be11pepper

7 posts

be11pepper

be11pepper

@be11pepper

gyejinlee @QED_Audit @TeamAtlanta24 @SSLab_Gatech

Katılım Ekim 2025
11 Takip Edilen29 Takipçiler
be11pepper retweetledi
QED Audit
QED Audit@QED_Audit·
zk.golf by @zksecurityXYZ challenges you to write the cheapest formally verified circuit and prove it correct in Lean 4. For the SHA-256 challenge, we submitted a circuit with 1 witness and 1 constraint. It still verified. Here is how we broke the spec. 🧵
QED Audit tweet media
English
2
6
33
5.9K
be11pepper retweetledi
QED Audit
QED Audit@QED_Audit·
@QED_Audit is building continuous security for Ethereum. The Ethereum Foundation has engaged QED to build specialized security agents for the Ethereum protocol. Our work combines 10+ years of security experience, @DARPA AIxCC-winning autonomous vulnerability discovery, and hands-on protocol security across core blockchain infrastructure. We’ll focus on implementation bugs, spec drift, and consensus-critical issues across Lighthouse, Prysm, Geth, Reth, and libp2p. This builds on our work in continuous protocol security and agent-assisted auditing: * qedaudit.io/blog/tachyon/ * qedaudit.io/blog/commonwar… Excited to contribute to Ethereum’s future.
QED Audit tweet media
English
4
4
36
4.3K
be11pepper retweetledi
patrickogrady.xyz
patrickogrady.xyz@_patrickogrady·
70k tps 400ms finalization browser light client native passkey wallet … now available (for free)
English
23
43
224
58.7K
be11pepper retweetledi
ainta
ainta@kaizero_ainta·
The two THORChain critical bugs we reported in January were found with our AI auditor. Around the same time, there were many AI-generated PRs labeled as P0 security fixes, but they did not catch these issues. A recent Huginn run reported 196 findings. AI can now generate hundreds of plausible findings. The real value is identifying the few bugs that actually put funds at risk.
ainta tweet mediaainta tweet media
QED Audit@QED_Audit

In January, QED Audit reported two critical THORChain bugs while their bounty program was still active: > $40M asset theft > drain all THORChain RUNE bonds Both vulnerabilities were fixed, but unfortunately, we were not paid. However, we will not advocate for open disclosure as we believe responsible disclosure should remain separate from bounty or compensation disputes. 🧵(1/8)

English
1
3
34
6.6K