Experimental writing at the edge of security research. Tracing assumptions, questioning what isn't mainstream.
Exploit primitives, memory corruption, and kernel internals.
Mechanistic theory and circuit analysis of LLMs.
Formal methods and safety invariants in distributed systems.
An in-the-wild Chrome renderer 0-day patched January 2024 — no public root cause analysis for two years. This RCA traces it to a TOCTOU race in V8's JIT constant-folding pipeline → type confusion (`PropertyConstness::kConst` invariant violation) → OOB read/write. Invisible to JavaScript probes; only reproduces with a C++ harness.
AI scales the cost of producing a vulnerability report toward zero faster than it scales the cost of producing a correctly-scoped one. Spence's signaling cost asymmetry collapses as a result. This post documents the inflation antipatterns, the six-check quality gate, and the AI-side adversarial enforcement structure one researcher built in response.