HackerTrans
TopNewTrendsCommentsPastAskShowJobs

baby

15,215 karmajoined 16 yıl önce
cryptologie.net

Submissions

Zk.golf: Fearless and Collaborative Optimization of Circuits

blog.zksecurity.xyz
4 points·by baby·9 gün önce·2 comments

Explainer of the most widely used zero-knowledge proof system

blog.zksecurity.xyz
3 points·by baby·geçen ay·0 comments

Breaking Jolt's Verifier with an Unbound Uni-Skip Claim

blog.zksecurity.xyz
2 points·by baby·2 ay önce·0 comments

Groth16, Intuitively

blog.zksecurity.xyz
8 points·by baby·2 ay önce·0 comments

The Final Form of Software Development

blog.zksecurity.xyz
7 points·by baby·2 ay önce·1 comments

Sum-Check as an Algebraic Tensor Reduction: Part I

blog.zksecurity.xyz
2 points·by baby·2 ay önce·0 comments

Ghostmd: Ghostty but for Markdown Notes

mimoo.github.io
24 points·by baby·4 ay önce·44 comments

Lean4 Formalization of "A Simplified Round-by-Round Soundness Proof of Fri"

blog.zksecurity.xyz
1 points·by baby·5 ay önce·0 comments

Techpants.io

techpants.io
3 points·by baby·9 ay önce·0 comments

Feds say 100k-card farms could have killed cell towers in NYC near the UN

theregister.com
3 points·by baby·10 ay önce·3 comments

Ask HN: Is America Going to Become an Autocracy?

59 points·by baby·10 ay önce·51 comments

Supply chain attacks are the new big thing (2022)

cryptologie.net
1 points·by baby·10 ay önce·0 comments

comments

baby
·evvelsi gün·discuss
I find Rust more readable than zig
baby
·3 gün önce·discuss
I work on www.zkao.io so I can expand on this: it's basically like an audit, you click a button and ~9h later you get a report with findings. It's supposed to be better at finding bugs (especially cryptographic bugs) than frontier models AND it's supposed to be better at discarding false positives.
baby
·7 gün önce·discuss
fixed!
baby
·8 gün önce·discuss
they're the same, arithmetic circuits are just made out of addition and multiplication gates. They're used all over the place in programmable cryptography (ZKP, FHE, MPC)
baby
·9 gün önce·discuss
It might not be super clear for people who don't know about formal verification with Lean or about arithmetic circuits, but this project let's you optimize code in a secure way: if you have code that's faster, not only you have a proof that it is indeed faster, but you also have a proof that it is correct and secure by construction!

It's important that the circuits implement the logic "securely" because arithmetic circuits are used in cryptography (in ZKP, MPC, FHE, for example) to implement programs with additions and multiplications (instead of NAND gates for example)
baby
·9 gün önce·discuss
I'm racing to be the first submission, amazing project :)
baby
·9 gün önce·discuss
There are different ways to think about this:

1. Imagine what the protocol would look like without privacy (zk allows you to “sign” a computation, so just do the computation in the clear)

2. Imagine what the protocol would look like by revealing a hash of the passport only (the idea of a “nullifier”, a unique identifier that hides the data and and can be revealed to prevent replays)

The first one should already answer your question: the way you would prevent replays or portability (I use your proof) is to attach some sort of session context to your proof
baby
·16 gün önce·discuss
I let the soup in.
baby
·16 gün önce·discuss
Tried playing split fiction on the switch 2 and it was so horrible I haven’t played anything since then. I’m picking it up again today for starfox but basically only use it for nintendo games.
baby
·16 gün önce·discuss
Sounds like you never tried the deck and the switch. So many games are unplayable on the switch besides nintendo official games. I dropped split fiction because it ran so horribly on the switch
baby
·18 gün önce·discuss
Remittances is the other interesting one and why libra/diem was even on the table.

I was trying to send some money to my parents the other day and it’s still slow and expensive.
baby
·18 gün önce·discuss
The deck is such a good console compared to the switch and switch 2 that I can’t be stop being happy that they released this now. How is Valve, a tiny company, doing so much better than Nintendo?
baby
·19 gün önce·discuss
Lefty tenant here. I def. stopped paying my rent a few times until my landlord fixed their shit or agreed to stop scamming me.

Last time I did it I signed a lease for a year, with 2 months of advance notice if I decided to leave (in the UK). I told them 2 months before the end of my lease, and they told me I had to wait for the end of my lease, then wait 2 months, and then I could be out.

I just stopped paying rent, and left them a horrible one star review on gmaps.

One day he showed up at my place (with soup who was coming to fix something) and tried to enter. I told him to stay out. And then he started crying and telling me how I could not just stop paying rent. I could tell how hard it was to be a small landlord.

I told him that I would resume paying if they signed smthg to agree to let me break the lease at the year end AND reimburse me the fees that appeared at the least minute, a year ago, right as I was signing the lease in front of them.

They agreed, reimbursed me my caution/deposit at the end, easy.

Would recommend just stop paying your rent if anything ever happens. I would do it again.
baby
·28 gün önce·discuss
Am I paranoid or does this comment feels like what an LLM would write to imitate an HN comment?
baby
·geçen ay·discuss
Our experience has been that without a good harness you don't really get much out of codex/claude. And you really need to spend time and energy figuring out why coding agents can't find bugs like you can.

Every week I see bugs (as an auditor) that our own harness (https://zkao.io/) can't find, and we have to figure out pretty interesting techniques in order to make the tool find them. Mind you I'm talking mostly about cryptographic vulnerabilities, not just webapp bugs. So IMO it's going to make a lot of sense for companies to have both their own harness (as tptacek is talking about) and pay for services that focus on making a good harness from experience (and audit firms are going to be the best at doing this, as they see a lot of bugs and can spend time "teaching" their harness about these bugs)

On the other hand, you have to find equally as good techniques to triage, because otherwise you just have some machinery that I call "vibe auditing" that just produces enough false positives to tire all the developers (who are already overwhelmed with crappy AI submissions in bugbounties and other AI tool that review all of their PRs).

At the end of the day, when your harness doesn't return any bug, you're left wondering "does it mean there's no bugs?" We're basically back in this reputation game, where you want to use the best tool, or the best team (that knows what the best tools are), and need to figure out which one is.
baby
·geçen ay·discuss
I would recommend the book over it
baby
·geçen ay·discuss
Would recommend reading the comic instead
baby
·geçen ay·discuss
I read all the persepolis comics a long time ago and to my memory it was the first time I cried reading a comic. A beautiful work of art. I would recommend to anyone reading this comment to order the first book.
baby
·geçen ay·discuss
What annoys me the most is that I can’t efficiently track my emails with the default. It’s unusable imo if you have a lot of emails. What I ended up doing was to disable read on preview, and enable shortcuts, so you can navigate with vim shorcuts and have to manually mark emails as read.
baby
·geçen ay·discuss
turn off is the only option basically, try an android phone bro