Skip to content

Instantly share code, notes, and snippets.

View gakonst's full-sized avatar

Georgios Konstantopoulos gakonst

4.9k followers · 727 following
View GitHub Profile
@5chdn
5chdn / stureby.aleth.json
Last active December 3, 2018 21:51
Stureby PoW Testnet Configuration for Constantinople Transition
{
"sealEngine":"Ethash",
"params":{
"accountStartNonce":"0x00",
"maximumExtraDataSize":"0x20",
"homesteadForkBlock":"0x2710",
"daoHardforkBlock":"0x00",
"EIP150ForkBlock":"0x3a98",
"EIP158ForkBlock":"0x59d8",
"byzantiumForkBlock":"0x7530",
@phillipi
phillipi / biggan_slerp
Last active October 8, 2023 01:25
Slerp through the BigGAN latent space
# to be used in conjunction with the functions defined here:
# https://colab.research.google.com/github/tensorflow/hub/blob/master/examples/colab/biggan_generation_with_tf_hub.ipynb
# party parrot transformation
noise_seed_A = 3 # right facing
noise_seed_B = 31 # left facing
num_interps = 14
truncation = 0.2
category = 14
@markblundeberg
markblundeberg / covenant_noinput.md
Last active February 5, 2021 20:05
BCH floating transactions: SIGHASH_NOINPUT emulation using CHECKDATASIG covenants

BCH floating transactions: SIGHASH_NOINPUT emulation using CHECKDATASIG covenants

A new sighash flag has been proposed (originally for Lightning, now for Eltoo) which redacts information about the spending inputs, most notably their transaction IDs.

This facility is both powerful and dangerous: it means that signatures intended for one transaction can be used on other transactions. It also makes up a very strong increase in the malleability of transactions. SIGHASH_NOINPUT allows for much more flexible off-chain smart contracts than nonmalleable transactions. Note that Eltoo requires SIGHASH_NOINPUT, for instance. It's not clear whether such a dangerous feature will be adopted on BCH any time soon.

In this gist I'm going to explain that CHECKDATASIG covenants let us write smart contracts that emulate SIGHASH_NOINPUT. This capability alone should in principle allow to build Lightning, Eltoo with bilaterally funded smart contracts on BCH (though, with some significant

@lizthegrey
lizthegrey / attributes.rb
Last active August 29, 2025 15:40
Hardening SSH with 2fa
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
@tbutts
tbutts / tmux-migrate-options.py
Last active May 7, 2025 15:12
For tmux configs: Merge deprecated/removed -fg, -bg, and -attr options into the -style option
#!/usr/bin/env python
# vim: set fileencoding=utf-8
#
# USAGE:
# Back up your tmux old config, run the script and redirect stdout to your conf
# file. Example:
#
# $ cp ~/.tmux.conf ~/.tmux.conf.orig
# $ python ./tmux-migrate-options.py ~/.tmux.conf.orig > ~/.tmux.conf
#
@HarryR
HarryR / bls.py
Created May 24, 2019 11:49
BLS signatures for Python / Ethereum (WIP)
from functools import reduce
import binascii
from os import urandom
from py_ecc.bn128 import *
from sha3 import keccak_256
"""
Implements BLS signatture aggregation as described at:
https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html
@maurelian
maurelian / RustSecurity.md
Last active November 17, 2020 12:51

About rust security and auditing

  • Review clippy warnings; most of the time these are benign or irrelevant, but they can help spotting red flags.
  • Build and run all the unit tests, assess the code coverage and keep note of the un(der)tested component.
  • Review the dependencies listed in Cargo.toml and Cargo.lock: Will the latest version be used? (preferable but not always the right choice) Are these established, trustworthy packages? You may use the subcommand cargo-audit (thanks @dues__ for the pointer).
  • Look for unsafe code blocks, and evaluate the risk (can an attacker control the input used in these blocks? etc.)
  • Look for risky uses of unwrap(), which can cause panics, as opposed to pattern-matched error
@Phaiax
Phaiax / how-does-async-work-in-async-std.md
Last active July 17, 2023 10:56
Blog article: How does async work in async-std?

How does async work in async-std?

(Phaiax - 2019/12/1 - CC_BY_SA 4.0)

Lately I was porting a software from tokio/futures-1.0 to async-await. I somehow thought async-std was the successor of tokio and ported everything to async-std. 80% in, I noticed that my hyper dependency requires tokio and that it's not possible to replace tokio with async-std without also replacing hyper. Also, tokio and async-std try to solve the same problem. So I started a journey into the inners of the rust async story to find out if it is possible to use both tokio and async-std at the same time. (tl;dr: it is). I had heard of reactors and executors before, but there was much new stuff to discover.

@metalicjames
metalicjames / vtc-attack.md
Last active September 1, 2025 20:37

Vertcoin (VTC) was 51% attacked

Preamble

Vertcoin is a Bitcoin clone that aims to be ASIC-resistant by hard forking to new mining algorithms whenever ASICs are deployed on the network. Vertcoin was previously 51% attacked in Dec 2018 and has since changed its proof-of-work algorithm to Lyra2REv3. On Nov 30th 2019, a Vertcoin miner noticed a large upswing in hashrate rental prices for Lyra2REv3 on Nicehash. This was combined with workers connected to Nicehash's stratum server being sent work for unknown (non-public) Vertcoin blocks. I contacted Bittrex, Vertcoin's most prominent exchange, to recommend they disable the Vertcoin wallet on their platform once it became clear an attack was in progress, which they subsequently did.

The Attack

On Sunday, 1 December 2019 15:19:47 GMT 603 blocks were removed from the VTC main chain and replaced by 553 attacker blocks. We

@decanus
decanus / state.txt
Created March 11, 2020 23:03
(platformvm.Genesis) {
Accounts: ([]platformvm.Account) (len=1 cap=1) {
(platformvm.Account) {
Address: (ids.ShortID) 6Y3kysjF9jnHnYkdS9yGAuoHyae2eNmeV,
Nonce: (uint64) 0,
Balance: (uint64) 20000000000000
}
},
Validators: (*platformvm.EventHeap)(0xc00011b220)({
SortByStartTime: (bool) false,