Vitalik: What is the key to the next phase of the Ether

Author:Vitalik Buterin

Other Organiser

Special thanks go to Yoichi Hirai, Justin Drake, Nadim Kobeissi and Alex Hicks for their feedback and review。

In the past few months, a new programming paradigm has been rapidly gaining popularity in the forward R&D circles of the Taifung and in many other corners of the computing field: codes are written directly in very low-level languages (e.g. EVM bytes, compilation languages) or Lean, and their validity is validated using automatically verifiable mathematical certificates written by Lean。

If properly operated, it would not only be possible to export extremely efficient codes, but would be much safer than in the past. Yoichi Hirai calls this "the ultimate form of software development"。

The article will attempt to unmask the rationale, explore what the formalization of software can do, and where its weaknesses and limitations are in the area of the Taifung and elsewhere。

What is formalization

Formalization means the preparation of a certificate of mathematical theorem in a manner that is capable of being automatically checked. To give a relatively simple but nevertheless interesting example, let us look at a basic theorem about the Fibonacci series: Every third number is even and the rest is odd。

1 1 2 3 5 8 13 21 34 55 89 144 233 377 610 987 1597 2584 ...

One simple way to prove this is through mathematical summation, which takes three steps forward each time。

The first is basic. Set F1 = F2 = 1, F3 = 2. By observing it, we see that the statement ( "Fi is even when it's multiple of 3 or odd") was established before x = 3。

This is followed by a summary. Assuming that the statement was established before 3k+3, that is, we already know that the oddities of F3k+1, F3k+2 and F3k+3 are odd, odd, even. We can calculate the oddity of the next set of three numbers:

F3k+4 = F3k+2 + F3k+3 = odd + even = odd F3k+5 = F3k+3 + F3k+4 = even + odd = odd = odd

so we learned that the statement was set up before 3k+3, leading to the statement set up before 3k+6. we can apply this inference over and over again, and thus be sure that the rule is valid for all integers。

This argument is enough to convince humanity. But what if you want to prove a hundred times more complicated and you want to be very sure you didn't make a mistake? Well, you can give the computer a convincing proof。

Here's how it is presented:

= > > > > > > >  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *

That's the same reasoning, but expressed in Lean. Lean is a programming language often used to write and validate mathematical certificates。

this seems different from the "human" evidence given above, for a good reason: things that look at computers (in the traditional sense of "computer," i.e., "certainty" programs consisting of if/then statements, not large language models) are different from things that look at humans。

In the above certificate, you do not stress the fact that fib(3k+4) = fib(3k+3) + fib(3k+2) but rather that fib(3k+3) + fib(3k+2) is an odd number, and the rather ambitious strategy of Lean, called moga, automatically combines it with its knowledge of the definition of fib (3k+4)。

In more complex proofs, you sometimes have to specify in every step which mathematical law allows you to take the current step, and sometimes use names like Prod.mk.inj。

but on the other hand, you can expand a huge multiform expression within one step, and just have to justify it through a single-line expression like "omega" or "ring"。

This intuitive and cumbersome explanation explains to a large extent why the field is still small despite the fact that machine-verifiable proof has existed for nearly 60 years. On the other hand, many previously impossible things are now rapidly becoming possible as a result of the rapid development of artificial intelligence。

When the mathematical certificate starts to protect the code

so far, you might think, well, computers can verify the mathematical theorem, so we can finally determine what's true in this crazy new conclusion about prime numbers and what's just a 100-page error in pdf。

MAYBE WE CAN EVEN FIGURE OUT IF HOPE SHINICHI IS RIGHT ABOUT ABC'S GUESS

So what

There are many possible answers. But one answer that is very important to me is to verify the correctness of computer programs, especially those that perform cryptography or security-related tasks。

After all, the computer program is a mathematical object, so it is a mathematical theorem that proves that the computer program operates in some way。

For example, if you want to prove that encryption software like Signal is really safe. You can write down the mathematical meaning of "safe" in this context。

On a high level, you have to prove that, assuming certain coding assumptions are valid, only those who have a private key can get any information about the content of the message. In reality, many different security attributes are crucial。

It turns out there's really a team trying to figure it out! One of their safety theories looks like this:

 
Here is a summary of what Leanstral means:
 
 
the Passive security le ddh Theorem is a compact, indicating that X3DH's passive message confidentiality is at least as difficult as the DDH hypothesis under the random prediction model. If opponents can crack X3DH's passive confidentiality, they can crack DH。
 
