on a related note the search space for https://www.qdayprize.org/curves seems far too small to be a meaningful contest and the rules dont seem to address how they judge the validity of the "quantumness" when sifting such small groups.
there's been advances, at least for RSA work from håstad, ekerå, gidney has brought this to O(N) qubits, on the runtime the papers are a little bit harder to read as they differ in notation but O(log(N)^3) runtime is what i recall. its possible i am wrong on the runtime and its O(log(N)^2)
bitchat has a trivial MITM flaw with the favorite's identity system. i wrote up my thoughts around vibe coding cryptographic security and rolling a new protocol
i am not using it as a pejorative here, I am pretty sure that is the case for this code base, as every block has a comment describing the code that immediately follows
also i do not doubt jack's cryptography and encryption understanding, so this particular MitM flaw is almost certainly not what human steering would put together. x25519 APIs makes it both easy and simple to do identity persistence correctly, the code simply doesn't use the identity key cryptographically.
I made a CTF challenge 3 years ago that proves why local devices are not so protected. exploitv99 bypasses PNA with timing as the other commentor points out.
The existing PNA is easily defeated for bugs that can be triggered with standard cross origin requests. For example PNA does nothing to stop a website from exploiting some EOL devices I have with POST requests and img tags.
