Nethny

karpathy just shared his setup for LLM-compiled knowledge bases - raw docs go into a wiki maintained by agents, then you query it like a research assistant now think about this for crypto. every protocol has docs scattered across gitbooks, github, medium, discord. half of it outdated by the time you find it one local wiki where you ask "cheapest way to batch token transfers on Solana" and your agent cross-references frameworks, token extensions, and RPC limits in seconds the real AI × crypto build isn't another token. it's tooling that lets you actually navigate this ecosystem

The speed of the ecosystem response yesterday showed exactly how strong this community is. That coordination matters. One thing this incident made clear: the contracts held. The vulnerability was at the human and operational layer. As the Foundation builds out those support channels, signer opsec and key management standards could be the highest-ROI investment for the whole ecosystem.

Agents monitoring is one layer, but the core issue is the moment of signing. An agent can flag a suspicious tx - but can it verify that the human signer actually understood what they approved? That gap between detection and deliberate human decision is where these attacks keep landing.

$1.8B stolen across Bybit, Step Finance, and Drift - and not a single one was a smart contract bug. Drift's $285M wasn't a program exploit. It was social engineering against the Security Council multisig. Durable nonces kept signatures alive while signers got compromised one by one. We keep auditing contracts. Attackers keep walking around them. The unsolved problem in DeFi security isn't code - it's proving that a human actually looked at what they signed.

the pattern across Bybit, Neutrl, Drift is the same: the weakest link isn't the contract, it's human attention under pressure. maturity as an industry probably means hardware that enforces deliberate signing - not just "be more careful." you can't opsec your way out of sophisticated social engineering forever.

PDAs solve the tx mechanics. but the Drift attack wasn't a tx problem - it was a human attention problem. signers were compromised before they touched any nonce. what if the hardware required proof you were deliberately focused before authorizing? you can replace the primitive, but you can't patch inattention at the protocol level.

pager duty is still reactive - someone has to notice and respond. what if the signing device required hardware-attested proof of deliberate attention before authorizing? attacker compromises the signer, but can't fake the 8-minute focus window. Seed Vault on Seeker could enforce this today. detection becomes irrelevant if signing is physically gated.

The real gap isn't multisig - it's that signing proves key access, not deliberate human attention. What if high-value txs required hardware-attested proof that all signers were simultaneously in verified focus for the last 8 minutes? Gaze-tracked, Seed Vault signed. Social eng gets credentials, not temporal proof of collective deliberation. Is anyone building attestation at the biometric layer?

This is exactly what on-chain focus verification needs. If MetaTimer can predict LLM reasoning latency with 6% error, imagine using that same chain-of-thought decomposition to validate real focus signals on Seeker. Semantic complexity → attention depth. Have you thought about that layer?