2/ In a world this complex (and guys this complexity is our own making!), how do we even verify that we're safe? If you ask me, verification has never been more critical or more impossible.
1/ so, hmm, we rely on firmware we can't inspect, compilers we don't build, closed-source LLMs, proprietary enclaves, remote updates etc. Each of these layers is a target and more will join in the coming years/decades.
2/ Well it's pretty simple: I always take a taxi & pay in local cash. I don't like being tracked. Look people forget that physical cash is one of the last forms of everyday privacy we still have. Cash is cypherpunk. Cash is freedom.
1/ Had a fun convo recently where some dude was talking about Uber and ride-sharing. I told him I've never used any of those services in my life (I'm being serious here). He looked confused and asked how I get around usually.
I was thinking about this scenario since this morning I wanted to push something (more or less sensitive) to a private repo but ended up rolling it back purely out of paranoia. I guess the right threat model for private repos is that it can be assumed to be leaked one day.
if someone ever managed to breach all _private_ GitHub repos (I mean it's insanely difficult but not impossible) it would be one of the most catastrophic events in the security history, and if I were a state-level actor that's exactly the kind of target I'd prioritise rn.
RIP Internet
folks, hear me out, the best long-term trading strategy is privacy itself. Those who build and hold it are shaping the foundation of a free economy. And guess what, its yield is true sovereignty: the _only_ return that truly endures.
3/ Look, you can go all mainstream, but we should actually celebrate it when Ethereum isn't chosen by tradfi clowns. That means we're doing something right. I won't let Ethereum be tamed, neutered, or turned into just another corporate playground. Never.
2/ compliance as a "feature" instead of a _clear_ bug (just check the discussions around FOCIL), and having the constant urge to turn Ethereum into a business (believe me, institutions have this urge) instead of the biggest economic playground of our lives.
1/ Ethereum's worst enemy is institutional adoption. Honestly, think about it guys, the more institutions get involved, the more influence they wanna have on future hard fork decisions (and thus will make a core dev's job even more complicated),...
2/ Those are the projects that will outlast all the distractions, all the fleeting trends. Because principles do fucking matter. Because this is our fight, it's my personal fight, it's our soul. Cypherpunk will always rise. And in the end, Cypherpunk will win.
1/ The soul of Ethereum was Cypherpunk. It _is_ Cypherpunk. It will always be Cypherpunk. You can chase your glossy, VC-driven narratives, build your fancy protocols, but the ones that will endure are the ones that preserve our privacy, defend against censorship & stand tall in the face of tyranny.
6/ Cold storage means no connection to the internet, period. Happy Sunday and go touch some grass or sand :D.
5/ And while I'm at it, please don't store assets in hot wallets. Just don't. Also, don't take pics of your seed phrase with your phone. There are malicious apps that can use OCR to scan images for seeds.
4/ I understand that shifting most of the space to something like QubesOS isn't realistic, but we must start prioritising security-first OS choices in our ecosystem, not just UX. Honestly, fancy features won't stop your device from being compromised.
3/ Please remember: these OSes weren't built with the strict sandboxing, strong application isolation, or zero-trust principles needed to defend against these today's threats!
2/ However, and that's what I want to address here, is that OS design choices like weak data compartmentalisation & permissive default trust models are the _major enablers_, especially on macOS and Windows.
1/ This morning I've been reviewing our last months' SEAL 911 tickets. Guys, it's clear that soon (probably sooner than you think) a large portion of our ecosystem will be running on compromised devices. I mean, man, infostealers are probably the _biggest_ ecosystem problem right now.
My periodic reminder: if someone offers you a slick-looking hardware gadget at EthCC (or any other crypto event), don't plug it in, don't take it home. Just walk away. Treat it like malware wearing a shiny casing. We've got enough infostealers in the wild already.
If it never goes mainstream, that means it stayed dangerous. It stayed free. Thus, mainstream isn't the goal. Freedom is.
so I've been thinking about this for a while now and I'm more and more convinced that crypto was never meant for mainstream. The main reason being that crypto's purpose is _liberation_, not popularity. It's effectively for those who choose sovereignty over simplicity.
Absolutely
Don't listen to your friends. Listen to your gut feeling and your principles. Good friends mean it well, but won't replace principles.
It could've been simple but somewhere along the way, we chose to build a fragmented, bloated mess of chains instead. A monster of our own making.
you know, I'm a simple guy: I roll (mostly) with ETH, Tornado Cash, Railgun, BTC, Zcash, and XMR these days. I don't use L2s. I don't use Solana. I don't use fancy DeFi protocols (I like it KISS and trustless). Simply put: just tools that work and don't ask permission.
I know guys, you're all bullish on Claude etc. but if you keep outsourcing more and more of your thinking to LLMs, you'll eventually become whatever the algorithm decides. You lose your uniqueness, your edge. Just don't.
3/ I use them because their privacy is built-in & the UX is pretty smooth. That's exactly what I want from Ethereum. Simple, private, native payments. No extra steps. If we want to onboard people to privacy at a global scale, it must be native and easy. Full stop.
2/ Long-term, I shouldn't need to interact with a smart contract just to shield a simple ETH transfer. Privacy should be native at the L1. Look, I've been using Monero & Zcash for some time already (on that note, please Ledger ship shielded addresses).
1/ There is nothing I want more than for Ethereum to lead on privacy (scalability has always been a second priority for me tbh; not implying it's not important to be clear). Not conditional privacy. Unconditional.
