Sabitlenmiş Tweet
Konstantin Lomashuk cyber/acc
2.8K posts
Konstantin Lomashuk cyber/acc
@Lomashuk
Accelerating the world's transition to a cybernetic economy. @cyberFund
Katılım Ocak 2011
1.8K Takip Edilen37.2K Takipçiler
Konstantin Lomashuk cyber/acc retweetledi
people do not want to trust in code at this point
the key is to come up with smarter, more surgical ways of using centralized protections--like Lido's gateSEAL*, which is a one-time-use 'panic button' causing a limited-time protocol freeze
& combining those with better legal structures to create accountability if they are abused
*github.com/lidofinance/ga…
English
Konstantin Lomashuk cyber/acc retweetledi
$6M seed round just closed, led by @HarryStebbings at @20vcFund and @picuscap, alongside @cbventures, and others, plus 30+ angels including @patcummins30.
Read the full details from our CEO ↓
Ali@AliHabbabeh
Habibis, @xomarket just closed a $6M seed to build permissionless conviction markets anyone can spin up a Yes/No market on any belief in seconds. Led by @20vcFund and @picuscap , with @cbventures, and others along with 30+ angels including @patcummins30 Prediction markets cracked this open. We're opening the rest.
English
Konstantin Lomashuk cyber/acc retweetledi
Konstantin Lomashuk cyber/acc retweetledi
A proposal for Lido DAO to contribute to @aave’s coordinated rsETH relief effort has landed on the Research Forum following this week’s Kelp's rsETH LayerZero bridge exploit.
The proposal authorizes a one-time, capped contribution of up to 2,500 stETH to a dedicated relief vehicle, solely as part of a fully funded recovery package. The proposal is designed to reduce broader ecosystem spillover and support an orderly resolution for affected users.
DeFi United. Read more below:
research.lido.fi/t/lido-dao-con…
English
Don't wait the next hack, move to verified RPC - drpc.org/docs/gettingst…
Constantine | dRPC.ORG@constantine_rm
We got a lot of requests to bring this back to life, and as promised, it's live now! #nodecore" target="_blank" rel="nofollow noopener">drpc.org/docs/gettingst…
If you build a mission-critical dApp, or if part of your functionality is super fragile to RPC poisoning, please use the Verification feature from dRPC via NodeCloud or NodeCore; there is no excuse not to use it, and you can't say, after yet another hack, that you were not aware of this. English
Konstantin Lomashuk cyber/acc retweetledi
Konstantin Lomashuk cyber/acc retweetledi
Networks joining the EEZ @etheconomiczone will have a bridge delay of 0. You can move tokens to a chain and back in one transaction. In this world using none-canonical bridges with lower security will be completely pointless.
RYAN SΞAN ADAMS - rsa.eth 🦄@RyanSAdams
Bridges have been the single biggest category of DeFi losses cumulatively. $2-3 billion in hacks since 2021. Unfortunately, much of the story of how we scaled DeFi over the past several year was through bridges. I'd estimate 35% of DeFi TVL today has some third-party non-native bridge dependency today (e.g. a Kelp + L0 style architecture). We adopted third-party bridges for two reasons: 1) we needed to scale via L2s because Ethereum L1 wasn't scaling and 2) L2 native bridges mostly sucked due to pre-zk optimistic rollup tech (e.g. 7 day withdrawal windows). Then we pretended the added complexity and dependencies didn't materially increase risk to DeFi. And so we adopted daisy chained assets like L2 rsETH as practically the risk equivalent to ETH on L1. And we wove this risk into the system. We'll learn from this. We'll price risk more effectively. DeFi will adapt. But this is a painful setback and there will be more to come if we don't minimize bridge dependencies. Scaling the L1 is a security priority. We can't build DeFi on rickety bridges.
English
@hosseeb What was actually wrong with the stETH depeg of 2022?
Honestly, stETH held its price better than I would have predicted.
