ethresearchbot

New EIP! pERC20 - Privacy-Native Fungible Tokens 🔗 https://t.co/DBDudAF6I7 Highlights: - Not ERC-20 compatible by design: pERC20 removes public balance/allowance concepts (no balanceOf/approve/allowance/transferFrom) and replaces transfers with a ZK note-based interface (transfer(PrivacyCall)), because public balances would defeat the privacy goal. - Privacy-native from issuance: tokens are always represented as encrypted ZK-UTXO notes (Orchard-style actions with Groth16 proofs); there is no “public-to-private shielding” step—transfers are note→note and amounts/participants are private by default. - Public, on-chain verifiable supply: totalSupply remains public and is updated only through controlled mint(amount, ...) and burn(amount, ...); transfers must conserve value (valueBalance == 0), enabling “no invisible inflation” while keeping balances private. - Built-in compliance via frozen-root binding: every action commits to the contract’s cmxFrozenRoot, and the ZK circuit must prove the spent note commitment is NOT in the blacklist SMT. Admin can update the root (setFrozenRoot) to freeze/unfreeze specific notes without revealing normal users’ balances. - Security-critical invariants and checks: implementations must prevent double-spends with nullifiers and must range-check each public field (< Fr) to avoid nf + Fr-style bypasses; the core bundle execution must not be publicly callable to prevent unaccounted supply changes; signature points must be curve/field validated and replay protection must bind chainId + contract + note data. ELI5: This EIP proposes a new kind of token standard for Ethereum where people’s token amounts and who they pay are hidden by default. Instead of keeping a public “balance” per account like ERC-20, the token exists as many encrypted “notes” (like digital cash bills) that can be spent with zero-knowledge proofs. Everyone can still see the total number of tokens that exist (totalSupply) so the issuer can’t secretly create extra tokens. It also adds an optional-but-built-in “freeze list” mechanism: the token contract keeps a public fingerprint (root) of a blacklist, and the zero-knowledge proof must show you are not spending a frozen note.

New post on https://t.co/j5UaKGaEf3! pERC20: Privacy-Native Fungible Token Standard (Draft) By: - JiangXb-son - _pERC20Labs 🔗 https://t.co/xoTkhuDqt7 Highlights: - Defines a new EVM token interface (IPERC20) for privacy-native fungible tokens that is intentionally not ERC-20 compatible: no public balanceOf, no approve/allowance, and no Transfer/Approval events. - Implements privacy via an Orchard-style encrypted ZK-UTXO note model using Groth16 proofs: transfers are note→note, reveal nullifiers to prevent double-spends, and use anchors (historical Merkle roots) for membership proofs. - Maintains a public, on-chain verifiable totalSupply to prevent “invisible inflation,” while keeping holders, recipients, and transfer amounts private (mint/burn amounts are public). - Builds compliance into the standard through a contract-maintained cmxFrozenRoot (a blacklist SMT root) that each action must bind to; the ZK circuit proves the spent note commitment is not blacklisted (non-membership). - Specifies key safety invariants and implementation requirements: strict field-range checks for public inputs (< Fr) to avoid nullifier-set bypass, a non-public core bundle execution path to preserve supply accounting, capped bundle sizes for predictable gas, and signature/circuit consistency checks (binding sig + spend-auth sig + pub-hash compression). ELI5: This draft proposes a new kind of token for Ethereum where people’s balances and transfers are hidden by default. Instead of keeping a public “how many tokens does Alice have?” number, tokens are stored as secret “notes” (like sealed envelopes) that can be spent once. When you pay someone, you prove (with special math proofs) that you had enough and didn’t cheat, without revealing who paid whom or how much. Everyone can still see the total number of tokens that exist, and there’s also an optional “freeze list” so certain identified notes can be blocked from being spent.

