Paul Miller pfp

Paul Miller

@paulm

29 Following
39821 Followers
Paul Miller pfp
Paul Miller
@paulm
Fresh drop from australian NSA: “taking into account projected technological advances in quantum computing” - DH / ECDH / ECDSA will not be approved for use beyond 2030 - Also AES-128 and AES-192 - Also SHA-256 (!) - Also ML-KEM-768 / ML-DSA-65 (!!) https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-cryptography
3 replies
8 recasts
77 reactions
Paul Miller pfp
Paul Miller
@paulm
This is not true anymore since p2tr was added. P2tr has unhashed addreses which are raw public keys.
2 replies
0 recast
4 reactions
Paul Miller pfp
Paul Miller
@paulm
There are challenges in upgrading blockchains to be post-quantum safe, however, some of them seem easy. Most keys these days are generated from BIP39 mnemonics. Bip39 is pq-safe. We freeze all balances. To unfreeze, we ask users to generate a STARK proof which shows seedphrase is related to their address. After that funds are moved to a new system. Done. (https://ethresear.ch/t/how-to-hard-fork-to-save-most-users-funds-in-a-quantum-emergency/18901)
2 replies
64 recasts
353 reactions
Paul Miller pfp
Paul Miller
@paulm
What about his bsky censorship claims? Surely doesn’t look like something great.
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
@pmarca is right: Debanking is real. It’s also real outside of US. Because US policy affects the world. Especially if you’re in a mildly controversial business. Or if you have “high-risk” citizenship / residency. If that never happened to you, think how would your life change, if it does.
0 reply
8 recasts
59 reactions
sudo rm -rf --no-preserve-root / pfp
sudo rm -rf --no-preserve-root /
@pcaversaccio
For those who want to exercise their privacy rights and want to use an uncompromised Tornado Cash interface, here are some secure IPFS hashes: - bafybeicu2anhh7cxbeeakzqjfy3pisok2nakyiemm3jxd66ng35ib6y5ri - bafybeia7cu2axyyxsarmaemvlpdpofa4q23lzpltbl4jbrnfixdn573h4y - bafybeiduouhoquhndpzlqrhcfb7wt2jme7qdp4omldal3kulbx63dsrigq - bafybeiguelxw5aanwnhvaea5vjhknmcdmwvujne36wgabnkmcbt3563toa - bafybeiezldbnvyjgwevp4cdpu44xwsxxas56jz763jmicojsa6hm3l3rum https://x.com/iampaulgrewal/status/1861549058797772874
4 replies
22 recasts
109 reactions
Paul Miller pfp
Paul Miller
@paulm
Why 5 hashes? Shouldn’t it be just one?
1 reply
3 recasts
13 reactions
Paul Miller pfp
Paul Miller
@paulm
I am not an expert on post-quantum stuff. Hard to tell.
0 reply
0 recast
0 reaction
Paul Miller pfp
Paul Miller
@paulm
NIST wants to ban ECDSA in 2035. It is tight. HTTPS, messengers, cryptocurrencies and everyone else will need to move to new algorithms. Not all functionality is currently feasible in pq setting. Here’s an excerpt from noble-post-quantum on speed & key size in JS implementations.
3 replies
184 recasts
446 reactions
Paul Miller pfp
Paul Miller
@paulm
I complain about war on cash. It’s already useless in many countries with bans on large (10k+) transactions. Like, you can buy groceries and stuff, ok. The trend doesn’t seem to be reversible.
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
noble-ciphers got audited, while curves got their third audit. Thanks to OpenSats for funding & Cure53 for the work! PDF in repo. Contact me if you’re: - auditor (paid / unpaid) willing to review new open-source goods - willing to fund auditors https://github.com/paulmillr/noble-ciphers
1 reply
13 recasts
94 reactions
Paul Miller pfp
Paul Miller
@paulm
Vyper devs were dissapointed over this. They haven’t got ef funding while Fe is used by basically noone and received it.
0 reply
0 recast
3 reactions
Paul Miller pfp
Paul Miller
@paulm
Ethereum $130B staking contract was created using Tornado Cash. Torn has mostly been used for legit on-chain privacy. An example is the transaction by anon dev, deploying the contract. The repo rebuilds it using modern tech. Great for ZK education! https://github.com/nkrishang/tornado-cash-rebuilt https://etherscan.io/tx/0xe75fb554e433e03763a1560646ee22dcb74e5274b34c5ad644e7c0f619a7e1d0
0 reply
12 recasts
60 reactions
Paul Miller pfp
Paul Miller
@paulm
I would argue the “offline” tracking is not a big deal. One day of offline is the same as one day of rewards. It’s really small. It’s not like e.g. 30 days of rewards
1 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
People risk, running free TOR nodes. Even $1 per day would be enough to some people.
1 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
I wouldn’t name names, but this is not “core devs”, just exec(s) of popular eth projects.
0 reply
0 recast
0 reaction
Paul Miller pfp
Paul Miller
@paulm
If you haven’t started with something, there could have been no this lib.
0 reply
0 recast
0 reaction
Paul Miller pfp
Paul Miller
@paulm
Kinda sad there are people working on eth who think Tornado should be shut down due to crime. Even though most of its usage is legitimate privacy, which cannot be reliably achieved in other methods. Anti privacy ethos all the way.
1 reply
41 recasts
197 reactions
Paul Miller pfp
Paul Miller
@paulm
New release of JS eth-signer is out. A lot of new features have been added: - EIP-7702 AA transactions - EIP-4844 KZG implementation in pure JS - EIP-712 / EIP-191 message signing - EIP-7495 SSZ stable container https://github.com/paulmillr/micro-eth-signer
1 reply
62 recasts
202 reactions
Paul Miller pfp
Paul Miller
@paulm
Still smells like bs.
0 reply
0 recast
0 reaction