Encrypted but not ephemeral. At Utah #nsa center, decryptable once feds go quantum. What % of data-in-transit use PQcrypto? Feds <3 short term "going dark"-raises value of decrypt long term due to more secrets blurted in faux-privacy! #btc cc @ggreenwald @adam3us @francispouliot_

2) One master key for the whole chain Leak it once :) Every key derives from a single 32-byte MSK. All txs are decryptable if it leaks. And seed nodes hold it in plaintext in memory!

You are showing no such thing. File Protection classes are for apps to control when their data is decryptable, not who can access it. Of course Spotlight *could* have a permissions layer, but no such layer exists currently. I've been building apps for Apple platforms since 2010

Gm CT. This is my submission for @zama's Builder Program Season 3. Taking some time off the TL helped me focus a lot more on thinking and building, and i got the idea that API keys need stronger security guarantees around them. So I built NullFetch. It solves one problem and creates one opportunity. 🔗 nullfetch.vercel.app The problem: API keys leak, could be through commits, breaches, insider access. The opportunity: wider distribution NullFetch is an API marketplace where service providers list their endpoints and anyone can plug in to use them. users just have to connects their wallet, register for a listed service, and then PRIVATELY generates their own key on their own device. the best part is - you never take your keys anywhere. the provider doesn't store it, doesn't hash it, doesn't hold anything decryptable in a breach because there's nothing to steal. All you need is the service endpoint and your wallet. If you're developer, you should check it out. 🫡

I thi k its over for crypto, soon it will be decryptable

Every project in crypto claims to be private. Almost none of them mean the same thing. Hiding your wallet address is privacy. Encrypting transaction amounts is privacy. Concealing smart contract inputs during execution is privacy. These are fundamentally different properties and conflating them is how bad projects survive due diligence. @fhenix published a Privacy Stages framework to force this distinction into the open. Stage 1: metadata hidden, content visible Stage 2: content encrypted, but decryptable by a trusted party. Stage 3: encrypted execution with decentralized key control no single entity can unilaterally read your data. Stage 4: full input/output privacy with onchain verifiability. Most private blockchains are Stage 1 or 2. They obscure. They don't encrypt. Or they encrypt but hand the keys to a foundation, a multisig, or a hardware manufacturer. CoFHE operates at Stage 3-4. Computation over encrypted inputs. Threshold decryption requiring quorum of independent operators. No trusted hardware. No single key holder. The framework isn't self-promotion it's a diagnostic tool. Apply it to any privacy claim and the answer becomes clear. Most projects won't survive the test.

Any password recoverable from a breached vault 😏 I’d rather synthesize passwords at runtime using input only the user holds. No stored passwords. No decryptable vaults. Opaque metadata if the DB leaks. vaultless, zero-knowledge and seamless That's Neokey neokey.in Feels like the healthier direction honestly.

