penguin Heilman

About

Founder & CTO @ Azos Finance

Web3 Developer, Builder, and Blockchain Enthusiast

Interests

Web3, DeFi, Smart Contracts, Blockchain Security, Coding, Bioinformatics, SecOps

Location

CA, USA

Contact

penguin@azos.tech

Projects & Work

GitHub - Open source contributions and projects

Azos Finance - DeFi platform and protocols

Links of interest

Ethereum - The world's programmable blockchain

Hacker News - Tech news and discussions

Waterdeep - City of Splendors

[root@c0mput3rxz ~]# uptime

Press & Media

Podcasts

MetaRadio - Humans of MetaGame #2 — Penguin The High Flying Flightless Bird

MetaRadio - Share What You're Makin' w/ Chair & Bacon #1 — Penguin on Never Touch Fiat Again

Mattereum — The Future of Stuff - Ep. 2: From Asset-Backed Finance to Art with a Message

Articles

Toilet Paper NFTs Wipe Out $7 Million in Medical Debt - Fortune

Partnership with Azos Finance to Power the Collateral Layer of Climate Impact Assets - DIA Oracles

MetaSpecial — MetaFest Is aLive! - MetaGame Substack

A Cypherpunk's Manifesto

Eric Hughes — 9 March 1993 — activism.net

The founding document of the cypherpunk movement. Privacy is not something governments will give you — it must be built. Ten principles that predicted the internet, surveillance capitalism, and Bitcoin.

// 01 PRIVACY IS NOT SECRECY
“Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn’t want the whole world to know, but a secret matter is something one doesn’t want anybody to know. Privacy is the power to selectively reveal oneself to the world.” activism.net/cypherpunk/manifesto.html

Secrecy hides from everyone. Privacy is selective disclosure — sharing different things with different people. This single distinction dismantles the “nothing to hide” argument before it can be made.

+ explain + context & links

Privacy is about autonomy, not wrongdoing. You can live entirely in public — no secrets at all — while exercising privacy: choosing what to share, with whom, and when. End-to-end encryption implements this: the message flows openly; only the intended reader decodes it.

Why it matters now

  • A doctor shares your diagnosis with insurers — no secret, but a privacy violation
  • 40 apps know your location — you hide nothing, but you are not private
  • GDPR Art. 5 encodes this as “data minimisation” — thirty years after Hughes wrote it
// aggregation problem minimal disclosure cryptography

#philosophy  #civil-liberties  #foundational

// 02 THE AGGREGATION PROBLEM
“If two parties have some sort of dealings, then each has a memory of their interaction. The power of electronic communications has enabled such group speech, and it will not go away merely because we might want it to.” activism.net/cypherpunk/manifesto.html

Every transaction leaves a trace. Individually harmless; aggregated, a surveillance-grade profile. Laws can’t stop people talking. The fix is architecture: don’t create data that can be combined.

+ explain + context & links

Name: harmless. Employer: harmless. Neighborhood: harmless. Name + employer + neighborhood + commute + purchases = dossier. Hughes saw this in 1993, before Google, before Facebook, before Cambridge Analytica.

Validated by history

  • NSA PRISM (2013): metadata aggregation across millions of innocent people
  • Cambridge Analytica: 87M profiles harvested from innocuous quiz data
  • Data broker industry: $200B/yr selling aggregated personal records
// privacy vs secrecy minimal disclosure don’t trust institutions

#surveillance  #data-aggregation  #architecture

// 03 MINIMAL DISCLOSURE PRINCIPLE
“Since we desire privacy, we must ensure that each party to a transaction have knowledge only of that which is directly necessary for that transaction. When I purchase a magazine at a store and hand cash to the clerk, there is no need to know who I am.” activism.net/cypherpunk/manifesto.html

Don’t give what isn’t needed. Cash completes the exchange without binding identity. Hughes invented GDPR’s “data minimisation” thirty years before it became law.

