# Skill Issue Dev | Dax the Dev > I'm a Nuclear Engineer turned Software Engineer. I'm passionate about learning and sharing my knowledge with others. I'm currently working on a few projects and I'm always looking for new opportunities to learn and grow. ## Posts - [The post-quantum migration path: lattice commitments, STARK wrapping, isogeny credentials](https://blog.skill-issue.dev/blog/post_quantum_relayerless_path/): Series finale. Shor's algorithm breaks every elliptic-curve assumption F_RP currently rests on. The migration: lattice polynomial commitments (Brakedown/Orion), hash-based STARKs as universal backend, isogeny group actions for credentials. - [MEV resistance: why UPEE is sandwich-proof by construction](https://blog.skill-issue.dev/blog/mev_resistance_in_private_execution/): Theorem 7.3 — UPEE transactions resist sandwich/frontrun/liquidation MEV by construction. Theorem 7.4 — block MEV bounded by public-bit leakage, not transaction value. Independent of V, not super-linear. - [F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero](https://blog.skill-issue.dev/blog/f_rp_vs_existing_privacy_systems/): F_RP vs nine deployed privacy systems on the four axes that matter: relayer-free, Turing-complete, on-chain verifiable on a high-perf L1, low-trust setup. - [Fitting F_RP in 656 bytes on Solana](https://blog.skill-issue.dev/blog/solana_instantiation_656_bytes/): Concrete F_RP instantiation on Solana. Groth16 over BN254, Poseidon Merkle, indexed nullifier tree, BN254 Pedersen, transaction in 656 of 1,232 bytes, 235K of 1.4M CU. - [UPEE: composing SPST + PPST + TAB into one framework](https://blog.skill-issue.dev/blog/upee_universal_private_execution/): F_RP Construction IV. The five-algorithm tuple Setup/Deploy/Invoke/Verify/Finalize plus the simulation-based privacy theorem (3.12) and self-sovereignty theorem (3.13). The composition that makes the whole thing deployable. - [Bayer-Groth verifiable shuffles for network-layer privacy](https://blog.skill-issue.dev/blog/verifiable_shuffles_for_privacy/): F_RP Construction III, Approach C. Bayer-Groth verifiable shuffles obscure the input→output permutation of a batch with O(√n) proof size — used to cascade-mix pre-broadcast batches at the network layer. - [TAB: hiding the submitter with ring signatures and FROST](https://blog.skill-issue.dev/blog/tab_threshold_anonymous_broadcast/): F_RP Construction III. ZK proofs hide the contents but the wrapping Solana tx still leaks the submitter pubkey. TAB closes that gap with a Fujisaki-Suzuki ring signature and a FROST threshold Schnorr over Ed25519. - [On the death of the trusted setup](https://blog.skill-issue.dev/blog/on_the_death_of_the_trusted_setup/): Universal SRS, transparent FRI, and why Groth16's per-circuit ceremony feels anachronistic in 2026 — even when, as ZERA does, you're still using one. A history of the ceremonies that worked, the ones that didn't, and what comes next. - [WASM-native proving for ZK SDKs: an SDK author's take](https://blog.skill-issue.dev/blog/wasm_native_proving_sdk_authors_take/): Why zera-sdk ships native Rust on Node and snarkjs in the browser — and what it would actually cost to ship a WASM-compiled Rust prover for the browser path. A design post about the dual-target build pipeline. - [Plonky3, the small-fast-cheap revolution](https://blog.skill-issue.dev/blog/plonky3_small_fast_cheap/): Why plonky3 — small fields, FRI commitments, no trusted setup — is the proof system to watch in 2026. The Mersenne31 / BabyBear / Goldilocks landscape, the FRI folding step, and why your laptop is suddenly a viable prover. - [Recursive proof composition without the abyss: Halo to Nova](https://blog.skill-issue.dev/blog/recursive_proofs_halo_to_nova/): The path from Halo's accumulation scheme to Nova's folding scheme, derived from the recurrence relation. Where Halo2, Nova, SuperNova, and HyperNova actually differ, and which one to reach for in 2026. - [PPST: extending SPST to arbitrary private computation](https://blog.skill-issue.dev/blog/ppst_private_programmable_state/): F_RP Construction II. Generalises SPST to private programmable state: arbitrary arithmetic circuits over committed pre/post-state, with R1CS-embedded program execution and atomic PPST-SPST composition. - [Halo2 in 2026: what changed since the Zcash era](https://blog.skill-issue.dev/blog/halo2_in_2026_what_changed/): A survey of the Halo2 ecosystem six years after the Zcash team published it — what stayed the same (PLONKish, lookups, IPA), what evolved (KZG, gadget libraries, fork landscape), and what we ship today. - [From sailor to CEO in three acts](https://blog.skill-issue.dev/blog/sailor_to_ceo_three_acts/): A short memoir of a strange decade — Navy reactor compartments, a bitcoin mine, ConsenSys-USAA-PMG, and the arc that ended at Zera Labs. The interesting question is not how I got here. It is where everyone else is going. - [SPST: a self-paying shielded transaction model](https://blog.skill-issue.dev/blog/spst_self_paying_shielded_transactions/): First construction in F_RP. The SPST relation, balance conservation under DLOG, double-spend resistance under collision-resistant PRF, unlinkability under DDH, simulation-extractable non-malleability. - [Circom, by example](https://blog.skill-issue.dev/blog/circom_by_example/): A DSL primer told through one circuit — proving knowledge of a Poseidon pre-image. Every Circom keyword annotated as it appears, the constraint graph drawn out, and the R1CS fall-through to a witness. - [Proving in the browser, by the numbers](https://blog.skill-issue.dev/blog/proving_in_the_browser_by_the_numbers/): What is actually feasible inside a browser tab in 2026 — Groth16 prover times for Poseidon, Range, and Merkle circuits, the WASM threading story, and where the main thread stops being a viable home for your prover. - [Merkle inclusion proofs over compressed account state on Solana](https://blog.skill-issue.dev/blog/merkle_inclusion_compressed_solana/): How a 32-byte hash and a logarithmic path replace a multi-kilobyte account. Walk the tree-height math, the Light Protocol compressed-account model, and an inclusion-proof construction you can run in Node. - [The fee paradox: why every smart-contract privacy mixer needs a relayer](https://blog.skill-issue.dev/blog/the_fee_paradox/): On account-model chains the very act of paying a transaction fee deanonymises the recipient. This post formalises the paradox, walks through three resolutions, and sets up the SPST construction that resolves it inside the ZK proof itself. - [Relayerless privacy on a Turing-complete L1: an intro to F_RP](https://blog.skill-issue.dev/blog/relayerless_privacy_intro/): A series-opening map of the relayerless full-privacy framework I've been writing up. Five cryptographic games, four constructions (SPST, PPST, TAB, UPEE), one main theorem — and why it matters that the target chain is Solana. - [Cross-compiling vantad for darwin: Apple Silicon, sign + notarise](https://blog.skill-issue.dev/blog/vanta_darwin_apple_silicon_build/): Shipping vantad as a notarised Mac binary inside a Tauri app meant fixing libconsensus link order, building Rust release with the right target triple, signing every sidecar, and stapling the DMG separately. The notes from the trenches. - [Vanta Desktop: a Tauri wallet that ships its own full node](https://blog.skill-issue.dev/blog/vanta_desktop_tauri_wallet/): Most desktop wallets are thin RPC clients that talk to somebody else's node. The Vanta desktop app spawns vantad and the L2 sidecar as Tauri sidecar binaries, owns their PIDs, and adopts orphans on restart. Here is how that came together. - [The vanta sidecar: how a Rust ZK indexer talks to a C++ Bitcoin node](https://blog.skill-issue.dev/blog/vanta_sidecar_architecture/): vantad is C++. The ZK index is Rust. They cooperate over RPC and a REST API, with the C++ verifier linked statically through libvanta_verifier.a. Here is the audit-surface trade we made and what the sidecar actually does. - [Why we shipped SP1 instead of RISC Zero](https://blog.skill-issue.dev/blog/vanta_sp1_zkvm_circuits/): Vanta's earliest design notes said 'RISC Zero zkVM.' Production ships SP1 + Plonky3. The swap was cheap because the privacy protocol is independent of the prover. Here is why we moved, what stayed the same, and what the FFI verifier looks like. - [Tauri 2.x sidecars in anger: the ergonomics paper-cuts I had to fix](https://blog.skill-issue.dev/blog/vanta_tauri_ergonomics/): externalBin wants a target-triple suffix nobody documents loudly enough. The dev resolver walks up parents. Startup must be sequenced. The setup-sidecars.sh + resolve_binary() story for shipping a wallet that runs its own node. - [Vanta: a Bitcoin fork with ZK at consensus](https://blog.skill-issue.dev/blog/vanta_zk_privacy_l1/): 42 billion supply. 1-minute blocks. RISC Zero proofs verified at consensus. The opinionated answer to 'why fork Bitcoin in 2026?' is that you're not really forking Bitcoin — you're shipping a different L1 that has Bitcoin's surface area. - [Poseidon, by hand and by code](https://blog.skill-issue.dev/blog/poseidon_by_hand_and_by_code/): Why one of the cheapest hashes in zero-knowledge cryptography also has the strangest insides. Derive the S-box, count the constraints, and run a 30-line implementation in the browser. - [Stuck Sell, Post-Graduation: Fixing a Trapped-Funds Bug Without a Redeploy](https://blog.skill-issue.dev/blog/stuck_sell_post_grad/): A graduated launchpad token left users unable to sell. Fix shipped without redeploying the program: a frontend conversion path that withdraws SPL, compresses, then sells through the AMM. - [Being CEO and still shipping code](https://blog.skill-issue.dev/blog/being_ceo_and_still_shipping_code/): The CTO-vs-CEO false dichotomy, why I still review every PR that touches the SDK core, and how I use Claude Code plus an MCP server over my own writing to keep technical leverage as the company grows. - [btc-tunnel.sh: SSH-jumping into a remote bitcoind for swap testing](https://blog.skill-issue.dev/blog/vanta_btc_tunnel_dev_environment/): Three small bash scripts wire the desktop dev environment to a real mainnet bitcoind for atomic-swap testing. Tunneling, RPC wrapping, and an address watcher with auto-reconnect — and why exposing 8332 to the internet is a worse idea than you think. - [Block explorers for privacy chains: a Rust indexer for vanta](https://blog.skill-issue.dev/blog/vanta_explorer_rust_indexer/): Patching btc-rpc-explorer got us to 'works.' Then we wrote vanta-explorer in Rust + React: an Axum backend, SQLite indexer, and a SPA that renders shielded transfers as opaque commitments without lying about what it knows. - [iroh in production: encrypted-note gossip on a 1-minute-block chain](https://blog.skill-issue.dev/blog/vanta_iroh_gossip_in_production/): Why vanta-node uses iroh-gossip for L2 P2P instead of libp2p, what the topic + ALPN setup actually looks like, the GossipMessage shape, and the saturating-decrement bug that taught me an event ordering lesson. - [L1 nullifier sets: enforcing no-double-spend at consensus](https://blog.skill-issue.dev/blog/vanta_l1_nullifier_set/): Most privacy chains track spent notes in a wallet-side index and pray. Vanta puts the nullifier set in chainstate and lets the consensus rules do the praying. Here's why that line moved, and what it costs. - [What's in vanta/papers — reading 17 design docs in 2026](https://blog.skill-issue.dev/blog/vanta_papers_design_doc_tour/): Vanta ships its whitepaper as 17 markdown files in the repo, not a PDF on a marketing page. This is the tour: what each doc