As we assume that DDH is difficult to crack, X3DH is also safe for passive attacks. The theorem proves that, if opponents can passively observe Signal ' s key exchange of information, they cannot distinguish between the key they create from the key they follow with the secret key on a better than negligible probability。
 
 
If you combine it with AES encryption to get the correct proof, you get a sign that the Signal encryption is safe for passive attackers。
 
SIMILAR PROJECTS HAVE PROVED THAT THE REALIZATION OF OTHER ASPECTS OF PASSWORDS IN TLS AND BROWSERS IS SAFE。
 
If you do end-to-end full formalization, you prove not only that some theoretical description of the protocol is secure, but that the specific code that the user runs is also safe in practice。
 
From a user's point of view, this greatly increases trust-freeness: in order to fully trust the code, you do not need to check the entire repository, but you simply need to check those statements about which it is proven。
 
There are now some important big premises to bear in mind, especially what the crucial word "security" means。
 
It is easy to forget statements that prove to be truly important. It is easy to find that sometimes statements to prove are not described more simply than the code itself。
 
It is easy to sneak into the certificate the assumptions that are ultimately not valid. It is also easy to decide that only one part of the system needs to be formally proven, but the result is hit by serious loopholes in other parts (even hardware)。
 
Even Lean may have a bug. But before we discuss all these vexing details, let us first explore in depth the possible utopia that could be brought about by the correct and ideal completion of formalization。
 
Chemicalisation for Safety
 
the bug in the computer code is terrible。
 
when you put encrypted money into an inflexible chain of smart contracts, and north korea can automatically drain all of your money when the bug appears and you can't complain, the bug in the code becomes even worse。
 
when it's all wrapped up in a zero-knowledge certificate, the bug gets worse because if someone tries to hack into the zero-knowledge proof system, they can take all the money, and we have no idea what's wrong (and worse, we don't even know when it's wrong)。
 
When we have powerful AI models, like Claude Mythos, two years later, we can automatically find these bugs, and the bugs in the code are even worse。
 
Some respond to this reality by advocating for the basic idea of abandoning smart contracts, even arguing that the cyber realm simply cannot be an area where defenders can have asymmetric advantages over their attackers。
 
Some introductory remarks:
 
 
To strengthen a system, you need to spend more coins than the attackers to exploit loopholes to detect them。
 
 
and:
 
 
Our industry is based on certainty code. Write it, test it, publish it, make sure it works, but in my experience this contract is breaking down。
 
AMONG THE TOP OPERATORS OF THE REAL AI, THE CODE LIBRARY HAS BECOME SOMETHING THAT YOU BELIEVE IT CAN RUN, AND YOU CAN NO LONGER BE PRECISE ABOUT ITS CHANCES OF SUCCESS。
 
 
Worse still, some believe that the only solution is to abandon the open source。
 
This will be a bleak future for cybersecurity. This is an extremely pessimistic prospect, especially for those of us who are concerned about the centralization and freedom of the Internet。
 
The whole code punk spirit is based on the idea that: On the Internet, defenders have the advantage of creating a digital castle (whether encrypted, signed or certified) much easier than destroying one。
 
If we lose this, Internet security can come only from economies of scale, from pursuing potential attackers around the world and, in a broader sense, from one side between domination and destruction。
 
I disagree that I have a more optimistic vision for the future of cybersecurity。
 
I THINK THAT THE CHALLENGE POSED BY THE ABILITY TO FIND A STRONG AI LOOPHOLE IS SERIOUS, BUT IT IS A TRANSITIONAL ONE. ONCE THE DUST HAS SETTLED AND WE HAVE ENTERED A NEW BALANCE POINT, WE WILL HAVE AN ENVIRONMENT MORE FAVOURABLE TO THE DEFENDERS THAN IN THE PAST。
 
Mozilla agrees with me. They quote:
 
 
You may need to reprioritize all other matters and devote sustained and focused attention to this task, but the tunnel ends in light。
 
We are very proud of how our team is meeting this challenge, and others will. Our work has not yet been completed, but we have passed through and are able to see a much better future than just keeping pace。
 
Defence finally has the chance to win decisively. We are entering a world where we can finally find them all。
 
 
Now, if you use the Ctrl+F search words "formatization" and "validation" in Mozilla posts, you'll find zero matches. The positive future of cybersecurity does not depend entirely on formalization or any other single technology。
 
What does it depend on? It's basically this chart:
 
 
DECLINE IN THE NUMBER OF CVE HOLES AT ANY TIME
 
For decades, many technologies have contributed to a decline in the number of loopholes:
 
