DragonMf

@m-f-

Joined on Mar 9, 2023

  • Original checklist link: https://hackmd.io/2IRrRsLcQyKo1XOwAFABBA Rarimo github: https://github.com/rarimo Contact peers: @kitty_jenny_h (TG) Existing security audits: https://docs.rarimo.com/resources/audits/ Inscope applications/servers: FreedomTool ZK Passport
     Like  Bookmark
  • Web3Privacy Event Management Checklist 1. Pre-Event Planning Objective: Define goals, secure resources, and finalize logistics. Event Strategy & Goals[ ] Draft event purpose, target audience, and KPIs (e.g., registrations, engagement). (Owner: Event Lead) [ ] Align event theme with Web3Privacy’s mission (privacy, decentralization, ethics). (Owner: Content Lead) Budget & Funding
     Like  Bookmark
  • Introduction This concept is designed to provide a privacy audit process for both traditional and blockchain-based systems. It combines standard privacy principles with blockchain-specific considerations. We're building this system with the peers of Web3PrivacyNow, providing an open-source checklis. Alongside providing the service to members and future partners to verify their privacy measures. It's one to publicly stand for privacy, it's another to proof it. This is where the audit comes in. How to read this concept We're following a step by step approach, each individual requirement creating the required base for the next one. As the checklist itself (under point 6), itself does not tell much without the required context, nor is it it valuable without the future analysis of the results of this checklist. 1. Context Establishment We kick things of by defining under which context the audit will find place. It's important to be mindful of not only the local regulations on which their HQ is based. But just as much the regulations and indsutry practices of the regions and countries they are based.
     Like  Bookmark
  • Good afternoon everyone, I'm happy to release our next milestone accomplishment, bringing us another step closer to the production of the secure storage extension. In this milestone, we accomplished, as previously agreed these feats: Design of Extension (click to play with prototype) Go & WASM updateshttps://git.xx.network/elixxir/wasm-utils/-/merge_requests/4/commits https://git.xx.network/elixxir/client/-/merge_requests/704/diffs?commit_id=12a707ed36c08b37ce3fb0ada987b50671f0b3a6 https://git.xx.network/elixxir/xxdk-wasm/-/merge_requests/144
     Like  Bookmark
  • Q: How would you like to be called? (nyms welcome) A: text field Q: Email address / Telegram handle / other other method to reach you A: text field Q:What's your specialty? A: Multiple-Choice: Full-stack developer, Front-end developer, Back-end developer, Mobile developer, Data scientist, Designer, Product manager, Business, Other Q: What are your skills? (programming languages, frameworks, tech stacks, cryptography, APIs, apps, other hard or soft skills)
     Like  Bookmark
  • Research interviews of scoring mechanism. Today on the 6th of January I have initiated interviews with 2 peers, S & L to understand more how ot position a variation of privacay projects on the same scoring mechanism. Initial question bases out of comparing the interviewee project to a different utility project. Examples: In our current scoring mechanism we're having a problem to quantify multiple different projects on a similar scoring mechanism, such as comparing Rotki to ex. Monero this raises from having different datapoints, alongside different utility of a specific project. If you would compare these 2 projects, how would you personally try to put them on the same stage and which points would you believe apply to both of these? In our current scoring mechanism we're having a problem to quantify multiple different projects on a similar scoring mechanism, such as comparing Cake Wallet to ex. ethBerlin this raises from having different datapoints, alongside different utility of a specific project. If you would compare let's say these 2 projects, how would you personally try to put them on the same stage to compare an event to an application?
     Like  Bookmark
  • A ranked database system to empower the general public in exploring the privacy levels, security, and reliability of Web3 projects. To make the right decisions, one must be able to compare options. Having more options while your demand for what you need stays the same allows you to find what you need. Data is at the heart of many decision-making processes, from fundraising to attesting the legibility behind ecosystem tooling. As a neutral platform, we are transparent about our system. All changes are committed to our GitHub and are open to all. Main features Dashboard with filters and search Explorer Editor
     Like 1 Bookmark
  • An exclusive interview with the hacker of fractal, @unicornlover67, gave facts on the reality behind the sensitive breach of fractal.id FractalCustomerBuyout 2 -- Passports are a headache. A single piece of document can create a series of migraines when parties outside of your control abuse your documents. A whole array of risks is involved in getting your sensitive information leaked: Identity theft, financial fraud, phishing, and social engineering attacks, to name the most common ones. It gets even worse when we're talking about KYC documents from financial institutes; any brute would love to know where someone lives with plenty of money and show up with their machetes. You would assume that organisations taking custody of your sensitive details care about their users more than they care about their own reputation and branding. You would also expect a certain level of transparency rather than masquerading their mistake. Instead of owning up, fractal.id seems to focus more on hiding even more information. Maybe that's something they should have done initially with their user data, preferably before it gets offered for sale on the black-market. Even more preferably, if they have the option to buy it back, making it a gray hack bounty approach, actually starting the communications with the hacker in question. If they care so much about their reputation to hide facts, they would at least be willing to protect their customers by purchasing their sensitive data back. Especially as some of their affected customers can't afford to simply buy out the data themselves.
     Like  Bookmark
  • UNDERWEI; a P2P Cross-chain Bridge 1-intro 1 I am a new bridge, I come in peace, and am accessible for all. An open-source peer-2-peer bridge is where my label falls. Try me! My bridge is a public good, where autonomy is key to transact. Through new mechanisms we prevent major security threats. I have no on-chain oracle, or any oracle at all outside of our front-end price recommendation. I don't use or incentivise a large liquidity pool.
     Like  Bookmark
  • What’s an explorer without its compass, a network without a roadmap? With the ongoing efforts of teams to scale Waku, those following Waku might be wondering where we are going. This article contains a pocket guide to our current technical goals throughout 2023 and parts of 2024. If you are primarily curious about our specific milestones and roadmap, jump directly to it here. We do not just promise to run user messages through a Firebase backend. Do not trust us; verify instead. Follow us to learn more about our work. Have a read here. Waku What is this network, and why does it matter what we are building? Isn’t whisper already a thing that's there to do what we aim to do? Waku is a decentralised, open-source suite of privacy-preserving, peer-to-peer messaging protocols. It is designed for general messaging with humans, machines, or a hybrid situation. Waku runs everywhere. On your phone, a server, or through your browser.
     Like  Bookmark
  • to infinity and beyond! With the ongoing efforts of teams to scale Waku, also remains the need to have ongoing practical tests aimed at our theoretical calculations. You and others following or learning about Waku might get a bit worried once you realize about the ongoing scaling process. Scaling is one thing. Scaling securely is another. As we scale our tech, we guarantee to build upon our principles while maintaining full transparency. We are not just promising that we're not running your messages through a firebase backend—no need to trust only our words. Find out for yourself on our and follow our live work through this pocket guide that scales. In this article, you'll find a pocket guide to our current scaling goals throughout 2023, our new ongoing tests, and points to relevant resources to this workstream. Waku, Waku? first, a refresher of Waku.
     Like  Bookmark