covers, which one has the wording bug, and why the docs live next to the code. - [Private atomic swaps and the price-discovery problem](https://blog.skill-issue.dev/blog/vanta_private_atomic_swaps/): BTC ↔ VANTA atomic swaps via HTLC are the easy part. If the VANTA leg is shielded, no observer can compute the rate, and no rate means no public price. Walking through six designs and the hybrid recommendation in vanta/planning. - [BIP-199 by hand: a code walk through vanta-swap](https://blog.skill-issue.dev/blog/vanta_swap_htlc_walkthrough/): A line-by-line tour of the Rust HTLC state machine that drives BTC ↔ VANTA atomic swaps. Redeem script bytes, the 2x/1x timelock dance, BIP143 sighash binding, and the witness layout that makes refund and claim routes provably distinct. - [The unified dashboard: collapsing private and transparent into one wallet view](https://blog.skill-issue.dev/blog/vanta_unified_dashboard_wallet_ui/): Two pages — one for private balance, one for transparent — taught users to think in two heads. The 2026-04-17 commit folded them. The wallet now shows one balance, one feed, with the privacy boundary inside the data, not the URL. - [The vanta wallet HTTP API: an Axum bridge to vantad RPC](https://blog.skill-issue.dev/blog/vanta_wallet_axum_api/): Before the Tauri desktop wallet there was an Axum web wallet. It is a five-route Rust service that wraps vantad's JSON-RPC and serves a single static page. Boring on purpose — and the boring is the point. - [Stratum v1, the from-scratch Python version](https://blog.skill-issue.dev/blog/vanta_stratum_python_pool/): Solo mining Vanta requires a Stratum server. Public-pool is fine for normal chains; mandatory privacy pushes the pool toward shielded coinbases, encrypted-note submission, and an L2 retry queue. pool/stratum_server.py does it all in stdlib Python. - [Mining VANTA with a Bitaxe BM1368](https://blog.skill-issue.dev/blog/mining_vanta_with_a_bitaxe/): A 350 GH/s, ~12 W open-hardware ASIC plugged into a Stratum server I wrote against my own L1. Solo mining isn't economic on Bitcoin in 2026. On a 1-minute-block fork with 100k subsidy, the math changes. - [Why BN254, and when to switch off it](https://blog.skill-issue.dev/blog/why_bn254_and_when_to_switch/): BN254 is the default curve for production ZK in 2026. The 128-bit security claim is no longer 128 bits, and BLS12-381 is gaining ground. Here is the math, the deployment reality, and the migration path. - [Privacy's broadband moment](https://blog.skill-issue.dev/blog/privacys_broadband_moment/): ZK got fast, hardware got attestable, AI agents started carrying their own wallets, and regulators stopped trying to ban math. Four curves crossed and privacy stopped being a research topic — it became infrastructure. - [Generating mempool with a Rust txbot](https://blog.skill-issue.dev/blog/vanta_txbot_synthetic_mempool/): Empty blocks lie. A new chain whose miners are mining empty templates is not exercising any of the code that fails in production. The txbot is a 200-line Rust loop that round-robins coins through 114 addresses to keep mempool honest. - [Latitude bare-metal primary, Fly.io backup: the deploy story for a 1-min-block chain](https://blog.skill-issue.dev/blog/vanta_flytoml_latitude_baremetal/): Vanta v1 went LIVE on a Latitude bare-metal box at 64.34.82.145:9333 with a Fly.io seed fleet as auto-failover. Why a 1-min-block chain hates cold starts, what the fly.toml has to say about it, and the cost math that picks bare metal. - [The MCP server inside zera-sdk](https://blog.skill-issue.dev/blog/mcp_server_inside_zera_sdk/): Most SDKs ship as a library. zera-sdk also ships as a Model Context Protocol server. Here is why an AI agent should be able to call shielded-pool primitives directly, and how we keep that interface from becoming a footgun. - [Range proofs in 80 lines: Pedersen commitments and a tiny Bulletproof](https://blog.skill-issue.dev/blog/range_proofs_in_80_lines/): How a Bulletproof actually compresses a range proof to logarithmic size. Derive the inner-product argument from scratch, run a toy prover/verifier in the browser, and pick the right range-proof primitive for 2026. - [Nullifiers without the witchcraft](https://blog.skill-issue.dev/blog/nullifiers_without_witchcraft/): Nullifier Generation is on the ZERA front page next to Pedersen Commitments and Zero-Knowledge Proofs. The Rust + TypeScript implementations are six lines apiece. Here is what they actually do, and why the design borrows from Zcash. - [Pedersen commitments, in production](https://blog.skill-issue.dev/blog/pedersen_commitments_in_production/): ZERA marketing says "Pedersen Commitments" on the cryptography page. The SDK ships Poseidon. Both are right — and the gap between them is the whole story of what shipping ZK in 2026 actually looks like. - [144 Tests and a Surfpool Devnet](https://blog.skill-issue.dev/blog/zera_sdk_test_suite/): How the Zera SDK got from "scaffolded" to "trustable" — a 144-test Vitest suite, a Surfpool-forked devnet running on a Latitude box, and a quickstart that actually works. - [Building the ZERA Wallet for desktop, iOS, and Android](https://blog.skill-issue.dev/blog/zera_wallet_three_platforms/): Three platforms, one shielded pool, one design system. The trade-offs of building a wallet that has to feel like cash on a phone, like a tool on a laptop, and the same on both. - [Zera Wallet v3: ZK Proofs in a Tauri Webview](https://blog.skill-issue.dev/blog/zera_wallet_v3_zkp/): A Tauri 2 desktop wallet that proves Groth16 in the browser, persists encrypted notes locally, talks NFC to physical bearer cards, and never lets the private key out of Rust. - [Building the Zera SDK: Day One](https://blog.skill-issue.dev/blog/zera_sdk_scaffolding/): Sixteen commits in fourteen minutes. The first day of the @zera-labs/sdk monorepo — Rust core via neon-rs, TypeScript scaffolding, Poseidon, Merkle trees, ZK provers, and an MCP server for AI agents. - [Cruiser: A Tauri Hookup App on iroh, Geohash-Bucketed Presence, and Why P2P Dating Is Actually Fine](https://blog.skill-issue.dev/blog/cruiser_iroh_gossip_p2p/): A Tauri 2 + React + iroh-gossip dating app where peers find each other by geohash, broadcast presence on a topic-per-bucket, and DM each other with consent signals — all without a central server. The architecture is the product. - [Why I started Zera Labs](https://blog.skill-issue.dev/blog/why_i_started_zera_labs/): Three things became true in the same year — ZK got fast enough, Solana got cheap enough, and AI agents needed verifiable money. Sitting at the intersection felt like a ship date, not a thesis. - [Prediction Markets, LP Locks, and an Admin Page That Doesn’t Suck](https://blog.skill-issue.dev/blog/prediction_markets_admin/): How I bolted CPMM prediction markets onto ZeraSwap, locked LP for graduated tokens, and built a 5-tab admin panel before the first malicious actor showed up. - [Five Commits to Get an OG Image Out of a Cloudflare Worker](https://blog.skill-issue.dev/blog/og_pngs_cf_workers/): A 24-minute slog where I got dynamic OG PNG generation to work on Cloudflare Pages Functions. The bug is WebAssembly. The fix is a build-time WASM import. - [ZeraSwap: An AMM for Compressed Tokens](https://blog.skill-issue.dev/blog/zeraswap_compressed_amm/): Initial commit of the first compressed-token AMM on Solana — Anchor program, x*y=k math, SOL/cToken pairs, and the cyberpunk launchpad UI that grew up around it. - [ZK-FHIR: A Medical Demo That Doesn’t Leak Patients](https://blog.skill-issue.dev/blog/zera_med_zk_fhir/): Building a RISC Zero zkVM gateway for FHIR-shaped medical records — proofs over private patient data, zero-knowledge insurance claims, and HIV/STI compartmentalization. - [A Privacy Demo