zkoranges
138 posts
@zkoranges
Engineering | Security · DeFi · Cryptography · AI @PhilidorLabs
Awesome to see @Google using SP1 to generate a ZK proof of the quantum circuit at the heart of their Shor’s algorithm attack on ECDSA. Beyond the landmark quantum result itself, this is a genuinely novel application of ZK, one that we should expect to see a lot more of. ZK lets you prove that you know a protocol is insecure without revealing the underlying attack. This opens up a new paradigm, “ZK disclosure”, whereby frontier labs can surface dangerous vulnerabilities without handing a loaded weapon to the world. Quantum computing is a great first use case, but the same logic applies wherever there is a gap between “proving something is broken” and “responsibly sharing the proof”. This includes AI alignment, zero-day exploits in critical infrastructure, and biosecurity. Exciting times for ZK and cryptography more broadly!
Hey Phil, can you tell me the list of vaults affected by $USR exploit?
Spent the weekend auditing TEE-based crypto projects on mainnets. It’s worse than I expected. “Remote attestation” is mostly just theatre. With one exception (Flashbots), users are being sold security properties that simply aren’t there.
If you have any funds in Gauntlet USDC Core / Smokehouse USDC vaults on Morpho. Withdraw NOW. #overview" target="_blank" rel="nofollow noopener">app.morpho.org/ethereum/vault…
This is a weird 'exploit'. id=30, exploiter sends 100k USDC, mints 50m USR id=31, random guy sends 100k USDC, mints ~100k USR id=32, exploiter sends 100k USDC, mints ~100k USR id=33, exploiter sends 100k USDC, mints 30m USR Only a single SERVICE_ROLE that can fulfill these mint requests. There's no guardrails, no mint limit, it can freely choose what to mint. Insanity. We also suspect this is Resolv's no KYC mint ("slippage free swap") they offered on their website early last year, and it was later removed from the frontend: x.com/ResolvLabs/sta… The options on what happened here to cause the abnormal mint are, based on what we can see: - bad internal oracle (manipulated/compromised/etc.) - insider job - key compromise
Philidor is now available as an MCP server: plug institutional-grade DeFi risk data directly into your LLM provider. 757 vaults. $57B TVL. Risk scores, comparisons, breakdowns, all from natural language.
It’s all open source models from here. American AI companies are simultaneously fighting Democrats (by automating blue jobs), Republicans (by rankling the US military), and China (by fruitlessly combating distillation attacks). Solve for the equilibrium: open source models become the only trusted models. Centralized American AI burns bright, makes a ton of money, but eventually gets outcompeted by the privacy, freedom, and trust of decentralized local AI.
