This sounds like hype (cuz it is!), but it's really true. We've spent 3 years completely re-inventing blockchains to make it possible to build *anything*, quickly. From day one, our goal was to allow maximum flexibility to make meaningfully better user experiences. When we.

RT @prestonevans__: This sounds like hype (cuz it is!), but it's really true. We've spent 3 years completely re-inventing blockchains to….

If you want to build a great product, you can't waste time hacking around the limitations of your tech stack. Sovereign SDK lets you build anything, quickly. No limits on contract size. Complete customizability. Maximum performance.

RT @zmanian: This is absolutely sick.

RT @sovereign_labs: Introducing Sovereign SDK -- the first rollup framework that executes 99% of transactions under 10 ms, fast enough to b….

RT @nickwh8te: So I'm convinced that inclusion latency can be independent of validator count and geographic distribution using MCP. BUT an….

RT @_weidai: Why build a central-sequencer CLOB and post data to a decentralized order-enforcing DA layer?. 1. Lowest execution confirmatio….

RT @_ventali: My old Twitter (@ventali_) and Telegram were hacked. The attacker is impersonating me to target tech and crypto founders & in….

RT @rphmeier: Last month we landed a host of new optimizations for NOMT to save disk space and improve performance. Here's a benchmark wit….

RT @zmanian: The exploiter is trying to get people to set up a calendly meeting and use Remote Desktop to install a wallet drainer. So don….

RT @0xLita: Ventali’s Twitter (@ventali_ ) and Telegram (@ventali08) accounts have been compromised. Please do not engage with any messages….

cc’ing folks who know Ventali @dlubarov @colludingnode @nico_mnbl @swen_sjn @gakonst @hdevalence @zmanian @tarunchitra @_weidai. If anyone can help recover the account, get in touch! (She still has access to Slack and email, or I can connect).

🚨🚨Someone took over @ventali_’s telegram and X accounts around 2am today! . If you get a message from Ventali asking to meet do NOT accept!! We believe the hacker is using Zoom remote access to install wallet drainers.

All this to say - RISC-V zkvms have been a huge step forward for the industry but they also open up new categories of security problems that we haven’t fully grappled with. Lots of work still to do!.

And there’s a lot more effort that could be put in to. - Make it easy to enforce use of the exact same dependency versions across host and guest programs. - Reduce/eliminate dependence on FFI with C/C++ code with dangerous build steps. - Differentially fuzz across targets.

3. Investments in language level toolchain robustness. For example, at Sovereign labs we enforce that “host” code that generates the witness and “guest” code that consumes it must use the exact same compiler version - but as far as we know, we’re the only team to do so!.

By I’m still bullish on…. 1. Specialized languages for provable code. Lurk shows that you can get impressive efficiency for higher level programs in many cases. 2. Moving low-level code out of user code and into the zk circuit, then patching it to have a Rust interface.

And importantly, I don’t think this needs to be a binary decision! . Not all code is mission critical, and lots of mission critical code can be tested thoroughly enough to depend on, even in the face of real-world conditions (I.e. compiler bugs).

… and most of them are easy to catch with standard testing and deployment processes. But not all of the bugs that I’ve seen are easy to catch! So while I’m very bullish on RISC-V, I’m also bullish on specialized languages/tools for provable code.

In 3 years of working with RISC-V zkvms, I’ve seen bugs in the Rust compiler, bugs in linker scripts, bugs in the Rust std library, bugs in LLVM, bugs in the build scripts that compile C/C++ dependencies for FFI, etc. Most of these bugs are *not* the fault of the zkvm authors….