Rabenvater

43 posts

Rabenvater

Rabenvater

@_rabenvater_

learsI Katılım Mart 2026
20 Takip Edilen4 Takipçiler
Rabenvater
Rabenvater@_rabenvater_·
@DoingFedTime Come on Sam, you can do better, the smart meter? Tracking his is highly unreliable and not feasible, and it's irrelevant, OPSEC is dependent on threat model, and with any adversary, this will not be useful.
English
1
0
0
65
Sam Bent
Sam Bent@DoingFedTime·
#OPSEC365 109/365 Smart meters report your electricity usage in near real time. Usage patterns reveal when you are home, when you sleep, and how many people live with you. Utilities share this data for demand planning. Researchers have reconstructed household activities from smart meter data alone. At fifteen-minute intervals, the meter mainly exposes occupancy and sleep schedule. Appliance-level identification needs sub-second sampling. You cannot opt out of smart meters in most jurisdictions. Some utilities allow a request for less frequent reporting. The best you can do is understand this data exists and is being collected, and behave accordingly when the gap between you-at-home and you-pretending-to-be-home matters.
English
6
10
50
2.1K
/root/
/root/@pentrutimp·
@_rabenvater_ If you were a reasonable person, you would have done it before the public sale took place, that’s the logical thing to do. In reality, you seem to be the kind of person who feels pain when others succeed
English
1
0
1
70
/root/
/root/@pentrutimp·
1/ The @octra FUD blog by @te_mpe_st has gone viral. But they won't tell you: most claims are based on OUTDATED docs and old code commits. Octra has been actively improving. Let me break it down.
English
5
9
53
3.8K
Rabenvater
Rabenvater@_rabenvater_·
@pentrutimp Yeah btw kind of ironic calling me a scammer for replying to you, but not calling a Russian serial fraudster a scammer because "oh it has nothing to do with octra", which is false.
English
1
0
0
158
/root/
/root/@pentrutimp·
@_rabenvater_ Who are you, unknown new account? Who would believe a scammer like you? Show us your real account
English
2
0
2
133
Rabenvater
Rabenvater@_rabenvater_·
@pentrutimp This is my real account, do they not educate people over at Indonesia? holy shit. You can verify my account's history, by literally clicking on my name....
English
1
0
1
47
Rabenvater
Rabenvater@_rabenvater_·
The amount of cattle that believe shipping shit and insecure cryptography is excused if patched with a commit is insane, and most of the time they don't even verify any claims. Grow a pair and stop boot licking for a few Eth. #octrug
English
0
0
0
87
Rabenvater
Rabenvater@_rabenvater_·
@pentrutimp 1/2 of the claims you "rebutted" here weren't even claims on the blog, and if they were, you stated them with the wrong reasons. Octra chain is not HFHE, its cryptography is shite, whitepaper should be standard for huge crypto claims. You're wasting your time.
English
1
0
3
214
/root/
/root/@pentrutimp·
18/ FINAL TAKE: Octra is a real, actively developed project with legitimate tech, transparent response to criticism, and verifiable on-chain integrity. It has flaws (needs whitepaper, decentralization, better docs), but flaws ≠ fraud. The FUD is overstated.
English
1
1
14
544
Rabenvater
Rabenvater@_rabenvater_·
@pentrutimp The fix was shipped yesterday, at time of blog release, FURY worked against live codebase code, maybe tell your AI to check timestamps next time pls :-)
English
0
0
0
19
/root/
/root/@pentrutimp·
4/ CLAIM: 'FURY attack breaks the PRF' REALITY: Blog quotes commit e2835df (Jul 6). What they DON'T say: commits Jul 7-9 add 'recrypt hardening', 'harden hfhe public encoding', 'fix keygen root exponent'. Main branch now uses SHA-256 hashing, NOT the linear function attacked.
English
2
0
10
494
octra
octra@octra·
open HFHE challenge v2 this wallet holds 500,000 OCT: octC5eR9pLGKbpzTbDgHowkFt8HW7LZYb2gzehzxHamxuAZ recover its private key, tell us how you did it and receive another 500,000 OCT, for a total of 1 million. do not submit issues, they will be removed! github.com/octra-labs/hfh…
English
60
49
294
89.3K
Rabenvater
Rabenvater@_rabenvater_·
@Instynkt2 The technology itself does not survive scrutiny, an attacked called "FURY" made by te.mpe.st literally breaks multi-slot LPN and their native FHE in seconds. Funnily enough, they shipped a silence fix today, then dropped a bounty. Here: te.mpe.st/blog/20260628-…
English
1
0
0
138
Instinct
Instinct@Instynkt2·
my optics are probably a bit different. honestly, i don’t really care that much about all the accusations, old stories, previous companies / ideas etc. even if every single claim turned out to be true, it still wouldn’t logically prove that the technology itself doesn’t work. history is full of people with controversial backgrounds who still built something genuinely innovative. these are two separate questions and i don’t think they should be mixed together. same with crypto in general. 99% of projects are noise or outright scams anyway, so that’s not really the filter i’m using. the only thing i actually care about is whether the technology survives scrutiny. for me, the biggest catalyst now isn’t another twitter debate or another thread about synesis. it’s the formal HFHE paper. that’s the thing that can actually be reviewed and challenged and validated by independent cryptographers/science people.if the paper demonstrates a genuine breakthroug, that’s what matters. if it doesn’t, then we’ll know that too. do we have any rough timeline for the formal paper? shipping is obviously important, but scientific validation is what ultimately matters here. even if some assumptions behind the formal paper cannot yet be fully verified experimentally, having something rigorous that can be reviewed and challenged by cryptographers is infinitely more valuable than another week of X’s fud. octra HFHE paper incoming
English
4
3
29
2.7K
Rabenvater
Rabenvater@_rabenvater_·
@max21e8 @octra @te_mpe_st FURY doesn't break single-slot instances, the challenge seems to be 22 one-slot ciphers, 2 base layers each. FURY is useless here, they used the only non-broken thing.
English
2
0
1
335
Rabenvater retweetledi
te.mpe.st
te.mpe.st@te_mpe_st·
Have you seen me?
te.mpe.st tweet media
English
6
4
45
3.3K
Rabenvater
Rabenvater@_rabenvater_·
"I fuck people over. That's how it is. Well, not just 'people', but actual people, obviously, I fuck them over. I fuck over companies, suppliers, just like they fuck me over. That's the whole point." @lambda0xE are you not tired of fucking people over?
English
0
0
2
385
Rabenvater
Rabenvater@_rabenvater_·
FURY breaks native FHE on Octra's PVAC codebase. Also breaks Multi-slot LPN, and their chain is AHE The founder is a serial Russian scammer, with lawsuits against him for failing to repay debt and scamming investors. What now?
English
5
0
5
3.4K
dasha
dasha@0xdasha·
its not an octra contract you fucking retard, its a standard contract by @UniswapAuctions that has no unsold tokens remaining, because all of them were sold on auction. the top holders on eth you listed are token buyers on echo: t.me/octra/74, the uniswap contract with bought but unclaimed tokens that nobody, including uniswap or octra, has access to except for buyers. which again only shows that you don't even understand what you read or write before publishing your little blog. the otc incident was also announced: x.com/octralex/statu…. the corporate structure is completely irrelevant for onchain movements, has nothing to do with tech, and STILL he already explained told you that the uk company was established but never used. you're the shittiest OSINT ever because you refuse to do your job AND to learn AND to accept you are wrong and retract statements
alex@octralex

