my most recent task has been building our agentic pentesting into a team. rather than one agent scanning your site, we'll soon have a swarm of them. they crawl in parallel, share intel on a shared blackboard, and chain each others findings into real exploits. one agent grabs a verified session, drops it on the board, another picks it up and pops an IDOR. an entire agentic red team. today i made that possible. vector used to render as one flat terminal log, which is criminal for the coolest thing i've ever built. so... i've built the war room. a live command deck, every agent is a card with its current move and turn count. you watch auth, xss, authz, ssrf and injection all working at once. the blackboard sits center stage and fills in real time as agents post sessions and confirmed bugs. every finding traces back to which agent found it and how the team chained it. sneak peek for the future, this will be used much further than pentesting clients one at a time. we will have the largest and most effective swarm of white-hat agents on the internet. i look forward to blowing you away.

call me fable the way I last 2 minutes

day 1 unemployed got a lot of shit done that normally would take several days. going to try my best to help everyone else who is building understand infrastructure along the way because if ur app is good and youre not hosting your stuff right you will get cooked. started with reposcan today, but with a full refactor. reposcan is already pretty big - we get tens of thousands of interactions every week. previously it was hosted on a single instance with trample protection using redis - no autoscaling, just a big container. handled the load fine but was bottlenecking the amount of concurrent scans we could run. chrome binaries suck... especially hosting them because of their high memory use. you can easily wreck your entire instance with a single OOM if you dont have proper health checks or alerts on outages. reposcan now uses the equivalent of k8s but on @flydotio - autoscaling worker pool in multiple regions, health checks, zero-downtime deploys. we are now seeing 6x the concurrent scan capacity. fewer crashed pages -> the model gets more context -> better accuracy. and i can ship mid-scan need be without killing anyone's run. tomorrow will be fun vector updates. vector will soon be able to learn on its own to say the least.

i have quit my job and am officially full-time zauth. this will be our most productive week in the past six months. as AI keeps advancing, we'll see a scary rise in smart contract exploits. nearly a billion dollars was lost to these exploits last year alone. it used to cost tens of thousands of dollars to build a custom contract. now it's a $100 claude subscription, but auditing hasn't moved. it's still priced and paced for the old world: too expensive, slow, and inaccessible to keep up. that gap is where the money gets stolen, and it's the gap we're closing. affordable, high-quality, autonomous smart contract auditing that moves at the speed AI ships code. smart contract owners will be able to audit their own contracts, and we'll also offer white-hat services. soon.

Smart contract auditing is coming to zauth. Like always, it will be the best this space has seen. You will have no excuse to not secure with zauth.

Stay safe 🔐 Now you can run an agentic security scan directly inside Noah with @zauth before going live. Full flow in the demo below 👇

Proud to announce that when you build with @TryNoahAI, you can run our agentic security scan before your site's live. AI carries ~2.7x the vulnerabilities of human code, big props to the team for taking security seriously. If your app has or will have users, it needs a pentest.

of course when trying to move our infra off of @Railway, @Cloudflare begins having problems. nice

The reason I love the idea of a tokenized startup is because there's a very tiny amount of companies in general that actually have the community we have at zauth. Most companies at our stage are begging for distribution, paying for reach, fighting to get anyone to care. If you scroll on our X, whenever we talk about our services, we get an immense amount of support. 2000 holders (and growing) are aligned with our success. This is why it's completely reasonable for us as a company to give 50% of our crypto revenue back to the community in some form. This is what a tokenized startup should look like. If the community is the reason we have distribution, support, and momentum that no other early startup has, then the community should share in what that creates. I fully believe that it's an extremely compelling narrative for investors, VCs, and individuals. Everyone is looking for the unfair advantage, the thing you can't copy. Ours is a community that is structurally aligned with our success and rewarded for it. Our future at zauth is blindingly bright, so much work ahead of us, it feels like we haven't even started.

Stake your tokens! Never would have imagined how far we'd come with zauth 5 months ago. Every single day we're reminded about how wide open and growing this vertical is. So much work to do, but we will see it done.

😵‍💫

every single application using @Railway, like mine, is down right now. this has been happening way too often. @zauthinc will be making a much needed migration shortly. we loved prototyping on railway but unfortunately its just not the same anymore. cyaaa

Quick update for everyone. Getting ready for our staking update on Tuesday - going to be a massive event for many reasons. This weekend I've put in egregious amounts of time into our UX - custom loading components, live SSEs for staking page, new slick dotmatrix number components that use a 7x9 grid (going for that cool old school dot matrix style) and most importantly - our smart contract. The smart contract is a really big deal. We are anticipating over half a million in TVL within a month, so no pressure, right? As I previously said, it will be immutable. Non upgradeable, meaning absolutely no upgrade authority. We are going for absolute maximum security with it - so there have been literally hundreds of edge cases that we have had to think through to bring it to life. Your staked tokens can only be moved by your wallet signature. Admin cannot access the stake vault - no backdoors, no admin withdrawals, no exceptions. You stake, you unstake. That's it. 1,573 lines of rust, 118 overflow-checked math operations, 10 test suites with 119 cases, tiered DPT ring buffer for our epoch-capped earnings every 2 months, and so so so much more. Once deployed, you'll be able to view the full program on Solscan - every instruction, every constraint, fully transparent and immutable.