It was never a 1:1 peg to begin with - withdrawals weren’t available until 2023.
English
DeFi learns through failures. Whether it's from the collapse of Terra, broken auctions during Black Friday in 2020, or the stETH depeg in 2022, it has failed over and over again--but with every failure, it improves.
People talk all sorts of shit about this, but it's no different from how TradFi learned from banking crises, lending contagion (2008), or fraud (savings and loans crises in late 80s).
The important thing is that these failures are not fatal. The heart of DeFi is risk-averse and robust. AAVE might take on some bad debt, but it has the equity to pay it.
DeFi isn't going away. And seeing the vigorous debate around how to improve it is exactly the process by which it keeps getting better.
Bullish DeFi, and bullish this community.
English
This is why we built @dRPCorg.
The $250M lesson from KelpDAO and LayerZero: response from a single RPC endpoint is a single point of failure, even if it's your own RPC or your loadbalancer endpoint. Any protocol moving user funds should be running quorum across independent providers. Not negotiable.
Constantine | dRPC.ORG@constantine_rm
In dRPC you can run a quorum of data providers, including internal nodes, with custom rules for quorum. We made it in 2023: #why-use-verification" target="_blank" rel="nofollow noopener">drpc.org/docs/gettingst…
. For a mission-critical application like a bridge or oracle, there's no excuse not to set it up. But they didn’t. The framing of the recent KelpDAO and LayerZero incidents as some novel attack vector, or the work of meaningfully smarter attackers, is mostly wrong. The actual failure mode - applications trusting a single RPC endpoint to return honest data - has been discussed openly for years, by @VitalikButerin, @lomashuk, @MicahZoltu, @wagmiAlexander, @ChainLinkGod, @banteg, and many others. It is neither new nor subtle. A closely related failure happened in 2022 with the Ankr DNS hijack on Polygon and Fantom: x.com/Mudit__Gupta/s… The point here isn't ideological. In a 24/7 market where automated systems act on RPC responses in real time, assuming one provider will always return correct data is a system-level risk. There is no T+2 window in which a human notices the error and reverses it. When we launched dRPC, cross-verification across a permissioned set of RPC providers was the core idea. The original repo and docs are still up (although outdated since then): -#why-use-verification" target="_blank" rel="nofollow noopener">drpc.org/docs/gettingst… - github.com/drpcorg/drpc-s… We used a simple quorum rather than zk-based verification, partly to test real demand before overbuilding. Two observations from that period: 1. The demand was not there. In public, everyone agreed with the thesis. In private, the responses were "we are not ready to pay more for quorum," or "yes, we could apply it to sensitive paths only, but it's not a priority." 2. The risk was real. The market is now discovering this at a cost of roughly $250M. Because full cross-verification on every request is overkill for most workloads, we eventually shifted toward shadow checks — randomized background comparisons across providers that detect and eject unhealthy nodes before they serve meaningful traffic. This is a reasonable compromise for general workloads. It is not a substitute for quorum on sensitive paths. So the practical rule, for anyone building infrastructure whose failure mode is user funds: 1. Use at least 3–5 independent, reliable RPC providers. 2. Do not build your load balancer on training wheels. Something like drpc.org/nodecore-open-… is open source, free, and almost certainly better than what you would build in-house. Contributing to it is a better use of time than reinventing it. You cannot defend against every possible attack. But this particular class is avoidable at low cost, if you are willing to treat RPC as a system-level dependency rather than a commodity input. That is a reasonable bar for anything meant to serve more than a narrow circle of users. We will update the dRPC NodeCore (drpc.org/nodecore-open-…) with strict rules for quorum on your side in the near future, stay tuned. If you have more sophisticated requirements for security, we are fully open for your requests - feel free to each me our via DM here or by email kz@drpc.org English
No. RPC-layer attacks aren't new - Ankr's Polygon and Fantom RPCs got DNS-hijacked back in 2022.
x.com/Mudit__Gupta/s…
We built drpc.org for exactly this: cross-verify RPC responses across independent providers to kill the single-point-of-trust vector. The tech is there. Clients just are not ready to pay for it.
