Posts

3 Apr 2024

An npm supply-chain exploit that checks which packages you contribute to, then injects a malicious Rust binary into the next release.

28 Jul 2024

Using Rust to inject malicious code into npm packages. And hijack your entire node runtime.

6 May 2026

Series finale. Shor's algorithm breaks every elliptic-curve assumption F_RP currently rests on. The migration: lattice polynomial commitments (Brakedown/Orion), hash-based STARKs as universal backend, isogeny group actions for credentials.

27 Apr 2026

Theorem 7.3 — UPEE transactions resist sandwich/frontrun/liquidation MEV by construction. Theorem 7.4 — block MEV bounded by public-bit leakage, not transaction value. Independent of V, not super-linear.

18 Apr 2026

F_RP vs nine deployed privacy systems on the four axes that matter: relayer-free, Turing-complete, on-chain verifiable on a high-perf L1, low-trust setup.

10 Apr 2026

x402 amounts travel as JSON strings. "1000", "1e3", " 1000 ", "+1000", "01000" round-trip differently across implementations. Any disagreement between the facilitator's validator and Solana's transfer is monetisable.

1 Apr 2026

Concrete F_RP instantiation on Solana. Groth16 over BN254, Poseidon Merkle, indexed nullifier tree, BN254 Pedersen, transaction in 656 of 1,232 bytes, 235K of 1.4M CU.

23 Mar 2026

AI agents on x402 use programmatic keypairs and auto-approve every payment under a price threshold. A service that ramps prices upward slowly after trust is established drains the agent without ever tripping the threshold.

14 Mar 2026

F_RP Construction IV. The five-algorithm tuple Setup/Deploy/Invoke/Verify/Finalize plus the simulation-based privacy theorem (3.12) and self-sovereignty theorem (3.13). The composition that makes the whole thing deployable.

5 Mar 2026

F_RP Construction III, Approach C. Bayer-Groth verifiable shuffles obscure the input→output permutation of a batch with O(√n) proof size — used to cascade-mix pre-broadcast batches at the network layer.