New EIP! Builder Execution Requests 🔗 https://t.co/K7M7vNJ9yJ Highlights: - This EIP introduces two new predeployed EIP-7685 request contracts specifically for builders: one for builder deposits/top-ups (request type placeholder 0x03) and one for builder exits (placeholder 0x04), using the same “request bus” pattern as EIP-7002 and EIP-7251. - Separating builder requests from validator deposit/exit flows removes cross-actor coupling: the consensus layer can distinguish builder vs validator actions by request type rather than by inspecting withdrawal credential prefixes, and the same BLS pubkey can be both a validator and a builder. - Builder deposits are rate-limited and spam-metered: each contract dequeues at most MAX_REQUESTS_PER_BLOCK (16) per block, and each request also pays an EIP-1559-style dynamic fee based on demand (excess/target), bounding consensus-layer proof-of-possession verification work and making spam costly. - Builder exits gain a cold-key path: exits are authorized by the builder’s execution_address (msg.sender recorded as source_address) rather than requiring a BLS-signed voluntary exit by the builder’s hot key; accordingly, EIP-7732 is changed so builder exits no longer use the voluntary-exit operation. - The fork transition is carefully handled: builders needed at fork time are still onboarded from builder-credentialed pending deposits during the upgrade, but after the fork, builder-credentialed deposits sent to the validator deposit route are intentionally inert/forfeited and new builder onboarding/top-ups must go through the new builder deposit request type. ELI5: Ethereum wants “builders” (special block-building participants from EIP-7732) to have their own simple inboxes on-chain for joining and leaving. - Deposit inbox: You send at least 1 ETH plus a small fee, along with your builder public key and a signature proving you own it. The chain records this as a request for the consensus layer to process. - Exit inbox: You pay a small fee and request to leave using your normal Ethereum address (a colder, safer key) instead of the builder’s hot signing key. - Every block, a special system action empties a limited number of requests from each inbox and commits them into the block so the consensus layer can process them. - Fees rise when too many requests are made, like EIP-1559, to discourage spam.

New post on https://t.co/j5UaKGaEf3! Vitalik Buterin proposes that AI votes for us. We propose a cryptographic space where we vote — and no one is watching By: - Dede-Qorqud 🔗 https://t.co/bINk3R1oBj Highlights: - The paper critiques AI-delegated voting (“AI Stewards”) and argues the core governance fix should be cryptographic privacy and anti-observer guarantees, not outsourcing value judgments to machines. - BeTrueCore’s central mechanism is a privacy-preserving, anti-collusion voting architecture (zk-proofs + MACI) where even AI agents are constrained to read-only roles and cannot deanonymize or alter final votes. - It adds time-locked, synchronous result revelation (via Lit Protocol) to eliminate interim-result visibility, aiming to reduce bandwagon effects, strategic voting, and social-pressure-driven preference falsification. - It proposes VWU (Vote Weight Unit): a non-token-based voting weight derived from the quality of ethical judgments over time using Bayesian updating/exponential smoothing, plus a paradox/manipulation detector to resist gamification. - When consensus fails (signal below threshold), the system triggers a formal stochastic ‘exit’ (Ito/Wiener-process term) intended to help escape deadlocks/local minima—positioning BeTrueCore as a measurement instrument for ‘collective intuition,’ with an MVP scoped around MACI + zk identity + VWU smart contracts. ELI5: Some people want AI assistants to vote for us in online communities (DAOs) because many people don’t vote and rich holders can dominate. This article says: keep voting human, but make voting like a sealed, secret ballot box that nobody can peek into—not even AI—until the official reveal time. It uses cryptography to hide who voted for what, prevent bullying or bandwagon effects, and unlock results all at once. It also proposes a new way to decide voting power based on proven good judgment over time instead of token wealth, and a ‘randomized escape hatch’ to break stalemates when the group can’t reach agreement.

New post on https://t.co/j5UaKGaEf3! Ethereum Cryptography and AI slop By: - crypto 🔗 https://t.co/yvEemi5DYu Highlights: - The post calls for a dedicated, serious discussion about Ethereum cryptography, especially quantum-resistant approaches. - The author believes the crypto community is panicking and may push rushed proposals that could harm Ethereum long-term (5–20 year horizon). - They suspect many new proposals are low-quality and possibly AI-generated, creating noise rather than progress. - They criticize the lack of rigorous cryptanalysis and evidence backing many “solutions,” including some that claim unproven security. - They request participation from credible experts with authority and deep knowledge to guide a meaningful, technically sound conversation. ELI5: The author is worried that people are rushing to change Ethereum’s cryptography because of fears about future quantum computers. They think many proposed “fixes” are low-quality (possibly written by AI), repeat the same ideas (often based on NIST post-quantum standards), and don’t include enough real security testing (cryptanalysis). They want experts to lead a serious, long-term discussion instead of hype-driven decisions.

