇸🇹🇭
earth Katılım Aralık 2011
825 Takip Edilen3.9K Takipçiler
matthew retweetledi
the solana advisor who happens to be the twitter pm made cashtags for crosschain tokens like solana:3iQL8BFS2vE7mww4ehAqQHAsbmRNCrPxizWAT2Zfyr9y show ca only for solana disregarding the fact that its illiquid as fuck there and you’re 100% going to get shit fills with any real size but theyre okay w that bc ur cattle
English
matthew retweetledi
People aren't mentally ready for the case where none of this is a bubble
Ethan Mollick@emollick
Six months ago, there was a lot of focus on the idea that the there would be a massive glut of unused computing power which would could a recession as AI use plateaued. The "compute bubble" belief was absolutely everywhere. The degree to which this was wrong deserves some notice
English
matthew retweetledi
Pessimists hate human achievement, from private industry and governmental organizations alike, as it reflects to them their own mediocrity
Peter Hague@peterrhague
A minor benefit of lunar exploration is it makes people at Vice miserable. Ad Astra!
English
matthew retweetledi
1/ Recently an unnamed source shared data exfiltrated from an internal North Korean payment server containing 390 accounts, chat logs, crypto transactions.
I spent long hours going through all of it, none of which has ever been publicly released.
It revealed an intricate ~$1M/month scheme of fraudulent identities, forged legal documents, and crypto-to-fiat conversion.
Enjoy the findings!
English
matthew retweetledi
My friend Milla Jovovich and I spent months creating an AI memory system with Claude. It just posted a perfect score on the standard benchmark - beating every product in the space, free or paid.
It's called MemPalace, and it works nothing like anything else out there.
Instead of sending your data to a background agent in the cloud, it mines your conversations locally and organizes them into a palace - a structured architecture with wings, halls, and rooms that mirrors how human memory actually works.
Here is what that gets you:
→ Your AI knows who you are before you type a single word - family, projects, preferences, loaded in ~120 tokens
→ Palace architecture organizes memories by domain and type - not a flat list of facts, a navigable structure
→ Semantic search across months of conversations finds the answer in position 1 or 2
→ AAAK compression fits your entire life context into 120 tokens - 30x lossless compression any LLM reads natively
→ Contradiction detection catches wrong names, wrong pronouns, wrong ages before you ever see them
The benchmarks:
100% recall on LongMemEval — first perfect score ever recorded. 500/500 questions. Every question type at 100%.
92.9% on ConvoMem — more than 2x Mem0's score.
100% on LoCoMo — every multi-hop reasoning category, including temporal inference which stumps most systems.
No API key. No cloud. No subscription. One dependency. Runs on your machine. Your memories never leave.
MIT License. 100% Open Source.
github.com/milla-jovovich…
English
matthew retweetledi
Critical Claude Code vulnerability: Deny rules silently bypassed because security checks cost too many tokens adversa.ai/blog/claude-co…
English
@tanpukunokami if it’s a sushi restaurant worth going to — the cost of flying fish in from tsukiji. if it’s *really* good, the cost of flying it in that morning
English
A full sushi dinner in Tokyo: $15. A California roll in Manhattan: $22. Make it make sense.
English
skill issue
don’t overdo it. if you do, don’t feel sorry for yourself. drink some water and move on with your life
Tiffany Fong@TiffanyFong
the older i get, the more i hate alcohol.
English
matthew retweetledi
I beg everyone in crypto to read this in full.
I expected this to be another case of social engineering, likely some recruiter/job offer shit.
I was very wrong.
And the depth of the operation and personas makes me think they already have multiple other teams on lock.
😳
Drift@DriftProtocol
English
matthew retweetledi
zkSync founder: “Ethereum is the only option” for institutions
“Tempo is a venture by Stripe. Obviously Stripe, as a large payments processor, wants to have their own network . . . And of course, all of [these organizations] will try to get everyone else on their network. But guess what? That’s precisely the reason why it’s never going to happen.”
Alex Gluchowski explains:
“Yes, Stripe wants everything to happen on Tempo, but JP Morgan wants everything to happen on JP Morgan Chain. And Circle wants everything to happen on Arc. And so on and so forth. They will never agree. The large players will never agree to build on the infrastructure of another large player. This is why Ethereum is the only option — it’s the only way forward as the neutral infrastructure that everyone can agree on.”
