With @rj_aligned we have been talking and starting to work with market makers and block builders.
We're about to release a new protocol that should eliminate of price impact at size considerably in Ethereum L1 and would enable Ethereum to better copete with CEXes and Solana.
LLMs now make critical decisions in hospitals, defense, banks, and governments. Yet nobody can verify which model actually ran, or whether the output was tampered with. A provider or middleman can swap weights, silently requantize the model, alter decoding, inject hidden prompts, do supply chain attacks, or change the deployment surface without the user knowing.
This problem is already serious. It will become critical.
We think this needs a practical solution, not just a theoretically clean one. CommitLLM is designed to be deployable on existing serving stacks now: the provider keeps the normal GPU serving path, does not need a proving circuit, does not need a kernel rewrite, and does not generate a heavy proof for every response.
In practice, two families of approaches dominated the conversation before this work: fingerprinting, which can be gamed, and proof-based systems, which are theoretically strong but too expensive for production inference.
We built CommitLLM to target the middle ground.
The core idea is to keep the verification discipline of proof systems, but specialize it to open weight LLM inference. The cryptographic core is simple: Freivalds style randomized checks for the large linear layers, plus Merkle commitments for the traced execution. Then a lot of engineering work is needed to make that line up with real GPU inference.
The key trick is this. A provider claims `z = W × x` for a massive weight matrix. Normally you would verify that by redoing the multiply. Instead, the verifier samples a secret random vector `r`, precomputes `v = rᵀ × W`, and later checks whether `v · x = rᵀ · z`. Two dot products instead of a full matrix multiply. In the current implementation, a wrong result passes with probability at most `1 / (2^32 - 5)` per check.
A full matrix multiply, audited with two dot products.
Most of the transformer can then be checked exactly or canonically from committed openings. Nonlinear operations such as activations and layer norms are canonically re executed by the CPU verifier. The one honest caveat is attention: native FP16/BF16 attention is not bit reproducible across hardware. CommitLLM verifies the shell around attention exactly, then independently replays attention and checks that the committed post attention output stays within a measured INT8 corridor. So attention is bounded and audited, not proved exactly.
That means the protocol already gives very strong exact guarantees on the parts that matter operationally most. If an audited response used the wrong model, the wrong quantization/configuration, or a tampered input/deployment surface, the audit catches that exactly. That includes things like model swaps, silent requantization, and provider side prompt or system prompt injection.
Today the implementation and measurements are strongest on Qwen and Llama. But the protocol itself is not meant to be Qwen or Llama specific: we expect it to generalize across open weight decoder only families. What still has to be done is the engineering work to integrate and validate more families explicitly, and we are already working on that.
On the measured path, online generation overhead is about 12 to 14% with the provider staying on the normal GPU serving path. The heavier receipt finalization cost is separate and can be deferred off the user facing path. The main systems costs are RAM and bandwidth, not proof generation.
The full response is always committed, but only a random fraction of responses are opened for audit. Individual audits are much larger, roughly 4 MB to 100 MB depending on audit depth. The important number is the amortized one: under a reasonable audit policy, the added bandwidth averages to roughly 300 KB per response.
After too many weeks without sleep, I’m proud to show what I built with @diego_aligned: CommitLLM. Thanks Diego for your patience. I've been calling you at random hours.
The code and paper still need some cleaning and formalization. We’re already in talks with multiple providers and teams that have cryptography related ideas on how to improve it even more. We’re really excited about this and we will continue doubling down on building products in AI, cryptography and security with my company @class_lambda.
If governments, hospitals, defense and financial systems are going to run on LLMs, verifiable inference is not optional. It is infrastructure.
I will be explaining this in more details in the days to come and I will show how to test it and run it.
LLMs now make critical decisions in hospitals, defense, banks, and governments. Yet nobody can verify which model actually ran, or whether the output was tampered with. A provider or middleman can swap weights, silently requantize the model, alter decoding, inject hidden prompts, do supply chain attacks, or change the deployment surface without the user knowing.
This problem is already serious. It will become critical.
We think this needs a practical solution, not just a theoretically clean one. CommitLLM is designed to be deployable on existing serving stacks now: the provider keeps the normal GPU serving path, does not need a proving circuit, does not need a kernel rewrite, and does not generate a heavy proof for every response.
In practice, two families of approaches dominated the conversation before this work: fingerprinting, which can be gamed, and proof-based systems, which are theoretically strong but too expensive for production inference.
We built CommitLLM to target the middle ground.
The core idea is to keep the verification discipline of proof systems, but specialize it to open weight LLM inference. The cryptographic core is simple: Freivalds style randomized checks for the large linear layers, plus Merkle commitments for the traced execution. Then a lot of engineering work is needed to make that line up with real GPU inference.
