Olivia
Online
alin.apt
@alinush
i put the “crypto” in “cryptocurrency.”
head of cryptography at @aptoslabs | math, research, engineering
💍 + 👶 + 🏍️ = ❤️
Joined July 2009
337 Following
40.5K Followers
3.4K Posts
Pinned Tweet
How confidential transfers work👇
I was at the McDonald's convention to give a talk -- and during it I highlighted the morning group in New Hampton Iowa, and Gloria, who explained they all had all recently lost husbands, in her case just last year, after 47 years of marriage, and how important to her this McDonald’s support group was. She’d tried grief counseling, but found it depressing and impersonal, but not these McDonald’s friends.
In the audience today, by chance, was the franchise owner of the New Hampton McDonald's, who came up after I was done and told me Gloria is still, ten years later, a daily regular, and so I signed a copy of my book to take back to Iowa for Gloria.
What a nice way to end my talk.
BITCOIN RAILS #61: QUANTUM CRYPTOGRAPHY FOR BITCOIN | with Dan Boneh @danboneh
🔗 YOUTUBE: https://t.co/K6iQsaFM4k
🌿 SPOTIFY: https://t.co/SZSF3UbtzQ
One of the most prolific and influential cryptographers in the world, it’s difficult to fully quantify the impact that Dan Boneh has had on Bitcoin and digital assets more broadly.
Through both his own research and his mentorship of some of the space’s most important contributors — e.g. Andrew Poelstra, @benediktbuenz, and @robin_linus — few people have done more to shape the cryptographic foundations underlying modern blockchains and digital finance.
More recently, Dan co-authored @Google's widely discussed paper, “Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities,” which reduced prior estimates of the resources required to run Shor’s algorithm against the elliptic-curve cryptography used by Bitcoin.
The paper reignited debate around quantum computing timelines and the long-term security assumptions behind modern cryptocurrencies.
In this episode of Bitcoin Rails, Dan and I discuss the current state of quantum computing, its potential implications for Bitcoin, and how he believes the Bitcoin community should think about preparing for a post-quantum future over the coming decade and beyond.
And yes, Dan shares his take on the “when quantum” question in the interview, among other key perspectives.
This episode of Bitcoin Rails is brought to you by my NEW sponsors:
LayerTwo Labs @LayerTwoLabs — developing research, software, and technologies for scaling Bitcoin via the integration of Drivechains (BIP 300/301)
Hashi on @SuiNetwork — a primitive for executing Bitcoin Defi transactions, without having to trust a federated bridge or other centralized entity
BitBox @BitBoxSwiss — an open-source Bitcoin-only hardware wallet, with smooth UX and no compromises on security. Check out Bitbox [dot] swiss and use code BITCOINRAILS to get a discount
TIMESTAMPS:
00:00 — Intro and Dan’s history with cryptography and Bitcoin
11:44 — Shor's algorithm: how a 1994 paper became cryptography's most important threat
16:39 — Building a quantum computer: superconducting qubits vs neutral atoms
25:37 — When should we start worrying about quantum computers? The timeline debate
31:51 — Have we already reached quantum computing's “ahá” moment?
39:09 — Inside the Google paper: how Shor's algorithm was optimized
49:57 — The Bitcoin mempool attack and the 10-minute window
59:21 — Mitigation: what should Bitcoin do to prepare for quantum?
1:11:54 — Hash-based vs lattice-based signatures: Dan's case for lattice
1:23:15 — ZK proofs, BIP361, and what to do with Satoshi's coins
1:31:52 — Encrypted mempools and MEV
1:38:29 — Why Bitcoin will survive quantum and Dan's message to Bitcoin builders
Short note: how we decrypt confidential balances fast on @aptos using a Ristretto255-optimized variant of baby-step giant-step ⏬
https://t.co/Dv6Rn1DGs9
Who to follow
David
@david_wolinsky
Alexander Spiegelman
@SashaSpiegelman
Head of Research @aptoslabs. Co-creator of BlockSTM, Narwhal, Bullshark. Spicy tweets are my own. Teach your kids to ski, they will never have money for drugs.
Max
@capcap_max
A product of time and motion. prev: Founding engineer @aptoslabs, @Meta, @Cruise. Opinions are my own.
@PrazRama Any other lattice-based works in this category that you'd recommend folks look at?
This looks like a super-fun tutorial on lattice-based ZKPs, specifically on Lantern [LNP22], which can prove knowledge of MLWE secrets & more: https://t.co/JIoGseFO55
indeed, “crypto” has much to learn from the banking sector:
HSBC: work directly with your customers (the cartels) https://t.co/L23UO5jCYh
BNP Paribas: launder enough to get fined $89B https://t.co/javOlAO7TY
Standard Charters: “we launder by the 100’s of billions baby!” https://t.co/1R5YvbB3dD
For decades, the U.S. has counted on banks to identify suspicious activity and fight financial crime.
That requires tens of thousands of employees and countless hours. Crypto companies don't have the same obligations. And it shows. 🧵
@minamiumm I will try to reply here once I have some actual benchmarks though 👌
How confidential transfers work👇
@minamiumm Nice Q!
No benchmarks yet b.c. most of the verifier is implemented in Move. Though I could (and should) probably vibe-code some...
The verification time should be ≈ the size-4 and size-8 batched Bulletproof verification, which totals to < 4ms (https://t.co/sbsMzsrHsd)
@minamiumm @ssadkov Yes!
Additive-homomorphic encryptio & zero-knowledge proofs.
(Twisted ElGamal & Sigma protocols + Bulletproof range proofs.)
1/ How to test Confidential APT
MorokPay (by @yieldai_app) is a working @Aptos app that lets you try Confidential Assets with APT.
If this is your first time, start on testnet. It is the best way to understand the flow before touching mainnet funds.
On most chains, someone cuts in line with your own order. Not on Aptos.
Encrypted Mempool.
@MoveClubCN @everstake_pool @chainspect_app @DecibelTrade @cedeflow You forgot this: https://t.co/1ETQD115Ii
1/ How to test Confidential APT
MorokPay (by @yieldai_app) is a working @Aptos app that lets you try Confidential Assets with APT.
If this is your first time, start on testnet. It is the best way to understand the flow before touching mainnet funds.
@zooko 🤣🤣🤣
Too accurate... 👌
@cryptodavidw yep, they do!
I am constantly tapping the sign
@Franacc_ @mike_connor The KEX-based tag approach makes a lot of sense for many use cases.
Where can we get more details on:
1. how "Aztec enables devs to customize [..] their log emission and their note-discovery logic"
2. how users can "scan a tiny subset of non-interactive handshake txs"
![alinush's tweet photo. @Franacc_ @mike_connor The KEX-based tag approach makes a lot of sense for many use cases.
Where can we get more details on:
1. how "Aztec enables devs to customize [..] their log emission and their note-discovery logic"
2. how users can "scan a tiny subset of non-interactive handshake txs" https://t.co/4dK7s4CzPq](https://pbs.twimg.com/media/HIuHunuXcAE1VwD.jpg)
@MHamilis I don’t know much about either.
Is the “pre-signature” phase in tension with proactive refresh? i.e., must I throw away all presignatures after a refresh to actually be refreshed?
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers