Trying to make the world a better place building web3 privacy infrastructure @hoprnet & @rpc_h_; prev co-founder @ValidityLabs, @SONECTme; PhD @ETH_en @bel_ethz
Jun 4 • 17 tweets • 7 min read
Gnosis VPN is the first web3-era VPN powered by @hoprnet for @GnosisDAO
Here is a TLDR of my @dappcon_berlin talk. Instead of slides check out
Bonus track: a new user data fingerprinting method that you didn't see coming!
1/17 gnosisvpn.com
Let’s start with the privacy issues of the web2 infrastructure which harvests METAdata to fingerprint and track users across domains and devices
That is incredibly messed up, because this infrastructure is what factually runs today’s world, economy and democracies
2/17
A vault is a contract into which you deposit some token, e.g. you deposit DAI into @Compound in order to earn yield on those DAI
🧵2/9
Jan 21, 2022 • 11 tweets • 3 min read
Knock knock anon, who's watching you?
Correct, your RPC provider
We made derp.hoprnet.org so that you can watch them watching you
Here's 3.5 surprises 👇
Reminder that for 99% of all Ethereum users "RPC provider" simply means "a computer in Uncle Joe's basement that I blindly trust. I blindly trust the data that it delivers to me and I also blindly trust their pinky promise to not log everything they see about me"
Jan 20, 2022 • 4 tweets • 1 min read
Had a few rough days and nights - no real damages but some really interesting Solidity security lessons learned 👇
The core of the issue was being too nice to the user (claiming rewards during unstake) followed by too strict validations (rewards were `require`d to be >0)
Jun 10, 2020 • 11 tweets • 5 min read
The most expensive Ethereum tx was in fact a bug in a money laundering bot that made people believe it was miner laundering
How would that work, how do we know and why is that a bad idea wrt privacy?
