Sabitlenmiş Tweet
Luca
89 posts
Luca
@lucanicoli_
Research Scientist at @CryptoEconLab || Previously MEV Scientist Engineer @urani_trade || PhD Theoretical Chemistry
Katılım Temmuz 2024
262 Takip Edilen77 Takipçiler
MEV guy reached out, we got the 21 mainnet ETH back.
What luck. Thank you.
jango.eth@me_jango
Last week, @ESultanik from @trailofbits reported to me an exploit in @revnets found by @AnthropicAI. All Revnet V5 funds were at risk. Sunday i attempted a whitehat rescue of the funds. I successfully pulled $140k of funds belonging to the @Artizen ART revnet and @markee_xyz MARKEE revnet. In the process, I lost ~25 mainnet ETH from the NANA @juiceboxETH, REV @revnets, and BAN @bannynet revnets... due to my negligence in executing the script. MEV got the best of my urgency in the heat of the moment, despite thinking I did all I could to be ready to go. All other non-revnet Juicebox projects are unaffected. For the past three months, I have been working on an "AI hardened" version of Juicebox – a fork of V5 that has gone through the ringer of any and all AI, harness, any novel auditing concept I could get my hands on. This weekend's exploit took advantage of a nuance in the revnet loans code that I had caught and fixed at the beginning of this process, but I had not realized it put funds at risk until reported by TOB and Anthropic. I'm grateful we managed to keep customers' funds safe, and regretful we'll have to start our own businesses over. I'm frustrated at myself for having left the exploit in the original code, and for failing to recover all of it despite the opportunity. I'm encouraged knowing I've already been working on the solution and won't be starting this AI risk assessment from 0... the downtime will be relatively short. But most of all I'm relieved that this AI security moment has come now, when funds at risk were relatively modest. I do not envy those with centi-million dollar protocols in production going into 2026. Despite doing all we could to get the Juicebox and Revnet V4/5 protocols audited over the past three years before deploy, the obsessive manual reviews and tests from ourselves and from top pros still missed what the latest AI crawlers have caught. The other side of this diligence storm is sunny. This turbulence is a blessed precondition for open finance, one that will level up the quality of open source, enable anyone to run audits, and allow those of us who take responsibility over the integrity of these public tools to sleep better at night. We must get to the other side. As usual, I will continue running my businesses using my own tools that I do everything to derisk, and I will continue telling others that they probably shouldn't follow my lead – the tradeoffs are real and borne by users of the open source. But I've found there are folks like me who stubbornly prefer assuming this risk if the reward is the freedom, agency, and strong guarantees the tools offer in their ideal form, unlike the corporate landscape of law-fare, capture, and executive discretion. Reaching the ideal form is inevitable if we keep going at it. It is the holy grail. Open source, open accounting, and the open internet can and will outcompete everything, but damn the journey ain't easy. On a practical note: V5 NANA, REV, and BAN holders will receive their V6 tokens as soon as the protocol is deployed, and we will restart revenue aggregation from there. MARKEE and ART holder will also receive their V6 tokens, and have their whitehat rescued funds added to their revnets to back the value of the tokens. These next few weeks before we launch V6, we need all hands on deck pointing AIs at it and fishing for exploit opportunities, efficiency nudges, documentation clarification, and everything in between. JBX and REV rewards to those who report issues. All you have to do is pull up Claude Code, Codex, or your favorite LLM and run: "Clone github Bananapus/version-6 recursively, read AUDIT_INSTRUCTIONS.md, then walk me through my options for auditing this codebase. Ask me how deep I want to go, which subsystem interests me, and whether I have any specialization to add — then start."
English
Damn I think I have to continue my sum-check optimizations series 😎
Quang Dao@QuangVDao
Our newest sum-check optimizations are out! eprint.iacr.org/2026/762 We propose a *better* domain for sum-check: the infinity hypercube. Evaluations over this domain give *precisely* the monomial coefficients, and lead to a ~10% prover speedup over 128+ bits prime fields 🧵/ n
English
Luca retweetledi
NEW CHALLENGE ANNOUNCEMENT
Announcing the Energy Arbitrage designed in collaboration with @cryptoeconlab
It's been on testnet for over a month and live on mainnet next week!
So what is energy arbitrage and why does it matter?
AI is eating electricity faster than grids can supply it
The algorithms that decide how grid-scale batteries charge and discharge are becoming some of the most consequential algorithms on Earth, and until today they've been locked behind closed doors.
English
Great to bring a cryptoeconomist's lens to the agentic economy at @EthereumZuri.
The thesis: agents need rules, not just rails.
Mechanism design is how you write those rules and blockchain is the shared infrastructure where we should write them.
Thanks to everyone who joined. More to come.
EthereumZuri.ch@EthereumZurich
Missed this at Ethereum Zuri? “The Rules of the Agentic Economy: A Mechanism Design Perspective” by Luca Nicoli (@_LucaNicoli). As AI agents transact and act in the real world, who sets the rules for power, accountability & safety? Blockchain may be the answer. Thread below👇
English
Luca retweetledi
Find me this Friday (April 10, 11:20am) at @EthereumZurich talking mechanism design for AI agents.
If you're interested in the agentic economy and wish to exchange thoughts on the design of an effective incentive layer for agent coordination, join my presentation.
Huge thanks to @EthereumZurich for the opportunity.
