AI 资讯
The Hidden Technical Problems That Break DAOs in Production
Decentralized Autonomous Organizations are often presented as simple governance systems: token holders create proposals, vote, and execute decisions on-chain. In practice, building a production-grade DAO is far more difficult. A DAO is not only a smart contract. It is a distributed coordination system that combines governance logic, treasury security, token economics, identity, off-chain infrastructure, and human decision-making. A failure in any one of these layers can compromise the entire organization. Below are some of the most important technical problems DAO developers must solve. 1. Governance Attacks Through Borrowed Voting Power Many DAOs calculate voting power based on the number of governance tokens held at a specific moment. This creates a serious attack surface when tokens can be borrowed through lending protocols or flash loans. An attacker may temporarily acquire a large amount of voting power, submit or approve a malicious proposal, and return the borrowed assets shortly afterward. The standard defense is snapshot-based voting power. Instead of checking a user’s current balance, the governance contract reads historical balances from a previous block. function getVotes( address account, uint256 blockNumber ) public view returns (uint256) { return token.getPastVotes(account, blockNumber); } However, snapshots alone do not solve every problem. Developers should also consider proposal delays, minimum token-holding periods, quorum requirements, and vote-delegation risks. 2. Dangerous Proposal Execution The most sensitive part of a DAO is usually the executor. A successful proposal may call arbitrary contracts, transfer treasury assets, upgrade protocols, or change governance parameters. If proposal calldata is incorrectly validated, a governance action can execute unintended operations. A DAO should clearly separate: Proposal creation Voting Proposal queuing Timelock execution Emergency cancellation Using a timelock gives token holders and security teams
AI 资讯
The running list: major tech layoffs in 2026 where employers cited AI
A running look — in reverse chronological order — at the bigger tech companies that have announced significant layoffs this year with AI as a stated factor.
AI 资讯
Amazon competitor Bookshop.org says Kobo eReader support will happen this year after all
Bookship.org seemed to delay this anticipated partnership again, but tells TechCrunch that it has settled business terms and is working on integration.
AI 资讯
Chainlink Functions Is Serverless Compute With Oracle Guarantees. Here's the Full Request Lifecycle.
The mental model most people have is too simple "Chainlink Functions lets smart contracts call APIs." That's true the same way "Ethereum lets people send money" is true. Technically accurate, misses almost everything that makes the product interesting and almost everything that matters for security. Chainlink Functions is better understood as a decentralized serverless compute platform: arbitrary JavaScript runs across every node in a DON, each node executes independently, OCR aggregates the results, and the aggregated output gets delivered back to the consumer contract through a verified callback. The "API call" is just one of the things that JavaScript can do inside that environment. The DON consensus and the threshold-encrypted secrets model are what make it meaningfully different from a centralized API proxy. This is day 9 of the 28-day Chainlink architecture series. Today covers the full request lifecycle, every contract in the chain, how threshold encryption protects secrets without exposing them to any individual node, and the integration mistakes that come from misunderstanding how billing and callbacks actually work. The four contracts you need to understand Before tracing the full lifecycle, it helps to know exactly which contract does what. FunctionsRouter : the stable, immutable entry point for consumers. Manages subscriptions and authorized consumer contracts. Its interface doesn't change when the underlying implementation upgrades, consumer contracts call sendRequest here and only here. Also handles billing: estimates fulfillment cost at request time and finalizes it at response time. FunctionsCoordinator : the interface between the Router and the DON. Emits the OracleRequest event that DON nodes watch for. Handles fee distribution to transmitters via a fee pool. Inherits from OCR2Base , meaning the full OCR consensus machinery runs here. This contract can be upgraded independently of the Router, which is why the Router exists as a stable facade in fro
AI 资讯
디지털 최전선, 시험대에 오르다: 암호화폐와 AI 시대, 데이터 신뢰성, 지정학적 갈등, 알고리즘 불투명성 헤쳐나가기
디지털 자산과 인공지능 분야는 핵심 기술은 다르지만, 데이터의 진실성, 규제 체계, 지정학적 함의에 대한 공통된 도전에 직면하며 점차 수렴하고 있다. 최근 일련의 사건들은 탈중앙화와 첨단 연산이 약속하는 미래가 인간의 행동, 경제적 유인, 그리고 국가적 목표라는 현실과 충돌하는 중요한 변곡점을 보여준다. 제재 대상 러시아 스테이블코인의 논란 많은 거래량 주장부터 전 미국 대통령이 약세장 속에서 거둔 전례 없는 암호화폐 수익, 그리고 선두 AI 모델을 둘러싼 당혹스러운 "너프(성능 저하)" 논쟁에 이르기까지, 이 모든 이야기는 혁신과 불투명성이 난무하는 디지털 최전선의 모습을 생생하게 그려낸다. 이 글은 겉으로는 서로 달라 보이는 이러한 현상들을 깊이 파고들어, 그 기저의 메커니즘, 기술적 복잡성, 그리고 글로벌 디지털 경제에 미치는 광범위한 영향을 탐색하고자 한다. 우리는 블록체인 분석이 불법 금융 활동 주장에 어떻게 도전하는지, 정치인들이 신생 산업에 관여하며 제기하는 윤리적 및 규제적 난제는 무엇인지, 그리고 복잡한 AI 시스템을 평가하는 미묘한 기술적 문제들을 살펴볼 것이다. 이러한 분석들을 관통하는 공통적인 실마리는 바로 강력한 검증, 투명한 거버넌스, 그리고 정교한 이해가 필수적이라는 점이다. 정보가 쉽게 조작될 수 있고, 진정한 효용성이 복잡성이나 전략적 오도 뒤에 가려지기 쉬운 생태계를 헤쳐나가기 위해서 말이다. 디지털 자산과 AI가 금융, 거버넌스, 그리고 일상생활을 계속해서 재편하는 가운데, 부풀려진 지표 속에서 진정한 활동을, 시스템적 결함 속에서 실제 역량을 식별하는 능력은 투자자, 정책 입안자, 기술자 모두에게 더없이 중요해지고 있다. 지난 10년간 암호화폐와 인공지능 분야는 폭발적인 성장을 거듭하며 각각 변혁적인 잠재력을 제시하는 동시에 새로운 도전 과제들을 안겨줬다. 예를 들어, 스테이블코인은 본래 암호화폐 시장의 변동성을 완화하기 위해 법정화폐나 다른 자산에 가치를 고정하도록 고안되었으나, 글로벌 디지털 금융 인프라의 핵심 구성 요소로 진화했다. 특히 엄격한 금융 제재를 받는 지역에서 국경 간 결제를 촉진하는 그들의 유용성은 양날의 검이 되어, 합법적인 사용자뿐 아니라 전통적인 금융 통제를 우회하려는 이들까지 끌어들이고 있다. 2022년 이후의 지정학적 환경은 경제 제재에 대한 초점을 더욱 강화했고, 제재 대상 기업들은 디지털 자산이 제공하는 대안적 금융 경로를 모색하게 되었다. 동시에 디지털 자산의 주류 금융 및 정치권으로의 통합은 가속화됐다. 한때 틈새 기술적 호기심에 불과했던 암호화폐는 이제 상당한 경제적 힘으로 자리 잡았고, 기관 투자뿐만 아니라 최근 공개된 바와 같이 유명 인사들에게도 막대한 개인 자산을 안겨주고 있다. 이러한 주류화는 필연적으로 암호화폐를 국가 규제 기관의 감시 아래 놓이게 하며, 업계의 종종 자유지상주의적 정신과 국가의 감독, 과세, 소비자 보호 요구 사이에서 긴장을 유발한다. 특히 규제 환경이 아직 형성되는 단계에서 정치인들이 이 신흥 부문에 관여하는 것은 이해 상충과 공직 내 개인적 금전 이득의 윤리적 경계에 대한 복잡한 질문들을 제기한다. 이러한 발전과 병행하여, 인공지능, 특히 대규모 언어 모델(LLM)은 불과 몇 년 전에는 상상할 수 없었던 능력을 보여주며 빠르게 발전했다. 그러나 종종 "블랙박스"처럼 작동하는 이 모델들의 복잡성은 평가, 제어, 그리고 윤리적 배포를 보장하는 데 상당한 난관을 초래한다. "너프" 또는 성능 저하를 둘러싼 논쟁은 AI 시스템의 진정한 능력을 벤치마킹하고 이해하는 데 내재된 어려움을 강조한다. 특히 안전 분류기와 같은 내부 아키텍처 구성 요소가 관찰되는 동작을 크게 바꿀 수 있기 때문이다. 제재 회피, 암호화폐의 정치경제, AI 모델 평가라는 이 세 가지 독특하지만 서로 연결된 서사는 점점 더 디지털화되고 알고리즘에 의해 움직이는 세상에서 투명성, 책임성, 그리고 정확한 평가를 위한 광범위한 노력을 강조한다. 최근의 뉴스들은 디지털 자산과 AI 생태계에 내재된 기술적 복잡성과 분석적 도전 과제들을 심층적으로 보여준다. 제
AI 资讯
Copilot CLI drops the PAT requirement inside GitHub Actions