 
Type System
 
Memory Secure Language
 
Improvements to software architecture (including sandboxing, privileges control and, more broadly, a clear distinction between " credible basis of calculation" and "other codes")
 
Better test methods
 
Knowledge systems on safe and unsafe coding patterns continue to be rich
 
An increasing number of pre-prepared and audited databases
 
 
Formalization aided by artificial intelligence should not be seen as an entirely new paradigm, but rather as a powerful accelerator that has evolved in the direction and paradigm。
 
Formalization is not universal. But it is particularly appropriate in situations where the goal is much simpler than achieving it. This is particularly true in some of the very complex and difficult technologies that we will need to deploy in the next main trajectories of the ITA: quantum resistant signatures, STARKs, consensus algorithms and ZK-EVMs。
 
STARK is a very complex software. But the core security attributes it achieves are easily understood and formalized: if you see proof of a Hashi H, input x and output y pointing to the P, either (i) the Hashi algorithm used in STARK is broken, or (ii) P(x) = y。
 
So we have the Arklib project, which is trying to create a fully formalized STARK realization (see VCV-io, which provides the basic calculator computing infrastructure that can be used to formally validate various other encryption protocols, many of which rely on STARK)。
 
More ambitious is the evm-asm: a project to build an entire EVM fully formalized。
 
The security attributes here are less straightforward: basically, the goal is to prove that they are equivalent to another EVM prepared by Lean, but that realization can be prepared to maximize visuality and readability, without any consideration for specific operational efficiencies。
 
IT'S POSSIBLE THAT WE'LL GET TEN EVMS, ALL OF WHICH CAN BE PROVEN TO BE EQUAL, AND THEY HAPPEN TO CONTAIN THE SAME FATAL FLAW THAT ALLOWS THE ATTACKERS TO DRAIN ALL THE ETHS FROM ADDRESSES THEY DON'T HAVE ACCESS TO。
 
But it's far less likely that some EVM will achieve such deficiencies today. Yet another security attribute of importance, that is, resistance to DoS attacks, is easy to regulate when we have experienced painful lessons。
 
Two other important areas are:
 
 
Byzantium is mistaken for consensus. Here, it is equally difficult to formalize all desired security attributes, but it is worth a try, considering that bugs used to be so widespread. So we have a consensus agreement in progress in Lean that's achieved and proven。
 
Smart contract programming language: See formalisation in Vyper and Verity。
 
 
in all these cases, one of the great added value of formalization certification lies in the fact that it is truly end-to-end. usually, the worst bugs are the interactive bugs, which lie at the intersection of two independently considered subsystems。
 
It is too difficult for humans to deduce the whole system from the end to the end. However, automated rule-checking systems can do so。
 
Form certification for efficiency
 
Let's look at the evm-asm. It's an EVM realization. But it is accomplished directly with the EVM compiled by RISC-V。
 
The real price is real。
 
THIS IS THE ADD CODE:
 
< code = "font-size " . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 
 
THE RISC-V IS SELECTED BECAUSE THE ZK-EVM CERTIFICATE THAT IS BEING CONSTRUCTED USUALLY FUNCTIONS BY CERTIFYING RISC-V AND COMPILING IT AS RISC-V FOR THE TAIFENG CLIENT. SO IF YOU HAVE AN EVM WRITTEN DIRECTLY WITH RISC-V TO REALIZE, IT SHOULD BE THE FASTEST YOU CAN ACHIEVE。
 
RISC-V CAN ALSO BE SIMULATED VERY EFFICIENTLY IN ORDINARY COMPUTERS (AND THERE ARE RISC-V LAPTOPS ON THE MARKET)。
 
OF COURSE, IN ORDER TO REALLY GET TO THE END, YOU HAVE TO FORMALLY AUTHENTICATE THE RISC-V REALIZATION ITSELF (OR THE CALCULATOR OF THE CERTIFICATE), BUT DON'T WORRY, IT ALREADY EXISTS。
 
It's what we used to do 50 years ago. Since then, we have given up this practice, instead of writing codes in advanced languages。
 
Advanced languages compromise efficiency, but in exchange they produce codes much faster and, more importantly, understand others much faster, which is essential for security。
 
By combining formal validation and artificial intelligence, we have the opportunity to "go back to the future"。
 
Specifically, we can allow artificial intelligence to prepare a compilation code and then produce a formal certificate to verify that the compilation code has the required attributes。
 
