#securityView all tags

• The KelpDAO Exploit Was Not a Bug

  April 19, 2026 · 22 min — #incident-analysis#security#DeFi#cross-chain#distributed-infrastructure#formal-methods#protocol-design#Ethereum#LayerZero

• Termination Is a Security Boundary: HotStuff Under UC, Delay Attacks, and the Uncomfortable Gap to Rust

  March 28, 2026 · 13 min — #research-notes#distributed-systems#consensus#BFT#formal-methods#cryptography#Rust#security

• Secure Distributed Storage: Erasure Coding Under Adversaries

  March 1, 2026 · 3 min — #research-notes#distributed-systems#cryptography#formal-methods#security

• Verifiable Computation as Infrastructure: Proof Systems at Scale

  February 1, 2026 · 3 min — #research-notes#distributed-systems#cryptography#formal-methods#security

• Composable Security: Where Proofs Break in Real Systems

  January 1, 2026 · 3 min — #research-notes#distributed-systems#cryptography#formal-methods#security

• CPZKp - Building Practical Zero-Knowledge Proofs in Rust from Scratch

  April 28, 2025 · 3 min — #Rust#cryptography#zero-knowledge#chaum-pedersen#ecc#curve25519#security#portfolio

• Designing for Catastrophic Failure: Compartmentalization and Recovery

  December 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• ZKP Systems Engineering: Provers, Verifiers, and Operational Cost

  November 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Formal Verification of Crypto Protocols: Models, Gaps, and Pain

  October 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Secure Enclaves in Distributed Systems: Remote Attestation and Trust

  September 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Metadata and Privacy: The Hard Part Isn’t Encryption

  August 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Byzantine Fault Injection: Testing Protocols Like an Attacker

  July 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Consensus Under Attack: Adaptive Adversaries and Network Control

  June 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Time-Based Attacks: NTP Manipulation, Expiration, and Replay

  May 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Sandbox Escapes: Isolation Boundaries as a Design Input

  April 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Supply Chain Attacks: Dependency Poisoning and Maintainer Compromise

  March 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• DDoS at Scale: Adaptive Defense and Cost Asymmetry

  February 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• BGP and Routing Attacks: Engineering for the Internet We Have

  January 1, 2024 · 4 min — #research-notes#security#distributed-infrastructure#threat-modeling#resilience

• Compliance & Standards: Translating NIST to Engineering Action

  December 1, 2023 · 3 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Migration Risk Management: Inventory, Prioritization, and Cutover

  November 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Side Channels in PQC Implementations: Where Theory Meets Cache

  October 1, 2023 · 3 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Benchmarking PQC: What to Measure (and What Not To)

  September 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Crypto Agility Tooling: Feature Flags, Policy, and Rollback

  August 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• PQC for IoT: Memory, CPU, and Timing Side Channels

  July 1, 2023 · 3 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• PQC in VPN/IPsec: IKEv2 Revisited Under PQ Constraints

  June 1, 2023 · 3 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• PQC in TLS: Negotiation, Downgrade, and Interop

  May 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Hybrid Key Exchange: Binding Classical and PQ Secrets Correctly

  April 1, 2023 · 3 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Signatures in Practice: Dilithium/Falcon and Deployment Constraints

  March 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• KEMs in Practice: Kyber Handshakes and Failure Surfaces

  February 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• PQC Threat Models: 'Harvest Now, Decrypt Later' in Real Systems

  January 1, 2023 · 4 min — #research-notes#post-quantum-cryptography#cryptography#security#protocol-design

• Red Teaming Infrastructure: Turning Attacks into Regression Tests

  December 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rust/Go Secure Coding Patterns: The Bugs That Still Happen

  November 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secure Configuration: Policy-as-Code and Guardrails

  October 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Backup/Restore as a Protocol: RPO/RTO with Adversaries

  September 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Observability at Scale: Traces, Cardinality, and Cost

  August 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rate Limiting & Load Shedding: Protecting Reliability SLOs

  July 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Multi-Region Design: Failover That You Can Actually Test

  June 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Kubernetes Hardening: RBAC, NetworkPolicy, and Pod Security

  May 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Runtime Security: eBPF, Policy, and Drift Detection

  April 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secrets Hygiene: Rotation, Scoping, and Runtime Delivery

  March 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Reproducible CI/CD: Determinism as Defense

  February 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Supply Chain Security: SLSA, SBOM, and Build Provenance

  January 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Incident Response for Crypto Systems: Key Compromise Playbooks

  December 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• KMS/HSM Threat Models: When 'Managed' Doesn't Mean 'Safe'

  November 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Multi-Tenant Isolation: Crypto Boundaries vs Kernel Boundaries

  October 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Cryptographic Agility: Designing for the Algorithm You Haven't Met Yet

  September 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Logging for Forensics: Tamper Evident Event Pipelines

  August 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• TLS Beyond Defaults: Ciphersuites, ALPN, and Operational Reality

  July 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secure Firmware Updates: Signed Manifests and Rollback Protection

  June 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Side Channels: Constant-Time, Cache Attacks, and Real Threat Models

  May 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Hardware Roots of Trust: TPM, Secure Boot, and Attestation

  April 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secrets vs Capabilities: Token Design in Microservices

  March 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Key Management at Scale: Rotation, Audit, and Blast Radius

  February 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• PKI as an Operating System: Certificates, Policies, and Expiration

  January 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps