Log inSign up
Paul Miller
3,158 posts
Image
user avatar
Paul Miller
@paulmillr
🔑 Security, open-source software, austrian school of economics. Noble cryptography. Manufacturing paperclips.
paulmillr.com
Joined August 2009
99
Following
5,783
Followers

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Paul Miller
    @paulmillr
    Apr 17
    > WASM, but paranoia-friendly Announcing 3 new projects: 1. awasm: a new standard for auditable, high-security WASM packages 2. awasm-compiler: an auditable js-to-wasm compiler 3. awasm-noble: an ultra-fast WASM cryptography library (ChaCha/BLAKE3 at 6-10 GB/s)
    awasm - auditable WASM compiler. Transparent. Reproducible. Synchronous
    11K
  • user avatar
    Paul Miller
    @paulmillr
    May 11, 2023
    Twitter launched encrypted* DMs for verified accounts. * No sync * No group chats * No attachments * No timers * Vulnerable to MITM * No reporting (msg franking) * No Forward Secrecy * No Key Transparency * Private keys are NOT erased after web logout
    Image
    help.x.com
    About Chat
    342K
  • user avatar
    Paul Miller
    @paulmillr
    Aug 11, 2022
    Just took a look at @solana’s official web3.js library. Installing it downloads 723 dependencies packed in 202MB from NPM. It then creates 310MB directory with 17682 files. Almost all deps have unbound version ranges. Any dep update could bring trojans to your SOL apps.
    Image
  • user avatar
    Paul Miller
    @paulmillr
    Dec 24, 2022
    Announcing noble-curves: the culmination of work on elliptic curve cryptography. Pkg defines ed25519, ed448, secp256k1, P384, P521, bls12-381, bn254, pasta, stark curves. Edwards, Weierstrass, Montgomery primitives, hash2curve & pairings are also in.
    Image
    GitHub - paulmillr/noble-curves: Audited & minimal JS implementation of elliptic curve cryptography.
    From github.com
    108K
  • user avatar
    Paul Miller
    @paulmillr
    Jan 26, 2022
    Proud to release ethereum-cryptography 1.0 funded by @ethereum foundation. The new audited libraries behind it will empower all kinds of projects in the space.
    Image
    A safer, smaller, and faster Ethereum cryptography stack
    From medium.com
  • user avatar
    Paul Miller
    @paulmillr
    Aug 16, 2022
    It’s impossible to run ETH node over TOR. Even worse: no plans for it. This drastically reduces anonymity & censorship resistance of staking. You either get a KYC-ed hosted server, or homestake — which in most cases is also KYC-ed to yourself. VPNs are not of any help.
  • user avatar
    Paul Miller
    @paulmillr
    Mar 29, 2025
    Releasing ESPLR - a local ETH block explorer. Big problem of ecosystem is reliance on 3rd party RPCs (infura, alchemy, quicknode). Also reliance on 3rd party explorers (etherscan). They track users: it makes system one big panopticon. Local nodes can make the situation better!
    Image
    Image
    Image
    Image
    00:00
    31K
  • user avatar
    Paul Miller
    @paulmillr
    Sep 13, 2024
    Chokidar v4 is out! Chokidar was created in 2012 to solve file watching issues in node.js. In 2024, node APIs are still useless, so the development is continued. New release removes glob support and decreases dependency count from 13 to 1.
    Image
    GitHub - paulmillr/chokidar: Minimal and efficient cross-platform file watching library
    From github.com
    24K
  • user avatar
    Paul Miller
    @paulmillr
    May 9, 2024
    This is your regular reminder that “secret chats” in telegram rely on server-provided prime numbers (messages.getDhConfig). The server could send “bad” prime numbers to clients and decrypt conversations later. Section 1.2.1 of tel-03245433 theses.hal.science/tel-03245433/f…
    This post is unavailable.
    91K
  • user avatar
    Paul Miller
    @paulmillr
    Apr 12, 2025
    Releasing micro-zk-proofs: JS library to create and verify zk-SNARK proofs. Proofs are created in parallel using Web Workers. Noble cryptography is utilized underneath. During development of zkp, a vulnerability was found in wasmsnark, alternative proof generation library.
    Image
    11K
  • user avatar
    Paul Miller
    @paulmillr
    Oct 6, 2021
    How important are supply chain attacks? Extremely. @ethereum foundation agrees, so they’ve funded the development of fast & secure cryptographic JS library that implements hashing and KDFs. Happy to release it! The first version is out:
    Image
    GitHub - paulmillr/noble-hashes: Audited & minimal JS implementation of hash functions, MACs and...
    From github.com
  • user avatar
    Paul Miller
    @paulmillr
    Mar 24, 2023
    4KB cryptography. Does that sound safe? Because it should. Announcing v2 of single-feature modules noble secp256k1 and noble ed25519. secp is just 430 lines of code (4KB gzipped), ed is only 330 lines (3.3KB gzipped) — 4x smaller than previous versions.
    Image
    GitHub - paulmillr/noble-secp256k1: Fastest 5KB JS implementation of secp256k1 signatures and ECDH
    From github.com
    28K
  • user avatar
    Paul Miller
    @paulmillr
    Dec 31, 2023
    2023 progress on JS cryptography: - noble-hashes: 400K => 1.7M downloads per week - noble-curves: ~0 => 0.9M, got 2 audits - noble-ciphers: 0 => 25K - Finally adopted by @ProtonMail, MetаMасk, @rainbowdotme, @Rabby_io, ethers, web3.js, viem Takes time, but we’re getting there.
    30K
  • user avatar
    Paul Miller
    @paulmillr
    Apr 11, 2023
    Replying to @elonmusk and @KanekoaTheGreat
    I speak russian. Never got a wrong treatment. Unaware of anyone else who got. Please stop spreading nonsense.
    1.9K