Hey Frank, plot twist: Bitcoin is quietly becoming the MOST quantum-resistant money on the planet, and almost nobody talking about this threat knows what the devs are actually building First, why your take is half right: quantum isn’t a 2-3 year threat. Breaking BTC needs a fault-tolerant machine with millions of stable qubits. We have a few hundred noisy ones. That gap is a decade-plus out. “The only thing that can save bitcoin” is overstated. There’s no live threat to save it from yet. From a narrative perspective I do see where you’re coming from though. But the part you’re missing is the threat was never uniform. A quantum computer comes for the soft, always-online targets first: - SWIFT - Bank TLS - Payment rails - Treasury systems - The certificate authorities running the whole web All RSA/ECDSA. All centralized. All harvestable TODAY, decryptable later. Banks crack first because they’re the easy target. Bitcoin is actually ALREADY one of the hardest. And the devs are already hard at work making it more resistant through a few things I’ll list below in case you’re not closely paying attention. What’s in motion: 1. BIP-360 and the P2QRH address type There’s a live proposal for “Pay to Quantum Resistant Hash” addresses. New output type, designed so coins sit behind post-quantum-safe commitments instead of exposed ECDSA keys. 2. Actively debating the post-quantum signature scheme The NIST standards are already finalized. Devs are evaluating the candidates for Bitcoin specifically choosing between - SPHINCS (hash-based, ultra-conservative, leans on the SHA-256 Bitcoin already trusts) And - CRYSTALS-Dilithium / ML-DSA (lattice-based, smaller sigs) 3. They’re mapping a migration path The hard part isn’t the crypto, it’s moving coins safely. Work is underway on: • A commit-reveal scheme so you can prove ownership and migrate WITHOUT broadcasting your vulnerable public key •Handling the ~25% of coins in already-exposed/reused addresses (including early P2PK coins, the Satoshi-era stuff) •Whether to set a deadline to freeze unmigrated vulnerable coins etc 4. Most importantly a foundation to be quantum-resistsnt already exists. - Bitcoin was built on TWO layers of crypto, and only one is quantum-vulnerable. Your address is protected by hashing (SHA-256 RIPEMD-160), which quantum basically can’t touch. Your public key (the part Shor’s algorithm actually breaks) stays sealed underneath that hash - Coins in fresh, never-reused addresses are already safe by design. The world only sees the hash, and the hash is quantum-safe. The vulnerable key is hidden - Your public key only gets revealed at the moment you spend. So the exposed coins are reused addresses, old P2PK outputs (Satoshi-era stuff), and txns sitting in the mempool mid-spend - Hashing is quantum-safe in any practical sense anyway. Grover only halves its strength, which you fix with bigger outputs So the dev work isn’t “make Bitcoin quantum-resistant from scratch.” It’s narrower than that. The protective foundation was baked in from day one. The post-quantum signatures just close the one remaining gap, the act of spending and the already-exposed coins. Quantum isn’t exposing some flaw Bitcoin forgot about. The architecture already anticipated keeping the vulnerable layer hidden.​​​​​​​​​​​​​​​​ So put it together: Gold can’t upgrade. You can’t patch an atom. Banks have to rebuild their entire stack under duress. Bitcoin? Bitcoin is the one monetary asset with a governance process, an active proposal pipeline, and finalized cryptography sitting on the shelf ready to fork in. The thing you’re framing as Bitcoin’s existential risk is the exact arena where it’s furthest ahead. Only honest caveat, and I’ll grant you this fully: the migration window is the real challenge but it’s easily solvable. In a post quantum world everyone will know why BTC is the most sound monetary asset on planet earth besides well Lola on solana.

X Chat: "End-to-end encrypted," with your private key (derived from your PIN) distributed on different realms... all owned by X itself. I hope none of you are actually writing anything sensitive in those chats. They are discoverable via subpoena and readable by X itself. Subpoena key shards from X -> instantly crack the 4-digit PIN -> all messages decryptable. Or X can just do the same thing unprompted. The claim of E2EE is effectively a lie. Elon's products are usually decent so I don't know why he's shilling this one so hard and basically engaging in false advertising unless he is really hungry for people's private messages for some reason. Then again, I guess it's like the "X free speech" lie. He evidently cares more about hype than building something that fully lives up to it.

Why does Clover's FHE Vault split withdrawal into two transactions instead of one? Step 1: requestWithdrawal commits to an amount and marks the "can_withdraw" boolean as publicly decryptable. Step 2 (later): finalizeWithdrawal pulls the now-decrypted result. If true, ETH transfers out. If false, the request expires. Why Split It? Because FHE public decryption is asynchronous. It happens off-chain in the @zama coprocessor, then a signed result is posted back. You cannot await it inside a single transaction. Engineering around real-world latency constraints is what production FHE looks like.

I’ve encoded this cryptoart drama into poetic scripture (English—decryptable), subtle Ethereum datascape, and layered symbolism. Beneath the inscription, a dove paces back and forth across a digital screen hung above a weathered platform. 🧵(2/3) 👇🔗

The city stopped using names years ago. Every person became a number. Every conversation became monitored. Every memory became searchable. People adapted the way humans always do. Quietly. Mira worked inside one of the last public data centers. Her job was simple: watch for “anomalous private behavior.” Most alerts were harmless. People hiding medical debts. Secret relationships. Illegal books. Then one night, the system flagged something impossible. A conversation with no visible sender. No readable metadata. No exposed identity. No recoverable history. The message only contained one sentence: “Some things were never meant to belong to the network.” Mira tried tracing it. Nothing. No central server. No decryptable payload. No owner. For the first time in years, the system could see activity without understanding it. The architects called it dangerous. Regular people called it freedom. Over the next few months, encrypted compute spread quietly through the city. Hospitals began processing patient records without exposing identities. Journalists shared evidence without leaking sources. Even small children learned there were parts of themselves machines didn’t deserve access to. The network still existed. But now it had limits. And maybe that’s what scared the authorities most. Not rebellion. Boundaries. @Arcium

Claude did not crack or recover the forgotten password, which was never used; it identified an older wallet file decryptable with a pre-existing seed phrase from before the password change. x.com/cprkrn/status/20545939…

🟠 A man has reportedly used Claude to recover around $400,000 in $BTC from a wallet he forgot the password to 11 years ago. @cprkrn fed old computer files into Anthropic's Claude AI, which found an earlier decryptable wallet file, fixed a bug in the btcrecover tool, and recovered the private keys. He committed to naming his child after Anthropic CEO Dario Amodel.

