NY Tech Latinas - Latina Luminaries Fireside Chat with Vanessa Pestritto

NY Tech Latina’s first program is Latina Luminaries, a bi-monthly fireside chat featuring Latina leaders and executives doing amazing work in the Tech ecosystem. This edition’s guest speaker will be Vanessa Pestritto, Director of Partner Programs at Agoric, a safe smart contracts framework for an open, global economy. Read more

Running Third-Party JavaScript

Kate Sills discusses how to minimize the risks of running third-party JavaScript. She goes over POLA, the Principle of Least Authority, and how object capabilities can help grant specific, limited resources to third-party code. She also covers the current efforts to enforce security boundaries in JavaScript: SES (Secure ECMAScript) and Realms. Read more

Chip Morningstar on TC39er Podcast

In this episode, Hemanth Madhavarao is talking to Chip Morningstar - an author, developer, software programmer, and designer of software systems from the University of Michigan in 1981 with a Bachelor of Science degree in Computer Engineering. Read more

Securing JavaScript Modules

We’re excited to announce the first release of SES that directly supports loading ECMAScript modules. This is the first in a series of milestones toward delivering a seamless experience for applications that use both ECMAScript and CommonJS modules. Read more

Cross-Chain Hackathon: Agoric Workshop

The Agoric team introduced their platform, shared resources and tips for getting started, went over the prizes they’ve posted for the Cross Chain hackathon, and answered questions from the audience to help get your team hacking. Read more

The Road to Dynamic IBC

dIBC is, in essence, the idea of using a smart contract or VM platform to deploy new contracts that support new protocols, all on an existing chain without having to wait for chain upgrades. Read more

TC39 Panel Discussion at JSConf in Hawaii

Members of the TC39 committee including Agoric’s Chief Scientist Mark S. Miller join Cassidy Williams to answer questions sourced from the JSConf Hawaii audience about how the committee decides on changes to the language, and how companies, organizations, or individuals can get more involved. Read more

How Zoe Ensures You Won’t Leave Empty-Handed

Zoe is our new platform that provides an innovative, much safer approach for building and interacting with smart contracts. Elsewhere we talk about “offer safety” in Zoe: the assurance that on payout, a client of a contract either gets what they want or gets a refund. Here, I’m going to dig into another feature of Zoe, “payout liveness” (also referred to as “exit safety” in early presentations)...Read more

Chip Morningstar Joins Agoric

We’re excited that Chip Morningstar has joined Agoric as a software engineer as of January 2020. A longtime associate of Agoric’s team members, Chip has built and shipped systems in varied realms from gaming to smart contracts to digital payments. Read more

Staking Hub: Cosmos Game of Zones AMA

Zaki Manian (Tendermint team) & Dean Tribble (Agoric) joined Staking Hub on Nov 5, 2019 to discuss Cosmos IBC and Game of Zones (GoZ). IBC enables blockchains to exchange value & data. Read more

Realms and Evaluator Shim Security

Two security bugs were found and fixed in the realms-shim library, so all users should upgrade to the latest version. A new, simpler evaluator-shim library is being developed, with a smaller attack surface. Future security efforts will focus on this alternative library. Read more

Zoe vs. the Low-Level Status Quo

Deciding to send a payment to a blockchain address can be nerve-racking. You think you’re getting something in return, but will you? You think you’ve looked at the contract code, but maybe you missed something. Contracts have bugs. If only there was a way to guarantee that the money that you send isn’t stolen. If you could guarantee that you would get what you wanted, or get a refund, that’d ad...Read more

TC39 Proposals

During the last TC39 meeting, 4 proposals we’ve been working on made it to Stage 1. Read more

Realms-shim Security Updates

Four security-critical bugs were discovered and fixed in the ‘realms-shim’ and ‘SES’ libraries, which underpin Agoric’s secure JavaScript platform. All users should upgrade to the latest versions. Read more

Making ‘npm install’ Safe

Kate Sills talks about some of the security issues using NPM packages, the EventStream incident that created a security breach in a package, and Realms and SES (Secure ECMAScript) as possible solutions to NPM package security vulnerabilities. Read more

Trains, Hotels, and Async

Dean Tribble presented a solution to the train-hotel problem at the Stanford Blockchain Conference. The train-hotel problem comes from Andrew Miller and demonstrates a difficulty with cross-shard communication. In the problem, we want to get a train ticket AND a hotel reservation - if we don’t get both, we want neither. Read more

Preventing Reentrancy Attacks in Smart Contracts

Reentrancy attacks can be entirely prevented with eventual-sends. Eventual-sends (think JavaScript promises — promises actually come from eventual-sends!) allow you to call a function asynchronously and receive a promise, even if the function is on another machine, another blockchain, or another shard, making sharding and cross-chain contract communication much easier. Read more

POLA Would Have Prevented the Event-Stream Incident

A popular npm package, event-stream, included malicious code that attempted to steal the private keys of certain Bitcoin users. At Agoric, we think this attack was entirely preventable, and the answer is POLA, the Principle of Least Authority. Read more

Agoric Releases SES: Secure JavaScript

SES takes us one step closer to a world of smart contracts by creating a secure subset of JavaScript for object capabilities. With SES, even untrusted JavaScript programs can execute in the same environment safely. Read more

Agoric Joins ECMAScript Committee (TC39) and ECMA International

We’re excited to announce that Agoric has been unanimously approved as a member of ECMA International and TC39. ECMA International is the organization responsible for publishing ECMAScript (JavaScript) standards, and TC39 is the working group in which decisions about the future of JavaScript are made. Read more

Introducing Agoric

Agoric is committed to making strong security easier to achieve. We are delighted to announce that Agoric has completed a seed funding round from the Zcash Company, Naval Ravikant, and Polychain Capital. Read more