Harry Kalodner

@hkalodner

Co-Founder of and Princeton CS PhD candidate

Vrijeme pridruživanja: prosinac 2007.

Tweetovi

Blokirali ste korisnika/cu @hkalodner

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @hkalodner

  1. proslijedio/la je Tweet
    30. sij

    Hot take: Fuel is creating a Bitcoin maximalist's nightmare version of Bitcoin: - Native colored coin support - Fraud proofs - Literally on Ethereum

    Prikaži ovu nit
    Poništi
  2. 30. sij

    May I have some Eth sir 0xbE8e5197Acd8597c282D29C066c08A03b657ED08. Thanks Rinkeby!

    Poništi
  3. 29. sij

    This is an extremely valuable project. Just because you’re using a smart contract doesn’t mean a system is either decentralized or secure. We need more insight into the security properties and practices of mainnet dApps

    Poništi
  4. 27. sij

    4) Community governance: If you need to have an upgrade mechanism which reduces your contract to basically be a multisig, at least make it a big multisig. Rather than keeping control with just the validators, also include users and external oversight boards

    Prikaži ovu nit
    Poništi
  5. 27. sij

    3) Allow users to opt-in to upgrades: This one is more application dependent, but if possible allow users to choose whether that would rather move between software versions automatically or manually

    Prikaži ovu nit
    Poništi
  6. 27. sij

    2) Use security auditing and formal verification to ensure correctness: Smart contracts have to be considered an area where high assurance is required. You can’t just hope you have no bugs if you’re handling the money of others

    Prikaži ovu nit
    Poništi
  7. 27. sij

    1) Have a long delay on your upgrade mechanism: This way users can react to the upgrade and leave the system if it is compromised.

    Prikaži ovu nit
    Poništi
  8. 27. sij

    Developers who put in upgrade mechanisms mainly have good intentions. They’re nervous that their code has bugs or want to be able to add awesome features in the future. So what can they do?

    Prikaži ovu nit
    Poništi
  9. 27. sij

    Tornado cash is very cool, so not to knock it, and they will do a decentralized ceremony for its proof that will eliminate this issue, but many in the community have been hyping it and getting users to put in funds despite this current risk

    Prikaži ovu nit
    Poništi
  10. 27. sij

    Another example of a heavily hyped project: On release Tornado Cash has a fully centralized setup for their SNARK meaning that some entity could easily produce proofs of anything. This is a huge vulnerability in any ZK system with a trusted setup that hasn’t been decentralized

    Prikaži ovu nit
    Poništi
  11. 27. sij

    Nowhere in any of those warnings was the huge disclosure: All of your money could be taken at any time if two of the founding team are hacked or go rogue. We have no idea what security precautions they’ve taken to ensure the security of their keys

    Prikaži ovu nit
    Poništi
  12. 27. sij

    I believe that as a community we need to stop telling people to put their money in smart contracts with centralized upgrade mechanisms. A ton of Ethereum twitter got excited about PoolTogether and advertised them everywhere trying to attract users

    Prikaži ovu nit
    Poništi
  13. 27. sij

    The promise of smart contracts is that we can have trustless execution. Upgrade mechanisms destroy that trustlessness. We need to start building secure contracts today. As a community we need to do better educating developers and users about these risks

    Prikaži ovu nit
    Poništi
  14. 27. sij

    The conflict between governance and security in smart contracts is really interesting. Developers want to ensure that bugs can be fixed and improvements can be made. Users want their funds to be safe

    Prikaži ovu nit
    Poništi
  15. 27. sij

    Including a mechanism like this means PoolTogether is currently equivalent to a 2-N multisig. Two of the multisig keys could swap out the PoolTogether contract and replace it with anything they want.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    23. sij

    Censorship attacks are a risk for many smart contracts including Arbitrum rollup, optimistic rollup, and others that depend on getting TXs accepted within a deadline. deep dives into the types of attacks and how you can deal with them

    Poništi
  17. proslijedio/la je Tweet
    12. sij
    Odgovor korisnicima

    The generalization I usually use to differentiate "useful coins" and "not useful coins" is whether the system needs to be able to tax all participants (mint coins) or permanently punish particular sets of participants (burn).

    Poništi
  18. proslijedio/la je Tweet
    10. sij

    Ethereum Research () has been the highest signal-to-noise ratio place for blockchain research since the days when -wizards and used to be frequented by researchers, and I'm proud to have contributed. I hope it stays that way!

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    23. pro 2019.

    This is the article I've warned about that is sure to be upsetting. Hopefully it's apparent what is "in scope" for this piece and what's "out of scope". I'd like to propose we discuss *only the ideas being proposed* in good faith, and leave all else aside?

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    19. pro 2019.

    My prediction: 2019 was the year of research. 2020 is the year of dope shit shipping. We will see more promising testnet releases in 2020 than we have in the past 3 years combined, and integrations between existing projects will proliferate in our twitter news feeds.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·