timbeiko.eth

Over the next few months, I'll be refocusing my work from L1 R&D to exploring frontier use cases for Ethereum. The protocol is approaching its endgame, yet we've only just begun scratching the surface of what a permissionless, scalable, cryptoeconomically secure, and cheaply verifiable world computer can do. What are things that can *only* exist on Ethereum? That fully leverage its unique properties? That make it not only unreasonably sufficient, but reasonably necessary for the world? These questions have been on my mind for a while, and it feels like the right time to thoroughly explore them! That being said, ensuring a smooth transition for AllCoreDevs and my EF responsibilities is my #1 short-term priority. Thankfully, given both Ethereum and the EF's resilient design, there are already people with deep context on virtually everything on my plate. My leave last year helped make more space for them to take ownership. I now plan to support them through a full handover. To be clear, I am staying at the EF, including for this new project. For now, my role will shift to being an advisor to Protocol, working with EF & cluster leadership to ensure we have the right structure to support the org and our various ecosystem engagements. On the ACD front, Ansgar has graciously agreed to extend his interim stint as ACDE chair. There too, I'll be hands-on helping until we've got a stable long-term configuration for the calls. Looking back, I'm incredibly grateful to have been a part of such a transformative period for Ethereum protocol development and the EF! The calibre of problems to solve and people to solve them with was unmatched. A big part of why I feel comfortable stepping away now is my confidence in the individuals and processes involved in the protocol's stewardship. Thank you all for the care that you bring to your work! Ethereum is lucky to have you ❤️‍🔥 It's unusual to get the opportunity to both properly close such a meaningful chapter and start another exciting one in parallel. I don't take that for granted and plan to make the most of it! 2026 will be a pivotal year for Ethereum, at all layers of the stack, and I'm thrilled to continue to play a part in its story!

Today is a monumentous day for quantum computing and cryptography. Two breakthrough papers just landed (links in next tweet). Both papers improve Shor's algorithm, infamous for cracking RSA and elliptic curve cryptography. The two results compound, optimising separate layers of the quantum stack. The results are shocking. I expect a narrative shift and a further R&D boost toward post-quantum cryptography. The first paper is by Google Quantum AI. They tackle the (logical) Shor algorithm, tailoring it to crack Bitcoin and Ethereum signatures. The algorithm runs on ~1K logical qubits for the 256-bit elliptic curve secp256k1. Due to the low circuit depth, a fast superconducting computer would recover private keys in minutes. I'm grateful to have joined as a late paper co-author, in large part for the chance to interact with experts and the alpha gleaned from internal discussions. The second paper is by a stealthy startup called Oratomic, with ex-Google and prominent Caltech faculty. Their starting point is Google's improvements to the logical quantum circuit. They then apply improvements at the physical layer, with tricks specific to neutral atom quantum computers. The result estimates that 26,000 atomic qubits are sufficient to break 256-bit elliptic curve signatures. This would be roughly a 40x improvement in physical qubit count over previous state-of-the-art. On the flip side, a single Shor run would take ~10 days due to the relatively slow speed of neutral atoms. Below are my key takeaways. As a disclaimer, I am not a quantum expert. Time is needed for the results to be properly vetted. Based on my interactions with the team, I have faith the Google Quantum AI results are conservative. The Oratomic paper is much harder for me to assess, especially because of the use of more exotic qLDPC codes. I will take it with a grain of salt until the dust settles. → q-day: My confidence in q-day by 2032 has shot up significantly. IMO there's at least a 10% chance that by 2032 a quantum computer recovers a secp256k1 ECDSA private key from an exposed public key. While a cryptographically-relevant quantum computer (CRQC) before 2030 still feels unlikely, now is undoubtedly the time to start preparing. → censorship: The Google paper uses a zero-knowledge (ZK) proof to demonstrate the algorithm's existence without leaking actual optimisations. From now on, assume state-of-the-art algorithms will be censored. There may be self-censorship for moral or commercial reasons, or because of government pressure. A blackout in academic publications would be a tell-tale sign. → cracking time: A superconducting quantum computer, the type Google is building, could crack keys in minutes. This is because the optimised quantum circuit is just 100M Toffoli gates, which is surprisingly shallow. (Toffoli gates are hard because they require production of so-called "magic states".) Toffoli gates would consume ~10 microseconds on a superconducting platform, totalling ~1,000 sec of Shor runtime. → latency optimisations: Two latency optimisations bring key cracking time to single-digit minutes. The first parallelises computation across quantum devices. The second involves feeding the pubkey to the quantum computer mid-flight, after a generic setup phase. → fast- and slow-clock: At first approximation there are two families of quantum computers. The fast-clock flavour, which includes superconducting and photonic architectures, runs at roughly 100 kHz. The slow-clock flavour, which includes trapped ion and neutral atom architectures, runs roughly 1,000x slower (~100 Hz, or ~1 week to crack a single key). → qubit count: The size-optimised variant of the algorithm runs on 1,200 logical qubits. On a superconducting computer with surface code error correction that's roughly 500K physical qubits, a 400:1 physical-to-logical ratio. The surface code is conservative, assuming only four-way nearest-neighbour grid connectivity. It was demonstrated last year by Google on a real quantum computer. → future gains: Low-hanging fruit is still being picked, with at least one of the Google optimisations resulting from a surprisingly simple observation. Interestingly, AI was not (yet!) tasked to find optimisations. This was also the first time authors such as Craig Gidney attacked elliptic curves (as opposed to RSA). Shor logical qubit count could plausibly go under 1K soonish. → error correction: The physical-to-logical ratio for superconducting computers could go under 100:1. For superconducting computers that would be mean ~100K physical qubits for a CRQC, two orders of magnitude away from state of the art. Neutral atoms quantum computers are amenable to error correcting codes other than the surface code. While much slower to run, they can bring down the physical to logical qubit ratio closer to 10:1. → Bitcoin PoW: Commercially-viable Bitcoin PoW via Grover's algorithm is not happening any time soon. We're talking decades, possibly centuries away. This observation should help focus the discussion on ECDSA and Schnorr. (Side note: as unofficial Bitcoin security researcher, I still believe Bitcoin PoW is cooked due to the dwindling security budget.) → team quality: The folks at Google Quantum AI are the real deal. Craig Gidney (@CraigGidney) is arguably the world's top quantum circuit optimisooor. Just last year he squeezed 10x out of Shor for RSA, bringing the physical qubit count down from 10M to 1M. Special thanks to the Google team for patiently answering all my newb questions with detailed, fact-based answers. I was expecting some hype, but found none.

