0xOscar🏴‍☠️

I was recently at Real World Crypto (that's crypto as in cryptography) and the associated side events, and one thing that struck me was that it was a clarifying experience in terms of understanding *what blockchains are for*. We blockchain people (myself included) often have a tendency to start off from the perspective that we are Ethereum, and therefore we need to go around and find use cases for Ethereum - and generate arguments for why sticking Ethereum into all kinds of places is beneficial. But recently I have been thinking from a different perspective. For a moment, let us forget that we are "the Ethereum community". Rather, we are maintainers of the Ethereum tool, and members of the {CROPS (censorship-resistant, open-source, private, secure) tech | sanctuary tech | non-corposlop tech | d/acc | ...} community. Going in with zero attachment to Ethereum specifically, and entering a context (like RWC) where there are people with in-principle aligned values but no blockchain baggage, can we re-derive from zero in what places Ethereum adds the most value? From attending the events, the first answer that comes up is actually not what you think. It's not smart contracts, it's not even payments. It's what cryptographers call a "public bulletin board". See, lots of cryptographic protocols - including secure online voting, secure software and website version control, certificate revocation... - all require some publicly writable and readable place where people can post blobs of data. This does not require any computation functionality. In fact, it does not directly require money - though it does _indirectly_ require money, because if you want permissionless anti-spam it has to be economic. The only thing it _fundamentally_ requires is data availability. And it just so happened that Ethereum recently did an upgrade (PeerDAS) to increase the amount of data availability it provides by 2.3x, with a path to going another 10-100x higher! Next, payments. Many protocols require payments for many reasons. Some things need to be charged for to reduce spam. Other things because they are services provided by someone who expends resources and needs to be compensated. If you want a permissionless API that does not get spammed to death, you need payments. And Ethereum + ZK payment channels (eg. https://t.co/1Q2Hqg0DZg ) is one of the best payment systems for APIs you can come up with. If you are making a private and secure application (eg. a messenger, or many other things), and you do not want to let people to spam the system by creating a million accounts and then uploading a gigabyte-sized video on each one, you need sybil resistance, and if you care about security and privacy, you really should care about permissionless participation (ie. don't have mandatory phone number dependency). ETH payment as anti-sybil tool is a natural backstop in such use cases. Finally, smart contracts. One major use case is _security deposits_: ETH put into lockboxes that provably get destroyed if a proof is submitted that the owner violated some protocol rule. Another is actually implementing things like ZK payment channels. A third is making it easy to have pointers to "digital objects" that represent some socially defined external entity (not necessarily an RWA!), and for those pointers to interact with each other. *Technically*, for every use case other than use cases handling ETH itself, the smart contracts are "just a convenience": you could just use the chain as a bulletin board, and use ZK-SNARKs to provide the results of any computations over it. But in practice, standardizing such things is hard, and you get the most interoperability if you just take the same mechanism that enables programs to control ETH, and let other digital objects use it too. And from here, we start getting into a huge number of potential applications, including all of the things happening in defi. --- So yes, Ethereum has a lot of value, that you can see from first principles if you take a step back and see it purely as a technical tool: global shared memory. I suspect that a big bottleneck to seeing more of this kind of usage is that the world has not yet updated to the fact that we are no longer in 2020-22, fees are now extremely low, and we have a much stronger scaling roadmap to make sure that they will continue to stay low, even if much higher levels of usage return. Infrastructure for not exposing fee volatility to users is much more mature (eg. one way to do this for many use cases is to just operate a blob publisher). Ethereum blobs as a bulletin board, ETH as an asset and universal-backup means of payment, and Ethereum smart contracts as a shared programming layer, all make total sense as part of a decentralized, private and secure open source software stack. But we should continue to improve the Ethereum protocol and infrastructure so that it's actually effective in all of these situations.

🦞OpenClaw 极简安全实践指南 (Security Practice Guide) 是面向 OpenClaw 的黑手册。 我尝试了其他一些方式来试图加固 OpenClaw，包括 Skill 方式，但是发现还不如给 OpenClaw 植入一个安全“思想钢印”来的有意思，这个“思想钢印”形成一个 md 文档，包含安全事前、事中、事后需要做的策略，但这里有个前提： 尽量不影响 OpenClaw 的日常使用，安全不要干扰用户体验，需要给这只🦞足够的自由。但是吧，江湖险恶，一只有 Root 权限且诞生才一个多月的🦞，安全不让人放心… 于是，这份面向 OpenClaw 的极简安全实践指南诞生了，目前是 v2.7 版本，此前我们内测了许多版本，也踩了不少坑。现在公布出来，大家玩之前务必仔细看这份指南的 README⚠️： https://t.co/azRxnskbBb 注意里面的说法。我相信你会很有收获。里面还推荐了我们实测在 OpenClaw 场景下聪明的模型，如果你有自己的感受，一定要和我们反馈。 一切都很新，一定有不完善的地方，请大家多指正！ ⚠️最后，务必认真阅读 README，也务必肉眼扫描下你将喂给你🦞的“OpenClaw极简安全实践指南.md”，相信我，会非常有意思。

华尔街日报今天这篇文章不错。人工智能领域的高管如何向子女描述未来的职业前景。 一句话总结：AI领袖们普遍不建议孩子过度追求当下的技术技能，而是强调适应性、批判性思维、文科教育（通才能力）以及人类独有的情感与责任感。 观点一：当下的具体技术技能（Technical Skills）保质期极短（甚至不到两年），未来的核心竞争力在于应对变化的敏捷性（Agility）。 Caroline Hanke (SAP) 指出，与其纠结于现在的编程技术，不如培养批判性思维、适应性和伦理判断力。 教育的重点应从“掌握工具”转向“适应新工具”和“判断工具的使用”。 观点二：在AI时代，传统的文科教育（Liberal Arts）比以往任何时候都重要，因为通过自然语言与AI交互需要深厚的元认知能力。 Jaime Teevan (Microsoft) 强调，以前操作电脑是决定性的（按按钮->出结果），现在是基于自然语言的意图表达。这要求使用者具备批判性思维、提供语境和挑战AI结果的能力（即元认知）。 Ethan Mollick (Wharton) 认为通才（Generalist）将是赢家。AI可以填补技能短板，因此拥有广泛技能组合的人（如既懂医学又懂人际沟通）更有优势。 与其成为单一领域的专才，不如成为能够整合多种知识并在AI辅助下工作的“超级通才”。 观点三：AI无法承担责任，也无法替代真正的人际连接。 Daniela Amodei (Anthropic) 认为，随着AI接管工作，人类品质（同理心、善良、沟通能力）的溢价会越来越高。人类本质上渴望与其他人类共处。 Jaime Teevan 指出，AI可以给出建议，但不能承担责任（Accountability）。像法律、会计这种需要对决策后果负责的职业，依然需要人类来做最终判断（Passing Judgment）。 未来的工作重心将从“执行任务”转移到“承担后果”和“提供情感价值”。 观点四：避开纯数字化的内卷，转向原子世界（能源、医疗）和社会服务领域。 Manny Medina (https://t.co/igRRT4ZQLW) 看好能源（特别是核能）和医疗保健。无论是为了驱动AI本身（能源需求），还是解决人类疾病（癌症治疗），这些都是硬需求。 鉴于AI发展的不平衡，致力于解决社会不平等（帮助被AI抛下的人群）和环境问题（海洋污染）也将是有意义且有前景的职业路径。 最后：孩子拥有一张“白纸”，他们不需要像成年人那样去“重塑”旧观念，这是一种优势。家长们的焦虑往往源于自身的旧经验与新世界的冲突，而孩子们是AI原住民。 不要把上一代的恐惧投射给孩子，鼓励他们去玩、去实验，而不是仅仅作为使用者。 AI高管们给子女的建议揭示了一个反直觉的趋势：在一个高度技术化的未来，最不值钱的可能是纯粹的技术执行力，而最值钱的是最“复古”的人类特质——对他人的共情、对复杂概念的哲学思考（文科）、对物理世界的改造（能源/医疗）以及对决策后果的承担（责任）。教育策略应从“学习如何像机器一样高效工作”转变为“学习如何做在大机器时代中独一无二的人”。

Now, the quantum resistance roadmap. Today, four things in Ethereum are quantum-vulnerable: * consensus-layer BLS signatures * data availability (KZG commitments+proofs) * EOA signatures (ECDSA) * Application-layer ZK proofs (KZG or groth16) We can tackle these step by step: ## Consensus-layer signatures Lean consensus includes fully replacing BLS signatures with hash-based signatures (some variant of Winternitz), and using STARKs to do aggregation. Before lean finality, we stand a good chance of getting the Lean available chain. This also involves hash-based signatures, but there are much fewer signatures (eg. 256-1024 per slot), so we do not need STARKs for aggregation. One important thing upstream of this is choosing the hash function. This may be "Ethereum's last hash function", so it's important to choose wisely. Conventional hashes are too slow, and the most aggressive forms of Poseidon have taken hits on their security analysis recently. Likely options are: * Poseidon2 plus extra rounds, potentially non-arithmetic layers (eg. Monolith) mixed in * Poseidon1 (the older version of Poseidon, not vulnerable to any of the recent attacks on Poseidon2, but 2x slower) * BLAKE3 or similar (take the most efficient conventional hash we know) ## Data availability Today, we rely pretty heavily on KZG for erasure coding. We could move to STARKs, but this has two problems: 1. If we want to do 2D DAS, then our current setup for this relies on the "linearity" property of KZG commitments; with STARKs we don't have that. However, our current thinking is that it should be sufficient given our scale targets to just max out 1D DAS (ie. PeerDAS). Ethereum is taking a more conservative posture, it's not trying to be a high-scale data layer for the world. 2. We need proofs that erasure coded blobs are correctly constructed. KZG does this "for free". STARKs can substitute, but a STARK is ... bigger than a blob. So you need recursive starks (though there's also alternative techniques, that have their own tradeoffs). This is okay, but the logistics of this get harder if you want to support distributed blob selection. Summary: it's manageable, but there's a lot of engineering work to do. ## EOA signatures Here, the answer is clear: we add native AA (see https://t.co/YD9nIpsxcC ), so that we get first-class accounts that can use any signature algorithm. However, to make this work, we also need quantum-resistant signature algorithms to actually be viable. ECDSA signature verification costs 3000 gas. Quantum-resistant signatures are ... much much larger and heavier to verify. We know of quantum-resistant hash-based signatures that are in the ~200k gas range to verify. We also know of lattice-based quantum-resistant signatures. Today, these are extremely inefficient to verify. However, there is work on vectorized math precompiles, that let you perform operations (+, *, %, dot product, also NTT / butterfly permutations) that are at the core of lattice math, and also STARKs. This could greatly reduce the gas cost of lattice-based signatures to a similar range, and potentially go even lower. The long-term fix is protocol-layer recursive signature and proof aggregation, which could reduce these gas overheads to near-zero. ## Proofs Today, a ZK-SNARK costs ~300-500k gas. A quantum-resistant STARK is more like 10m gas. The latter is unacceptable for privacy protocols, L2s, and other users of proofs. The solution again is protocol-layer recursive signature and proof aggregation. So let's talk about what this is. In EIP-8141, transactions have the ability to include a "validation frame", during which signature verifications and similar operations are supposed to happen. Validation frames cannot access the outside world, they can only look at their calldata and return a value, and nothing else can look at their calldata. This is designed so that it's possible to replace any validation frame (and its calldata) with a STARK that verifies it (potentially a single STARK for all the validation frames in a block). This way, a block could "contain" a thousand validation frames, each of which contains either a 3 kB signature or even a 256 kB proof, but that 3-256 MB (and the computation needed to verify it) would never come onchain. Instead, it would all get replaced by a proof verifying that the computation is correct. Potentially, this proving does not even need to be done by the block builder. Instead, I envision that it happens at mempool layer: every 500ms, each node could pass along the new valid transactions that it has seen, along with a proof verifying that they are all valid (including having validation frames that match their stated effects). The overhead is static: only one proof per 500ms. Here's a post where I talk about this: https://t.co/rAUSJjW7WL https://t.co/EtXpkaDll5

There have recently been some discussions on the ongoing role of L2s in the Ethereum ecosystem, especially in the face of two facts: * L2s' progress to stage 2 (and, secondarily, on interop) has been far slower and more difficult than originally expected * L1 itself is scaling, fees are very low, and gaslimits are projected to increase greatly in 2026 Both of these facts, for their own separate reasons, mean that the original vision of L2s and their role in Ethereum no longer makes sense, and we need a new path. First, let us recap the original vision. Ethereum needs to scale. The definition of "Ethereum scaling" is the existence of large quantities of block space that is backed by the full faith and credit of Ethereum - that is, block space where, if you do things (including with ETH) inside that block space, your activities are guaranteed to be valid, uncensored, unreverted, untouched, as long as Ethereum itself functions. If you create a 10000 TPS EVM where its connection to L1 is mediated by a multisig bridge, then you are not scaling Ethereum. This vision no longer makes sense. L1 does not need L2s to be "branded shards", because L1 is itself scaling. And L2s are not able or willing to satisfy the properties that a true "branded shard" would require. I've even seen at least one explicitly saying that they may never want to go beyond stage 1, not just for technical reasons around ZK-EVM safety, but also because their customers' regulatory needs require them to have ultimate control. This may be doing the right thing for your customers. But it should be obvious that if you are doing this, then you are not "scaling Ethereum" in the sense meant by the rollup-centric roadmap. But that's fine! it's fine because Ethereum itself is now scaling directly on L1, with large planned increases to its gas limit this year and the years ahead. We should stop thinking about L2s as literally being "branded shards" of Ethereum, with the social status and responsibilities that this entails. Instead, we can think of L2s as being a full spectrum, which includes both chains backed by the full faith and credit of Ethereum with various unique properties (eg. not just EVM), as well as a whole array of options at different levels of connection to Ethereum, that each person (or bot) is free to care about or not care about depending on their needs. What would I do today if I were an L2? * Identify a value add other than "scaling". Examples: (i) non-EVM specialized features/VMs around privacy, (ii) efficiency specialized around a particular application, (iii) truly extreme levels of scaling that even a greatly expanded L1 will not do, (iv) a totally different design for non-financial applications, eg. social, identity, AI, (v) ultra-low-latency and other sequencing properties, (vi) maybe built-in oracles or decentralized dispute resolution or other "non-computationally-verifiable" features * Be stage 1 at the minimum (otherwise you really are just a separate L1 with a bridge, and you should just call yourself that) if you're doing things with ETH or other ethereum-issued assets * Support maximum interoperability with Ethereum, though this will differ for each one (eg. what if you're not EVM, or even not financial?) From Ethereum's side, over the past few months I've become more convinced of the value of the native rollup precompile, particuarly once we have enshrined ZK-EVM proofs that we need anyway to scale L1. This is a precompile that verifies a ZK-EVM proof, and it's "part of Ethereum", so (i) it auto-upgrades along with Ethereum, and (ii) if the precompile has a bug, Ethereum will hard-fork to fix the bug. The native rollup precompile would make full, security-council-free, EVM verification accessible. We should spend much more time working out how to design it in such a way that if your L2 is "EVM plus other stuff", then the native rollup precompile would verify the EVM, and you only have to bring your own prover for the "other stuff" (eg. Stylus). This might involve a canonical way of exposing a lookup table between contract call inputs and outputs, and letting you provide your own values to the lookup table (that you would prove separately). This would make it easy to have safe, strong, trustless interoperability with Ethereum. It also enables synchronous composability (see: https://t.co/9jy6v1X6Fw and https://t.co/gZmu3YjebM ). And from there, it's each L2's choice exactly what they want to build. Don't just "extend L1", figure out something new to add. This of course means that some will add things that are trust-dependent, or backdoored, or otherwise insecure; this is unavoidable in a permissionless ecosystem where developers have freedom. Our job should make to make it clear to users what guarantees they have, and to build up the strongest Ethereum that we can.

We’re starting a new AI Team at the Ethereum Foundation (the dAI Team). Our mission: make Ethereum the preferred settlement and coordination layer for AIs and the machine economy. The team will focus on two main areas: - AI Economy on Ethereum = giving AI agents and robots ways to pay, coordinate, and follow rules without middlemen. - Decentralized AI Stack = making sure the future of AI doesn’t rely only on a handful of entities but has open, verifiable censorship-resistant alternatives. We believe Ethereum can be as useful for today’s AI developers as it will be for the sci-fi future. That’s why we’ll work closely with ecosystem projects to accelerate progress and push the boundaries of research and innovation at the intersection of AI and blockchains. Connecting two communities that have too often worked in parallel. We’ll work side by side with both the Protocol and Ecosystem teams at the EF. Linking protocol improvements with the needs of AI builders, and funding innovative public goods that will make Ethereum the best home for AI. Ethereum makes AI more trustworthy, and AI makes Ethereum more useful. The more intelligent agents transact, the more they need a neutral base layer for value and reputation. Ethereum benefits by becoming that layer and AI benefits by escaping lock-in to a few centralized platforms. Acting with purpose and urgency, we’ll continue our recent work on ERC-8004—a standard for proving who an AI agent is and whether you can trust it— and continue to support new upgrades and standards. Inspired by the d/acc philosophy and Ethereum values, we’ll support projects that are leveraging Ethereum to build a more resilient and secure AI ecosystem where humans can flourish with AI. Ethereum + AI is about making sure humans keep agency and AI can reach its potential. Neutral, verifiable, censorship-resistant infrastructure means AI works for the people, all of us. The team starts with myself as lead, and we’re just getting started. Explore our job postings and resources below, and join us in building the future of decentralized AI on Ethereum.