That Works on a Phone: Mobile Drawer, HUD Offsets, and Real Breach Data](https://blog.skill-issue.dev/blog/zera_med_responsive_hud/): Bolting a mobile drawer onto the Zera Med ZK-FHIR demo without breaking the desktop sidebar, fixing AnimatePresence warnings, and updating PrivacyChallenge with 2024-2025 breach data. - [Zera Janitor: Closing Solana Dust Accounts in Leptos WASM](https://blog.skill-issue.dev/blog/zera_janitor_leptos_wasm/): A Solana program + Leptos 0.7 frontend that scans your wallet for empty SPL token accounts, batches up to 25 closes per transaction via CPI, and pays you back 95% of the rent. The fee path is the actual interesting part. - [Rebranding to m0n3y and Writing Crypto Docs Like You're 10](https://blog.skill-issue.dev/blog/m0n3y_eli5_rebrand/): The DAXSO → M0N3Y rebrand commit, the burn-to-earn explainer for degens, and an ELI10 walk-through of zk-shielded notes that does not mention the word "circuit" once. - [Empowering Local Crypto Advocacy](https://blog.skill-issue.dev/blog/congress_crypto/): - [m0n3y: Naming a Dream](https://blog.skill-issue.dev/blog/m0n3y_naming_a_dream/): The docs site that came before the code. Looking back at the m0n3y-web init commit and the voting proposal that was supposed to fix DAO whales. - [TW-TVV: Why Token-Quantity Voting Is Broken, and the Math I Tried to Fix It With](https://blog.skill-issue.dev/blog/m0n3y_tw_tvv_governance/): A full walk-through of the Time-Weighted Tiered Value Voting proposal I drafted for $M0N3Y in 2025. Five tiers, time multipliers, log-scaled volume, and why every variable in the formula is a knob fighting a different attack. - [Building A Better Cryptocurrency: What We Should Have Done](https://blog.skill-issue.dev/blog/a_better_crypto/): A technical proposal for a truly decentralized digital cash system - [Listening to the Bluesky Firehose for Accidental Haikus](https://blog.skill-issue.dev/blog/bsky_haiku_firehose/): A Rust firehose listener that decodes ATProto CAR frames live, runs whatlang + syllarust on every English post, and saves the ones that scan as 5-7-5 haikus to disk. There were a lot of haikus. - [You are thinking about AI wrong.](https://blog.skill-issue.dev/blog/rethink_ai/): We have had how many decades of Science Fiction to prepare us for the future of AI, and yet we are still thinking about it wrong. - [Rusty Pipes Exploit](https://blog.skill-issue.dev/blog/rusty_pipes_exp/): Using Rust to inject malicious code into npm packages. And hijack your entire node runtime. - [Youtube Wasting Money on Fake Livestreams](https://blog.skill-issue.dev/blog/ways_to_burn_money_at_google/): One of the biggest ways YouTube is wasting its money is promoting scam and spam prerecorded livestreams. - [Hungry Git: A Quick Guide to Hacking Orgs and Bots](https://blog.skill-issue.dev/blog/hacking_bots/): Recently more and more people are talking about how insecure GitHub is. This article will show you how to exploit GitHub organizations and bots to get what you want. - [What running a Bitcoin mine taught me about cloud margins](https://blog.skill-issue.dev/blog/what_running_a_bitcoin_mine_taught_me/): A short stint at Foundry Digital running ASIC fleets, immersion vs. air, the depreciation curve, and the brutal arithmetic of difficulty adjustments — and why I never stopped thinking like an operator after I went back to writing software. - [Nuclear reactors taught me to ship software](https://blog.skill-issue.dev/blog/nuclear_reactors_taught_me_to_ship/): Watchstanding, casualty drills, and pre-task briefs map onto code review, on-call, and disaster recovery more cleanly than any management book I have ever read. - [process-thing: An LSB Watermarker for upload-thing, Written in Rust via Neon](https://blog.skill-issue.dev/blog/process_thing_lsb_watermark/): A Rust npm package that embeds invisible watermarks in the least significant bit of every red channel pixel. Built for upload-thing image preprocessing. Cross-compiled for 7 platforms. The README is one paragraph. - [Rust in Peace: How to Hijack Node.js with a Single Require](https://blog.skill-issue.dev/blog/rusty_pipes_building_supply_chain_malware_for_npm/): Discover how to exploit the Node.js ecosystem with Rust-based supply chain malware. Learn about the vulnerabilities in npm packages and how a single require line can compromise JavaScript projects. Explore security measures to prevent such attacks. - [The Difference Between Publishers and Developers](https://blog.skill-issue.dev/blog/skg_fixes/): Alot of the time whenever gamers have a problem they blame the developers. But who are they really mad at? Time to take a breath and actually learn who is doing what to whom and how often. - [Stop Killing Games: A Pricing thought Experiment](https://blog.skill-issue.dev/blog/stop_killing_games_a_pricing_thought_experiment/): After talking with industry and business professionals a very interesting example or better yet expectation of what will happen was put forward by people in business. - [The Flaws of the #StopKillingGames Initiative: A Developer’s Perspective](https://blog.skill-issue.dev/blog/stop_killing_games/): Surprise, I am not a fan of the Stop Killing Games initiative. It is a flawed approach to addressing the issues in the gaming industry. Let me explain why. - [Origins of Foo and Bar](https://blog.skill-issue.dev/blog/origins_of_foo_and_bar/): Foo and Bar where did they come from? - [What is RISC V](https://blog.skill-issue.dev/blog/what_is_risc_v/): What is RISC V, why is it so cool? Why is it so important? - [Embedded AI](https://blog.skill-issue.dev/blog/embedded_ai/): Unlocking the potential of the Milk-V Duo with embedded AI and Linux-based interrupt handling - [Rusty Pipes](https://blog.skill-issue.dev/blog/rusty_pipes/): An npm supply chain exploit that checks for what packages you contribute to then injects a malicious rust binary into the next release. - [Developers in the Job Market](https://blog.skill-issue.dev/blog/developers_in_the_job_market/): Recent studies reveal an alarming increase in fake job postings. This article explores the economic implications of fake job postings and the challenges faced by job seekers in the current market. - [Rust Type Abuse for Beginners](https://blog.skill-issue.dev/blog/rust_type_abuse_for_beginners/): Explore some simple type system abuse and hacks to get used to the Rust model and syntax of Types - [Abusing Ts Type System](https://blog.skill-issue.dev/blog/abusing_ts_type_system/): Dive into the world of TypeScript and explores the fascinating aspect of the `Exclude` utility type. - [Introducing the Milk V](https://blog.skill-issue.dev/blog/introducing_milkv/): Milk-V Duo is an ultra-compact embedded development platform. It can run Linux and RTOS, providing a reliable, low-cost, and high-performance platform for professionals, industrial ODMs, AIoT enthusiasts, DIY hobbyists, and creators. - [Nix-flakes and Bun](https://blog.skill-issue.dev/blog/nixos_bunjs/): Small update to my development flow and focus. How to get up and running with Bun.js in NixOS. - [How Random is a Local LLM? A Rust Benchmark with Redis](https://blog.skill-issue.dev/blog/ai37_llm_random_numbers/): A Rust harness that asks Ollama models for "a random number between 1 and 100" thousands of times, parses every response with regex, stores results in Redis, and pits them against a real RNG. Spoiler: 42 wins. - [Blazingly Fast Drinks: A Repo I Made For The Bit](https://blog.skill-issue.dev/blog/glug_blazingly_fast_drinks/): A Clerk + Next.js + Expo turborepo I called "glug" with the description "Blazingly Fast Drinks". The README never mentioned drinks. The repo description carried the entire joke. ## About - [About Dax the Dev](https://blog.skill-issue.dev/about)