cryptography

Great thread on mpc-tls

Sometimes there are better solutions than ZK 😉😎

@Euler__Lagrange @worldcoin @reclaimprotocol @OpacityNetwork Ah yes, now I remember that constraint - this is because of the HMAC, right? I think DECO did a lot of optimizing for the garbled circuit to stay under the limits but all that only for 3pc. 

So is there a way to get around? 

How about at the systems-level: Let's say you get…

@vanishree_rao @worldcoin @reclaimprotocol @OpacityNetwork I’ll respond with 2 replies.

&gt; I think DECO did a lot of optimizing for the garbled circuit to stay under the limits but all that only for 3pc. 

So anyone reading has clarity, handshake is 3-party, but the mpc is 2 party. Only thing server knows thats its slower than usual.…

EulerLagrange.eth - bank/acc (Hersh)

Great thread on mpc-tls

Sometimes there are better solutions than ZK 😉😎

https://x.com/euler__lagrange/status/1875046837708554434?s=46

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

/opacity
/eulerlagrange

> For the proxy architecture, some node signs what ciphertext they saw go through the pipe. This node can sign whatever they want.

can’t you restrict what proxy signs using TEEs?

TEE would solve that problem under that security assumption.

One thing to note is you can still fake proofs with a TEE without breaking the TEE.

You can configure the network adapter outside the TEE to route traffic through a malicious node that will swap out the transmission after the TEE signs.

https://x.com/euler__lagrange/status/1875616265441562996?s=46

Some tweets linked in this thread that explain

a common critique to the proxy mode zktls is connection hijacking.

very proud of one more layer of security to make it harder to fake a website when generating a proof on @reclaimprotocol; do read the blog!

expect many more 80-20s in the next few months!

security. ux. devx.

@zkJyu @Euler__Lagrange @_weidai @Clique2046 @kvny2046 @reclaimprotocol I am not well placed to answer 1/

2/ we use residential proxies

@madhavanmalolan @reclaimprotocol The main critique I’ve made is the additional attack surface opened by the use of residential proxies to bypass blocks.

Consumer apis often block AWS or otherwise commercial IPs.

I see no mention of that in the article. Given you’ve acknowledged you use residential proxies,…