Can GPT-3 compute the ultimate question about life, the Universe and everything?

Image for post
Image for post

It is known that the answer to life, the Universe and everything is 42. However, despite the concerted efforts of the best minds humanity has to offer, the appropriate question has yet eluded us.

Needless to say, I was incredibly excited to find out if GPT-3 — OpenAI’s latest language model — could do what thousands of physicists, mathematicians and philosopher had failed to achieve. After all, GPT-3 had been trained on the cumulative wisdom of mankind, including all of Wikipedia and all Reddit conversations ever.

I entered AI Dungeon, planning to gently nudge GPT-3 into doing the necessary computations. My plan: I’d write the first half of a story about a man who discovers the ultimate theory of everything, but stop short of describing the theory itself, and let GPT-3 auto-complete the story. …


The MythX team is proud to announce a new release of the MythX security analysis API! MythX v1.7 includes major updates to our vulnerability detection capabilities and adds a new mode that is optimised for checking custom security properties.

Image for post
Image for post

Revamped Vulnerability Detectors

With the latest release of MythX API we have completely revamped the generic bug detection capabilities, including adding new detectors, improving all descriptions and risk ratings, and adapting the detectors to the latest best practises. We now run 46 detectors out-of-the-box. …


Contract invariants are properties of the program program state that are expected to always be true. In my previous article I discussed the use of Solidity assertions to check contract invariants. This article expands on the use of invariants and provides a couple of additional examples.

Image for post
Image for post

An interesting property of invariant checking on the bytecode level is that it allows you to detect low-level issues, including issues caused by compiler optimisation or idiosyncrasies of the programming language, from high-level rules. For instance, in the last article we saw that the invariant “the contract should always remain unlocked” could be broken by exploiting Solidity storage addressing. …


Thought leading is a complicated profession. Thanks to the emergence of cryptocurrency, it has also been one of the fastest growing fields of the past decade. This article outlines simple rules to get you started on this rewarding career path. It doesn’t reflect the opinion of my employer.

Image for post
Image for post
Thought leaders exhibit extraordinary abilities, such as levitating objects, tricking minds, and seeing things before they happen.

The most beautiful thing about the Internet is that it gives equal opportunity to all: Even a stable boy from a remote planet can wield the power of thought leading as long as there’s WiFi. On the other hand, shaping cryptocurrency narratives in the minds of millions of people is not something one achieves without proper training. It’s an exasperating journey. You’ll find yourself fighting many a battle along the way — both against enemy thought leaders and your own internal demons. …


The Remix development environment provides users with a convenient and powerful way of checking the correctness of smart contracts via the MythX plugin. In this article, I’ll explain the basics and provide several examples including security tests of real-world smart contracts.

Image for post
Image for post

Smart contracts are immutable (or at least supposedly so) and ensuring program correctness before deploying a contract to the mainnet is absolutely essential. Security audits and a comprehensive test suite help ensure that the code is bug-free. When it comes to automated testing, writing comprehensive unit tests is a great start, but such tests don’t ensure that the code behaves correctly under all circumstances. …


Why the cryptocurrency experiment has failed. Heads up: This article is satire based on an 1995 article about the early Internet. It won’t age well.

Image for post
Image for post
Clifford Stoll — Photo by Newsweek

After one decade of blockchain, I’m perplexed. It’s not that I haven’t had a gas of a good time on Crypto Twitter. I’ve met great people and even caught a pump or two. But today, I’m uneasy about this most trendy and oversold community. Visionaries see a future of global financial inclusion, decentralized financial instruments and an objective “source of truth” for trust-less interactions without intermediaries. They speak of decentralized autonomous organizations and sound, private digital currencies. Monetary policy will shift from central banks to immutable distributed ledgers. …


This week, we launched five challenges as part of the Ethereal Virtual Hackathon with a prize pool of $6k (paid in crypto, obviously). This quick guide explains how to perform an analysis with MythX API.

Image for post
Image for post

What is MythX?

MythX is a security analysis platform for Ethereum smart contracts. It performs a comprehensive range of industry-leading analyses on smart contracts, including input fuzzing, static and symbolic analysis.

The goal of MythX is to make security analysis available to all Ethereum developers — even those who are not security-savvy. In the ongoing Hackathon we award prizes in five categories. …


ConsenSys Diligence is a security-focused group of 30+ Ethereum engineers, auditors and researchers distributed all over the world. We have a tradition of building security tools for ourselves and the Ethereum community. Because our time is precious, we focus on creating polished, highly usable tools that are truly helpful to auditors and smart contract developers. This article introduces some of the highlights.

Image for post
Image for post

Visual Auditors for Solidity and Vyper

Written by Martin Ortner a.k.a. tintinweb, Solidity Visual Auditor is a Visual Studio Code extension created to make the life of smart contract auditors easier. It provides security-aware syntax and semantic highlighting, a detailed class outline and advanced Solidity code insights to Visual Studio Code users. Comprehensive security analysis functionality will be added soon. …


MythX integrates static and dynamic analysis to detect security flaws in smart contracts. But how do you unleash this security analysis on your code? In this article I’ll show the use of Sabre, a JavaScript tool I made when MythX was first released, to detect critical smart contract vulnerabilities (in the meantime there’s also an officially supported command line interface). Updated January 2020.

Image for post
Image for post

While Turing-complete smart contracts are awesome, the added flexibility also allows programmers to introduce many types of security vulnerabilities. With the right tooling however, many critical flaws can be caught early in the development lifecycle.

MythX integrates static analysis, symbolic analysis and input fuzzing the detect security bugs. There are two main ways this can be…


“Hard fork” is a term that often incites heated debates. Some communities explicitly embrace on-chain governance, such as freezing accounts and changing smart contract code on-the-fly, while others are known to be fiercely rooted in the “you don’t hard fork, ever” camp.

The Bitcoin community has a reputation for being strictly hard-fork-averse. Major changes on the protocol level usually don’t make it into the mainline Bitcoin Core client (i.e. hard forks are always contentious and lead to splits from the main BTC chain). …

About

Bernhard Mueller

Security researcher, uncertified hacker, crypto trader. Author of the OWASP Mobile Security Guide. Pwnie winner. Former @ConsenSys

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store