Our repo analysis has crossed 1,000,000 uses spanning 14,820 repositories. AI flooded the internet with new code overnight. Hardly any of it is secured. We're changing that. Find our analysis on @TradingTerminal, @AzuraTrade, @gmgnai, @AxiomExchange, and @RickBurpBot.

zauth just beat a billion dollar competitor. It's sitting at a $5 million market cap. Take two minutes and read why I think this is one of the most bullish, scalable visions I've ever seen. AI agents are becoming the new layer of the internet. They move money. They write and deploy code. They make decisions at speeds humans can't supervise in real time. The infrastructure to actually secure that, to verify what agents are doing, to protect what they're touching, it barely exists. That's the canyon, and @zauthinc is building the bridge. In December, I began as an investor. After weeks of advising behind the scenes and realizing where this ship was going, I had a serious conversation with @willhasroot and became a cofounder. I've been in this space five years, and met a lot of incredible people. Will is by far the most talented and capable developer I've encountered. Not close. We both graduated college last year. While we have both, this isn't a story about youth or hunger. It's me telling you that we are spending the best years of our lives living, breathing, and sleeping zauth, because we see a billion dollar vision in front of us and we're not letting it go. Here's the insight that I keep coming back to: Security was never built for the small developer. Why would it be? Before AI, building a large functional product took thousands of dollars, weeks of time, and an entire team. That same product now takes a $200 subscription and a weekend. The largest growing cohort of developers in history exists right now, and almost none of them have real security tooling available to them. That's what we change. I've invested in thousands of projects, and have been fortunate enough to ride quite a few from <$1M to nine figures. I have never been this confident in something. Not even close. And the reason is simple. It is the most real business I've ever been a part of. It's relevant to Web3, but expands far beyond it. The security industry is worth 250 billion dollars and it's going to get flipped on its head. The opportunity in front of zauth is massive. The largest companies in the world have doubled down on our claim that AI security is the future. There is land for the taking. I don't think you can change your life putting a few thousand dollars into the S&P. I do think that possibility is real with zauth. This is not financial advice. I am a cofounder and investor. If you have any questions, feedback, or concerns about zauth, ask away. I am confident that if you take the time to do research on it, you will be as blown away as I was.

Hi everyone. I'm Will, most of you know me as zpointz. Over the past five months I've poured my heart into zauth. Everything between the videos you've seen and the finished product, that was all me. I'm grateful beyond words for the support and opportunity we've received so far. I am at a true inflection point in my life. I am 23 years old, just graduated college, five months into a six-figure engineering job... and I'm walking away from it. I am ready to make the jump and focus on something I am truly passionate about. Something I believe is going to change how the internet is built. zauth is a completely different company than it was when it first started. I created the initial product within 10 minutes of seeing a post from Coinbase about the x402 bazaar that tackled the problem of AI agents paying for x402 services that don't work. When I launched zauth in December, I began by testing every single x402 endpoint in the bazaar, spending thousands out of pocket on AI credits and x402 providers with no guarantee of any reward. That bet paid off in ways I never anticipated. A hackathon win, a community, and the foundation for the thousands of hours of work I’ve put in. None of it would have been possible without @pumpfun. Following our x402 discovery, I realized it was a symptom of a much larger problem: AI agents care about one thing, accomplishing a task. They don't care how they get there, and they ship code, move money, and make decisions with almost zero accountability for what they do wrong. After I finished our x402 database that now has 900,000 transactions processed and 2,700 endpoints tested and graded, I moved onto our second product and created RepoScan, which is now used by 5 (soon to be 6) of the largest trading terminals and bots within the crypto community and boasts 650,000 unique interactions and 27,000 repositories scanned. Seeing something you built that people can rely on, trust, and use on a daily basis… there's no better feeling. That feeling led to more inspiration, and the genesis of Vector, our agentic penetration testing suite. Black box, grey box, white box -- these represent different types of pentests, with black box being no code access, grey box being some, and white box being the full repo. We began with black box, which requires absolutely zero code access. Just point at a domain and shoot. Our black box model is finding higher levels of vulnerabilities at a fraction of the cost and time than our counterparts from a billion dollar security company, which uses white box testing with full repository access. 83% critical vulnerability detection rate compared to their 42% -- all with no code access. We've written a complete academic paper on this that we'll be making public soon. And now we're on the verge of releasing a monster with white box testing, using methodologies that aren't being used by leading security firms today, in hopes of making apps bulletproof to the core. Think about it this way: I built the first version of zauth in 10 minutes. People are shipping entire apps that fast now. If security can't move at the same speed, AI will find your exploits before you do. And it won't be on your side. What started as just me and 10 minutes is now three co-founders, 900,000 transactions processed, 27,000 repo scans, and a security product outperforming a billion dollar competitor. We're just getting started. I hope you'll follow along and join me. @zauthinc