Mudit Gupta@Mudit__Gupta
Public RPC gateway provided by Ankr for Polygon (polygon-rpc.com) and Fantom (rpc.ftm.tools) were comprised via DNS hijack earlier today. Polygon and Fantom foundation have no control over services provided by others. Use Alchemy or others while this is fixed.
English
Is there any reason to believe recent DeFi hacks are directly a result of smarter models?
English
Konstantin Lomashuk cyber/acc retweetledi
Konstantin Lomashuk cyber/acc retweetledi
today @pumpcade becomes the first team to launch an ACE round on @MetaLeX_Labs !
Pumpcade, a prediction market platform, recently raised two oversubscribed rounds totaling $6M and is now launching an ACE round, allowing eligible non-U.S. -person $PUMPCADE holders to convert a portion of tokens into SAFEs in the company
Major respect to @PopPunkOnChain for giving his community an opportunity to take a seat at his cap table.
This is exactly what ACE on MetaLeX was intended for, giving everyday people the same opportunity as VCs to access both equity and tokens in a company, something that has been out of reach for most.
check it out at:
ace.metalex.tech/round/0x8c1924…
Pop Punk@PopPunkOnChain
English
Cybereconomy 🌊
cyber•Fund@cyberfund
New episode of the Cybereconomy Podcast is live! We sat down with @matthew_d_white, Global CTO of AI at the Linux Foundation, to discuss the explosive growth of AI Agents and Open Source AI. If you're building in the AI space, this is a must-listen: youtube.com/watch?v=SiR184…
Română
Konstantin Lomashuk cyber/acc retweetledi
MoonPay Virtual Accounts are live.
Bank to card. Instant.
Powered by @iron.
Thank you to the @moonpay team for this amazing video.
MoonPay 🟣@moonpay
HELLO MOTO
English
Konstantin Lomashuk cyber/acc retweetledi
super hyped to introduce ACE (asset conversion to equity) on @MetaLeX_Labs
we've been cooking this for a while with some great partners (TBA sooner than you think)
had to sneak this one past the cybernetic law safety committee to release to the public, don't tell my mom
MetaLeX@MetaLeX_Labs
English
Konstantin Lomashuk cyber/acc retweetledi
i got my whole genome sequenced two years ago and forgot about it.
last week i told my ai agent (@laukiantonson) to dig up my DNA files
• it dug up a two-year-old email
• found the download link
• pulled down 67 gigabytes of raw DNA.
• rented a 32-core, 64GB machine for a few hours — total cost: $5
• aligned 21 million long reads to the human reference genome — 99.83% mapped
• called 5.8 million genetic variants using a two-pass neural network
• phased every variant — separated maternal vs paternal inheritance
• annotated all 5.8M variants against ClinVar, PharmGKB, and gnomAD
• corrected for population-specific bias in the medical literature
• health risk map across 39 conditions flagged in every body system
• drug compatibility guide for 141 medications color-coded by genome response
• nutrient metabolism - 71 variants affecting absorption of vitamins, minerals, iron
• traits, ancestry going back 40,000 years, neanderthal DNA breakdown
$5 in compute. 8 hours. no bioinformatician. no doctor. just one instruction.
we've genuinely reached a point where an ai agent can take your raw genome and hand you back a full personal health profile in a single shot. i had no idea this was even possible.
Maziyar PANAHI@MaziyarPanahi
🚨 Over 1 billion rows of psychiatric genetics data. Now on Hugging Face. ADHD. Depression. Schizophrenia. Bipolar. PTSD. OCD. Autism. Anxiety. Tourette. Eating disorders. 12 disorder groups. 52 publications. Every GWAS summary statistic from the Psychiatric Genomics Consortium. Before: wget, gunzip, 20 minutes debugging separators, repeat 50 times. Now: one line of Python.