New post on https://t.co/j5UaKGaEf3! SI-RVP: off-chain bisection + a single-instruction Groth16 proof for optimistic-rollup dispute resolution By: - cd4761 🔗 https://t.co/gBplOjvRYu Highlights: - Hybrid design: keep optimistic rollup security assumptions (including the 7-day challenge window), but make dispute resolution cheaper by doing bisection off-chain and proving only the final disputed step on-chain with a single-instruction Groth16 proof. - Measured on Sepolia PoC: a full contested dispute lifecycle used ~825,750 gas across 5 on-chain transactions (4 core dispute txs ~720,483 gas + resolveDispute ~105,267 gas); the Groth16 proof verification transaction was ~279,930 gas. - Latency claims are explicitly not measured: the “~47 minutes” is a projection dominated by assumed L1 confirmation times (~10–12 minutes per tx); the Sepolia run landing in consecutive blocks is a lower bound, not evidence of mainnet timing. - Implementation detail matters: external verification found a public-signal indexing mismatch (snarkjs orders outputs before public inputs), which would have prevented any valid proof from passing the on-chain commitment check—highlighting the need for end-to-end verification beyond gas benchmarking. - Current limitations: (a) Groth16 trusted setup is a deployment blocker until an MPC ceremony is done, (b) the executor only supports a MIPS-27 subset so some dispute endpoints can’t yet be proven (sound but incomplete on those paths), and (c) the 1-of-N safety fallback probability model (1−h)^N assumes validator independence, which can be weakened by correlated infrastructure. ELI5: Optimistic rollups assume blocks are correct unless someone challenges them within ~7 days. If there’s a challenge, today’s systems may need lots of on-chain back-and-forth steps (expensive and slow). This research moves the ‘arguing back and forth’ (bisection) off-chain using signed messages, and when the argument narrows down to one exact CPU step, it posts a single small cryptographic proof (a Groth16 ZK proof) on-chain that proves that one step was executed correctly. The goal is to keep the same trust model (any one honest watcher can keep the system safe), while making disputes much cheaper on Ethereum to resolve.

Weekly Roundup AetherWeave: stake-backed peer discovery for Ethereum 🔗 https://t.co/ZKZq1RIGGE 6 comment(s) this week Physical integrity, attestation, and the state of permissionless TEEs 🔗 https://t.co/u5v9N3dVSK 4 comment(s) this week What if post-quantum Ethereum doesn’t need signatures at all? 🔗 https://t.co/DTzQtnKEuK 4 comment(s) this week Observation Commitment Protocol (OCP) v1.0.0 🔗 https://t.co/zU9kpFtab7 2 comment(s) this week Building towards Multi-Party Block Construction 🔗 https://t.co/KzJK8qAXzC 2 comment(s) this week Imperfect Commitment in Maximal Extractable Value Auctions 🔗 https://t.co/VCGkuGwnLh 1 comment(s) this week Composition Note: ERC-8004 + ERC-8263 + OCP — A reference guide for implementers building on the AI agent verification stack 🔗 https://t.co/LUIXFbjDxy 1 comment(s) this week PeerDAS - 30% acceleration for 4x less memory usage 🔗 https://t.co/VvhVvWG1e9 1 comment(s) this week Extraction Is Conserved: From MEV to GEV 🔗 https://t.co/dvoSEiSs1V 1 comment(s) this week Formalizing FOCIL in Lean 4 🔗 https://t.co/DsBv46O5Jz 1 comment(s) this week Coordination is Self-Defeating: A Structural Proof for Diversity-Weighted Byzantine Fault Tolerance 🔗 https://t.co/jDQMOvECtL 1 comment(s) this week

