Suneal

Glad to have contributed to the security of the Solana ecosystem! Thanks to the @anza_xyz team for the swift response and timely mitigation. The bug involves a subtle Fiat-Shamir issue we call the Phantom Challenge. A full technical write-up will be published soon.

Getting lazy...

We collaborated with Aptos Labs to audit their Confidential Assets protocol, a system enabling confidential balances and transfers on the Aptos blockchain. 👇🏼

@matthew_d_green Interesting! Is there a way to join this bet🤣

I’m making a bet with Filippo Valsorda that quantum computers won’t break ECC by 2029/2032, and (secondarily) that one version of ML-KEM will be de-standardized. I have loads of confidence in the former and little in the latter. I just like bets. dropbox.com/scl/fi/if3wfey…

@kostascrypto I think that's fine. It shows that they either have an efficient post-quantum circuit for ECDLP or a post-quantum computer already exists to break Groth16.

Ironically, Google relied on Groth16, an elliptic-curve based proof vulnerable to quantum attacks, to showcase their quantum-safe advancement.

@toly Good take

It’s extremely difficult to be right about blockchain design, database design, and geopolitics.

The first two known exploits against live ZK circuits just happened, and they weren't subtle underconstrained bugs. They were Groth16 verifiers deployed without completing the trusted setup ceremony. One was white-hat rescued for ~$1.5M, the other drained for 5 ETH. 🧵

Markdown is a format happens to be both friendly to human and AI.

It's exciting to live in a time when new things are emerging faster than ever in history. Though we don't really know where it will lead us.

Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: anthropic.com/news/claude-co…

New version of zkao 0.2.0 and we're beta testing gnark! Thanks for all the early-access users and all the good feedback! Let us know if you want to be part of early access or if you want us to support your zk framework.

AI vulnerability research is non-deterministic. The same model looking at the same code won't take the same reasoning path every time. Some paths find nothing. Some paths find the bug. A single scan is a coin flip. But what if you keep flipping? Introducing zkao.

Just as it's hard to prove someone is human on the internet, it's hard to prove someone is agent too.

Consensus is easier to understand once you build the right intuition. I wrote this post to explain why BFT needs two voting rounds at 33%, how 20% enables true one-round finality, and how an optimistic fast path can bridge the gap. With today’s high participation, one-epoch finality on Ethereum may be technically feasible.

Interesting to see Solana and Ethereum taking different paths. I like both, and it's hard to say which one is more "correct". They might end up serving different roles, and that's fine. It's also hard to predict new use cases in 20 years. DeFi, NFTs, and memes were never really part of the original vision. What's annoying is the constant bad faith takes in the community. People unfairly trashing or hyping things just because of what they're holding. It might feel smart to push narratives that benefit your own bags, but don't let your position fool you.

A major advancement for Ethereum! The PeerDAS library has been proudly audited by @zksecurityXYZ.

Maybe that's the December 1st challenge you were waiting for? Link below!

wondering how stwo and the last gen of STARKs, circle starks, are working? did you know we had a series on them? We just released part 4!

Starknet's S-two book came out, in partnership with zkSecurity. It has a lot of content, so better start reading it now! ⬇️

@dankrad Congrats Dankrad! Curious what kind of research you’ll be doing there?

I am excited to announce that I will be joining Tempo. This last year has been a turning point for crypto, where we have finally seen the outlines of our vision being materialized. While payments used to be front and center in the early days of crypto, I see a special opportunity to finally achieve this ambitious goal with relentless execution on both the technical and distribution fronts. I believe that the real world moment is now, and I want to make sure we do not miss this window to touch normal people’s lives everywhere in the world. I have dedicated the past several years to architecting and scaling blockchains, and I’m excited to leverage my learnings together with the very strong team being assembled at Tempo. My journey in Ethereum first started when I began working with the EF research team in 2018, and later joining full time in 2019. The project has greatly matured since then and with the soon coming Fusaka upgrade will implement PeerDAS, a significant scaling milestone I am proud to have contributed to. I am very happy to have played a role in leading to more people being able to use Ethereum and I look forward to continuing being able to do that. Over the last year, I have been involved in advancing Ethereum Foundation’s strategy and roadmap and I will remain a research advisor to the three strategic initiatives (Scale L1, Scale Blobs, Improve UX) at the Protocol Cluster at the EF. Ethereum has a strong set of values and technical choices that make it unique in the world. And Tempo will be a great complement, built using similar technology and values, whilst being able to push the boundaries on scale and speed. I believe that this will be of great benefit to Ethereum. Tempo’s open-source technology can easily integrate back into Ethereum, benefiting the entire ecosystem. Ethereum and Tempo are strongly aligned, as they are built with the same permissionless ideals in mind. I am looking forward to staying involved with the community and continuing to push Ethereum forward!