607 Photos and videos
RT @jasonnelson: Possible hot take: Anthropic is learning the lesson Meta/Facebook learned years ago with their failed Libra Cryptocurrency…
3
alin.apt retweeted
What happened with Fable 5 is a preview of what will happen with CBDCs.
6
6
34
2,830
alin.apt retweeted
At Eurocrypt, @JanBobolz presented our work “UC4Free! Existing Threshold Signatures are UC Secure” with @cryptulf and @akiratk0355. We show that threshold signatures proven game-based secure are actually secure in the universal composability (UC) setting. eprint.iacr.org/2026/911
1
5
16
934
alin.apt retweeted
The turnstile mechanism guarantees either closure on exploitation, or impact minimization
8
18
95
12,496
alin.apt retweeted
I've been thinking about the Grand List Decoding (GLD) problem, from Boneh et al. and the Ethereum Foundation. Wrote a hackMD post (primarily to teach myself what the problem is about) explaining it from scratch. Read it here: hackmd.io/@-urCr-W9R8mS-UktG…
2
5
26
1,554
alin.apt retweeted
Jun 5
In case you missed it: Confidential assets and transfers are already LIVE on @Aptos Mainnet.
Wallet integrations will be out soon, but you can already send assets confidentially using confidential.aptoslabs.com (powered by the Aptos Keyless stack)!
6
7
27
1,298
It's disheartening to see so many root against Zcash.
We owe so much to the courage of the Zcash team: ten years ago, Zcash was a moonshot.
They were the 1st to deploy a *fully* anonymous payment system and the 1st to deploy a zkSNARK-based cryptosystem.
Rooting against the team being able to recover from this bug is rooting against all other serious privacy efforts for cryptocurrencies: they are all based on the same nullifier techniques via circuit-based zkSNARKs.
This is not a zero-sum game.
Zcash has been showing us the way for over a decade and will continue to do so.
e.g., Zcash will soon be the 1st team to deploy a *formally-verified* zkSNARK circuit implementation for anonymous payments.
44
49
337
19,059
No one can _really_ know *yet* if the bug was exploited and thus if the Orchard pool's shielded ZEC supply is inflated.
Although we could make an educated guess that there was no exploit, the right path (x.com/zooko/status/206264492…), which Zcash seems to be taking, is to:
1. Disable everything except withdrawals in the old, potentially-inflated, Orchard pool (a.k.a., the "old bus")
2. Start a new Orchard pool (a.k.a., the "new bus")
3. Give users time to "get off the old bus" and "get on to the new bus" (like @hosseeb beautifully put it: x.com/hosseeb/status/2062918…)
4. Wait and see if anyone is stuck on the "old bus"
1
1
23
6,108
alin.apt retweeted
BITCOIN RAILS #61: QUANTUM CRYPTOGRAPHY FOR BITCOIN | with Dan Boneh @danboneh
🔗 YOUTUBE: youtu.be/F-HG87VJj_k
🌿 SPOTIFY: open.spotify.com/episode/7ly…
One of the most prolific and influential cryptographers in the world, it’s difficult to fully quantify the impact that Dan Boneh has had on Bitcoin and digital assets more broadly.
Through both his own research and his mentorship of some of the space’s most important contributors — e.g. Andrew Poelstra, @benediktbuenz, and @robin_linus — few people have done more to shape the cryptographic foundations underlying modern blockchains and digital finance.
More recently, Dan co-authored @Google's widely discussed paper, “Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities,” which reduced prior estimates of the resources required to run Shor’s algorithm against the elliptic-curve cryptography used by Bitcoin.
The paper reignited debate around quantum computing timelines and the long-term security assumptions behind modern cryptocurrencies.
In this episode of Bitcoin Rails, Dan and I discuss the current state of quantum computing, its potential implications for Bitcoin, and how he believes the Bitcoin community should think about preparing for a post-quantum future over the coming decade and beyond.
And yes, Dan shares his take on the “when quantum” question in the interview, among other key perspectives.