GitHub said this week that Copilot CLI, when it runs inside a GitHub Actions workflow, will accept the built-in GITHUB_TOKEN for authentication. Per the July 2 changelog, the previous path required creating and storing a personal access token. The operational read is small and precise: one fewer human-owned credential to mint, rotate and inherit. The exact scope of the change The changelog covers a narrow surface. It applies to Copilot CLI when invoked from a GitHub Actions workflow, and it swaps the required credential from a PAT to the workflow's ambient GITHUB_TOKEN . GitHub does not describe changes to how Copilot CLI authenticates outside Actions, and this post will not extrapolate to those contexts. If your Copilot CLI usage lives on a developer laptop or in another CI system, nothing in this announcement moves for you. Why the PAT was the wrong credential to leave in the loop A personal access token has almost none of the properties you would want from an automation credential. It does not expire on a job boundary. It carries a person's identity, not the workflow's. It sits in Actions secrets long enough to outlive the engineer who created it. And its scopes were chosen by that engineer, at that moment, often wider than the job actually needs. GITHUB_TOKEN is the opposite shape. Actions mints it at the start of a job, scopes it through the workflow's permissions: block, and revokes it when the job ends. If the token leaks, the window for abuse is the runtime of the job, not the years until somebody remembers to rotate it. When the person who wrote the workflow leaves, the pipeline does not silently break because a token expired with their account. For scripted Copilot CLI calls that had to be wrapped in a PAT, that is the whole win. The tool authenticates against the workflow instead of against a human. Wiring it up The workflow-side pattern is the same one every GITHUB_TOKEN -consuming step already follows: declare permissions: explicitly at the job level, k
AI 资讯
Binary Tree PreOrder Traversal
leetcode.com Problem Statement Given the root of a binary tree, return its preorder traversal. Preorder Traversal follows: Root ↓ Left ↓ Right Brute Force Intuition In an interview, you can explain it like this: Visit the current node first, then recursively traverse the left subtree followed by the right subtree. Recursion naturally follows the preorder sequence. Complexity Time Complexity: O(N) Space Complexity: O(H) Where: N = Number of Nodes H = Height of Tree Recursive Code class Solution { public List < Integer > preorderTraversal ( TreeNode root ) { List < Integer > ans = new ArrayList <>(); preorder ( root , ans ); return ans ; } private void preorder ( TreeNode root , List < Integer > ans ) { if ( root == null ) return ; ans . add ( root . val ); preorder ( root . left , ans ); preorder ( root . right , ans ); } } Moving Towards the Optimal Iterative Approach Instead of recursion, we can use a stack. Since preorder visits: Root ↓ Left ↓ Right we should process the root immediately. To ensure the left subtree is processed first, push the right child before the left child . Pattern Recognition Whenever you see: Preorder Traversal Simulate Recursion Think: Stack Key Observation Stack follows: LIFO To visit: Left First push: Right First ↓ Left Second so that left is popped first. Optimal Java Solution class Solution { public List < Integer > preorderTraversal ( TreeNode root ) { List < Integer > ans = new ArrayList <>(); if ( root == null ) return ans ; Stack < TreeNode > st = new Stack <>(); st . push ( root ); while (! st . isEmpty ()) { TreeNode node = st . pop (); ans . add ( node . val ); if ( node . right != null ) st . push ( node . right ); if ( node . left != null ) st . push ( node . left ); } return ans ; } } Dry Run 1 / \ 2 3 / \ 4 5 Stack: 1 Visit: 1 Push: 3 2 Visit: 2 Push: 5 4 Traversal: 1 ↓ 2 ↓ 4 ↓ 5 ↓ 3 Answer: [1,2,4,5,3] Why Stack Works? A stack processes the most recently added node first. By pushing: Right Child ↓ Left Child the left child
AI 资讯
Thiel Capital’s Jack Selby nabs stakes in hot startups like Etched through Arizona connections
Selby's VC firm Copper Sky Capital is currently raising a $300 million second fund, according to a regulatory filing.
AI 资讯
Jersey Mike’s IPO illustrates how bad the AI hype has become
Just for kicks, I took a look at Jersey Mike's IPO documents. Surely a sandwich shop would have no need to mention AI. But lo and behold.
AI 资讯
Anthropic is discussing a new custom chip with Samsung
The news comes about a week after OpenAI announced its own custom AI chip in a partnership with Broadcom.
AI 资讯
Popular TV-tracking app TV Time is shutting down as company focuses on AI
TV Time, the popular TV-tracking app, is shutting down on July 15 as parent company Whip Media pivots toward enterprise AI products.
AI 资讯
Microsoft launches its own AI deployment company with $2.5 billion commitment
Microsoft follows Amazon, OpenAI, and Anthropic with its new AI deployment group.
开源项目
Apple is reportedly planning new iPad Pro and MacBook Pro releases early next year
Apple is readying several new iPad Pro tablets, and a budget-friendly MacBook Pro, reports suggest.
科技前沿
The Best July 4 Grill and Griddle Deals: Weber, Traeger, Recteq
Fourth of July weekend is the last great grill and griddle sale of the summer, including $250 off my favorite pellet smoker.
创业投融资
Ashton Kutcher leaving Sound Ventures to launch new VC firm with Morgan Beller
The actor and investor is joining forces with Morgan Beller, who was previously a GP at NFX, to invest in early-stage startups.
AI 资讯
Neocloud Together AI raises $800M, leaps to $8.3B valuation
The AI neocloud provider, which specializes in hosting open source models, last raised at a $3.3 billion valuation in early 2025.
产品设计
Builders Stage agenda revealed: Practical strategies for scaling startups at TechCrunch Disrupt 2026
The Builders Stage is returning to TechCrunch Disrupt 2026, bringing together 10,000+ founders, startup operators, and investors for practical conversations. and Q&A on what it takes to build and scale successful companies. Register now to save up to $330.
AI 资讯
OpenClaw is finally available on Android and iOS
The free open source agentic program is finally invading your phone.
AI 资讯
Nvidia competitor Etched hits $5B valuation, $1B in sales for AI chip
Nvidia AI chip competitor Etched says it has already booked $1 billion under contract for the inference systems powered by its chip.
AI 资讯
Acti puts AI agents directly into your smartphone keyboard
Acti is betting the smartphone keyboard is the next home for AI assistants. The startup's new keyboard for iOS and Android works across apps and lets users create custom AI-powered shortcuts using natural language.