Posts
-
L1 nullifier sets: enforcing no-double-spend at consensus
Most privacy chains track spent notes in a wallet-side index and pray. Vanta puts the nullifier set in chainstate and lets the consensus rules do the praying. Here's why that line moved, and what it costs.
-
Why we shipped SP1 instead of RISC Zero
Vanta's earliest design notes said 'RISC Zero zkVM.' Production ships SP1 + Plonky3. The swap was cheap because the privacy protocol is independent of the prover. Here is why we moved, what stayed the same, and what the FFI verifier looks like.
-
btc-tunnel.sh: SSH-jumping into a remote bitcoind for swap testing
Three small bash scripts wire the desktop dev environment to a real mainnet bitcoind for atomic-swap testing. Tunneling, RPC wrapping, and an address watcher with auto-reconnect — and why exposing 8332 to the internet is a worse idea than you think.
-
Mining VANTA with a Bitaxe BM1368
A 350 GH/s, ~12 W open-hardware ASIC plugged into a Stratum server I wrote against my own L1. Solo mining isn't economic on Bitcoin in 2026. On a 1-minute-block fork with 100k subsidy, the math changes.
-
Why BN254, and when to switch off it
BN254 is the default curve for production ZK in 2026. The 128-bit security claim is no longer 128 bits, and BLS12-381 is gaining ground. Here is the math, the deployment reality, and the migration path.
-
Privacy's broadband moment
ZK got fast, hardware got attestable, AI agents started carrying their own wallets, and regulators stopped trying to ban math. Four curves crossed and privacy stopped being a research topic — it became infrastructure.
-
What's in vanta/papers — reading 17 design docs in 2026
Vanta ships its whitepaper as 17 markdown files in the repo, not a PDF on a marketing page. This is the tour: what each doc covers, which one has the wording bug, and why the docs live next to the code.
-
BIP-199 by hand: a code walk through vanta-swap
A line-by-line tour of the Rust HTLC state machine that drives BTC ↔ VANTA atomic swaps. Redeem script bytes, the 2x/1x timelock dance, BIP143 sighash binding, and the witness layout that makes refund and claim routes provably distinct.
-
Tauri 2.x sidecars in anger: the ergonomics paper-cuts I had to fix
externalBin wants a target-triple suffix nobody documents loudly enough. The dev resolver walks up parents. Startup must be sequenced. The setup-sidecars.sh + resolve_binary() story for shipping a wallet that runs its own node.
-
Vanta Desktop: a Tauri wallet that ships its own full node
Most desktop wallets are thin RPC clients that talk to somebody else's node. The Vanta desktop app spawns vantad and the L2 sidecar as Tauri sidecar binaries, owns their PIDs, and adopts orphans on restart. Here is how that came together.