#EthereumZurich #dAcc #AgenticEconomy
English
Luca retweetledi
BREAKING NEWS: Alabama has signed the DUNA Act into law.
It becomes the second state after Wyoming to grant DAOs legal status and limited liability protections.
English
Luca retweetledi
Reading eprint.iacr.org/2026/587
showcasing sumcheck optimization strategies.
Since sumcheck-is-life, I got inspired to start a series of posts: "One sumcheck optimization strategy a day".
Today we build on yesterday's finding to get:
🚀Day 2: Delayed reduction🚀
English
Luca retweetledi
Love to see the 2 areas I have been working on in my life to intersect so beautifully: a ZKP of a quantum circuit. Makes so much sense. Also, verifiable quantum computing will be a thing for sure.
Haseeb >|<@hosseeb
This is wild. Google Research demonstrates a ~20x more efficient implementation of Shor's algorithm that could break ECDSA keys within minutes with ~500K physical qubits. Google is now are more confident on a 2029 post-quantum transition. We are no longer looking at mid 2030s, we could have quantum computers of this scale by the end of the decade. They believe this result is so severe that they are not publishing the actual circuits. They instead published a ZKP proving that they know of the quantum circuit with these properties. This is very atypical, showing Google thinks this is serious shit. All blockchains need a transition plan ASAP. Post-quantum is no longer a drill.
English
Luca retweetledi
When you buy something in a shop, there's an implicit deal. You pay, you get the product, and if it's defective, you can return it. AI inference today doesn't work like that. You pay a provider to run a model, they give you a response, and if they used a cheaper model than you requested, there's no receipt and no recourse.
Hellas introduces a mechanism called the Fraud Game. Before any job runs, both sides lock funds on a public blockchain. The client locks escrow, setting aside payment until the job is done. The provider locks collateral, their own money at risk as a guarantee of honest execution.
The computation runs on the provider's hardware. If the client is happy, both sign off, the provider gets paid, and collateral is returned. Two on-chain transactions. That's how most jobs settle.
If the client suspects fraud, they re-run the job to get the correct output, trace the computation graph to find the single operation where results diverge, and submit that as proof on-chain. Validators recompute that one operation. If valid, the provider's entire collateral is taken and transferred to the client.
The provider can do this math before the job starts. The collateral is set high enough that the expected cost of getting caught always exceeds whatever they'd save by cutting corners.
So fraud almost never happens, not because providers are inherently honest, but because the system makes dishonesty a bad business decision.
English
Not completely aligned, but it is an interesting perspective, thanks for this.
The distinction between top-down and bottom-up agents is useful.
I'm aligned with your closing point however: the bottleneck isn't rails, it's everything else.
I've been thinking about the same gap and wrote about it here if you're interested to take a look x.com/LucaTheNaiky/s…
English
Luca retweetledi
1/ Tensor compute is the high-performance execution of tensor operations, and it powers modern AI from inference to training.
Today, much of this compute runs on external infrastructure: centralized clouds, GPU marketplaces, and decentralized networks.
Yet outsourcing compute comes with a structural issue: verifying that a specific computation was executed correctly is surprisingly hard. Without this guarantee, clients have no choice but to trust their provider.
And trust doesn't scale.
So how do you remove trust from outsourced compute?
We studied how @hellasdotai solves this 👇:
cryptoeconlab.com/blog/hellas-tr…
English
Luca retweetledi
BREAKING: Solana is part of @Mastercard's new Crypto Partner Program
Solana Payments@solanapayments
Solana joins Mastercard's Crypto Partner Program More than 85 crypto‑native companies, payments providers, and financial institutions focused on how digital assets can tackle real-world needs in payments.
English
"Was v9 what I imagined? I would say it was the. most. epic mtndao yet." - founder, @barrett_io
So many quotes in this video it was impossible to choose - every second is a must-watch.
Amongst the industry's turbulence came light from the MTN: impossible to replicate.
🏔️ MTNDAO IS SPONSORED BY: 📷
@altitude
@solanamobile
@MetaDAOProject
@ranger_finance
@darkresearchai
@raikucom
@multicoin
@triton_one
English
Luca retweetledi
ACI leaving @aave isn't drama. It's a mechanism design problem.
When your biggest delegate is also your service provider, conflicts of interest are structural — not personal. You need voting mechanisms designed to handle this.
We studied this: cryptoeconlab.com/blog/robustnes…
English
Luca retweetledi
The best primer on Reppo is our whitepaper.
It outlines our vision, medium to long term feedback loops which make it obvious that $REPPO utility token is not just a governance token, it is critical for the ecosystem to function.
Our team spent over 6 months working with @cryptoeconlab to intentionally design the sink, flows, and value accrual mechanics to ensure that the network remains deflationary while we account for a wide spread of token holders across the ecosystem.
reppo-labs-xyz.gitbook.io/reppo-labs/whi…
English
Yesterday at @cryptoeconlab we launched AutoCap on @Filecoin Mainnet 🚀
AutoCap is an automatic FIL+ allocator that distributes DataCap based on verifiable on-chain activity.
Round 1 is now live. More staged rounds to follow.
We’re excited to see AutoCap become a practical tool for Storage Providers operating on Filecoin.
🔗 filautocap.xyz
📝 cryptoeconlab.com/blog/autocap-d…
#Filecoin #CryptoEconomics
English