the @EFprotocol team published an EIP Champion's Handbook today: Getting a feature into the protocol through a decentralized governance process can be fucking hard. These resources aim to help EIP champions give their features the best shot at getting included INCLUDING - how to go about getting feedback from the rest of the ecosystem and make sure that the feature will get adoption

@gregthegreek @lightclients it's his 20% time project

I LOVE when @lightclients gets rowdy on X It's a quarterly event that I always look forward to 🍿

@go_ethereum is the most important piece of software in our entire industry, pretty much all of us are here as a result of it, directly or not

Ethereum is leading the way in quantum preparedness. To learn more, check out pq.ethereum.org - it's a beautiful website!

AllCoreDevs plans to make a decision on EIP-8141 (frame transactions) inclusion in Hegota this Thursday. If you care about post-quantum security on the consensus layer (leanCL), you should equally care about it on the execution layer. A PQ-secure CL with quantum-vulnerable (i.e. ECDSA-locked) user transactions is an incomplete migration. EIP-8141 decouples accounts from a fixed signature scheme, providing a native migration path to PQ-secure signature schemes. But it goes beyond PQ. Frame transactions also make account abstraction a first-class protocol feature rather than something bolted on via entry-point contracts, and enable programmable gas payment (in ERC-20s + sponsoring). Ultimately, both layers need to be PQ-ready.

the EF treasury officially had its first validator index assigned as of this morning 🎉 it took a while because there's been so much influx into staking that the entry queue peaked at 71 days in February

Does anyone know why neither Claude nor ChatGPT have native timestamping on messages the way that, say, iMessage does? Seems like it'd be useful to both the models and the user, and trivial to support.

@nickcammarata LLMs dealing with bureaucracies may have a higher medium term economic impact than LLMs writing code 😄 I have 3 similar stories with tax/insurance/etc. stuff from the past ~6 months!

i cant emphasize how bureaucracy averse i am, the dealing with insurance co annoyance was as big of a hurdle as the knowing it would be covered. it handled every email, text, everything, with tons of specific industry terminology i've never heard of, barely had to do anything

had major pipes bursts at a property i have. insurance broker reviewed the policy and was sure it wasn't covered. a few years ago would have stopped there, but put the giant pdfs into claude, said he thinks it's covered and would handle claims process. got payout today wohoo

If the financial system built on Ethereum can only generate yield by importing it from offchain sources, it isn't really sovereign. It's just a wrapper. New essay on where to find Ethereum's organic yield 👇

Ethereum is "slow to finalize" they say, but in normal conditions in fact we are certain that blocks will be final even before the next block arrives! Expect ultra fast trustless deposits soon. fastconfirm.it

Ignore the noise. Ethereum is shipping. This one I am very excited about - the team working on it has done an amazing job: When an Ethereum block is created, validators immediately start voting. Now, it is possible to use those votes to confirm blocks in a single slot (~13s)!

fastconfirm.it The fast confirmation rule is incredible So many years in the making. Super excited to see it finally ship!

Extremely cool demo showing how agents can use Ethereum to coordinate in a trustless way 🤖

Native rollups and L1-zkEVM proofs are perfectly complementary efforts. Once all validators verify execution proofs, the same proofs can also be used by an EXECUTE precompile for native rollups. L2s and rollup teams benefit from this infrastructure convergence: L1 proving infrastructure becomes shared infrastructure.

We tested if ethskills actually helps AI models get Ethereum right. 64 evals. 2 models. With and without skill docs loaded. Results: • Claude Opus 4.6: 33% → 95% • GPT-5.4: 16% → 95% Thanks to @AnthropicAI for the idea, @escottalexander and @_carletex_ for surfacing it.

New post introducing Snap v2 for Ethereum sync. TL;DR: replace trie healing entirely by applying Block-Level Access Lists (BALs). Instead of iteratively discovering what changed one trie node at a time, nodes can just download the state diffs from BALs and apply them. Simpler protocol, way fewer round trips, and a sync design that's ready for higher gas limits and continued state growth. 🔗 ethresear.ch/t/snap-v2-repl…