At the very least, the required attributes can be simply equivalent to those that are optimized to improve readability and are written in a human friendly language。
 
We no longer need a single code object to balance readability and efficiency, but to have two separate objects: one (compilation achieves) optimizes only efficiency, taking into account the needs of the particular environment in which it is implemented; the other (security statement, or advanced language achieves) optimizes readability, and then we prove the equivalence between the two through mathematical proof。
 
Users can verify the certificate (automatically) once, and since then they have only to run a fast version。
 
This method is very powerful, and Yoichi Hirai calls it "the ultimate form of software development" for a reason。
 
Formalization is not a panacea
 
In the area of cryptography and computer science, there is a tradition that is almost as old as the formalization approach itself: the tradition of criticizing formalization (or, more broadly, relying on proof)。
 
The literature is full of practical examples. Let's start with the handwritten proof of the early era of simple cryptography, citing Menezes and Koblitz's criticism in 2004:
 
 
In 1979, Rabin proposed an encrypted function that was "proveable" safe in a sense, i.e. it had a security attribute of subjectivity。
 
According to the RSS, those who can find the message m from the text y must also be able to decompose n. ... shortly after Rabin presented his encryption program, Riverst pointed out that it was ironic that it was the character that gave it additional security that would cause the whole line to collapse if it faced another attacker called "Selection Secret"。
 
In other words, assuming that the assailant can somehow deceive Alice to decrypt the secret of his choice, the assailant can follow the same step that Sam used to break n in the previous paragraph。
 
 
Menezes and Koblitz then gave more examples. The common pattern is that the design around making encryption protocols more "proven" tends to make them less "natural" and makes them more likely to collapse without even consideration by the designer。
 
NOW, LET'S GO BACK TO THE MACHINE'S VERIFIABLE CERTIFICATE AND CODE. IT'S AN EXAMPLE OF A FORMALIZED "C" COMPILER IN 2011Papers:
 
 
The second CompCert problem we found was in two bugs that generated the following code:stwu r1, -44432(r1)A large PowerPC stack is being distributed here。
 
The problem is that 16 bits of field displacement has spilled. CompCert 's PPC syntax does not set an immediate limit on the width, assuming that the compiler will capture values beyond the range。
 
 
And one in 2022Papers:
 
 
In CompCert-KVX, submitted e2618b31 restored a bug: "nand" command will be printed as "and"; "nand" will only be used in the rare mode ~ (a ∓ b). The bug was discovered through a randomly generated process。
 
 
And today, in 2026, the following is Nadim Kobeissi's description of formalised software leaks in Crystal:
 
 
In November 2025, Filippo Valsorda independently reported libcrux-ml-dsa v0.0.3 different public keys and signatures on different platforms with the same certainty input given。
 
This bug exists in  vxarq u64's internal package function, which performs the XAR operation used to replace Keccak-f with SHA-3. The backup mechanism passed incorrect parameters to the migration operation and damaged the SHA-3 summary on the ARM64 platform, which was not supported by hardware SHA-3。
 
THIS IS TYPE I FAILURE: THE INTERNAL FUNCTION IS MARKED, AND THE ENTIRE NEON BACKEND DOES NOT COMPLETE PROOF OF RUNNING SAFETY OR CORRECTNESS。
 
 
and:
 
 
libcrux-psq library achieves a later quantum pre-sharing key protocol. In the decrypt out method, the AES-GCM 128 decryption path uses .unwrap() instead of dissemination error. A text in the wrong format can bring down the process。
 
 
The above four questions fall into one of the following two categories:
 
 
Only partial codes were validated (because it was too difficult to validate the rest) and it was found that unverified codes were more loopholes (and in more lethal ways) than the author imagined。
 
The author forgets the cases where the key attributes need to be proven。
 
 
Nadim's article contains a classification of formalization failure models; he also gives other types of failure patterns (e.g., another major case is that "formalization norms are per se wrong, or the proof contains false statements that are accepted silently by the built system”)。
 
Finally, we can look at formalization failures on software and hardware borders. A common problem here is the ability to verify a side-link attack。
 
Even if you have perfect secure encryption to protect your message, you're still not safe if people a few metres away can capture telecommunications fluctuations and extract your private key hundreds of thousands of times after encryption。
 
It's an analysis of differential powerArticlesThis is an example of such technology that is now well understood。
 
 
The differential power analysis is a common type of side channel attack. Source: Wikipedia
 