+ explain + context & links

Cash is the gold standard: payment completes, identity never enters. No database, no profile. Hughes wanted digital systems to inherit this property.

Technical implementations today

  • Zero-knowledge proofs: prove you’re over 18 without revealing your birthdate
  • Signal sealed sender: server doesn’t know who is messaging whom
  • Zcash shielded transactions: amount and participants both private
  • Apple App Tracking Transparency: opt-in required for cross-app data
// anonymous transactions cryptography write code

#data-minimisation  #zero-knowledge  #GDPR

// 04 ANONYMOUS TRANSACTION SYSTEMS
“Therefore, privacy in an open society requires anonymous transaction systems. Until now, cash has been the primary such system. An anonymous system empowers individuals to reveal their identity when desired and only when desired; this is the essence of privacy.” activism.net/cypherpunk/manifesto.html

Cash is anonymous without being secret. Hughes called for digital systems with this same property — sixteen years before the Bitcoin genesis block.

+ explain + context & links

Anonymous ≠ secret. Value moved, the transaction is real — but neither party is identified. The lineage to Bitcoin is direct:

The lineage

  • 1989 — David Chaum invents DigiCash (blind signatures)
  • 1997 — Adam Back invents Hashcash (proof-of-work)
  • 1998 — Wei Dai proposes b-money (decentralised digital cash)
  • 2009 — Satoshi Nakamoto mines the Bitcoin genesis block
  • 2016 — Zcash: zero-knowledge anonymous transactions go live
// minimal disclosure cryptography write code

#bitcoin  #digital-cash  #anonymity  #DigiCash

// 05 CRYPTOGRAPHY AS THE TOOL
“Privacy in an open society also requires cryptography. To encrypt is to indicate the desire for privacy, and to encrypt with weak cryptography is to indicate not too much desire for privacy.” activism.net/cypherpunk/manifesto.html

Encryption is not a feature — it is an expression of intent. Weak crypto is almost an insult to the principle. Strong cryptography is what privacy means in digital form.

+ explain + context & links

In 1993 strong cryptography was a US munition. Exporting it was a federal crime. Hughes wrote this in direct defiance of those controls.

Tools Hughes was referencing

  • PGP (1991) — Phil Zimmermann, asymmetric encryption for email
  • RSA — public-key cryptography enabling encrypted communications
  • Anonymous remailers — chains of encrypted hops obscuring message origin

Modern descendants

  • Signal Protocol — end-to-end encrypted messaging
  • TLS/HTTPS — now covers ~95% of web traffic
  • Tor — onion routing for anonymous browsing
  • GPG — PGP successor, still used for code signing today
// anonymous transactions don’t trust institutions anti-regulation

#PGP  #encryption  #Signal  #Tor

// 06 DON'T TRUST INSTITUTIONS
“We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence. It is to their advantage to speak of us, and we should expect that they will speak.” activism.net/cypherpunk/manifesto.html

Privacy will never be given — it must be taken. No law or terms of service substitutes for a technical guarantee. Thirty years of mass surveillance revelations have validated every word of this.

+ explain + context & links

Government surveillance since 1993

  • 2013: Snowden reveals NSA PRISM — bulk collection from major tech companies
  • GCHQ Tempora: bulk interception of undersea fibre cables
  • China Social Credit System: comprehensive behavioural surveillance

Corporate data collection

  • Cambridge Analytica: 87M profiles harvested without consent
  • Google: tracks across sites, apps, and physical location
  • Data brokers: dossiers with thousands of data points per person
// cryptography self-reliance write code

#Snowden  #NSA  #surveillance-capitalism

// 07 SELF-RELIANCE IMPERATIVE
“We must defend our own privacy if we expect to have any. People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes, and couriers. The technologies of the past did not allow for strong privacy, but electronic technologies do.” activism.net/cypherpunk/manifesto.html

Privacy protection is an ancient human tradition, not a radical new idea. The digital age needs digital equivalents. And it requires collective participation: if only dissidents encrypt, encryption becomes a red flag.

