JP Aumasson

I've got my @veorq account back, will be mainly posting from there

@letonyo and nowhere the paper discusses the implications of such a result

@vt_0_ the title is incorrect, so no need to read further.

I'm sure someone already found the problem with this paper eprint.iacr.org/2024/626.pdf

hey @cryptodavidw, looking at how the Drake-Kendrick "beef" boosts their sales and visibility, I suggest we start recording diss tracks about each others' crypto books (we cant do worse than their last boring songs that sound GPT-generated)

decentralizedfinance

how secure is Arbitrum? asking for a friend

obligatory bragging post #hardening-hsms-for-banking-grade-crypto-wallets-38836" target="_blank" rel="nofollow noopener">blackhat.com/us-24/briefing…

🧵1/ How can you privately prove your own location? In our latest research, we introduce Zero-Knowledge Location Privacy (ZKLP) via IEEE 754 compliant floating-point operations in SNARKs!

if you tokenize securities you should consider using the CMTAT token framework github.com/CMTA/CMTAT/, which has multiple advantages over other security tokens cmta.ch/news-articles/…

""Randar" is an exploit for Minecraft which uses LLL lattice reduction to crack the internal state of an incorrectly reused java.util.Random in the Minecraft server, then works backwards from that to locate other players currently loaded into the world." github.com/spawnmason/ran…

@EliBenSasson probably a stupid q: if I do a Cairo ERC20 over Starknet, how much ZKness do I get? (private transactions wise)

Our 2024 call for failures is out! Help us spread the word! cfail.org/call-for-papers

@hdevalence @zooko @dlubarov @bfarmer the B3 core could be used in a deck function keccak.team/2022/refactori… @sevenps @zooko @oconnor663

@hdevalence @zooko @dlubarov @bfarmer yeah the design is elegant, but engineering wise what is it that you need wrt API/performance? any ZK circuitry requirements too? a quick win could be to run 12 rather than 24 Keccak rounds (K12)

Delighted to find out that BLAKE2s/BLAKE3 is actually being used as a core building block in some zero-knowledge proof protocols, notably StarkWare's new "STWO": HT @dlubarov @bfarmer youtu.be/_eha0QqAbIA?si…

@zooko Which is why BTC USDT etc. are rarely used in certain illicit activities, whereas other activities are less concerned with the traceability/surveillability

So as far as I can tell, BitCoin is a much more traceable form of money than the forms organized crime is currently using.

Tracking down some TIMECOP alerts led to a 2021 gcc patch from ARM (gcc.gnu.org/git/?p=gcc.git…) turning (-x)>>31 into a bool, often breaking constant-time code. Can often work around with (-x)>>30, and asm is safer anyway, but for portable fallbacks we need security-aware compilers.

@zooko tbh this could happen with Zcash or any opaque/private coins if you disclose the donations: "In a Twitter Spaces audio discussion, St. Louis had earlier said that he had given out 14.6 bitcoins to truckers,"

Here’s what happens when people believe the false idea that Bitcoin is freedom money: the people who tried to donate Bitcoin to the Canadian Truckers accidentally donated to Justin Trudeau’s government instead. x.com/zooko/status/1…

Bitcoin is a financial asset which has a 21M supply cap and which is easily monitored and controlled by the most powerful groups (currently, Washington DC). That’s fine! But let’s not false-advertise it. It isn’t freedom money. x.com/Redeadzk/statu…

@hdevalence @zooko @dlubarov @bfarmer B2/3 can do pretty much everything Keccak can do (KDF, XOF, PRNG, etc.), why would a sponge be needed? SAFE API?

@zooko @dlubarov @bfarmer is there any possibility of using b2/3 internals to build a sponge? it would be really useful to have a keccak replacement that’s fast in software