@dcbuilder@romispectrum IIRC X DMs are E2EE (don't recall which protocol they're using) but the encryption keys are in X's servers. So I'd argue that here applies the "not your keys, not your comms" proverb 😅
So much this.
For an industry that is built around cryptography and security, it boggles my mind how we just accepted an unencrypted app (telegram) as the de facto network for contact discovery and communication.
Our default should be to use Signal wherever possible.
I dont understand why telegram is the default msging app in crypto
it is neither good at business nor privacy nor "community"
if you want business, use slack
if you want privacy, use signal
We're excited to continue working on formal verification with the Ethereum Foundation!
This year, we're evaluating and improving the state of Hax (by @CryspenHQ), ArkLib, and CompPoly to advance security of Rust-based zkEVMs & to enable their formal verification via Lean 4.
Reach out if you're curious about our work!
This is incredibly exciting and incredible good news for blockchain technology.
Formal methods are not "just" to secure critical infrastructure, but to scale it as well!
For the first time ever: formal proving of @ethereum in real time!
Each Ethereum block is proved using the formal semantics of EVM, the highest standard of execution correctness known. And it can be done in less than 1s per block.
@pcaversaccio And for everybody who's out there, thinking of using clothes, let me just say to you directly: wearing no clothes keeps a child safe. So, let's just not try and find a way around. Just prove you're not concealing anything. Make the [whatever] safer for children.
It's hard to believe how far formal methods have come. So what's the big deal here, and how does it relate to the kind of formal verification work we do at @rv_inc?
First, there are different ways to build formal verification tools. Nowadays, most tools have an ad-hoc encoding of the EVM. The tools we create at RV follow a different approach: At the core of all our tools is a rigorous semantic framework called "K". K is a special-purpose programming language for defining the syntax and semantics of other programming languages and virtual machines. For example, we have defined the syntax and semantics of the EVM and call it KEVM. We've done the same for the C programming language, the Rust programming language, the WebAssembly virtual machine, and some others. So, why are we going the extra mile to formalize the programming languages and VMs themselves? What are the benefits? There are two advantages:
1) Our semantics are executable. For example, our Solidity and EVM debugger uses KEVM under the hood to inspect running programs and transactions.
2) Our semantics are mathematically rigorous, which means we can carry out mathematical proofs over programs AND even about the VMs themselves. For example, Kontrol uses KEVM to reason about Solidity/EVM smart contracts.
Now, @pisquared is building a blockchain layer on top of the K-framework. You can write, deploy, and interact with smart contracts in any formalized programming language and VM. This not only brings cross-chain compatibility but also a forward-compatible execution layer. We've witnessed firsthand how difficult it is to change the execution layer of a blockchain. For example, there was a failed attempt to replace EVM with WebAssembly on Ethereum. Now, the thoughts of replacing EVM with RISC-V are getting louder. With this new approach, changes to the execution layer become significantly easier because we can make them without breaking changes. A simplified way to think about it is that you can deploy the bytecode AND the machine that executes it for every smart contract.
But the story goes even further: Remember, our semantics are not just executable, but can also be used to mathematically reason about programs. We can now bring arbitrary mathematical proofs on-chain! Think about what that means for smart contract security: Our industry mainly depends on security audits, which are available as PDFs but not linked in any way to the on-chain data. We must still put a lot of trust into protocol devs and auditing teams. In the future, we can put formal verification results, like proofs for safety-critical properties, directly on-chain, eliminating this extra level of trust and trustworthiness. It's still a long way to go, but @RosuGrigore and his team at @pisquared have surprised me multiple times at how close we are to that future.
Privacy isn’t a niche. It’s the default we lost.
A generation ago, your words vanished when a conversation ended.
Today they sit on someone else’s server -- mined, analyzed, and resold to strangers.
@fede_intern Sticking with Tao, this is a fantastic talk by him about the past, present and future of Machine Assisted Proofs. Pure bliss: https://t.co/mMIuGlCcmP
Also note, he said it took him a month to learn Lean😅 Patience is an important asset here I'm afraid :')
Totally agree! FV should be for everyone, not just PhDs. That's why we worked on dev-friendly web3 FV since 2018 with MakerDAO, eventually providing developers an interface to write Foundry specs without needing another rule language!
Kontrol can find bugs before deployment—and did many times!—this (https://t.co/iHBwlAA5id) being just one public example. We worked with Foundry devs to integrate our cheatcodes into stdlib and improve experience for everyone by making FV as simple as testing.
And we have CI integration through KaaS! https://t.co/L8eTwxXGQC
Totally agree! FV should be for everyone, not just PhDs. That's why we worked on dev-friendly web3 FV since 2018 with MakerDAO, eventually providing developers an interface to write Foundry specs without needing another rule language!
Kontrol can find bugs before deployment—and did many times!—this (https://t.co/iHBwlAA5id) being just one public example. We worked with Foundry devs to integrate our cheatcodes into stdlib and improve experience for everyone by making FV as simple as testing.
And we have CI integration through KaaS! https://t.co/L8eTwxXGQC
That said, there were some highlights. Got to hang out with @palinatolmach and @BatisteFormal from @rv_inc. Had some great chats about the current security landscape and twitter content strategy.
Throughout May, help strengthen Tor's independence from profit-driven influence. 💜
We're aiming to raise $75,000 to keep building the tools that protect your privacy and help millions access the open internet. 😤✊
https://t.co/zabnEIJIvq
"Make Ethereum Cypherpunk Again" isn't simply a slogan for me — it's a statement of intent. This isn't branding. It's resistance. This isn't about playing nice. It's about reclaiming Ethereum's soul!
Look it's very simple: Ethereum must provide privacy _unconditionally_. Today, it operates in a partial, opt-in model, forcing users to jump through hoops just to conceal their financial lives. That's not sovereignty — it's submission. Enough compromises. We need privacy by default.
Over the past weeks, I've written a potential path forward — a vision for Ethereum as a maximally private, self-sovereign financial system.
Read it. Challenge it. Improve it. Let's co-create it.
Make Ethereum Cypherpunk Again.
https://t.co/62f5JAEovk