This episode of Bitcoin Rails is brought to you by my NEW sponsors:
LayerTwo Labs @LayerTwoLabs — developing research, software, and technologies for scaling Bitcoin via the integration of Drivechains (BIP 300/301)
Hashi on @SuiNetwork — a primitive for executing Bitcoin Defi transactions, without having to trust a federated bridge or other centralized entity
BitBox @BitBoxSwiss — an open-source Bitcoin-only hardware wallet, with smooth UX and no compromises on security. Check out Bitbox [dot] swiss and use code BITCOINRAILS to get a discount
TIMESTAMPS:
00:00 — Intro and Dan’s history with cryptography and Bitcoin
11:44 — Shor's algorithm: how a 1994 paper became cryptography's most important threat
16:39 — Building a quantum computer: superconducting qubits vs neutral atoms
25:37 — When should we start worrying about quantum computers? The timeline debate
31:51 — Have we already reached quantum computing's “ahá” moment?
39:09 — Inside the Google paper: how Shor's algorithm was optimized
49:57 — The Bitcoin mempool attack and the 10-minute window
59:21 — Mitigation: what should Bitcoin do to prepare for quantum?
1:11:54 — Hash-based vs lattice-based signatures: Dan's case for lattice
1:23:15 — ZK proofs, BIP361, and what to do with Satoshi's coins
1:31:52 — Encrypted mempools and MEV
1:38:29 — Why Bitcoin will survive quantum and Dan's message to Bitcoin builders
23
33
184
110,195
Short note: how we decrypt confidential balances fast on @aptos using a Ristretto255-optimized variant of baby-step giant-step ⏬
alinush.org/bsgs
4
28
1,731
This looks like a super-fun tutorial on lattice-based ZKPs, specifically on Lantern [LNP22], which can prove knowledge of MLWE secrets & more: lattice-zk.isec.tugraz.at/
1
4
35
1,629
[LNP22] Lattice-Based Zero-Knowledge Proofs and Applications: Shorter, Simpler, and More General; by Vadim Lyubashevsky and Ngoc Khanh Nguyen and Maxime Plancon, eprint.iacr.org/2022/284
1
3
608
indeed, “crypto” has much to learn from the banking sector:
HSBC: work directly with your customers (the cartels) justice.gov/archives/opa/pr/…
BNP Paribas: launder enough to get fined $89B justice.gov/archives/opa/pr/…
Standard Charters: “we launder by the 100’s of billions baby!” bbc.com/news/business-192536…
May 13
For decades, the U.S. has counted on banks to identify suspicious activity and fight financial crime.
That requires tens of thousands of employees and countless hours. Crypto companies don't have the same obligations. And it shows. 🧵
7
824
Very nice to see @ssadkov's demo wallet for confidential APT!
May 23
1/ How to test Confidential APT
MorokPay (by @yieldai_app) is a working @Aptos app that lets you try Confidential Assets with APT.
If this is your first time, start on testnet. It is the best way to understand the flow before touching mainnet funds.
1
8
572
alin.apt retweeted
May 18
Great discussion by @alinush
one missing point: people compare protocols, treating them as if they were standalone, black-box objects.
They are not.
The hardest part isn't getting the cryptography math right but ensuring that a user doesn't end up shooting his own foot.
🧵
Would be nice if someone did a literature review of all threshold ECDSA protocols, attacks and argued for what should be the safest & fast-enough choice for production.
Is it Cait-Sith (github.com/cronokirby/cait-s…)?
Is it DKLs23 (dkls.info/)?
Heck, maybe it is a generic MPC VM-based one (@badcryptobitch)?
@cryptodavidw has a list of some recent protocols but his blog is not prescriptive, unfortunately (cryptologie.net/posts/whats-…)
2
1
8
821
Few understand what it takes to succeed as a Romanian 🇷🇴
Peak Romanian innovation
Every toothless construction worker grabs one of these for breakfast
Then takes sips from it for the rest of the day
Roads and bridges get built on this diet 💪🏻
5
542
alin.apt retweeted
May 18
There’s been some reporting that Meta contributed an unfathomable sum to promote age verification laws globally. This is broadly true, but actual situation is a bit more complex. Figured it was worth an update.
29
149
986
180,649