The key trick is this. A provider claims `z = W × x` for a massive weight matrix. Normally you would verify that by redoing the multiply. Instead, the verifier samples a secret random vector `r`, precomputes `v = rᵀ × W`, and later checks whether `v · x = rᵀ · z`. Two dot products instead of a full matrix multiply. In the current implementation, a wrong result passes with probability at most `1 / (2^32 - 5)` per check.
A full matrix multiply, audited with two dot products.
Most of the transformer can then be checked exactly or canonically from committed openings. Nonlinear operations such as activations and layer norms are canonically re executed by the CPU verifier. The one honest caveat is attention: native FP16/BF16 attention is not bit reproducible across hardware. CommitLLM verifies the shell around attention exactly, then independently replays attention and checks that the committed post attention output stays within a measured INT8 corridor. So attention is bounded and audited, not proved exactly.
That means the protocol already gives very strong exact guarantees on the parts that matter operationally most. If an audited response used the wrong model, the wrong quantization/configuration, or a tampered input/deployment surface, the audit catches that exactly. That includes things like model swaps, silent requantization, and provider side prompt or system prompt injection.
Today the implementation and measurements are strongest on Qwen and Llama. But the protocol itself is not meant to be Qwen or Llama specific: we expect it to generalize across open weight decoder only families. What still has to be done is the engineering work to integrate and validate more families explicitly, and we are already working on that.
On the measured path, online generation overhead is about 12 to 14% with the provider staying on the normal GPU serving path. The heavier receipt finalization cost is separate and can be deferred off the user facing path. The main systems costs are RAM and bandwidth, not proof generation.
The full response is always committed, but only a random fraction of responses are opened for audit. Individual audits are much larger, roughly 4 MB to 100 MB depending on audit depth. The important number is the amortized one: under a reasonable audit policy, the added bandwidth averages to roughly 300 KB per response.
After too many weeks without sleep, I’m proud to show what I built with @diego_aligned: CommitLLM. Thanks Diego for your patience. I've been calling you at random hours.
The code and paper still need some cleaning and formalization. We’re already in talks with multiple providers and teams that have cryptography related ideas on how to improve it even more. We’re really excited about this and we will continue doubling down on building products in AI, cryptography and security with my company @class_lambda.
If governments, hospitals, defense and financial systems are going to run on LLMs, verifiable inference is not optional. It is infrastructure.
I will be explaining this in more details in the days to come and I will show how to test it and run it.
Community is not a group of people clapping in agreement. It’s the opposite. It’s a group of different people with conflicting interests trying to find the best outcome for everyone. The fact that there is strong debate in CT is good.
I’ve been thinking a lot about what has happened to @ethereum over the last two years: the slowdown in execution, the loss of confidence, and the shrinking influence across the industry. Things have improved recently, and Buenos Aires Devconnect was miles ahead of Bangkok Devcon, but the core problem remains unresolved. The initiatives proposed so far are voluntaristic and depend on a few individuals rather than structural changes. I just launched my blog and I’m writing a longer essay with concrete examples and a more philosophical angle. This is the first draft of the core thesis.
At the center of everything there is a contradiction: harmony vs competence.
The leadership thesis, and @VitalikButerin, is simple: power corrupts, so the only safeguard is preventing anyone from gaining power. I understand the concern. But the solution is where we diverge.
At one point many important people of Ethereum even stopped tweeting. Their answer has been to prioritize harmony above all else. That’s why the protocol barely changed after the Merge and why the gas limit stayed low. If nothing can change, no new actors can emerge. The mission became: avoid disruption, avoid conflict, avoid the rise of a new corrupt leader.
From there you get alignment politics instead of open debate. Advancement through proximity and approval rather than measurable execution. The mechanism becomes social, not technical. It’s the opposite of what made Linux succeed. Linux thrived because Linus Torvalds only cared about code quality and the best ideas winning.
This has a tragic consequence: when you suppress discussion and reward alignment out of fear of new leaders emerging, you destroy the conditions for new blood to arise. Innovation slows down to preserve harmony.
Progress requires conflict, science advances through disagreement, engineering through iteration, and markets through competition. Ideas and people HAVE to collide to find the best idea possible. Systems that suppress conflict stagnate because hierarchy replaces merit. @ameensol has been saying something similar but I don't agree with his take about the fact that this is related with socialism. To me the core problem is the destruction of the feedback loop between decisions taken by leaders and the outcomes they get.
Ethereum cannot remain global, open, and relevant while avoiding debate. Harmony without productive conflict becomes centralization. Avoid conflict and you avoid improvement; avoid debate and you avoid new talent.
Vitalik wrote on March 1st, 2025: "What Ethereum needs is a lot of young blood who share the cypherpunk vision. All OGs are jaded. It’s on the next generation now." He’s right. But the reason this is happening is because of the incentive structure created by the leadership itself.
Like in Brave New World, systems built to numb conflict only work if there is no outside competition. Ethereum no longer lives in a world without rivals. The crisis at the end of last year and start of this year happened because Solana was winning market share. Ethereum has to adapt to this reality.
The idea that power corrupts is true, but it is also historically used by leaders to gatekeep, prevent renewal, and retain power.
The funny thing is that I agree with Reth and @paradigm on the roadmap priorities. In that sense, I’m closer to their views than to the historical EF leadership. I always believed that if Ethereum doesn't acclerate we will lose. The difference is that I believe these debates must happen inside Ethereum rather than in another L1, openly, and we need to push for structural change.
Pointing these things out has a cost. One of the latest defenses against our arguments has been claiming we seek attention or that we are troublemakers. Some of the people we used to talk with also stopped answering. Gladly many, if not most actors, started telling us that we are right but they can't say things openly because this has a cost for them too.
This only proves the point: there is a culture of preventing debate to maintain the status quo. Anyone who knows us knows we defend what we believe, right or wrong, not for attention or financial motivation. We’ve worked across multiple industries without issue and with long-term clients. We care about productivity and delivery, period.
When people join Lambda they read @RayDalio's ideas. Dalio believes the highest performing organizations run on idea meritocracy driven by radical truth and radical transparency. Everyone speaks openly, nothing is hidden, the best ideas win regardless of hierarchy. Mistakes and disagreements are embraced because being challenged is the path to improvement. Suppressing truth out of fear of social consequences is the greatest tragedy that prevents excellence. I believe Ethereum is suffering from exactly this.
At @class_lambda we believe in @ethereum as the unbiased verifiable computer. We believe this mission is bigger than any person. And we will fight for what we think is right. If you want to be a global protocol and you want new cypherpunk blood then accept the fact that they will criticize you and debate openly rather than avoiding it.
Ayer lanzamos MiniApps en @lemonapp_ar.
Dejamos de ser solo una app. Ahora somos una plataforma abierta para que construyas e integres tu propio producto.
Lemon pone el acceso desde el día 0 a más de 5 millones de usuarios validados en todo Latam, rampas fiat/cripto y custodia segura.
Vos ponés la idea. 🍋
https://t.co/dkaigF9DZv
El crecimiento del Sur es imparable.
Hoy arrancamos a construir el primer pilar del standard del futuro: fundamos @surmoney_ok con @lemonapp_ar y @class_lambda .
Para que cada país de América Latina tenga su stable on chain.
Es un hito fundamental para el futuro que se viene.
LATAM doesn’t need to adapt to the global financial system, it deserves to build its own. Too many people and companies still face barriers to banking, high costs, and painful frictions just to move money across borders.
@surmoney_ok is a first step toward a region where value flows smoothly, trade becomes easier, and financial access is truly universal. Proud to be building this together with @lemonapp_ar . Let’s go @class_lambda!
https://t.co/GC8Blmod1Y
Today we are launching Sur Money, a new stablecoin company we built together with @lemonapp_ar.
Our first product is ARSs, a stablecoin for the Argentine peso.
This is the first step of a longer roadmap. We want to build a family of stablecoins for Latin America. A region with many currencies and a lot of financial friction deserves infrastructure that makes money movement predictable and stable. Our vision is to bring that stability to millions of people, regardless of the country they live in.
Lemon has been pushing crypto adoption in Latin America for years. They have more than 5M users and over 1.8M cards issued. They know what it means to build consumer products at scale, and they understand how to reach people in a region with very different financial realities.
At @class_lambda we focus on the technical foundation. For years we’ve been building distributed systems, cryptographic protocols, and blockchain infrastructure. This includes our work on the core of @ethereum, our client @ethrex_client, several Layer 2s, and protocols.
With that background, we will be building all the core infrastructure behind ARSs and the rest of Latin America stablecoins. Our goal is to connect it to the global Ethereum ecosystem with the same standards we apply in our protocol work.
Sur Money combines Lemon’s reach with our engineering experience. Together we want to build stablecoins that are reliable, transparent, and truly useful in everyday life not just for traders or early adopters, but for anyone who needs to move value safely.
Stablecoins already play an important role in global finance. They make money cheaper to move, globally interoperable, and far more efficient than traditional rails. Latin America deserves those same benefits.
ARSs is just the beginning. We will have multiple local stablecoins.