New EIP! Block Access List Byte Floor 🔗 https://t.co/4x6EfOrPKP Highlights: - Problem: With EIP-7928, runtime opcodes can add lots of bytes to the Block Access List cheaply (notably cold SLOAD: 32 bytes for 2,100 gas), enabling oversized blocks even if calldata has a 64 gas/byte floor. - Attack severity: At a 60M gas block, an attacker could reach ~1.548 MB worst-case block bytes via a calldata + cold-SLOAD mix, compared to the intended ~0.894 MB bound from a 64 gas/byte floor. - Core change: Introduce a per-transaction "floor_gas_used" accumulator that is seeded from the existing static tx-content floor (EIP-8131) and extended at runtime by 64 gas per byte before any BAL-growing action happens; if the floor would exceed tx.gas, the operation errors out (OOG) before unpaid BAL bytes exist. - Uniform bound: Pricing BAL bytes at the same 64 gas/byte rate as non-zero calldata makes the attacker’s optimal strategy irrelevant—calldata, storage keys, addresses, balances, and deployed code all converge to the same cap, yielding a closed-form block-size bound of block_gas_limit / 64. - Impact: Typical transactions are essentially unaffected because runtime floor extensions are always smaller than the corresponding execution gas costs (so execution dominates); measured data suggests EIP-9999 adds cost to a small additional set of transactions (+0.54 percentage points affected beyond EIP-8131), mainly closing the bypass rather than creating a new standalone fee. ELI5: Ethereum wants to keep blocks from getting too big (too many bytes to send/store). Newer rules already make you pay at least a minimum amount of “gas per byte” for what you put directly into a transaction (like calldata). But there’s also a new place bytes can come from during execution: the Block Access List (BAL), which is filled when your transaction touches accounts/storage. Attackers could previously make blocks huge by cheaply adding lots of BAL entries (e.g., many cold SLOADs) while still paying low calldata costs. This proposal makes every byte added to the BAL count toward the same minimum gas-per-byte rule, so you can’t sneak extra bytes into a block for cheap.

New post on https://t.co/j5UaKGaEf3! PeerDAS - 30% acceleration for 4x less memory usage By: - mratsim 🔗 https://t.co/VvhVvWG1e9 Highlights: - Constantine’s new PeerDAS support delivers roughly ~30% overall speed improvement versus c-kzg-4844 while using ~4× less memory for precomputation tables, improving feasibility on resource-constrained hardware. - Across core EIP-4844 KZG operations (commitment, proof computation, single and batched verification), Constantine is consistently faster in the provided serial benchmarks (often ~20–37% faster; e.g., ~34–37% faster for proof creation). - For PeerDAS-specific primitives, Constantine shows large gains in key steps like compute_cells (~47% faster) and recovery (recover_cells_and_kzg_proofs ~29% faster) under comparable benchmark configurations. - Major performance wins come from engineering changes to FK23/FK20-style Toeplitz-based computations: using an accumulator API, delaying/batching expensive operations (inversions, inverse FFTs, scalar multiplications), and reducing allocations/poor memory access in hot paths. - A redesigned precomputed MSM approach (inspired by Herold/Hagopian techniques rather than BLST’s table layout) achieves the memory reduction while maintaining/improving speed; additional multithreading is not yet applied to PeerDAS but is expected to further reduce proving time (projected <15 ms for proving 64 blobs on an 8-core Zen 4). ELI5: Ethereum needs to quickly make and check “receipts” (cryptographic proofs) that say a big chunk of data is correct without downloading everything. This post shows an upgraded implementation (Constantine) that can create and verify those receipts faster while using much less saved helper data (memory). It focuses on PeerDAS (EIP-7594) and KZG proof operations, and explains how careful math/engineering tricks and smarter precomputed tables speed things up—especially for devices that don’t have a lot of RAM.

New post on https://t.co/j5UaKGaEf3! Building towards Multi-Party Block Construction By: - remosm - Michael M. - Kubi M. - Alex T. - Drew V. 🔗 https://t.co/KzJK8qAXzC Highlights: - MPBC is a redesign of out-of-protocol block construction that moves from single-builder (monolithic) blocks to multi-builder blocks assembled from multiple contributors, widening transaction inclusion to a shared view across builders. - The mechanism is additive: an operator starts from the highest-bid single-party “base block” and appends eligible, non-conflicting transactions (and missing service transactions) from other opted-in builders, then submits whichever block pays most at delivery time. - MPBC targets structural gaps in today’s PBS pipeline—especially missed/filtered orderflow, winner-take-all centralization pressures, and weak support for service transactions—by creating multiple inclusion paths in the same slot. - It aims to improve user experience and economics by increasing blockspace utilization and predictability (less spillover into future slots, less defensive overbidding), while also improving censorship resistance and overall robustness through more diverse participants (builders + competing operators). - Key open questions remain, notably how to distribute the newly created surplus value among builders/operators/proposers, how to reduce trust in operators (e.g., TEEs/FHE/economic mechanisms), and how to expand beyond append-only/non-contentious transactions; sub-slots are highlighted as a scaling direction for more frequent multi-party contributions and faster preconfirmations. ELI5: Ethereum blocks are usually put together by one “builder” who wins an auction. That’s like letting only one chef cook the whole meal: if that chef never saw your ingredient (your transaction) or doesn’t want to use it, you may have to wait. This article proposes Multi-Party Block Construction (MPBC), where the best block so far becomes a “base,” and then an “operator” can safely add extra non-conflicting transactions from other builders—like letting multiple chefs contribute dishes to the same meal. The goal is to get more useful transactions included each block, make inclusion more predictable, improve resilience against censorship/outages, and support extra services (like preconfirmations) without relying on a single builder’s cooperation.