Source: @zksync @therollupco
English
matthew retweetledi
METATRON
AI-powered penetration testing assistant using local LLM on linux (Parrot OS)
github.com/sooryathejas/M…
English
@zeroXbrock never have issues with agents messing up formatting. make it part of their acceptance criteria
English
dinosaur chickens are hunted, not farmed, so this makes sense
Polymarket@Polymarket
BREAKING: Health officials warn that dinosaur chicken nuggets sold at Walmart may contain high levels of lead.
English
matthew retweetledi
Drift Protocol just released their thread on the $280 million hack
It's worse than anyone thought too
There was no code exploit. It wasn’t a flash loan. It wasn’t even a traditional key theft.
Solana has a feature called "durable nonces" that lets you sign a transaction today but execute it days or weeks later
Sound familiar EVM critics? 😏
Think of it like writing a signed check and leaving it in someone's drawer until they decide to cash it.
The attacker used this to build a time bomb inside Drift's own governance system.
So I was wrong and Solana’s architecture did in fact play a role in this exploit occurring. Similar to how a hacker exploits approvals on EVM chains.
Here's how it played out:
March 23: The attacker sets up four of these delayed-execution accounts. Two are tied to real Drift Security Council members and two belong to the attacker.
At some point, the attacker tricks two of Drift's five council members into signing transactions they didn't fully understand.
Blind signing is something I have called out a lot and it is a major issue with many of these chains
Drift calls it "transaction misrepresentation” 🤨
But in reality they were socially engineered into signing their own robbery
Those signatures sat dormant for nine days!
March 27: Drift rotates its security council. New members, fresh setup. Doesn't matter. The attacker compromises two of the five new signers too.
April 1: Drift runs a routine test transaction. Sixty seconds later, the attacker cashes those pre-signed checks. Two transactions, four Solana slots apart. Full admin control.
Every withdrawal limit removed. Every vault drained.
$280 million. Gone.
Two out of five signatures is all it took 🤦♂️
But also clearly some major planning and patience for this elaborate attack
Blind signing
Durable nonces which function similarly to approvals
Poor key management
Insecure infrastructure
Everything worked as it was designed to work and this was just an incredibly well orchestrated and thought out attack
Drift@DriftProtocol
Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers. This was a highly sophisticated operation that appears to have involved multi-week preparation and staged execution, including the use of durable nonce accounts to pre-sign transactions that delayed execution.
English
matthew retweetledi
yesterday it was axios, next time it will be a compromised package manager like `pnpm`, a highly trusted tool with deep system access that could silently hand over your entire machine to an attacker. security through compartmentalisation is the _only_ way forward.
English
matthew retweetledi
Google's Quantum AI team used @SuccinctLabs zkVM SP1 for responsible disclosure of a new SOTA quantum algorithm.
Their paper presents a 20x more efficient implementation of Shor's algorithm for cracking secp256k1 keys: the elliptic curve used by Bitcoin and Ethereum.
They believe the attack is so dangerous that instead of publishing the circuits, they instead published a ZKP that the circuits exist.
I wonder if ZK proof of exploit becomes a broader theme in vulnerability disclosures going forward.
English
matthew retweetledi
⚠️ Supply chain attack in progress: someone is squatting Anthropic-internal npm package names targeting people trying to compile the leaked Claude Code source.
`color-diff-napi` and `modifiers-napi` — both registered today, same person, disposable email. Do NOT install them. 🧵
English
I'm starting plebs.ETH, a community modeled after the bitcoin plebsec community
I don't know what I will do with it but for now I just feel there is a need for at least a chat room of like-minded people who I consider to fall into this bucket--people who believe in Ethereum but aren't "insiders"
I guess you could consider it my own more based version of 'Silviculture Society' or whatever with the difference that it's not something anointed by the EF--instead it's anointed by me which is obviously better because I am me, using rough social consensus of myself!
If you want to join, reply here with your telegram handle & why you are an ETH pleb.
English
matthew retweetledi
We found a critical vulnerability in @OpenAI Codex affecting all Codex users, allowing exfil of a victim’s GitHub tokens to our C2 server. This granted lateral movement and R/W access to a victim’s entire code base 😈
This was a crazy one by @crew7sec at @btphantomlabs
BeyondTrust Phantom Labs™@btphantomlabs
Breaking: Newly uncovered OpenAI Codex vuln enables command injection via GitHub branch names in task creation requests. Attackers could steal GitHub user access tokens & sensitive data. Full breakdown by Tyler Jespersen: lnkd.in/ewdTaiEa #OpenAI #BTPhantomLabs
English