This chapter discusses the concept of oracles in the context of DeFi and their importance in obtaining off-chain data. The speakers explain how cryptography and Merkle trees can be used to securely transmit oracle values through Merkle proofs.
This week, we explore the Fractal transparent SNARK construction with its authors Dev Ojha and Nick Spooner - both students of Alessandro Chiesa at UC Berkeley. We explore how Fractal works, how it improves on some of the earlier work on Sonic and Marlin, how it borrows from but differentiates itself from STARKs, as well as what they discovered while working on this paper about recursive SNARKs and what makes that property possible.
Just recently, a critical vulnerability was found in the certificate validation functionality on Windows 10 and Windows Server 2016/2019 This bug allows attackers to break the validation of trust in a wide variety of contexts, such as HTTPS and code signing - Trail of Bits has developed a PoC exploit and put up a website Whose Curve is it Anyway that let's users test whether or not they are vulnerable.
To learn more about this vulnerability and the Trail of Bits exploit, please check out this recent blog post entitled: Exploiting the Windows CryptoAPI Vulnerability. Also keep an eye on the ToB blog for security news and explanation pieces like this one.