How AI destroys institutions. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5870623

“The principles that made these systems function can be articulated concisely. Individuals should keep their agreements and refrain from aggression, fraud, or encroachment upon others. Violence is costly and to be avoided, while free and functional markets are to be preserved. Property rights must be respected, and judgments should aim at restitution for the injured party rather than punishment for its own sake. There are no victimless crimes, and privacy should be accorded in all areas of life except where privacy itself becomes a tool for fraud. Law deals with individuals only, recognizing no group entities, collective guilt, or collective responsibility. The reasonable man, not the perfect man or the omniscient judge, provides the standard for applying legal principles.” @Max View article →

GM

I had to stop the latest WBD podcast. Too repetitive, too cringey.

• Never trust, always verify – Treat every User/PE/NPE, device, application/workload, and data flow as untrusted. Dynamically authenticate and explicitly approve all activity, adhering to the principle of Least Privilege. • Assume breach – Operate and defend resources under the assumption that an adversary already has presence within the environment. Plan for deny-by-default and heavily scrutinize all users, devices, data flows, and requests. Continuously log, inspect, and monitor all configuration changes, resource accesses, and environment traffic for suspicious activity. • Verify explicitly – Securely and consistently verify access to all resources, using multiple attributes (dynamic and static), to derive confidence levels for contextual access decisions. https://media.defense.gov/2026/Jan/08/2003852321/-1/-1/0/CTR_ZIG_DISCOVERY_PHASE.PDF

I want a natively addressable npub mesh network that is globally available. Have npub? Connect directly to the the mesh.

Awesome @Max View article →

The first video shows a #safebox issuing a pass to another #safebox via a NFC card, then request (and verifying) the issued pass via the NFC card. The second video shows logging into a #safebox with the NFC card and viewing the issued pass. The final photo shows the NFC card. Simple and fast. What is not apparent is that all of the sensitive information (the pass) is encrypted and additionally encrypted with a quantum-safe key exchange and handled invisibly in the background using relays. The NFC card neither store nor conveys any information, except for an encrypted token the proves that the bearer has control of the #safebox. Onward!

Stories are cool. @Cheyenne Isa ₿ View article →

The latest @Nostr Compass update. View article →

Bitcoin enabled permissionless transfer. Lightning enabled reciprocal transfer. Cashu enabled blinded transfer. #privatepayments

It's rewarding to see the zaps come in, especially when I know that the payment trail goes cold as soon as it hits my system (save for the comment, which I forward on) #nostr #safebox

After a very successful coding sprint, I am taking a few days to reflect on what I’ve built. This is the outcome of about a year’s worth of prototyping, coding and experimentation. I’ve proven that I can create a secure back-end communication channel between any two npubs to negotiate payments and records transfer. The past few weeks were dedicated to integrating quantum-safe cryptography where I had to add in an additional protocol handshake to transfer the quantum-safe public key for key encapsulation and generating a shared secret to additionally encrypt the payload. As you can see from the demo, the user actually sees nothing new, but I did add a message that indicates the quantum-safe key exchange has completed and the record is now safe for transmission. In the end, it’s a layered approach. I use NIP-44/NIP-59 (symmetric encryption and gift-wrapping). I then further encrypt the encrypted payload using the quantum-safe shared secret. If an attacker manages to crack ECC with Shor’s Algorithm with a quantum computer, they’ll be rewarded with a a payload that is encrypted using the quantum-safe key exchange algorithms. Is this overkill? You bet. But look at the video - the user won’t notice anything. This basically kills all quantum computer FUD and I honestly don’t believe there is a more secure way to do this in the world. Current ‘quantum-safe’ solutions being pitched, only protect the ‘pipe’ while everything that runs through it is in the clear, with the pipe being broken at each hop. I protect end-to-end the ‘payload’ - no reliance on pipes or friendly hops. #nostr #safebox Onward! View quoted note →

Core capabilities of a globally available infrastructure that can’t be shut down by state or platform actors. The capabilities to: 1. Communicate privately. 2. Settle without permission. 3. Verify without trusting.

The internet needs a new torso.

Mathematical Theory of Payment Channel Networks

arXiv.org

A Mathematical Theory of Payment Channel Networks

We introduce a geometric theory of payment channel networks that centers the polytope $W_G$ of feasible wealth distributions; liquidity states $L_G...

What it feels like after a hard and successful day.

This is a live demo showing one #safebox requesting a record from another #safebox. It looks straightforward- scanning a QR code but behind the scenes the safeboxes are negotiating which relays to use, transmitting quantum-safe public keys, additionally encrypting the payload and sending via encrypted gift wraps as ephemeral events that disappear in 10 minutes. Nothing sensitive is transmitted using only TLS encryption or OAuth as I don't trust webpki certificate authorities and https.

What’s really cool is that I’ve landed on a pretty straightforward app coordination protocol. 1. Front-end web app presentation (HTTP GET/POST) 2. App dynamic interaction (Websockets) 3. Back-end data transfer (NIP-01, NIP-44, NIP-59 + PQC) All sensitive data goes through the back end. TLS is not relied on for back-end security. View quoted note →