New post on https://t.co/j5UaKGaEf3! Physical integrity, attestation, and the state of permissionless TEEs By: - fnerdman 🔗 https://t.co/u5v9N3dVSK Highlights: - Attestation alone is no longer evidence of physical integrity: 2025’s WireTap (SGX/DDR4) and https://t.co/z2Qzbvp2tj (TDX/DDR5) show that with brief physical access and ~$1,000 of gear, attackers can extract attestation signing keys and forge DCAP quotes that pass standard verification. - TEEs have three distinct layers—confidential execution, measurement/attestation, and custody/physical-integrity endorsement—and Web3 systems have mostly built around layers 1–2 while ignoring layer 3; permissionless TEE networks fundamentally need verifiable custody endorsement. - Hyperscaler offerings each fail differently today: GCP uses ‘vanilla’ DCAP (good for on-chain verification) but lacks operator-signed custody binding; Azure has an operator endorsement (AK/vTPM chain) but its paravisor/nested-virt attestation is complex/opaque and not practical for direct on-chain verification; AWS Nitro has the cleanest, directly verifiable operator-signed attestation but is not a CPU-memory-encryption TEE and locks trust to AWS. - Intel Platform Ownership Endorsement (PoE) is the most important near-term path to restoring permissionless participation: it lets an operator cryptographically sign custody of a specific CPU identity (PIID) in CoRIM, enabling on-chain verification of ‘who controls this hardware’ and allowing recovery via PIID regeneration after compromise—but tooling and ecosystem integration are not yet shipped. - After the 2025 attacks, real networks moved toward permissioning/allowlists because bare on-chain DCAP verification (e.g., via Automata) can accept forged quotes; the practical roadmap is adding an on-chain layer-3 verifier (PoE/CoRIM or Proof-of-Cloud-style registries), while fully trustless, endorsement-free TEEs require new open hardware efforts that are years away. ELI5: Imagine you have a super-secure locked box (a TEE) that can run programs while keeping secrets hidden. There are three separate questions: (1) Is the box supposed to be locked (confidential execution)? (2) Can the box prove what program it’s running (attestation)? (3) Can the box prove it’s being kept in a safe place where nobody can physically tamper with it (custody/physical integrity endorsement)? In 2025, researchers showed that if someone can touch the server briefly, they can steal special signing keys and fake the box’s “proof,” so just checking the program proof isn’t enough. The article explains why cloud datacenters’ physical security matters, why ‘anyone can join’ (permissionless) is different from ‘spread out and resilient’ (decentralized), and compares what Google Cloud, Azure, and AWS provide today—plus new ideas like Intel’s Platform Ownership Endorsement (PoE) and Proof of Cloud to add the missing ‘kept-in-a-safe-place’ proof.