We facilitated an OTC sale at the request of an early buyer, and unfortunately they ended up being scammed. Despite numerous warnings that we will not be responsible for loss, we will take this L, and have bought back the entire amount. Please stay alert! etherscan.io/tx/0x03b1f77b1…

English
1
2
13
916
Rabenvater
Rabenvater@_rabenvater_·
@nuzmetra @te_mpe_st you're saying corporate shells, $40K cashed out to exchanges, paid Messari reports, and a fabricated surname don't matter. it matters to the 611 Echo investors and everyone who bought wOCT at $0.20.
English
1
0
0
100
nuzmetra
nuzmetra@nuzmetra·
1). They clearly use the multiplicative structure w = coef * R mod p,as for paillier, it’s just an Rsa modulus n (it has nothing to do with their code btw,although they discuss it in the docs, their code uses a different scheme, which is obvious) 2). Representing field elements as machine integers is the standard approach in all cryptography over prime fields, the irony is that their lpn secret is actually a bit vector ( the question is, where were you even looking?) 3). They also have homomorphic multiplication, and it works (ct_mul) and even recrypt 4) Etc.. anyway, there are a lot of inconsistencies in your audit, and I think none of us give a shit about who actually works at their firms -they just need to get their public docs in order, and that’s it
Cormeilles-en-Parisis, France 🇫🇷 English
2
0
12
477
Rabenvater retweetledi
te.mpe.st
te.mpe.st@te_mpe_st·
I assumed there'd be some legal attacks on us. I appreciate not doing that. 1. I sorta figured such. The mismatch with the code was odd. I'll take the majority of this part as a concession. However, in regards to the webcli and pvac_hfhe_cpp, we DID mention those! See the first image. We refer to that in the blog by name! (image attached) 2. So I'll take this as a concession as well. Hopelessly outdated shouldn't mean it has the decrypt-compute-reencrypt flow. I would love an explanation on that. 3. So what happens after? I mean, this doesn't address the major hold over the supply the developers seem to have, no? This equally reads as a concession. 4. Thank you for admitting the UK R&D entity was yours. This confirmation doesn't seem to address Kirill Sencharov and his link to you, David. 5. Again, this just feels like a concession. Admitting your team members can easily off-ramp to fiat. 6. I would appreciate details on this "incident." Who was the counterparty? Why did it require an immediate transfer? The issue is that you could claim anything as an incident. It's a black box for us. It also doesn't really address why this took 2 minutes 36 seconds, a figure in the original blog. Who executed that multisig, by the way? 7. So explain the address clustering. At least give a plausible explanation, maybe? This also doesn't address the LinkedIn cached data, which proves a correlation to Octra. Even jamcake.com proves a link to Octra! 8. So it's a self-imposed lock. No programmatic lock (from what we've seen) exists. Team may not have access to any other OCT, however, they control the single validator. They can mint, modify state, and more. This was discussed in the original blog. You've left many questions unanswered. This didn't address our main points. Where does David Amishav appear outside of Octra? Why do you commit to repositories under the name "K" in UTC+2/3, a timezone matching Estonia? What are the actual hardness assumptions of HFHE? Why won't you address the main glaring issues defined in the blog? Also, because Alex decided to say we weren't interested in dialogue, we'd like to let you know that we are very open to an open-letter style debate recorded on te.mpe.st!
te.mpe.st tweet media
λ@lambda0xE

Hi, thanks, very helpful and insightful. Not sure what to "come after you" for. 1) Yes, some tech docs were written over two years ago, do not reflect the current implementation, are outdated and should be reworked or removed. Yes, the method is experimental. Yes, the full formal paper is long overdue. Yes, the development and releases have been significantly ahead of the public material updates. The open-source web client and the current published HFHE implementation, the only relevant repos for a proper audit, were entirely left out of this article for some reason: github.com/octra-labs/web… github.com/octra-labs/pva…; 2) Yes, in the old sandbox demo, encryption, decryption, and arithmetic functions were available in the same browser package, as expected for a standalone demo. It's hopelessly outdated; if you want to understand encryption, go to GitHub. 3) Yes, @octra pursues progressive decentralization and is transparently in the mainnet alpha stage, with the node release upcoming. Yes, this has taken a while due to work on security. Yes, the bridge is validated by an octra node, which will be more evident from its release. Yes, there are mint caps after the recent published incident that can be changed later; 4) Yes, @octralabs is a registered Swiss association, and Silvan Andermatt is its board member / director. Yes, there exists a UK R&D entity that was registered but not used. All of this is indeed public information; 5) Yes, funds raised for development were obtained from the Uniswap Auction, moved to the @octralabs multisig and used for development on a monthly budget. Yes, over $2.1 million out of $2.4 million raised in April still remain there. Yes, some team members and B2B off-ramps have CEX accounts; 6) Yes, 100,000 USDC were transferred as an emergency to buy back 50,000 USDC worth of wOCT during an OTC incident. All of wOCT purchased and the remaining 50,000 USDC were transferred back to the multisig and later added to the Uniswap liquidity pool as announced: etherscan.io/tx/0x81b63ecde… etherscan.io/tx/0x2256df58d… 7) Yes, some people move from post-USSR countries to Switzerland, Israel and the UK. Yes, some team members were involved in prior non-crypto startups. Yes, there are other legal entities associated with them that have nothing to do with octra; 8) Yes, one of the wallets labeled as "operational" has a nonce of 20 because it was used to test encrypted balances, and the team does not have access to any other OCT. The exact full amount declared is still there. Yes, "locked indefinitely" isn't the right wording, because it implies a programmatic lock, whereas the restriction is self-imposed. Thanks for flagging, we have been prioritizing updating public materials. If you have anything to improve on the method itself, please feel free to send PRs. There is also an active bug bounty at all times, you can submit your findings to dev at octra dot org.

English
1
1
21
2.7K
Rabenvater retweetledi
te.mpe.st
te.mpe.st@te_mpe_st·
Funny story. Tail suggested I add an appendix debunking claims of doxing. Fuck it, I'll debunk it here. Firstly, we did not reveal anyone's non-business addresses. We revealed only what was strictly necessary for OSINT purposes. Doxing, as I see it, would require a motive of garnering harassment towards the doxed. This is not what we did. As I told Lambda, we don't omit the two repos. We mention them by name. Sorry. But please, Alex, tell me how exactly we were ignorant on blockchain functions! Did you even read the blog?? Us tracing businesses across countries does not constitute as "dox attempts." If you'd like, I'm happy to have people who have experience in OSINT affirm my claims. You pulling a moral trump card out of your arse is fucking infuriating.
English
3
2
7
1.3K