Two exciting developments: A. intoverflow bug found and fixed in the Lean runtime 😍, B. an AI rewrote zlib into Lean and there is now a proven-correct implementation of zlib!? 😍😍😍 kirancodes.me/posts/log-wh...
@expede.wtf 👀
I kinda want to share the story of how I accidentally paid double the tax for four months once and can't undo it anymore without involving lawyers but I probably won't do so in public 😬
Taxes... 😔
> One performance-related change we are pursuing is "split mode". This is where — after the TLS handshake — a connection can be split into sender and receiver objects. The sender can send TLS-protected data, while the receiver can receive it.
I've wanted this in the past :)
⚠️ An active phishing attack is targeting crate owners by asking them to "confirm that your email address is still active". These messages are not from crates.io, and should be ignored. (We will never ask you to confirm that your e-mail address is still active.) ⚠️
🦀🔐☠️ Tired of deadlocks? Me too! Here's a post about a library that I've been working on to help wrangle the problem in Rust
notes.brooklynzelenka.com/Blog/Surelock
ECH exposed a hard truth about privacy technology: you can win at the protocol layer and still lose at the deployment layer.
I wrote about it here:
cdt.org/insights/do-...
When I was at my first job, I found a glaring hole in the security of our product. I opened a Bugzilla bug titled "Our security is a joke". I didn't mean anything by it, I was just trying to be funny. But my colleague told me how much it hurt his feelings. I've never forgotten it. Wording matters.
Ooooooh
unstoppable force vs. immovable object
may i interest you in our lord and savior atproto-over-media-over-quic
"commoditization and decentralization shift the balance of power. Dependency creates leverage, whether it's a country's gas supply or a company's cloud provider, and the engineering choices we make determine who holds that leverage"
@piss.beauty I... do you have some kind of dedicated notification set up for anytime @iroh.computer posts? :D
Or maybe you're just on another level of online... 👀
Fantastic work by Daniel, as always.
"Embeddable relay" in the sense of, if you already have a webserver running somewhere, you can now add iroh-relay as a rust library and have it serve an iroh relay websocket route next to your other routes.
We still require relays to be run on servers with DNS and public IPs set up :)
v0.97 is out & it's a biggie:
custom transports, preset API, embeddable relay server, address filtering, and a switch to our own QUIC implementation!
www.iroh.computer/blog/iroh-0-...
There's also an example of combining samod (automerge) with iroh: github.com/n0-computer/...
Automerge can be used to sync text documents and merging them... automatically :D
Shards?
Fuzzing a tokenizer? If so, maybe consider cargo-fuzz! It uses libfuzzer and does coverage-based fuzzing. You get a byte slice as input and run e.g. your tokenizer and it will look for panics.
Checking for actual properties doesn't work I think (unless you panic on them maybe?).
Ok [*rolls sleeves*] I want to properly understand money. What do I read?
I'd love to hear a "common misconception around bevy" take of yours :)
Screenshot of Aljoscha's message on discord: I'm not on Bluesky, so I can't chime in directly. But in a nutshell: - you can incrementally recompute the root hash when appending data, in amortised `O(l)` time when appending `l` bytes (worst case per append is `O(l + log(n))`), where `n` is the total length so far - this means you can hash a string incrementally in linear time - this is identical in Blake3 and Bab - the main differences between Blake3 and Bab: - Bab has constant-size length proofs - in Bab you can speed up computation when the input string repeats (for example, you could compute the hash of `n` successive zero bytes in O(log(n)) time, whereas Blake3 deliberately requires O(n) there to thwart timing attacks) - Bab admits multiple instantiations (different digest sizes, different merkle tree label computations), Blake3 is one-size-fits-all
I asked Aljoscha to fact-check on discord:
Iroh blobs uses the exact same construction that BLAKE3/bao uses. Files hashed with iroh-blobs give you BLAKE3 hashes.
We store the inner tree hashes only up to 16KiB chunks and recalculate the rest on the fly, but other than that it's identical to bao.
And actually a minor correction: I think I was wrong claiming that length changes require rehashing. Seems like that's not the case.
All good :) Bab is cool IMO. Just wanted to correct the fact that bao also supports random access and took the chance to blurt out some additional facts
And IIRC this comes with the downside of needing to know the size of what you're hashing in advance/needing to rehash everything on append.
Bab is inspired by BLAKE3/bao (hence the similar name).
Both feature random access.
IIRC, something that Bab improves over bao is that each random access Merkle Proof also comes with a proof of total size.
Given this methodology, it might even be a low estimate. Servo likely tackled low hanging fruits with big impact first. So this report would assume this stays the same.
screenshot of the one-pager version of the servo readiness report
How do we get to more than just three web engines owned by three US companies?
It's a gargantuan question, with no easy or right answer.
I've put together a draft report, thinking about it through a very specific approach - please enjoy:
Servo Readiness Report
webtransitions.org/servo-readin...
