Ran into the weirdest issue with ordering 3D prints. The pieces are *larger* than my model =)
Turns out JLC is compensating for material shrinkage, but they are overdoing it, so now I need to compensate for JLC's compensation algorithms.
House of cards... 🤪
Yes, I literally made a new enclosure and PCB design because on the original USB-C version there was a 0.6mm gap and it was annoying me. Now there's only 0.15mm.
Apple: The king of tolerances.
Dark Bio: Hold my beer.
Trust, but verify!
The Dark Bio firmware and device signing keys are hardware bound to genuine YubiHSM and YubiKey devices.
Furthermore, the public audit logs demonstrate (within the limits of the YubiHSM 2 capabilities) that no malicious firmware exists.
Just been hit by Trump's tariffs first time in my life (or rather the Chinese retaliatory tariffs). It's so nice as a European to pay extra taxes because US-CN is having a dick measuring contest.
But Peter, you didn't *ask* GPT to give you an image schema. Ok, let's ask it:
Asked both ChatGPT 5.4 and Claude Opus 4.6 to generate me a schematic for something.
First is OpenAI, second is Anthropic... ¯\_(ツ)_/¯
Never gets old…
This is the promise that Dark Bio delivers on: trustless computation on sensitive medical data, locally.
Sandboxed execution, cryptographic audit trail, signed user approval, multi-factor encrypted storage, LLM compatibility and more.
Follow @dark.bio for updates!🇨🇭
🌿Cilantro Soapiness: the first ever genetic test ran on a Dark Bio Ark enclave. Against my own genome, no less!
A test, vibe coded with AI, without looking at the code, never having to worry about malicious code touching sensitive data, because the Ark guarantees safety. 🤍
Shoutout to the print shop who did the wrappers at 11PM yesterday 🤍
Image is my own photo, as always. I don’t do AI marketing, nor product shoots for now.
Oh damn, can I get one mailed? Please? 😅 (I did write a little crypto code in the Go stdlib)
Mind you, this is the *half price for large order* quote. One less costs 64K-epsilon.
In December I was quoted $4000 for a batch of eMMC chips. I didn't want to commit because I wasn't yet sure if they are large enough (128GB; it would be better to have 256GB). Today's quote is $32000. I can't afford that for my project. ¯\_(ツ)_/¯
How secure is the @dark.bio pipeline?
Yes.
When you realise both the boomers and the zoomers got it wrong on what the real store of value is.
Me in December: Hmm, storage chips for the Ark is $50-ish. I should postpone a bit to make sure I get the correct one.
Me now: WTF do you mean it's $277 ??? 😭
Ugh, today was insane. I've replaced x509 certificates with CWT attestations throughout Dark Bio.
Needed to update 10 repositories in lockstep:
- Rust/Go/Flutter/TypeScript crypto
- Ark firmware, Ark CLI
- Cloud worker, cloud CLI
- Web dash, mobile app
Thank you Claude
Péter Szilágyi (1).png
It’s time for something really dark 👀
Péter Szilágyi is gonna have is first talk about Dark Bio! 🖤
This May at ETHPrague ☀️
🎟️ Get tickets in bio
Seems I'll be doing my first talk about Dark Bio at @ethprague.bsky.social in May this year! 🥳 No pressure... 😅
AI and the illusion of sandboxing:
OpenCode: You can't access files outside this folder.
Claude: Lol, hold my beer
Turns out that the CBOR ecosystem gets you everything you need, standardised:
Encoding: CBOR
Cryptography: COSE
Credentials: CWT
Attestations: EAT
FWIW, I did reimplement the entire stack due to security concerns \facepalm, but at least I only need to secure a few K LOC.
x509 certificates are a pretty ancient technology. Everybody uses them only because everybody else uses them. But the spec is so insane, that I strongly suggest everyone to consider it an absolute last resort.
The neat part about these is that they are CBOR structs signed via COSE; exactly what I do everywhere already.
Downside? Nothing! x509's purpose:
- Chains of trust, not just one hop attestations.
- Interoperability with the kitchen sink.
But nobody does PQC, so both futile.
After investigating, I found CWT (CBOR Web Tokens), which is a tiny structure that can just hold a few fields and attest some pubkeys. Perfect for cloud identities.
There's another small standard, EAT (Entity Attestation Token) on top, that defines tags for hardware devices.
Long story short, yes, the PR works, yes it does what I wanted it, but it was past the complexity threshold I was willing to tolerate.
Then I introduced x509, I had no meaningful protocols in place, so it was an arbitrary decision. Since then I've reworked all my protocols based on CBOR and COSE.
The issue was that the x509 certificate spec is such a monstrosity, that it's horror to work with it. And since nothing supports post-quantum, you need to reinvent the entire wheel from Adam and Eve. And since the format is very permissive, it's an infinite whack-a-mole.
This week I reworked it all again, to support custom extensions so I could use it for offline device authentication with the Arks.
It was a 2500 line diff that *barely* worked for what I needed it, never mind actual utility for anyone else.
In the early days of Dark Bio, I used x509 certificates to advertise cloud identities, but even then I had to start hacking because they didn't support X25519 pubkeys.
Then I extended the cert format to support composite ML-DSA and hybrid ML-KEM pubkeys, which was a nightmare.
A little background. Pretty much *nothing* supports post quantum interoperability yet. Many companies use it, but they short circuit within their networks. As such, encodings and common formats (DER, PEM, x509) are not well defined and mostly not supported at all.
