Dennis Won denniswon
denniswon
/ gist:70c9b98044d1848a8603138189acd582
Created
March 19, 2026 06:30
Dashboard API: Agent Compatibility Gap Analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Agent Compatibility Gap Analysis | |
| ★ Insight ───────────────────────────────────── | |
| The core blocker is simple: every protected endpoint uses get_current_user_id, which only accepts JWTs. There's no path from a gw_ | |
| API key to a JWT, and no way to create the initial API key without a human in the loop (setup.py requires manual OTP entry). The | |
| existing get_user_id_from_api_key dependency uses UserKey.secret_key (a different key type), not the gw_ API keys agents would | |
| use. | |
| ───────────────────────────────────────────────── |
denniswon
/ gist:01c83e329ef2f42d844683a69dc8c22a
Created
March 19, 2026 02:05
newton verifiable credential - identity data ref fetch from DB
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| So the answer is: yes, operators DO have KMS access. The DataProviderConfig (loaded by the operator's DataProvider) reads | |
| DATA_PROVIDER_KMS_RSA_KEY_ID from the environment, creates an AWS KMS client, and uses it for decrypt_data_kms. This is the pre-HPKE | |
| path where operators decrypt identity data locally. | |
| But the critical problem remains: operators don't have API keys, so the gateway RPC approach I implemented won't work. The gateway | |
| authenticates every RPC call via API key. | |
| ★ Insight ───────────────────────────────────── | |
| This means the gateway-side resolution is the correct approach: |
denniswon
/ gist:584283a34ef44f493d297c153bede47e
Created
March 19, 2026 00:08
Migrating development environment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MacBook migration is a surprisingly deep problem — it's not just copying files. You have layered state: dotfiles, package managers, | |
| language runtimes, auth tokens (which can't just be copied), MCP server configs, IDE state, and agent memories scattered across | |
| ~/.claude/, ~/.config/, keychains, and more. Getting this right upfront saves days of "why doesn't X work on my new machine." | |
| ★ Insight ───────────────────────────────────── | |
| Your environment is substantial — 176 Homebrew formulae, 74 casks, 5 language version managers, blockchain toolchains (Foundry, SP1, | |
| RISC0), Claude Code with 9 plugins, 6 MCP servers, and API keys hardcoded in .zshrc. The biggest risk areas are: (1) secrets | |
| management (API keys in plaintext), (2) auth tokens that can't be copied (need re-auth), and (3) the order of installation (version | |
| managers before languages before tools). | |
| ───────────────────────────────────────────────── |
denniswon
/ gist:07499bcd9bf6efcb469ed4dc07470f6c
Created
March 17, 2026 20:31
zkTLS / TLSNotary Integration — Full Recall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| zkTLS / TLSNotary Integration — Full Recall | |
| Project Summary | |
| Newton is integrating TLSNotary (MPC-TLS) for verifiable web data proofs in Rego policy evaluation. Author: @sigrid-magiclabs | |
| (Linear: NEWT-490). | |
| PR Chain Status (as of ~6 days ago) |
denniswon
/ gist:4585e61569dfc6b23174682897656cdf
Last active
March 17, 2026 13:58
On-Chain Identity Registry vs. Off-Chain Privacy Data Store
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Good context gathered. I can see the current flow is: | |
| 1. newton-identity encrypts with RSA-OAEP (AWS KMS public key) → hex ciphertext | |
| 2. Signs the encrypted string with EIP-712 (EncryptedIdentityData) | |
| 3. Gateway verifies EIP-712 signature, then stores the encrypted data on-chain via submitIdentity | |
| 4. At evaluation time, operators decrypt via AWS KMS | |
| The Newton SDK already has a full HPKE privacy module (X25519 + HKDF-SHA256 + ChaCha20-Poly1305) with AAD binding, Ed25519 signing, and | |
| uploadEncryptedData RPC. |
denniswon
/ gist:80db91c5f2d4db883312479f1336db00
Created
March 16, 2026 07:03
[Low/informational[ Complete Triage: All 30 Findings
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Complete Triage: All 30 Findings | |
| Core Protocol — Actionable Fixes | |
| ┌─────┬─────────────────────────────────────────────────────────────────────┬───────────────┬─────────────────────────────────────────────────┐ | |
| │ # │ Finding │ Verdict │ Action │ | |
| ├─────┼─────────────────────────────────────────────────────────────────────┼───────────────┼─────────────────────────────────────────────────┤ | |
| │ #4 │ IRegoVerifier calldata return type │ Valid │ Fix — change to memory in interface │ | |
| ├─────┼─────────────────────────────────────────────────────────────────────┼───────────────┼─────────────────────────────────────────────────┤ | |
| │ #10 │ Missing TaskChallengedSuccessfully event in │ Valid │ Fix — add event emission │ |
denniswon
/ gist:68a25027c2a737d1b8b18adec91da42d
Created
March 16, 2026 04:39
Denial of Service: Failing External Calls in Challenge Slashing Operations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service: Failing External Calls in Challenge Slashing Operations | |
| Executive Summary | |
| The ChallengeVerifier contract's slashing mechanism can experience denial of service when processing challenges. The slashSigningOperators function iterates over all operators and strategies without any batching or gas limits, causing transactions to revert when these sets grow large. This prevents challenge finalization, attestation invalidation, and operator punishment. | |
| Technical Analysis | |
| Root Cause |
denniswon
/ gist:f455082e40be5c85422d99216c259862
Created
March 16, 2026 04:39
Denial of Service via Quadratic-Time Signer Verification in verifySigningOperatorsWhitelisted
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service via Quadratic-Time Signer Verification in verifySigningOperatorsWhitelisted | |
| Executive Summary | |
| The verifySigningOperatorsWhitelisted function in OperatorVerifierLib.sol contains algorithmic complexity issues that can cause out-of-gas reverts when processing task responses on source chains. The function performs quadratic-time operations and numerous external calls that scale poorly with operator set size, enabling semi-trusted operators to induce denial-of-service conditions by manipulating the signer/non-signer ratio. | |
| Vulnerability Details | |
| Location |
denniswon
/ gist:4cc515d5327d579cec038532197254fb
Created
March 16, 2026 04:38
Vulnerability Report: Repeatable Slashing in Direct-Challenge Functions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Repeatable Slashing in Direct-Challenge Functions | |
| Executive Summary | |
| The ChallengeVerifier contract contains two direct-challenge functions (challengeDirectlyVerifiedAttestation and challengeDirectlyVerifiedMismatch) that lack proper idempotency guards. This allows repeated invocations that trigger operator slashing multiple times for the same task, potentially draining all slashable stake from affected operators. | |
| Vulnerability Details | |
| Affected Functions |
denniswon
/ gist:e3ed1d29b8e110637351a9e08bf93bb7
Created
March 16, 2026 04:38
Vulnerability Report: Missing taskCreatedBlock in Task Hash Enables Time Manipulation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Missing taskCreatedBlock in Task Hash Enables Time Manipulation | |
| Executive Summary | |
| A critical vulnerability exists in the TaskLib.taskHash() function where the taskCreatedBlock field is not included in the computed hash. This allows attackers to manipulate time-sensitive security checks by supplying arbitrary taskCreatedBlock values that still pass task identity verification. The vulnerability enables two distinct attack vectors: premature slashing of operators on source chains and acceptance of late task responses. | |
| Vulnerability Details | |
| Location |