1egen

New on our Frontier Red Team blog: We tested whether AIs can exploit blockchain smart contracts. In simulated testing, AI agents found $4.6M in exploits. The research (with @MATSprogram and the Anthropic Fellows program) also developed a new benchmark: red.anthropic.com/2025/smart-con…

@systemdesignone @maahhiii77

If you want to become good at system design (in 3 weeks), learn these 15 case studies:

I misunderstood the @Ledger multisig announcement the other day. I understood they've decided to charge like a Swiss private bank, but I've only just realized the extent to which they're not actually private at all... I was also dismayed to see that this is still NOT a Ledger app which actually allows normal people securely sign txs, which was the entire issue in the first place. I refuse to call it "clearsigning". There's just "signing" and "yolo signing", and the ability to not yolo sign is not a premium feature - it's basically functionality without which your product is reckless and irresponsible But back to the privacy: obviously I opted out of analytics, so imagine my surprise at all the tracker calls which @brave helpfully blocked for me So what's Ledger trying to share here with the friendly data harvesting technologists at @datadoghq ? * My personal Safe addresses * My personal browser metadata * My personal device metadata (screen resolution) * My every move that I take on the app What is this for? Ledger's own privacy policy states that sharing this kind of data requires consent, yet this is happening anyway to a company (Datadog, Inc.) not even mentioned in the privacy policy! And yes, I fully expect this project will be dead on arrival because of insane pricing. But I'm more concerned that once again a major crypto player like Ledger (and EU based to boot!) doesn't care about basic privacy protection or following the most basic privacy regulations @Ledger please do better than this, a privacy policy is not just a formality if you are a security company!

Today, we’re excited to open-source an AI vibe coding platform, VibeSDK, to enable anyone to run an entire vibe coding platform themselves, end-to-end, with just one click

$3B total deposits on Euler. All in under a year since launch. Accelerate.

So I looked a bit into what the EU planned for age verification and seems like it will involve Zero Knowledge proofs in the future. And they will use Google solution inspired by Ligero and implemented at github.com/google/longfel…, IETF draft: datatracker.ietf.org/doc/draft-goog…

gm ZK is the way

@aave $100B by the end of the year 🙌

$50B net deposits in Aave. Onward.

@PatrickAlphaC Agreed. What if there is a platform like L2beats, and it would rate the contest platform with stages, which will also assist them to reach a higher stage

Hot takes that I think shouldn’t be hot, and should be “the default” 1. The contest platform is ultimately responsible for the payout. It is the contest platform that promises payout, so if a platform doesn’t pay out, no matter the drama, it is the platform’s fault. 2. The auditors are the workers, and should be treated with the same respect as you would someone on your team. Changing goal posts in the middle of a review, allowing your team to be taken advantage of by allowing clients to dismiss submissions for any reason, or even giving the opportunity for a client to ruin the integrity of a contest (sharing results that could be leaked before contest ends, allowing the protocol to fix the bug and then close the issue because “oh it’s fixed now”) isn’t acceptable. Team > Client. With this, you end up giving the client better output because the team actually cares. Changing the rules of a competition that pays out money could even be considered illegal in some cases. 3. Exclusivity deals on bounty platforms are the antithesis of security. Imagine finding a live crit and not being able to report it because you have an exclusivity deal. 4. Despite all this, bug bounties and competitive audits are still the best way to get into the industry. Don’t let this be the excuse you give to platforms to treat you like dirt, but also keep in mind, many of them are trying their best. Unless they violate one of the statements I made above, in which case they may not be.

Euler officially crosses $1B in total borrows. With utilisation approaching 50% it shows that Euler isn't just flexible but also truly capital efficient. Accelerate.

Amazing 👏

$2B total deposits on Euler. Soon to be supercharged by EulerSwap.

Introducing zkPyTorch: Making Zero-Knowledge ML Accessible! Polyhedra bridges PyTorch & ZK Proofs. Now AI devs can build verifiable, private ML models using standard PyTorch code – no crypto expertise needed! ✅ Prove model execution correctness 🛡️ Protect model IP & sensitive data ⚡️ Blazing fast: single-thread production LLM (Llama3 8B) ~150s/tkn, GPU coming soon blog.polyhedra.network/zkpytorch/ Unlocks Verifiable MLaaS, Secure AI Valuation & more! #ZKML #PyTorch #AI #Privacy #zkSNARK

The Road to Making Life Multiplanetary: an update from @elonmusk on SpaceX's plan to reach Mars

1/ Introducing EulerSwap A smarter DEX with lending-boosted yield, deeper just-in-time liquidity, and native support for LP positions as collateral. Supercharged by Euler lending infra.

@arcium @solana @yrschrade What do you mean by fully <encrypted>? Are you using zero knowledge proofs, or is it something else?

Introducing the first trustless, <encrypted> ML Marketplace on @solana, demoed by @yrschrade. Public Testnet goes live April 30th—real apps, real use cases, fully <encrypted> The countdown begins.

$1b total deposits on Euler. One yard on Euler.

@eulerfinance Congrats 🎉

We're overhauling the MetaMask UI/UX. 🦊 Not only that, we're bringing in developments that will level up the entire industry. Here's what we've been cooking. 🧵👇

@nisten @theo I suspect it might have something to do with the recent Safe{Wallet} hack. They use MaterialUI for frontend, and they might have been compromised through this extension.

@theo How did the malware work?

The Material Theme has just been removed from GitHub and VS Code due to shipping malware