Attempts have been made to prove the safety of those who resist such attacks. Any such proof, however, requires a mathematical model of the attacker that enables you to target it for proof of safety。
 
sometimes the "d detection model" is used: we assume that there is a known limit to the number of locations the assailant can search the circuit. however, some leakage forms are not captured by this model。
 
As observed in this article, a common problem is a transitional leak: if you can observe a signal that depends not only on a given location but also on a change in that value, it is usually enough to get you back from two values (new and old) rather than just one。
 
This article gives a classification of other forms of leakage。
 
For decades, these criticisms of formalization have helped to improve formalization. We are now better prepared to guard against such issues than in the past. But even today, it is not perfect。
 
Overall, there's a lead. Formalization is powerful。
 
But whatever marketing terms make formalization sound like giving you "proven correctness", so-called "proven correctness" does not prove that software (or hardware) is right。
 
According to most humans, "right" means something like: "the behaviour of the object is consistent with the user's understanding of the developer's intent."。
 
And the meaning of "safe" is similar to: "Something does not go against the expectations of the user and does something to the detriment of the user."。
 
In both cases, correctness and security are attributed to a comparison between a mathematical object and human intent or expectations。
 
Human intentions and expectations are also technically mathematical objects, and, after all, the human brain is part of the universe, following the laws of physics that can be simulated if you have enough calculus。
 
But they're incredibly complex mathematical objects that computers and we can't even read。
 
For all practical purposes and intentions, they are black boxes; we only know anything about our intentions and expectations because each of us has many years of experience in observing his own thoughts and extrapolating others ' thoughts。
 
And because we cannot insert primitive human intentions into computers, formalization certification cannot prove a comparison with human intentions。
 
So "proven correctness" and "proven safety" do not actually prove what we humans understand as "rightness" and "security". There's nothing we can do unless we can completely simulate the human brain。
 
So what's it for?
 
I would prefer to see test packages, type systems and formalizations as different ways of achieving the same bottom method for programming language security (which may also be the only reasonable method)。
 
They are all about regulating our intentions in different ways, and then automatically checking the compatibility of these different norms。
 
Take the Python code for example:
 
int: if n < 0: Rice Exception ("Negative values not reported") elif < < n: retrurn nse, 13, 34er (n-1) + fib(n-2) if   main  : assert[i] for inrange (10)=[0,1, 2,3]
 
Here, you express your intentions in three different ways:
 
 
Obviously, by using the code to achieve the Fabonacci formula
 
Invisible, by type system (specify the integer, output and reverse steps)
 
By "sample package" method: test case
 
 
The running file reconciles the formula with the example. Type checkers verify the compatibility of the type: adding two integers is a compliance operation and produces another integer。
 
Type systems are often a good way to check operations in physics: If you're calculating acceleration, but you've got an answer in millimetres per second instead of millimetres per second, you know you're wrong。
 
The test example is an example of the definition of a "sample package", which is often much more natural to humans than a direct and visible definition。
 
The more different you can regulate your intentions and, ideally, the different ways in which you are asked to solve problems in different ways of thinking, the more likely you are to actually express what you really want once all these expressions prove compatible。
 
 
The security program is to express your intentions in many different ways and then automatically verify whether all these expressions are compatible。
 
Formalization allows you to extend this method further. By formalizing the certification, you can regulate your intentions by means of almost unlimited amounts of redundancy, and the procedure can only be validated if they are fully compatible。
 
You can regulate the achievement of a highly optimized and an extremely inefficient but easy to read by humans and verify whether they match. You can ask your 10 friends to provide a list of the mathematical attributes they think you should have, and then check if it's all passed。
 
If not, find out if the program is wrong or whether the mathematical properties are wrong. And you can do all these things with artificial intelligence。
 
So how do I start
 
To be realistic, you're not going to do it yourself. Formalization has not been popular because most people are unable to understand how to write these obscure words. Can you tell me what this code means
 
< code-syle="font-size: inherit;  fifth-family: PingFang SC, Helvetica, Aral, Hiragino Sans GB, Heiti SC, e-mail, WenQuanyi Micro, sans-serif; > : Helper at the value of an accumulator. -/ Private theorem accect le (ds 1 dsd = ddddd2 = ddddd1 > ; (hAcc: a b) > (hLE: > b) : ds1 ds2 : (hList.)
 
(IF YOU WANT TO KNOW, THIS IS ONE OF MANY SUB-RELATIONS TO A PARTICULAR SECURITY STATEMENT FOR A SPHINCS SIGNATURE VARIANT。
 
Specifically, the statement is that unless there is a Hashi collision, the signature of a message will need to be higher than the signature of any other message at least somewhere on the Hashi ladder and therefore contains information that cannot be calculated from that other signature)
 
You do not have to write code and proof manually. You just have to have artificial intelligence write the program for you (whether directly written in Lean or in terms of speed) and prove any desired properties in the process。
 
One advantage of this task is that it itself is self-proved, so you don't need to supervise it, you just let artificial intelligence run it for hours。
 
the worst result is that it's turning nowhere (or, as my leanstral has done before, it has replaced the statement it was asked to prove in order to relieve its own workload)。
 
The only thing you need to check at the end is that it proves that the statement is in accordance with your requirements。
 
IN THE SPHINCS SIGNATURE VARIANT, THIS IS THE FINAL STATEMENT:
 
< code-style=font-size: inherit; fint-family: PingFang SC, Helvetica, Arial, Hiragino Sans GB, Heiti SC, e-mail, WenQuan Yi Micro Hei, sans-serif; >therem works fullDigits incomparable {dig1 dig2: List Nat} {wl1 lll1: Nat2 } (wwww: < wwl < wwl ) (l1 :dg1-dl & dlb1-dg) (hren2: dig2.eg=lg) (hBund1 , ddig1 ) (hund2: d dig2 , wdg2 ) (wdh1-dh) (dh1-dig)
 
This is actually on the verge of being barely readable:
 
if the number generated from one hash summary (dig1) is not equal to the number generated from another hash summary (dig2)
 
So neither of the following:
 
 
for all figures, dig1 < = dig2
 
for all figures, dig2 < = dig1
 
 
This is also the case in the "wotsFullDigits" generated by adding checksums. In other words, in the expansion of dig1 the numbers will inevitably be higher in some places, and in others, in the expansion of dig2。
 
I found that Claude and Deepseek 4 Pro were both qualified to write certificates using large language models. Leanstral is a small open source weight model that has been specially fine-tuned to prepare Lean, which is a promising alternative。
 
It has 119B parameters, each token activates 6B, and you can run it locally, albeit slowly (about 15 tok/sec on my laptop). According to baseline tests, Leanstral has a much larger generic model:
 
Based on my current personal experience, it's slightly worse than Deepseek 4 Pro, but still effective。
 
Formalization does not solve all our problems。
 
But if we want Internet security models to be no longer based on the trust of everyone in a few powerful organizations, we need to turn to trust codes, including in the face of powerful artificial intellectual rivals。
 
AI-ENABLED FORMALIZATION HAS ALLOWED US TO MAKE SOLID STRIDES ON THE ROAD TO ACHIEVING THIS GOAL。
 
Like the block chains and ZK-SNARKs, artificial intelligence and formalization are very complementary techniques。
 
ZK-SNARKs gave you privacy and scalability at the expense of privacy and scalability, while ZK-SNARKs gave you privacy and scalability (in fact even more than before)。
 
Artificial intelligence gives you the ability to produce a large number of codes at the cost of accuracy, and formalization gives you accuracy back (in fact even higher than before)。
 
by default, artificial intelligence will generate a large number of extremely hasty codes, and the number of bugs will increase。
 
in fact, in some cases, it is the right trade-off to tolerate an increase in bugs: if bugs are mild, even the software that exists is better than without it。
 
But here, cybersecurity has an optimistic future: software will divide (continue) into "the edges of insecurity" around the "security core"。
 
Unsafe edges will operate in sandboxes and will be given only the minimum powers necessary to complete the work。
 
The security core will manage everything. If the security core collapses, everything collapses, including your personal data, your money, etc. But if a part of an insecure edge collapses, the core of security can still protect you。
 
when it comes to the core of security, we can't allow the existence of bugs to spread. we will take radical action to maintain the small size of the core of security, and even further reduce it。
 
On the contrary, we have invested all the additional features of artificial intelligence in the task of making the core of security more secure, so that it can bear the enormous burden of trust that we have placed on it in a highly digitized society。
 
The inner core of the operating system (or at least part thereof) will be such a safety core。
 
The Ether House will be another。
 
It is hoped that at least for all non-performance-intensive calculations, the hardware you use will be the third。
 
The system related to the networking of goods will be the fourth。
 
at least in these cores of security, the old adage "bug" is inevitable, and you can only try to find them before the assailants" will be replaced by a more hopeful world, where you will have real security。
 
But if you're willing to hand over your assets and data to software that is poorly prepared and that might accidentally swallow them into a black hole, then of course you have that freedom。