Gerard Persoon

It's not the end, it's still living on in the LLM data training sets. That's why you see so many zero-address check suggestions and inflated severities. (My feeling is that it has improved with recent models though?) The very early 2021 days with @0xRajeev @gpersoon @sockdrawermoney were peak fun. What ruined contests from an SR's POV was: Fewer real bugs because devs and tooling got a lot better, once foundry came along devs started actually testing their code with high coverage. This led to more (arguably) out-of-scope bug submissions which made the highest-impact move arguing about your own & others' issues. The difference between a high and a medium was not well defined in practice & there were some incompetent judges (sorry). Pool sizes also never kept up with the increase in participants. In the end, the audit contest payout structure changed so much that many were just pre-deployment bug bounties (different pool size unlocks for H/M). Ironically, now would be a great time for contests again as everyone is boasting about their AI being the best. Would love to see more real results instead of vagueposting.

@rsquare @SafeLabs_ @cantinasecurity

I'm looking for solutions using LLMs/AI/Agents that are enabling a super charged defensive model for teams, products & companies. In particular for @SafeLabs_ Who should I talk to?

@hrkrshnn Microsoft office

I'm looking for interesting targets to point Apex at. Claude Code was interesting because 1) it's closed source and 2) it's the product of the year. Where should we point it next? If we haven't scanned it yet and we get a bounty for it, I'll give you a piece.

Cool idea. Why not use the exact bounty amount as liquidity? That removes the uncertainty if the white hat pays back the 90%. And that is the amount that the protocol should reserve anyway.

@_weidai Check x.com/sockdrawermone…

Who's working on "secure" agent harnesses? Ingredients: track all tool calls, semantically label them (what was read, what is the effect), enforce policies, etc. Would love to chat.

Cool idea by @sockdrawermoney : Label data, enforce policies to manage AI security & prompt injections. See mlld.ai x.com/i/status/20274…

@taalas_inc Wow, this is extremely fast inference. chatjimmy.ai

@thedaofund There is a lot of reinventing the same thing. This could potentially be improved with more generic modules / libraries, which are well tested and reviewed.

As we think about funding Ethereum security long term: what parts of security do you believe are most underfunded today? We’re listening.

When you compress the time between intent and finality, you also compress the time between mistake and catastrophe.

@GalloDaSballo See Verifiable Delay Function

Is there a way to create a private key that becomes public over time? So that for a period of time only one person can sign But after some time anyone can

@mudgen @originary_joe @VALIPOKKANN Changed it a bit to ERC721

@gpersoon @originary_joe @VALIPOKKANN That diagram almost matches the implementation of ExampleDiamond here: github.com/Perfect-Abstra… If you changed ERC20Facet to ERC721Facet, then it would match a bit closer. It is an excellent diagram, I love it.

Does anyone want to make a new diamond graphics for the next ERC standard for diamonds? How could this graphic be much prettier?

Cool idea from @iphelix : Competitive incident response

@p_misirov @zigtur @Montyly @GalloDaSballo @AliceAndB0b What happened before:

@p_misirov @zigtur @Montyly @GalloDaSballo @AliceAndB0b Wow

EU 🇪🇺 is so back WINNERS @zigtur @Montyly @GalloDaSballo @AliceAndB0b

Vitalik on Why trustlessness now? @trustlessconf

Vitalik on Why trustlessness now? @trustlessconf

Vitalik explaining the blockchain

Full House at Ethereum Day Devconnect ARG @EFDevcon With @0xRajeev