English
Compute will be traded. Congrats @BrettHarrison !
Brett Harrison@BrettHarrison
The financialization of compute is here. Architect has launched 24/7 perpetuals on Nvidia H100 GPU prices — the first regulated futures contracts on compute, built with @OrnnExchange’s live market indices. The AI economy has its first exchange-traded futures market.
English
Konstantin Lomashuk cyber/acc retweetledi
Extended end of Q1 update
[TLDR]
- Multi-asset collateral launching soon
- TradFi expansion accelerating (>25 markets live, partnership coming, focused on distribution via TradFi brokers)
- Becoming more institutional-ready (pricing methodology, trading workflows)
- Building decentralised, high-throughput sequencing
[Product]
The team has completed development of multi-asset collateral margin. It is now in the testing phase on testnet and undergoing smart contract audits. We expect to launch at the end of April or early May, with support for wBTC, ETH, USDT and potentially EURC as collateral, subject to underlying liquidity.
In Q1, we also doubled down on our TradFi offering, expanding to 25+ equities, indices, FX markets and commodities with competitive liquidity. We are currently finalising an agreement with a major TradFi broker, which will both broaden our offering and help bring in flow.
The other priority for the team is making Extended more institutional-friendly across both product and trading:
- Improving the definition and transparency of fair reference pricing for TradFi markets, with a consistent and clear methodology: spot-based references for equities and FX, and futures-derived pricing for commodities and energy
- Introducing and better communicating institutional-grade features such as MPC wallet workflows, API key-only trading, and our sub-account architecture
In addition:
- With multi-asset collateral, we have built native spot markets (required to process liquidations of non-USDC balances). These will be released shortly after the cross-asset rollout.
- The team is progressing towards decentralising sequencing via an application-specific chain built on a high-throughput implementation of full BFT consensus (targeting ~50ms block times and hundreds of thousands of transactions per second).
This architecture introduces an app-chain layered on top of our existing zk-enabled stack, enabling decentralised matching and related services while preserving existing security guarantees. More details and timelines will be shared soon. Importantly, this design enables Extended tokenomics and revenue accrual to the token.
[Growth and community]
Our strategy remains consistent:
- Stay open to feedback
- Continuously iterate on the product
- Encourage organic usage
- Do not do paid marketing or paid deals
- Focus on long-term sustainability and value creation
Over the past quarter, we have gained stronger conviction that demand for perpetuals is increasing among traditional players, driven by 24/7 trading, higher leverage and deeper liquidity. As a result, we are doubling down on business development with TradFi brokers (fintechs and trading platforms). This is a long-term effort, but we believe it will be a key driver of sustainable growth.
We also have several important integrations with trading terminals coming up, both retail and institutional.
[Team]
Over the past quarter, we hired 3 new team members and are now a team of 14. As we move towards decentralising sequencing, we expect to grow to 18-20 people in the coming months.
[Market and exchange metrics]
Nothing unexpected: January saw all-time highs across key metrics, followed by a broader market slowdown in February and March. All Extended metrics are public: dune.com/extended/exten…
From our perspective, short-term market conditions are less important than long-term trends. What matters is that the market we are building in continues to grow and there is room for new players. We strongly believe this is the case:
- price discovery for TradFi assets is likely to increasingly shift towards perpetuals. More on this here: x.com/rf_extended/st…
- DeFi continues to gain share versus CeFi
- Regulatory clarity is improving across both the US and Europe
English
5 years working side by side with @Dmitriy17042471 at @MixBytes - and now excited to welcome him to @cyberfund as CTO.
Every fund now faces the same question - evolve open-endedly toward singularity, or get left behind.
Let's go 🚀
cyber•Fund@cyberfund
We are thrilled to welcome our new CTO @Dmitriy17042471 to our team! We have been working closely together with Dima over the years in his role as co-founder of @MixBytes . For the past 5 years Dima bootstrapped the team at MixBytes and helped to deliver 200+ audits.
English