#protocol-design

Best starting points

1. The KelpDAO Exploit Was Not a Bug

   April 19, 2026 · 22 min

   Incident memo (April 2026): the 116,500 rsETH release via LayerZero EndpointV2 was a semantic guard failure. Signatures are not truth unless they bind to a unique, finalized source-chain debit.

2. Hybrid Schemes and Protocol Agility

   April 16, 2026 · 10 min

   Deep dive (April 2026): hybrid key establishment is a narrow hedge (HNDL), not “post-quantum TLS”. The hard part is suite identity, transcript binding, and AND-semantics for dual signatures.

3. The Leaf Is the Hot Path: Signature Placement in Post-Quantum TLS (ML-DSA vs SLH-DSA)

   April 8, 2026 · 9 min

   Paper note (April 2026): experiments show SLH-DSA in the server leaf collapses TLS 1.3 handshakes by ~10^3×. PQ migration is a certificate-hierarchy and cost-concentration problem, not an algorithm swap.

4. Migration Risk Management: Inventory, Prioritization, and Cutover

   November 1, 2023 · 4 min

   Correctness-focused deep dive (November 2023): Migration Risk Management: Inventory, Prioritization, and Cutover.

5. Benchmarking PQC: What to Measure (and What Not To)

   September 1, 2023 · 4 min

   Threat-model-first analysis (September 2023): Benchmarking PQC: What to Measure (and What Not To).