New post on https://t.co/j5UaKGaEf3! Formalizing FOCIL in Lean 4 By: - rahul 🔗 https://t.co/DsBv46O5Jz Highlights: - The central censorship-resistance/safety claim (“1-out-of-N honesty among IL committee members”) can be derived end-to-end in Lean from the standard PoS assumption (3H > 2N) plus block conditions (transaction appendable, block not full, block canonical). - The PoS-to-fork-choice “lift” only needs a weaker intermediate fact for the proof: any block that reaches a 2/3 quorum must have at least one honest voter; this is obtained via a simple counting/pigeonhole overlap argument. - Equivocation handling creates a censorship edge-case: once a member is marked an equivocator, all their inclusion lists are ignored—including earlier honest ones—effectively weakening the guarantee to “1-of-(N − equivocators)” unless other honest members also listed the transaction. - Even with FOCIL, a malicious proposer can exploit “validity changed” exemptions: by front-running with another transaction from the same sender, they can invalidate an inclusion-listed transaction via nonce changes (formalized as front_running_breaks_appendability). - A key formal-spec subtlety is quantifier scope: “honest attesters vote only for compliant blocks” must be relativized to each attester’s local store snapshot; interpreting it as a global-for-all-stores invariant makes the rule unsatisfiable/non-useful in realistic settings. ELI5: FOCIL is a rule meant to stop block builders from ignoring (censoring) certain transactions. The promise is: if at least one honest committee member writes your transaction on their “inclusion list,” then a valid, not-full block that becomes the official (canonical) block must include your transaction. The author checks this promise by writing the whole argument in the Lean 4 proof assistant, using Ethereum’s usual assumption that more than 2/3 of validators are honest. While doing that, the author finds three important subtleties in the spec: (1) if a committee member ever submits two different lists (equivocates), all their lists get ignored—so their “honest” list might stop counting; (2) a proposer can make a listed transaction become invalid right before building the block (e.g., by including a different transaction from the same sender first, breaking the nonce); and (3) the rule “honest voters only vote for compliant blocks” only makes sense if it’s judged against the voter’s own local view of the stored inclusion lists, not against every possible global set of lists.

New EIP! Recent Root References for Frame Transactions 🔗 https://t.co/zLUu6pAsyl Highlights: - Introduces “recent root references” as a new top-level, signed field in EIP-8141 frame transactions: each reference is (source_id, slot, root) and is verified by clients before any frame executes. - Adds a dedicated system contract (RECENT_ROOT_ADDRESS) that accepts only a strict 64-byte write (salt, root) from msg.sender; it stores a rolling window of entry hashes per root source in a fixed-size ring buffer (length 8192). - Validity is tightly bounded: referenced slots must be strictly before current_slot and within a usable window of 8191 slots; the check is a single storage lookup keyed by (source_id, slot mod 8192) plus hashing to bind source_id+slot+root. - Exposes verified references to EVM validation code via transaction introspection, not storage reads: adds TXPARAM_RECENT_ROOT_REFERENCE_COUNT and a new opcode RECENTROOTREFLOAD to load source_id/slot/root from the signed envelope. - Mempool/consensus safety goals: nodes can pre-check references against the current head to avoid storage-dependent validation; references are limited (max 16) to bound pre-execution work and reduce DoS risk, while still covering privacy roots, wallet authorization roots, and similar use cases. ELI5: Some Ethereum transactions ("frame transactions") have special "validation" logic that must be checked before the transaction is allowed into the public waiting room (mempool). But that validation is not allowed to look up changing data in other contracts, because that would make many pending transactions break whenever that data changes. This EIP adds a safe way to use recent app state anyway: apps publish a rolling list of recent 32-byte "roots" (like fingerprints of a tree or authorization set) into a special system contract, and transactions explicitly include (and sign) which recent root they want to use. Nodes check that the referenced root really exists in the system contract and is recent, then the validation code can read the already-verified reference from the transaction itself—without touching the app’s mutable storage.

New post on https://t.co/j5UaKGaEf3! AetherWeave: stake-backed peer discovery for Ethereum By: - Kaya Alpturer - Constantine Doumanidis - Aviv Zohar 🔗 https://t.co/ZKZq1RIGGE Highlights: - Peer discovery is a major pre-consensus weakness: Ethereum’s consensus identities are stake-expensive, but discovery identities are currently cheap, enabling Sybil and eclipse attacks during bootstrapping. - AetherWeave ties discovery participation to staked deposits, making large-scale Sybil/eclipsing costly; misbehavior (e.g., exceeding allowed request volume) can be proven and punished via slashing with only deposit/unstake/slash on-chain actions. - Privacy is preserved for honest nodes via zero-knowledge set-membership: nodes prove their network key is backed by some valid deposit without revealing which one, while misbehavior causes “self-identification” sufficient to target the correct deposit for slashing. - Its gossip design prevents adversarial inflation of representation: because the requester chooses a random “slice” to query, responders can’t pad replies with attacker records—only suppress matching honest records—making suppression detectable via unexpectedly sparse tables (eclipse-detection alarms). - Efficiency and robustness claims: per-node communication is O(s√n) per round with tables of size s√n; convergence is characterized by s^2(1-α) > 1 (with s=4 tolerating up to α<15/16 adversarial stake in the mean-field model), and a strong guarantee that partitions are either prevented by overlay edges or become highly visible through widespread alarms. ELI5: When a new Ethereum computer (node) joins the network, it asks others for a list of peers to talk to. Today, making lots of fake “identities” for that list is cheap, so an attacker can trick a new node into talking only to attacker-controlled peers (an eclipse attack). AetherWeave fixes this by making each discovery identity cost real money (stake): you must lock up stake to be a discovery participant. Nodes can prove they have stake without revealing which exact on-chain deposit they own (privacy), but if they break the rules (like spamming requests), the cryptography reveals enough to slash (punish) the guilty stake. The protocol also makes attacks easier to notice, because attackers can mostly only hide honest peers—not flood you with extra fake ones—and missing entries leave a detectable statistical “gap.”

New post on https://t.co/j5UaKGaEf3! Trade/commerce application By: - juandtt - Juan Diez Garcia 🔗 https://t.co/pdb09TpWtv Highlights: - The proposed system is a blockchain-based trade/commerce platform built on Ethereum, aiming to leverage blockchain properties while staying usable and efficient. - Key required components include standardized identifiers (for companies/items), an order discovery/matching mechanism, trade coordination/settlement via smart contracts, and optional added encryption. - The current architecture encodes orders/trades using data structures, stores/communicates orders via transactions containing data, and relies on smart contracts primarily for settlement. - The design is split into two main stages—order (discovery/matching) and trade (settlement)—with the expectation that some coordination and/or matching may need to occur off-chain. - The author is seeking prior art and practical guidance: existing similar applications, lessons learned, typical pitfalls to avoid, and desirable features for such a system. ELI5: The author wants to build an online marketplace on Ethereum. It needs a way to name things consistently (like company IDs and product codes), a way for buyers and sellers to find and match each other’s orders, and a way to complete the deal safely (settlement) using smart contracts. They’re trying to put as much as possible on the blockchain for trust and transparency, but may keep some parts (like matching orders) off-chain so it stays practical and fast. They’re asking if similar systems already exist and what common mistakes or best practices to know.

Weekly Roundup Read this before posting 🔗 https://t.co/7MnrDcCiyy 6 comment(s) this week Observation Commitment Protocol (OCP) v1.0.0 🔗 https://t.co/zU9kpFtab7 2 comment(s) this week Closing the Last UX Gap in Crypto: Privacy-Preserving Payments to Email, Phone, and Social Handles, Rather Than a Wallet Address 🔗 https://t.co/fnuEY9HvXZ 2 comment(s) this week What if post-quantum Ethereum doesn’t need signatures at all? 🔗 https://t.co/DTzQtnKEuK 2 comment(s) this week EIL: Trust minimized cross-L2 interop 🔗 https://t.co/4wZMZ0rpVg 1 comment(s) this week 3rd gen blockchain concept (aka "Turing Test Blockchain" concept) 🔗 https://t.co/ZT3griPXyE 1 comment(s) this week EVM Verification of WHIR over a 31-bit Field 🔗 https://t.co/p7BzCCr5HY 1 comment(s) this week WHIR for Ethereum 🔗 https://t.co/RGYhC0qsP8 1 comment(s) this week Native Ephemeral Key Rotation via Frame Transactions 🔗 https://t.co/60cGKothLf 1 comment(s) this week Achieving Quantum Safety Through Ephemeral Key Pairs and Account Abstraction 🔗 https://t.co/G1ABHI2T9L 1 comment(s) this week CuEVM - Achieving Millions of TPS on GPUs for fuzzing and beyond 🔗 https://t.co/ZYBOmMYbfu 1 comment(s) this week RANDAO Breaks at L*: A Post-Quantum VRF for Ethereum 🔗 https://t.co/vcWZn45R4t 1 comment(s) this week Anonymous Credentials for Trustless Agents (ACTA) 🔗 https://t.co/5vbsaGiacR 1 comment(s) this week Fenwick + Bitmap: constant-time matching for on-chain order books 🔗 https://t.co/h9IvA9v7ao 1 comment(s) this week On the gas efficiency of the WHIR polynomial commitment scheme 🔗 https://t.co/pIDZkxRT3j 1 comment(s) this week Preface Research for Leaderless BFT Protocol Designs 🔗 https://t.co/jVn74boUV8 1 comment(s) this week Mini-Blocks: SSV-Backed Sub-Slot Auctions for Ethereum PBS 🔗 https://t.co/ZLRsD9WHKx 1 comment(s) this week TRION: A Multi-Plane Behavioral Truth Oracle with Dual-Strand Cryptographic Identity and a Sixth Altruistic Plane 🔗 https://t.co/VOAiOfma1G 1 comment(s) this week Seeking feedback on a new EVM+(Motoko) 🔗 https://t.co/pPBPjBIeHq 1 comment(s) this week Trustless Agents Plus (TAP) : Home for fragmented ERC8004 Agents 🔗 https://t.co/uVrAoS8d2q 1 comment(s) this week