Thanks @lemoncheli and the whole @lemonapp_ar team that has been doing an amazing work.
More information at @surmoney_ok.
Thank you, @fede_intern . Building @BoulderLam together with you and @class_lambda is a privilege. Your team has been shaping the global @ethereum ecosystem for years, and bringing that level of engineering and research into a partnership designed for real institutional scale is something unique in our region.
Latin America has the talent, the need, and the urgency for real infrastructure and combining Lambda’s technical depth with Boulder’s operational and financial footprint is exactly what can unlock that potential. This is just the beginning!
Yesterday, together with @rbenzaquen, we launched @BoulderLam.
BoulderLam is the result of a strategic partnership between @_BoulderTech and @class_lambda.
Rodrigo Benzaquen will serve as CEO, and I will lead the technical side. Rodrigo was one of the earliest employees at @Mercadolibre, an early Bitcoin and Ethereum adopter, and has built and maintained critical crypto infrastructure for years.
Our goal is simple: combine institutional scale with deep technical execution to bring real blockchain infrastructure to Latin America.
On the institutional side, we have BoulderTech, part of the IRSA Group. IRSA brings decades of experience operating at the core of Argentina’s real estate and financial sectors. Through Banco Hipotecario and BACS, IRSA is directly connected to the country’s mortgage, credit, and capital-markets infrastructure. Dual-listed on the NYSE and ByMA, IRSA operates fluently across both global and regional financial environments.
On the technical side, LambdaClass contributes its engineering and research capabilities in Ethereum, zero-knowledge proofs, and large-scale distributed systems. This is the same team building critical infrastructure used across the global crypto ecosystem. Lambda also deeply understands the crypto market and its players, having worked with nearly a hundred companies in the industry.
Initial product suite:
- Real-world asset (RWA) tokenization
- Revenue-backed financing via Levenue and @loom_finance
- Digital identity (on-chain KYC & compliance)
- Wallet-as-a-Service (WaaS)
- Money transfers, cross-border payments, payroll
- Stablecoin payment acceptance
We will make blockchain adoption in LATAM scalable, compliant, and operational. In the coming months, many of these products will be running on top of @ethrex_client. As always at Lambda, our best engineers and researchers will be dedicated to this effort. We expect millions of users to benefit from Ethereum L1, L2s, and ZK technologies.
Ethereum was made for everyone.
Ethereum will be huge in Argentina and across LATAM, and with @rbenzaquen leading, @BoulderLam is positioned to make history in the region.
Thanks to @EFDevcon, @ethereumfndn for organizing Devconnect in Buenos Aires. It really helped to accelerate some needed debates in the region that made local business people realize that we should work more closely together. Hopefully this is only the beginning.
JUST IN:
A new company named 'BoulderLam' between BoulderTech and Lambda Class has been announced today at Devconnect, in Buenos Aires.
The alliance provides modern financial infrastructure for companies and institutions in Latin America, on Ethereum.
The company combines the institutional expertise of the IRSA Group, a shareholder of BoulderTech, with the advanced engineering that Lambda Class contributes to the Ethereum ecosystem, including the development Ethrex for secure and verifiable financial systems.
IRSA Group is one of Latin America’s largest and most influential conglomerates, owning shopping malls, banks, and real assets across the continent.
Through its stake in Banco Hipotecario, the country’s leading mortgage lender, and BACS, a top-tier investment bank, IRSA plays a central role in both real estate and financial infrastructure across the region.
Dual-listed on the NYSE (IRS) and ByMA (IRSA), it serves as a bridge between global capital and Latin-American real assets. Now, with initiatives aligned toward expanding institutional access and blockchain integration, IRSA represents a first major step for LATAM institutions exploring Ethereum-based infrastructure, leveraging its deep distribution networks and financial reach.
The effort is supported by BoulderTech CEO Rodrigo Benzaquen, one of the first employees of Mercado Libre, as well as founder of Nubelia.
Their long-standing ties to Argentina’s tech and financial elite add another layer of certainty and strategic depth to this collaboration.
BoulderLam implements enterprise solutions that connect the traditional financial world with the digital economy: Wallet as a Service (WaaS) infrastructure, cross-border payment networks based on stablecoins, corporate on-/off-ramps, tokenized financing for companies with recurring revenue through Levenue, and onchain digital identity tools for KYC processes and regulatory compliance.
Headquartered in Argentina and active throughout South America, BoulderLam helps organizations integrate Ethereum-based financial infrastructure with full security, transparency, and institutional-grade compliance, while abstracting away the underlying technical complexity.
This is a massive step for Argentina as the blockchain hub of Latin America.
The institutions aren't coming, they are firmly here.
Welcome to crypto's mass adoption phase.