+ explain + context & links

Individual privacy depends on collective behaviour. If only activists use encrypted email, encryption marks them as suspicious. If everyone uses it, it’s just email.

Historical tools → digital equivalents

  • Whispers → end-to-end encrypted messaging (Signal)
  • Sealed envelopes → HTTPS everywhere
  • Locked doors → full-disk encryption
  • Couriers → Tor onion routing
  • Secret handshakes → cryptographic signatures
// privacy vs secrecy don’t trust institutions social contract

#collective-action  #defaults  #mass-adoption

// 08 CYPHERPUNKS WRITE CODE
“Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can’t get privacy unless we all do, we’re going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide.” activism.net/cypherpunk/manifesto.html

Don’t lobby — build. Open-source code distributed worldwide cannot be seized by any one jurisdiction. Code that spreads cannot be uninvented. PGP, Tor, Signal, Bitcoin all followed this imperative.

+ explain + context & links

Publishing code is not just generosity — it’s strategy. Code in one jurisdiction spreads everywhere instantly. A widely-dispersed open-source project cannot be shut down by any single authority.

Direct cypherpunk projects

  • PGP (1991) — Phil Zimmermann, email encryption, still used 30+ years on
  • SSL/TLS (1995) — encrypted web, now universal as HTTPS
  • Tor (2002) — onion routing, used by journalists and dissidents worldwide
  • Bitcoin (2009) — Satoshi Nakamoto, decentralised anonymous digital cash
  • Signal (2013) — Moxie Marlinspike, E2E encrypted messaging at scale
// cryptography don’t trust institutions anti-regulation

#open-source  #PGP  #Tor  #Signal  #Bitcoin

// 09 ANTI-REGULATION STANCE
“Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act. Even laws against cryptography reach only so far as a nation’s border and the arm of its violence. Cryptography will ineluctably spread over the whole globe.” activism.net/cypherpunk/manifesto.html

Morally: encrypting is private speech. Practically: laws end at borders, the internet doesn’t. Hughes wrote “ineluctably” — unavoidably. Written during the US Crypto Wars of 1993. He was right.

+ explain + context & links

The First Crypto War (1990s)

  • NSA Clipper Chip: backdoored encryption standard for all US comms
  • ITAR export controls: treating encryption as a weapon
  • Phil Zimmermann prosecuted for releasing PGP internationally
  • Result: controls lifted by 1999. Cypherpunks won.

The Second Crypto War (2010s–present)

  • FBI vs Apple: demanding iPhone backdoor after San Bernardino
  • EARN IT Act: legislation to undermine E2E under child safety framing
  • Australia Assistance and Access Act 2018: compelled backdoors
// cryptography write code social contract

#Crypto-Wars  #Clipper-Chip  #regulation

// 10 SOCIAL CONTRACT FOR PRIVACY
“For privacy to be widespread it must be part of a social contract. People must come and together deploy these systems for the common good. We the Cypherpunks seek your questions and your concerns and hope we may engage you so that we do not deceive ourselves. Onward.” activism.net/cypherpunk/manifesto.html

Tools alone aren’t enough — privacy requires social adoption. Hughes admits Cypherpunks can be wrong and need dialogue. A commons, not a club. Anyone can use the code. Anyone can join the conversation.

+ explain + context & links

Progress since 1993

  • HTTPS: ~0% → ~95% of web traffic over 20 years
  • Signal: 40M+ active users
  • Tor: ~2M daily users
  • But: surveillance capitalism still dominates mainstream internet

The unfinished project

Hughes ends with “Onward.” — not “done.” Thirty years later the work continues. Anyone can use the code. Anyone can join the conversation.

// don’t trust institutions self-reliance write code

#social-contract  #commons  #EFF

Original text: activism.net/cypherpunk/manifesto.html
Author: Eric Hughes — 9 March 1993