Thomas Pani | blltprf.xyz

Recording now online! 🎥 I gave a hands-on workshop at Protocol Berg 2025: 25-Minute Solidity Fuzzer: Fuzzing Smarter, Not Harder 🎤 Learn EVM fuzzing by building a Solidity fuzzer in Python from scratch — in just 25'. + Better input generation + Smarter metrics (beyond # of runs) + Formal Methods mindset 🧠 Recording + blog: blltprf.xyz/blog/25-min-so… 💻 Code: github.com/thpani/fuzz-pb… 📽️ Video: youtu.be/Z7oMWser1JU #web3 #EVM #fuzzing #smartcontracts #Security @protocol_berg

There is a growing interest in formal specifications and #tlaplus again! Check the recordings of the TLA+ Community Meeting 2026 to see the examples of what can be done with it (hint: a lot). The TLA+ YouTube channel: @TLAplusFoundation/videos" target="_blank" rel="nofollow noopener">youtube.com/@TLAplusFounda… The talks in the thread...

@mitsuhiko @openclaw Only its LOC growing faster 😄

Happy 100k stars @openclaw! Shit's crazy.

For an example, let's say your system has a single counter x, initially at least 42, and it can non-deterministically increment x by either 5 or 12. x ≥ 10 is an inductive invariant. Let's say we want to check the property "x is always positive" (x>0). So we discharge in SMT: 1) initial state satisfies the inductive invariant: x ≥ 42 ⇒ x ≥ 10 2) ind.inv. preserved under steps: x ≥ 42 ∧ x' = x + 5 ⇒ x' ≥ 10 and x ≥ 42 ∧ x' = x + 12 ⇒ x' ≥ 10 3) ind.inv. implies the property: x ≥ 10 ⇒ x > 0 These four queries can be checked by Z3 in a fraction of a second, even though there are infinitely many initial states (any state where x is at least 42). Obviously, for real systems with more complex state, the inductive invariant become more complex. But the basic principle remains as simple as illustrated here. In practice, the challenge becomes finding an invariant that is inductive for the system and strong enough to satisfy the property. This is an intellectual puzzle, but one that can be done with a bit of practice.

@SivukhinN @k0nn0v @DominikTornow Checking these against a property P is symbolic, on the formulas – we don't need to deal concretely with the (possibly many) concrete states described by S and apply(s, a). We simply hand over S ⇒ P and apply(s, a) ⇒ P (for all a \in Actions) to Z3.

Quint is the specification language you've been looking for x.com/DominikTornow/…

@MichaelAArouet So? This difference covers healthcare, school through university, unemployment insurance, plus childcare and public transport subsidies. The US just takes smaller deductions and pushes the same costs out-of-pocket and risk-based. Just a different way of paying 🤷🏻‍♂️

Fun with Protocols A challenging but rewarding read, perfect for a holiday break: Proving completeness of an eventually perfect failure detector in Lean4 by @k0nn0v Igor uses Lean to prove (not model check) a distributed protocol's safety and liveness x.com/DominikTornow/…

"This is all good, but how does your spec match my implementation?" Here is how. We generate a test harness that tries the code and the spec. Both get tested! Want it fast? Let's use Claude. Does it find bugs? Oh yes! protocols-made-fun.com/tlaplus/2025/1…

Our full write-up with a lot more details: 👉 blltprf.xyz/blog/aztec-gov…

Recently wrapped up a month-long engagement to formally verify the new Aztec Governance Protocol together with @k0nn0v. No critical issues, but we did uncover subtle cross-contract interactions and timing-related edge cases that rarely appear in conventional audits or fuzzing. Aztec Labs addressed all findings, and working with them was a pleasure. 🤝 @aztecnetwork

What a cool event: curious people, interesting tech, and a stunning location ✨ Thanks @renerocksai for bringing the @TigerBeetleDB spirit to Vienna! Hope this can be repeated (and lure @jorandirkgreef to Vienna) 😄

@WakeFramework Exactly. Unfortunately, a lot of people believe that security is becoming cheaper with AI, when the economic incentives heavily favor blackhats over whitehats. The sooner we can correct this narrative, the better for web3.

AI discovered $4.6M in smart contract exploits during Anthropic's testing. Two novel zero-days. Profitable after API costs. This isn't a future scenario. It's happening now. The security landscape shifted. If AI can systematically find vulnerabilities, every protocol needs to assume attackers already have these capabilities. The question isn't whether AI-powered exploit discovery exists. It's whether your security stack can match it. Wake Framework runs static analysis, battle-tested from 200+ audits, securing Lido, Aave, Axelar, Safe, and LayerZero. Reentrancy patterns, write-after-write bugs, ERC4337 storage issues, unchecked arithmetic - the attack vectors AI targets first. The VS Code extension puts these detectors in your development environment. Real-time vulnerability detection as you write Solidity. Not after deployment. Not after someone finds the exploit. During development, when fixing costs keystrokes instead of millions. Here's what matters: static analysis isn't about catching everything. It's about systematically eliminating vulnerability classes before human auditors even look at the code. Let automation handle the patterns. Let auditors focus on protocol-specific logic that only human expertise can evaluate. Anthropic proved AI can hunt exploits at scale. The defense needs to operate at the same scale. We're building detection systems that assume attackers have these capabilities. More coming soon on what systematic detection looks like when you combine battle-tested static analysis with modern reasoning capabilities. The tooling that wins won't have the best marketing. It'll be the one that caught the vulnerability before the AI-powered attacker found it. Stay tuned!

@DominikTornow The miracle is that we build complex global systems on agreed-upon points in the past… and it not only works, it scales 😄

In distributed systems, you can never know "what is", you can only know "what was" Even in consensus, you never know the current value, you only know the value at an offset in the log Every decision is made on a stale understanding of the world

Security is a risk mitigation race, not a cost-curve problem. "Better" tools end up empowering both whitehats and blackhats. AI doesn't make security cheaper; it just shifts the battlefield and raises the stakes.

Ad GitHub: would love to see a modern version of Trac that can be self hosted, but is federated so that it can be used to host many projects and survives the shutdown of instances.

I told Claude to one-shot an integration test against a detailed spec I provided. It went silet for about 30 minutes. I asked how it was going twice and it reassured me it was doing work. Then I asked why it was taking so long:

@TommyYesItsMe @tsoding Just because critical bugs don't hit users or cause outages doesn't mean they're easy to debug. We've had plenty of user-facing examples recently. Not sure I follow your point – if the issue is running stripped release builds, what's the connection to overengineered languages?

@audithare @tsoding There are new critical bugs in the code that runs YouTube, Instagram and Google every day. In the worst case they only result in outages lasting minutes because when the binary crashes you can look at the logs and find an error message or stack trace. That wasn't the case here.

The whole Internet was crashed but in a safe way.

@TommyYesItsMe @tsoding Fair, but many complex systems can take hundreds of engineers three hours to figure out, regardless of the language? I'm not too happy about the Rust hype, but I'd say there's better angles here than language choice.

@tsoding Bugs can happen in any language, but bugs that need hundreds of engineers three hours to figure out are more likely to happen in overengineered languages like Rust. Here's the bug that took down Cloudflare: