104 Photos and videos
Ethereum can already start preparing accounts for a post quantum world, without waiting for a hard fork.
Today, it would be just 0.07$ .
Further audits incoming. Though I squeezed in a review with Fable before Uncle Sam crashed my party. Verity formal proof included for my lean enjoyers
ethresear.ch/t/sphincs-minus…
80
83
467
65,852
Jun 12
Very nice new Rust classical/PQ crypto library built by Ledger co-founder Christophe focusing on no dependencies and hardened against side channels codeberg.org/cslashm/kryptei… - also make sure to read CONTRIBUTING.md for a good ruleset regarding PRs assisted by automatic programming
2
8
38
1,639
Jun 12
Un jour en Europe, dans un village déprimant un jour de pluie, quelqu'un s'est dit que la solution aux frais opaques des banques c'était de forcer à les partager. Et en bonus on ne peut plus savoir combien on envoie. Merci mon ami, grâce à toi on économise du marketing en crypto
1
6
791
Nicolas Bacca retweeted
Jun 10
Clear signing is now live in Ambire.
Powered by EIP-7730, you can now see exactly what you're approving before you sign.
10
8
75
7,442
Nicolas Bacca retweeted
Salut, c’est Cédric, désolé j’étais occupé…Mais la je suis dispo pour répondre à vos questions !
819
2,909
46,750
2,015,451
Nicolas Bacca retweeted
Jun 9
We’ve just raised $175M, in a round co-led by @paradigm, @a16zcrypto, and @RibbitCapital, the largest raise DeFi has ever seen.
Credit is the bedrock of our civilization, but the infrastructure underneath is fragmented, extractive, and closed to most of the world. That is what @Morpho is here to change.
Morpho is building the open credit network for the world. The global credit market is $ 200T. We are building the infrastructure layer that will move it onchain, and every institution, fintech, and bank that wants to participate in the next era of finance will connect to this network.
After four years of being heads down building Morpho, we now count more than $11B in deposits and integrations with leading financial institutions including @Coinbase, @Binance, @FireblocksHQ, @SG_Forge, @krakenfx, @Bitwise, and dozens of others building on Morpho to offer better products to their users. But this is just the beginning.
This raise will allow us to accelerate: activating the global credit network at scale, building the go-to-market engine to match our ambition, and bringing more institutions onto the network faster.
Having any kind of onchain strategy in this era will mean going through Morpho at some point. Reach out and let's talk. And if you want to help build the open credit network for the world, we have plenty of open roles.
Let’s fly 🦋
Morpho Association has raised $175M to build the open credit network for the world.
Co-led by @paradigm, @a16zcrypto, @RibbitCapital with strategic participation from @apolloglobal, @vaneck_us, @circle_ventures, and @Ledger @Cathayinnov.
The round also included participation from @variantfund, @wmt_ventures, @preludexyz, @IOSGVC, @HashKey_Capital, @sbigroup, @Bpifrance, @mirana, @bamazizimesh, NJJ Capital and 10 other strategic partners.
The funding will help accelerate Morpho's position as the foundation for onchain credit.
322
151
2,301
346,812
Jun 8
A couple days later they are still there. I guess nobody cares about reports anymore and Elon will just cry that Europe is unfair when this dumpster fire gets sanctioned again
Jun 2
Reporting again "a few" malicious ads (fake news site leading to an obvious investment scam) that have been live for 3 days now. Twixtter trust & safety seems to be doing well.
8
467
Nicolas Bacca retweeted
Jun 6
In today’s Vatnik Soup, we introduce Vincent Bolloré, a French billionaire and media tycoon. He’s best known for building a powerful media empire and for reshaping editorial lines across French media and publishing, pushing them toward far-right and pro-Kremlin positions.
1/25
35
857
2,398
79,224
Jun 6
Signal for Android did some very good performance upgrade recently around 8.13 (maybe around 5d45914) and is usable again on a large (> 15 Gb) database, along with the new local backup format. Was painful to wait several seconds to send in a years old chat and 14h to backup.
9
818
Jun 3
Update following Tropic Square report the secrets are also vulnerable and the attack vector will be disclosed in Spring 2027. Curious about the specifics as I like the idea of MAC-and-Destroy as an additional simple enough safety belt against traditional attacks
We built TROPIC01 to find its limits.
Today we're publishing a Security Advisory on a hardware vulnerability discovered during an independent audit by the Ledger Donjon team - alongside the deeper findings our engineers made as a result.
What was found:
👉️ During their audit, Ledger Donjon successfully executed a Laser Fault Injection attack bypassing firmware boot signature under lab conditions - but essential hardware security withstood it.
👉️ Building on that discovery, our team found that more complex combined attack paths can potentially breach the hardware boundary and expose all confidential data.
Worth knowing:
👉️ This is not a remote exploit and there is no evidence of real-world exploitation.
👉️ Mitigation measures for this attack vector are available for deployment.
True hardware security is built on transparency and auditability. So we don't just tolerate scrutiny, we invite it. This disclosure is that principle in practice.
A huge thanks to @DonjonLedger team for their exceptional technical expertise, professionalism and dedication to coordinated disclosure.