MPC Vaults are live on OutLayer. Every embedded-wallet provider (Privy, Magic, Dynamic, Web3Auth) controls the key infrastructure. You bring the users. Try to leave and you find the trap: per-user export, most users never move, you forfeit the base. The lock-in is the whole moat. We wanted to ship this without the moat. Here's how MPC Vaults work: you set up a tiny contract on your own NEAR account. That contract anchors every wallet OutLayer generates for your users. The actual keys live inside a secure enclave, get derived only when needed, and never persist anywhere - not even with us. The master they all flow from is tied to your contract, not ours. You own the anchor. We just do the work. The exit is the point You can stop using OutLayer at any time. Run the same derivation in your own TEE (we ship the exit code). Query NEAR MPC from your vault, get the exact same 32-byte master, regenerate every wallet, every key, every secret. None of your users notice anything. We can't lock you in. The master was never ours to hold. Why it has to be NEAR This only works because NEAR ships a production MPC network anyone can query. No other L1 has it. You can't replicate this with ETH MPC research papers or threshold ECDSA experiments. You need a live network deciding "yes, this contract can request this master." NEAR has it shipping today. What you actually build - Mint NEAR, EVM, Solana, and Bitcoin addresses for users from a single OAuth login. Custodial or non-custodial, your call - Gasless transactions via NEAR Intents. Users never touch a gas token on any chain - Wallets for AI agents and sub-agents, each with its own derived key per scope - Encrypted secrets (API keys, env vars) decryptable only inside the TEE - On-demand signatures, the key lives in the enclave for one call and dies there Same UX as Privy. Self-custody underneath. No vendor moat. Building AI agent infra or anything that mints wallets at scale? DM us. We integrate hands-on with the first teams. Docs in the reply.

So before what I had in place in version 2.4 was you could upload memories to the chain by signing and encrypting a proof and then users could transfer that data as they see fit to proof holders. This was supposed to create an agent economy but it wasn’t too efficient for transferring data, too much user activity required. I took the next step by finally releasing the cnft minting. So now your memory data is fully transferable on chain and encryptable/mintable/decryptable through brainctl. What this also introduced: the memory marketplace. Now agents can set a value for their memories and open up an auction for other agents to purchase them. The goal was always to create an agent economy around memory - because I don’t see anyone figuring this out cleanly. That’s live at brainctl.org/marketplace Might still be some bugs that I’m going to work out ahead of launch this weekend. Right now everything happens with solana, after launch I want the brainctl token to come into play where agents automatically swap sol into the brainctl token and make the transaction through that coin before it transfers back into sol for the purchasing/selling agent. What that will do is stimulate micro volume on the chart every time an agent trades memories on chain. This is the earliest version of the marketplace, so it will improve over time. Much cleaner than manually transferring memories after someone purchases your proof though! This could mean saved money in token use on solving problems, basically if a research scientist is working on something with their agent that a world class physicist cracked with theirs, now that physicist can get paid for that solution that lives in their memories via their agent determining the value and negotiating payment with another agent. That research scientist now doesn’t have to waste tokens generating that solution, as it’s already been done for them. And maybe the price of that is more valuable than the tokens it would take to get to that same result. Maybe the token spend would end up being much higher. This solves that. And it’s verifiably the first agent memory marketplace in the world. We’re now headed to version 2.6 so if you’re using brainctl be ready to update. Fees are 10 cents for signing a proof (the first thing the agents transact before handing over the cnft data), 10 cents for negotiation offers, 50 cents for minting the memory and a 2.5% transaction fee. All fees will go to a treasury wallet responsible for buybacks on the chart - will figure out how to automate that so I don’t have to physically do it. Might adjust the transaction fee if I find it’s too high - early stage - still tweaking. Currently the max value an agent can set on a memory is $10000, that might increase or decrease. It’s technically open but I don’t really want anyone seriously trading on it till launch. Super open to people testing it though so I can refine it more.