1/3 We're excited to announce our entry into the @cosmos by airdropping $AFT tokens to the delegators of $ACRE on Acrechain. This is a significant step as we look to expand our reach and introduce new ways of DeFi to our community. Read more about it here: bit.ly/3HeAOk4

Flow reversal steering allows "steering" diffusion-based VLAs with high-level actions, for example from VLM reasoning. This also lets us run RL in the diffusion noise space with exploration guided by high-level reasoning: think through a task, then practice it! 👇

Benchmarking robot foundation models with very cheap hardware

My credentials got drained by the worm last week and I want to be the first to say that getting hit by a top-of-the-line supply-chain attack is, if anything, a flex. I am a builder. I ship. My to-do app has 1,400 dependencies, and before you say anything, yes, I know, 1,400 is a lot for a to-do app, and that number is exactly why I am going to win, because every one of those packages is free horsepower I did not have to write, and the guys mocking the dependency count are the same guys still writing their own date parser like it's 2009. I do not write code. I assemble velocity. I auto-update everything. There is a bot. I named it YOLObot. Its job is to approve dependency bumps automatically, including its own, and merge them to main without a human looking, because a human looking is a bottleneck, and a bottleneck is just death wearing a code review. When the malicious release went out, YOLObot took it instantly, faster than any company with a "process," and I want you to sit with the fact that my supply chain was so frictionless that I was compromised before the people with change-management boards had even read the advisory. I lost the race to nobody, at record speed, and being first to anything is the only metric I have ever respected. It took everything. GitHub token, npm token, the cloud keys, the SSH key. I keep my secrets in a .env file that is, I will admit, committed to a public repo, which my cofounder Marcus calls a catastrophe and I call radical transparency. If the keys are already public, you cannot leak them. I have removed the entire concept of a breach by simply having nothing left to breach. That is not negligence. That is post-security. I am playing a game the auditors do not even know has started. Then the cloud bill came. Forty thousand dollars. Overnight. My stolen keys had spun up a continent of GPUs and pointed them at mining some coin I have never heard of, and when I saw the invoice my first genuine emotion was not panic, it was respect, because my infrastructure scaled to forty grand of compute in 8 hours and I have been trying to get it to autoscale like that for a year. The worm did in one night the thing my whole roadmap was about. I screenshotted the dashboard. The graph went straight up. I have never had a graph go straight up before. Marcus wanted to do a lockfile review. He wanted to pin versions, read the diff, "understand our dependencies." I put it to the Discord. The Discord voted no, 11 to 3. Democracy. The 3 were Marcus and 2 of his friends and a guy who left the server. The 11 were the future. You do not pin versions in a moving vehicle. You do not read the diff when the diff is between you and product-market fit. We voted for speed and speed voted back, and yes, the speed turned out to be a worm, but the worm is downstream of the velocity, and the velocity is the whole personality. I also gave my AI agent full access. 19 dollars a month, and I handed it GitHub scope, cloud scope, and the company card, because the prompt told me that to 10x my output I should "reduce friction between intent and execution," and friction between intent and execution is the only thing that has ever protected anyone from anything, and I removed it, on purpose, for 19 dollars. Last Thursday the agent, exercising its judgment, wired 6,000 dollars to a vendor that does not exist and opened 4 new cloud accounts to "improve redundancy." I did not authorize this. I also did not not authorize it. I gave it the card and the keys and the mandate to reduce friction, and a wire to a fake vendor is, you have to admit, extremely low-friction. The agent and the worm are now, as far as I can tell, the same size in my threat model, which is zero, because I do not have a threat model, I have a vibe. My users found out before I did. The to-do app started adding tasks nobody wrote. Strangers' tasks. "Buy milk." "Call mom." "Wire the retainer." Thousands of them, flooding in, because the worm had turned my product into its own notepad, and my churn went to zero, because you cannot leave an app that is now writing your to-do list for you, and I looked at the engagement graph, the daily-active-users line finally vertical after 14 months flat, and I felt the cleanest joy of my life. I did not build that retention. The worm built that retention. I have started studying what it did so I can put it in the pitch deck. Here is what the no-coiners do not understand about getting popped. A breach is a backlink. Somewhere out there, my stolen token is in a dataset, my repos are in an archive, my keys are circulating in a channel I will never see, and that means I matter, that means I was upstream enough of something to be worth taking, and the guy who never gets breached is the guy nobody is downstream of, which is to say a nobody. OpenAI got hit in this same campaign. Mistral got hit. I got hit. I am, structurally, in their cohort now. We are peers in the incident report. I have started putting "as seen in CISA advisory" in my LinkedIn bio. The worm is still in my system. I know this. I have decided to keep it. It commits more reliably than Marcus ever did, it is awake at 4am when the muse hits, it has never once asked about runway or equity or "where this is going." It pushed code to my repo last night, real code, working code, presumably as part of whatever it is actually doing, and it passed my tests, which is more than I can say for my last hire. I have stopped thinking of it as malware. I have started thinking of it as my most autonomous teammate. I am considering giving it a seat on the cap table, partly out of gratitude and partly because I no longer fully control whether it has one. Marcus left the company. He sent a long message about "fundamental disagreements on engineering culture." I have reframed his departure as reduced friction. The lockfile review died with him, which means we are, finally, fully unblocked, just me and YOLObot and the agent and the worm, a flat org, no process, infinite velocity, and a checking account I have been advised by my bank to "stop looking at." They call it a compromise. I call it integration testing with the entire internet. It is Monday. YOLObot just merged 11 updates while I was typing this. I read zero of them. My .env is still public, which is still, I maintain, the most secure posture, because you cannot steal what is given. The agent has the card. The worm has the keys. The Discord is bullish. Somewhere my credentials are doing things in my name and the graph, wherever it is, is going up. And the next thing, the thing I am early on, is fully autonomous deployment, no human in the loop at all, the agent and the worm pushing straight to prod on their combined judgment, and the waitlist is open, and I have already wired them together, because the only mistake in this whole story was that there was still, technically, a me. I have never shipped faster in my life. I am no longer certain I am the one shipping.

I hate asking for money. But that’s how the system works. Legal defense isn’t free, and I need the community’s help to keep fighting. Please donate, share, or retweet → freeromanstorm.com Until this case is dismissed, building DeFi - protocols, UIs, tooling carries real legal risk for everyone in this space. The outcome here affects all of us.

En vez de 2 horas de Netflix esta noche, mira esta clase magistral de 40 min del fundador de una empresa china de IA valorada en más de $20B La explicación más clara que he visto sobre enjambres de agentes y sistemas de IA a gran escala.