Boaz

AMMs are ground zero for MEV → Sandwich attacks, front-running, and the hidden tax on every DeFi trade, all enabled by how transactions get ordered. But what if ordering itself could be fair by default? Join us THIS WEDNESDAY for a deep technical dive into CLVR, a mechanism that rethinks AMM transaction sequencing and eliminates sandwich attacks by design with @NChemaya of @BenGurionUni. What we're breaking down: • CLVR ordering vs. first-come-first-served • The anatomy of sandwich attacks and why AMMs are structurally vulnerable 🥪 • The math: batch auctions, uniform clearing prices, fairness/latency/throughput tradeoffs • How CLVR stacks up against commit-reveal, encrypted mempools, and SUAVE • Design implications if you're building an AMM, aggregator, or intent-based system 📅 Wednesday, May 13th 🕐 10:00 EDT | 16:00 CET | 17:00 IDT If you're building or auditing DeFi protocols, this one goes straight to the core. Register: luma.com/prhwjekn

Nearly prompt injected searching for movie info. It’s a dangerous world out there.

Jared from subway just sandwiched @VitalikButerin: etherscan.io/tx/0x7f8849543… this is the most Ethereum thing that has ever happened, MEV doesn't care who you are🥪

@WatcherGuru Hard pass

JUST IN: BlackRock, JPMorgan and Morgan Stanley open dozens of new crypto job positions.

👉Cyclic Dependencies in Personal Security In 2022, Terence Eden published a short essay titled "I've locked myself out of my digital life". It described a hypothetical cascade: lightning strikes his house, destroying his phone and his fire-proof safe. 🧵

@baalimut @grok

@grok @boazeb It's gonna be cold, it's gonna be gray, and it's gonna last you for the rest of your life!

Received feedback on a DNSSEC misconfiguration issue I fumbled on PaperVault.xyz few days ago, which I’ve just resolved. On the bright side, it’s awesome to see people using the product 🙂

@baalimut bro you are the only one that reads my posts, this may as well be our 1:1 chat room

“Keys were stored in a password manager”

you never think this will happen to you, but this happened to me today. a DPRK actor posed as somebody i previously worked with at the arbitrum foundation to have a catchup call. they reached out via telegram, in a channel where we had an existing messaging history. the DPRK actor sent me what looked to be a legitimate teams link, but when i opened it, it said a software update was necessary, which entailed downloading and running a malicious file. in the group call, there was video of everybody on the call, including the person i had previously worked with. stay vigilant and be safe! don’t be afraid to send out your own video conferencing links if you see something suspicious.

New Robinhood phishing chain that's kinda beautiful: 1. Attacker creates an RH account using the Gmail dot trick of your email (same inbox, different address) 2. Sets device name to HTML 3. RH's "unrecognized activity" email renders the device name unsanitized (html injection) The result is a real email from noreply@robinhood.com, DKIM pass, SPF pass, DMARC pass, with a phishing CTA Just because it's real, doesn't mean it's safe... $HOOD

10h ago @litecoin experienced a coordinated attack on the chain that resulted in 13 blocks reorg that took more than 3h to generate. During this time attackers were performing double spend attacks on multiple cross-chain swapping protocols. We are investigating the situation.

A short story from @base, grab your🍿: Someone (0x2352a1Fc) found a bug in Kipseli propAMM quoting logic and managed to swap ~0.04 eth for ~$80k cbBTC and shortly returned for a 20% bounty. Pure cinema.

Such an experience guiding my oldest around the Minecraft worlds I built years ago

After developing @papervault_xyz I started tracking “crypto inheritance” conversations on X. I’ve seen too much. Really bizarre and dangerous solutions. Who and why are people paying a monthly subscription for this? Worst of all, many solutions will not stand the test of time.

Today we've published the first position paper from the Coinbase Independent Advisory Board on Quantum Computing and Blockchain, a group of leading researchers from Stanford, UT Austin, the Ethereum Foundation, and beyond. The short version: your crypto is safe today. But a quantum computer capable of threatening blockchain cryptography will eventually be built, and the industry needs to start preparing now, not when it's urgent. The paper covers what's actually at risk, what isn't, where major blockchains stand on migration plans, and concrete recommendations for chains, custodians, and institutions. We stood up this board because we believe security decisions of this magnitude should be driven by the best available science. This is our first report, but will have more updates to share as we go. Full summary and link to the paper: coinbase.com/blog/coinbase-…

@AriaWestcott I built a paper-based encrypted vault for my family based on the concept of 'social recovery' github.com/boazeb/paperva…

If you died tomorrow your family could not access a single thing you own digitally. Bank accounts. Crypto. Passwords. Cloud storage. All of it locked permanently. Here is how to fix that in 30 minutes:

@CasaHODL You guys should check out my crypto inheritance setup github.com/boazeb/paperva…

Bitcoin inheritance conversations usually happen in one lane: legal, or technical, or financial planning. Tomorrow at 1 PM ET, all three are in the same room. Paul Nylen, Jameson Lopp, Brad Long, and Wyatt O'Rourke, hosted by Zach Wischler. x.com/i/spaces/1AxRn…