Did they have too many quotable anti-fascist moments?

Does anyone know if there are any teams working on PBAC (Policy-Based Access Control) or RBAC (Role-Based Access Control) as questioned by the post from u/LogrisTheBard below?:

Social recovery wallets and timelocks: wallets that don’t make you lose all your money if you misplace your seedphrase, or if an online or offline attacker extracts your seedphrase, and also don’t make all your money backdoored by Google.

I’d really like to see a competent execution of policy based smart contract wallets. So not just timelocks but different signature thresholds for extracting larger sums of money, different roles for signers that are expected to do different things or interact with different applications, and governance extensibility through administration wallets that may not be part of the admin controls of the managed smart contracts. In addition to doing this on chain I’d like to see this implemented at the wallet level so my wallet can detect and reject malicious transactions before it has a chance of being signed.

Last year BitWise lost over $1B in ETH because they didn’t have something as simple as an ATM withdrawal limit on the cold wallet.

Privacy UX: make private payments from your wallet, with the same user experience as making public payments.

Is this using the FHE (Fully Homomorphic Encryption)/Zama route or the Aztec/Railgun route to privacy? I think we need a clearer explainer of how privacy is achieved on chain with some of the different approaches being developed and the tradeoffs of those approaches.

Application UIs: use more dapps from an onchain UI with IPFS, without relying on trusted servers that would lock you our of practical recovery of your assets if they went offline, and would give you a hijacked UI that steals your funds if they get hacked for even a millisecond.

Get this built into the Rabby wallet browser. Also get an ERC standard where a smart contract can refer to an IPFS url where users should go to interact with it.

On that same thread, u/Tricky_Troll also points out relevant points that c/Privacy folks are well aware too:

I think there’s a general lack of understanding for a lot of people who aren’t deep in the privacy space about just how many levels of protection one needs down the tech stack from on-chain to web 2 to the OS level software and then even hardware itself. Depending on your threat model, if you don’t have one of these secured, then your privacy is very likely compromised in some way.

I think a lot of people, upon realising that, just take on a defeatist attitude since it takes more than just Tornado Cash smart contracts or a privacy focused L2 like Aztec to maintain one’s full privacy. But despite being a long road, it’s absolutely possible and I think the EF and your own re-focusing on privacy, VB, is a much needed call to action to tackle it once and for all. The tech is here, we just have to build it, make it (relatively) intuitive and make sure users know it is there — if they ever need it.

I think the most important thing about privacy is not necessarily making sure it is used by all by default (would be nice), but making sure it is accessible to all if they need it. After all, most people under authoritarian governments don’t have something to hide, so much as they wake up one day and they find the government suddenly says something normally benign about them now makes them an enemy of the state. Therefore it’s important that they have secure, private alternative technologies to fall back on to keep their lives going until they can get to safety.

Personally, I think the hardware and OS level software side of things is most at risk from snooping authoritarian governments in the long run. Things like Chat Control in the EU and democratic backsliding in the US leaves us with very few places left where companies will be able to create open hardware and software which doesn’t have backdoors.

My outlook for the Ethereum side of privacy is good, but I think we’re quickly losing the battle for hardware and OS level software. Just look at the way Android is going with their sideloading restrictions. If we lose open source Android or devices with unlocked bootloaders to run custom ROMs on, then mobile is lost (Linux phones just don’t have the app support). Living a normal life without a mobile OS is almost impossible these days, so we must defend this critical infrastructure. We are fast running out of time but I appreciate your renewed efforts on the Ethereum side of things.

Echoing another relevant comment shared by u/LogrisTheBard :

I recently watched “A post-American, enshittification-resistant internet” by Cory Doctorow. He’s an EFF activist and has been fighting for our rights for like 20 something years.

So much of this talk is on sovereignty. Whether it’s national sovereignty such as national defense, corporate sovereignty such as jailbreaking devices, or personal sovereignty such as right to repair electronics he comes across as passionate about creating more resilient, economical, and equitable societal outcomes. So much of the ethos of web3 is present in his philosophy but the only reference to cryptocurrency in the whole talk was “stocks, shitcoins, and casinos but I repeat myself”.

There were points where I just wanted to scream at the screen that we can help with that. By virtues, this guy should be ally of ours but he’s probably only ever been exposed to the scammers that swarm the periphery of our ecosystem which is all too common a situation. We seriously needed something like Etherealize 4 years sooner, to treat public perception of Ethereum as more of a public good and less as the full time job of people like Sassal or Hoffman.

I’m talking to DeAI founders regularly and the common message is to lean into words like control, ownership, and resilience more and to avoid the word blockchain entirely. It’s really a sad state of affairs that we can utilize blockchain solutions to improve things like resilience but we can’t openly talk about utilizing blockchain solutions in any business or customer interaction. Anything web3 has to be abstracted as much as possible away behind a web2 interface before it can become palatable.

Neobanks this year will be offering Defi access through web2 frontends while avoiding any mention of blockchain as hard as they can. They’ll use terms like “fully regulatory compliant backend financial systems” because if you say Ethereum almost the best thing that will happen is people won’t have heard of it. DeAI systems will be using terms like “proof of control” to market even when that proof is using mechanisms like tokenization for model ownership.

It’s frustrating.

This is active area of research and development. As far as I am aware, we currently have the efforts on Lean Ethereum, which is kind of a longer term effort of bringing deeper improvements to make Ethereum efficient and secure for the long term, by replacing a lot of sub-optimal components with components that are known to be much closer to optimal, like zk-snarks (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge)

A significant component of lean Ethereum is to future-proof the consensus layer (CL) and data layer (DL), replacing BLS and KZG with post-quantum equivalents

The community is currently focused on hash-based constructions as the leading post-quantum option, but a healthy diversity of views is expected and welcome, as I’m already hearing about lattice-based options

A few months ago, lean client teams were sprinting towards a post-quantum devnet as discussed during beam day Cannes in 2025 EthCC

https://xcancel.com/ladislaus0x/status/1994342897152311665

Transcription of above tweets:

@ladislaus0x Ethereum consensus will eventually have to switch to post-quantum (PQ) signatures — and early R&D efforts look promising!
PQ signatures pose a challenge as they are ~30x larger than today’s signatures. Dealing with aggregated signatures is even trickier, given our goal for consensus participants to verify them on low-compute and low-bandwidth devices
Tune in to weekly developer calls to track progress and learn more

@ReamLabs Ream and @zeamETH achieved devnet1 interop! New report of @qdrvm_io also achieving interop just now!
The first Lean Consensus devnet that integrates post-quantum signature signing & verification.
Next step: scale up # of validators and performance baseline for future devnets!

The main efforts driven forward were related to writing specifications for post-quantum signature aggregation and optimizations to the corresponding networking layer, which are necessary to handle the much larger post-quantum signatures

This is the repo where you can see their findings and you can also follow the progress closely on this community maintained website too: https://leanroadmap.org/

Post-quantum signature aggregation is also being worked on leanMultisig

Besides, please correct me if I am wrong, if you ever get worried about quantum, you transfer your funds to a fresh address and not transact with the new account until more guidance arrives. If no existing signature is known from an account, it will be safe.

The narrative against Ethereum was that it had high fees and no one could use it, but now gas fees have been low and cheaper transactions can be made again