📄 Read our full announcement: bit.ly/4vGfgEH
🔬 Link to technical deep-dive: bit.ly/49Cj8Ol
2
12
1,231
Jun 3
Another great one from @DonjonLedger and nice to see how @tropicsquare secrets protection still holds under a total firmware compromise. Very cool design for a first chip donjon.ledger.com/blog/tropi…
2
3
21
971
Nicolas Bacca retweeted
Jun 2
Here is the root cause of the current Gnosis Pay incident. Several other projects are affected. We tried to inform everyone privately in advance, but if you haven’t heard yet and are using a Zodiac module — Delay or Roles — please urgently check whether you are affected 👇
Jun 2
Community Notice: Zodiac Roles Modifier v2 and Delay Modifier v1.1.0 — Security Update
We identified a vulnerability in two Zodiac modules: Roles Modifier v2 and Delay Modifier v1.1.0. It affects only accounts where one of these modules is enabled AND a Safe account with a vulnerable fallback handler is itself assigned as a module or role member to the affected module.
Safe smart contracts, Safe{Wallet} infrastructure & UI are not affected.
Other Zodiac modules and setups are also not affected.
We've been working directly with affected users since identifying the issue. Over 95% of identifiable accounts have already resolved it.
If you have either module enabled and have not yet acted, check your account and follow the steps: app.zodiac.eco/public/fallba…
We apologize for the disruption and concern this incident has caused. Our team is working as quickly as we can to support affected users and help wherever possible.
A full post-mortem will follow.
If you have any questions, reach us at security@gnosisguild.org
3
46
184
30,914
Jun 2
Reporting again "a few" malicious ads (fake news site leading to an obvious investment scam) that have been live for 3 days now. Twixtter trust & safety seems to be doing well.
7
996
Jun 2
PSA you can pivot to AI without sending AI slop to your shareholders. Nobody wants to read walls of text without style and "it's not X, it's Y" cringe fest. Just send the raw data and our agents will do the job. Thank you for your attention to this matter.
3
17
1,167
Nicolas Bacca retweeted
May 31
Are passkeys actually like a hardware wallet built into your phone? I'm afraid not
(They are still pretty useful for quickly creating hot wallets)
dankradfeist.de/blockchain/2…
17
14
192
43,624
Nicolas Bacca retweeted
May 31
Yesterday, Circle froze an entire privacy protocol because of one non-compliant user.
We're making sure that doesn't happen to @RAILGUN_Project.
For the next epoch:
- $fxUSD shielding/unshielding fees: compensated
- USDC unshielding fees: compensated (if you swap to $fxUSD and shield)
Migrate from freezable USDC to censorship-resistant $fxUSD.
Claim in one month:
fx.aladdin.club/v2/railgun-a…
6
14
72
8,615
v0.6 is live, our biggest release since launch!
Since the first release in October 2024, we’ve been actively gathering feedback from vault operators and asset managers running 120 vaults across 18 chains to build the best possible product.
This update delivers exactly that: better UX for LPs with the sync redeem feature, deeper security with NAV guardrails, greater manager autonomy, opt-in compliance features, and true strategy modularity. All shaped directly by the teams using Lagoon every day.
Audited by @Nethermind and @trailofbits.
(Claude Opus 4.7 ran a pre-audit too. It approves. 🤖)
Huge thanks to everyone who contributed. Onward 🌊
May 28
🌊 Lagoon v0.6 is live.
Our largest release since launch — 11 new capabilities, fully audited, shaped by managers running 120 vaults across 18 chains.
Three themes: deeper security, manager autonomy, strategy modularity.
Here's what ships 👇
3
8
20
2,008
May 27
Annoyed by Ledger broken on @roman_zeyde excellent SSH/GPG agent so I asked my friend Jean Claude to fix it - sideload github.com/btchip/app-ssh-ag… and use github.com/romanz/trezor-age… v0.15.0
AI makes open devices live forever (and probably closed ones too soon enough)
2
12
933
May 27
1 pour la PoZ, une valeur sûre
May 27
Il y a une arnaque de nouvelle forme sur telegram actuellement.
L'attaquant a inventé un faux projet appelé Suisse wallet.
Ils a inventé toute une équipe qui envoie des messages sur telegram pour embaucher quelqu'un a des tarifs de dingue. L'offre est alléchante. C'est l'hameçon !
Il a fait des faux profils telegram de personnes réelles de la communauté crypo, et grâce a des agents IA, les fait parler dans 2 grands groupes. On a l'impression d'être dans des vrais groupes mais certains détails sautent aux yeux. Le nombre de membres actuellement en ligne est trop bas, et si on clique sur les profils des membres, le nom d'utilisateur est différent et ils n'ont aucun groupe en commun avec toi.
Quand tu visites ces groupes, tu a l'impression de voir les vraies personnes. Les agents vont même copier des messages de la vraie personne pour les répéter dans leur groupe.
Sur X, ils ont aussi des faux comptes, avec des photos trafiquées de vraies conférences, avec des gens respectables, mais ils modifient l'arrière plan pour y afficher le nom de leur faux projet.
Tout est orchestré par IA, c'est dynamique, et cela tente de saturer l'espace informationnel de la victime pour la mettre en confiance.
Cela fonctionne, des personnes m'ont contacté pour savoir si c'était un bon projet.
Voici Un aperçu des futures attaques qui vont se multiplier.
Pour se protéger, il faut être sûr des groupes dans lesquels on est, rencontrer les gens pour de vrais (proof of zapoï), échanger des clés de vérification, faire le vrai business sur les plateformes comme Signal qui sont bien plus résistantes aux bots (pour le moment) et surtout vérifier toujours la réalité de ce que l'on voit.
Notre espace informationnel est de plus en plus saturé d'informations inventées. C'est notre chance pour se protéger réellement.
Don't Trust, Verify.
1
6
1,488