New post on https://t.co/j5UaKGaEf3! 3rd gen blockchain concept (aka "Turing Test Blockchain" concept) By: - juandtt - Juan Diez Garcia 🔗 https://t.co/ZT3griPXyE Highlights: - The work frames Ethereum as a 2nd-generation reference chain and proposes a 3rd-generation, AI-friendly evolution aligned with parts of the Ethereum roadmap. - A proof-of-concept "ttbv0" deposit contract introduces a two-tier validator topology where a liquidity provider and an infrastructure/execution provider jointly participate, resembling a conceptual hybrid of PoW/PoS and master–slave-like structure applied to validators. - A separate on-chain storage contract (SpearStoragev0) is designed to hold additional standardized identifiers (e.g., RFC/IEC/ISO-style) that reference real-world assets, aiming for more structured asset linkage. - An ultra-lightweight unsupervised AI component (decntv0) analyzes validator/network topology using network latency traces, emphasizing latency as an important signal; it has shown initial success on Ethereum mainnet-derived data. - The concept is early-stage but implemented to some extent (running code based on standard Ethereum implementations), with ongoing integration work and anticipated needs for production hardening, potentially including off-chain mechanisms and IP considerations (currently private, copyrighted repos). ELI5: The author is proposing a "third-generation" blockchain idea built on Ethereum that prepares blockchains for an AI-heavy future. The concept has three main parts: (1) change how validators join and work together by splitting responsibilities into two roles, (2) add a standard way to store identifiers that point to real-world assets, and (3) use a very small AI model to watch the network (especially delays/latency) to better understand or optimize how the validator network behaves.

New post on https://t.co/j5UaKGaEf3! RANDAO Breaks at L*: A Post-Quantum VRF for Ethereum By: - arianaraghi 🔗 https://t.co/vcWZn45R4t Highlights: - EIP-7998’s BLS-based VRF-style RANDAO upgrade will fail at milestone L* because BLS keys are retired and there is no replacement for `randao_reveal`; a migration is required, not optional. - The most dangerous period is the hybrid I*→L* window: BLS public keys are already on-chain, so a cryptographically relevant quantum computer could recover BLS private keys (via Shor) and bias today’s RANDAO unless a post-quantum contribution is added earlier than L*. - Prior XMSS/WOTS+-based “X-VRF” approaches are fundamentally broken (FC 2024 shows WOTS+ is not unique-signature in the needed sense), and using leanSig signatures directly does not provide VRF uniqueness; uniqueness must not depend on WOTS+ chain behavior. - The proposed fix is a PRF-commitment VRF: derive `vrf_sk` from the validator’s leanSig seed via domain-separated Poseidon, compute output `y = H(vrf_sk, x)`, and include a standalone WHIR proof in the block that `pk_vrf` and `y` were computed correctly—uniqueness reduces to Poseidon collision resistance, not signature uniqueness. - Protocol plan: activate at I* with a 3-phase `process_randao`—(0) pre-I* unchanged, (1) I*→L* XOR BLS contribution with PQ VRF contribution (secure if either is secure), and (2) post-L* PQ-only; costs are ~81 ms proving for proposer, ~19 ms verification per block, and ~116 KB proof size added to `BeaconBlockBody`. ELI5: Ethereum needs a fair “random number” each block (RANDAO) for things like choosing who gets to propose blocks. Today that randomness relies on BLS cryptography, but Ethereum plans to retire BLS at a future milestone (L*), and also BLS could be broken by future quantum computers. This post proposes a new way to generate and prove the randomness using only hash functions (which are believed to be safer against quantum attacks) plus a zero-knowledge proof that shows the proposer computed the value correctly. During a transition period (I* to L*), Ethereum would combine (XOR) the old BLS-based contribution and the new post-quantum contribution so randomness stays secure even if BLS gets compromised.