Paul Miller pfp

Paul Miller

@paulm

29 Following
40775 Followers
Paul Miller pfp
Paul Miller
@paulm
Been working for the last 5 years on this. Specifically, no-deps JS cryptography. Low-deps eth libraries. Etc. noble cryptography on github.
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
A few updates: - Repos are now deployed to JSR.io and work in Deno / Bun. JSR auto-generates docs! - Tests run 5x faster with “micro-should” (400-line parallel ESM replacement for Jest) - A server is fuzzing noble for 8 hours every day. Code coverage stats have been added
4 replies
22 recasts
110 reactions
Paul Miller pfp
Paul Miller
@paulm
Url?
1 reply
0 recast
0 reaction
Paul Miller pfp
Paul Miller
@paulm
Some thoughts on how ETH can become quantum-resistant. There are lots of small tasks, but it seems quite doable. https://ethresear.ch/t/tidbits-of-post-quantum-eth/21296
3 replies
18 recasts
93 reactions
Paul Miller pfp
Paul Miller
@paulm
Correct
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
Fresh drop from australian NSA: “taking into account projected technological advances in quantum computing” - DH / ECDH / ECDSA will not be approved for use beyond 2030 - Also AES-128 and AES-192 - Also SHA-256 (!) - Also ML-KEM-768 / ML-DSA-65 (!!) https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-cryptography
3 replies
14 recasts
110 reactions
Paul Miller pfp
Paul Miller
@paulm
This is not true anymore since p2tr was added. P2tr has unhashed addreses which are raw public keys.
2 replies
0 recast
4 reactions
Paul Miller pfp
Paul Miller
@paulm
There are challenges in upgrading blockchains to be post-quantum safe, however, some of them seem easy. Most keys these days are generated from BIP39 mnemonics. Bip39 is pq-safe. We freeze all balances. To unfreeze, we ask users to generate a STARK proof which shows seedphrase is related to their address. After that funds are moved to a new system. Done. (https://ethresear.ch/t/how-to-hard-fork-to-save-most-users-funds-in-a-quantum-emergency/18901)
2 replies
56 recasts
223 reactions
Paul Miller pfp
Paul Miller
@paulm
What about his bsky censorship claims? Surely doesn’t look like something great.
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
@pmarca is right: Debanking is real. It’s also real outside of US. Because US policy affects the world. Especially if you’re in a mildly controversial business. Or if you have “high-risk” citizenship / residency. If that never happened to you, think how would your life change, if it does.
0 reply
9 recasts
38 reactions
sudo rm -rf --no-preserve-root / pfp
sudo rm -rf --no-preserve-root /
@pcaversaccio
For those who want to exercise their privacy rights and want to use an uncompromised Tornado Cash interface, here are some secure IPFS hashes: - bafybeicu2anhh7cxbeeakzqjfy3pisok2nakyiemm3jxd66ng35ib6y5ri - bafybeia7cu2axyyxsarmaemvlpdpofa4q23lzpltbl4jbrnfixdn573h4y - bafybeiduouhoquhndpzlqrhcfb7wt2jme7qdp4omldal3kulbx63dsrigq - bafybeiguelxw5aanwnhvaea5vjhknmcdmwvujne36wgabnkmcbt3563toa - bafybeiezldbnvyjgwevp4cdpu44xwsxxas56jz763jmicojsa6hm3l3rum https://x.com/iampaulgrewal/status/1861549058797772874
4 replies
22 recasts
100 reactions
Paul Miller pfp
Paul Miller
@paulm
Why 5 hashes? Shouldn’t it be just one?
1 reply
3 recasts
13 reactions
Paul Miller pfp
Paul Miller
@paulm
I am not an expert on post-quantum stuff. Hard to tell.
0 reply
0 recast
0 reaction
Paul Miller pfp
Paul Miller
@paulm
NIST wants to ban ECDSA in 2035. It is tight. HTTPS, messengers, cryptocurrencies and everyone else will need to move to new algorithms. Not all functionality is currently feasible in pq setting. Here’s an excerpt from noble-post-quantum on speed & key size in JS implementations.
3 replies
141 recasts
302 reactions
Paul Miller pfp
Paul Miller
@paulm
I complain about war on cash. It’s already useless in many countries with bans on large (10k+) transactions. Like, you can buy groceries and stuff, ok. The trend doesn’t seem to be reversible.
0 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
noble-ciphers got audited, while curves got their third audit. Thanks to OpenSats for funding & Cure53 for the work! PDF in repo. Contact me if you’re: - auditor (paid / unpaid) willing to review new open-source goods - willing to fund auditors https://github.com/paulmillr/noble-ciphers
1 reply
6 recasts
52 reactions
Paul Miller pfp
Paul Miller
@paulm
Vyper devs were dissapointed over this. They haven’t got ef funding while Fe is used by basically noone and received it.
0 reply
0 recast
3 reactions
Paul Miller pfp
Paul Miller
@paulm
Ethereum $130B staking contract was created using Tornado Cash. Torn has mostly been used for legit on-chain privacy. An example is the transaction by anon dev, deploying the contract. The repo rebuilds it using modern tech. Great for ZK education! https://github.com/nkrishang/tornado-cash-rebuilt https://etherscan.io/tx/0xe75fb554e433e03763a1560646ee22dcb74e5274b34c5ad644e7c0f619a7e1d0
0 reply
7 recasts
31 reactions
Paul Miller pfp
Paul Miller
@paulm
I would argue the “offline” tracking is not a big deal. One day of offline is the same as one day of rewards. It’s really small. It’s not like e.g. 30 days of rewards
1 reply
0 recast
1 reaction
Paul Miller pfp
Paul Miller
@paulm
People risk, running free TOR nodes. Even $1 per day would be enough to some people.
1 reply
0 recast
1 reaction