Home/Notebook

m00dy.sh / Notebook

Notes from the bench.

Concept notes, methodology pieces, and dispatches from active work. Many become foundations for later papers and conference submissions.

2026

The Format That Got It Right

SafeTensors did not survive fuzzing by luck. It survived because the format puts validation before allocation, keeps code out of the file, and treats model loading as an input-parsing problem.

ml-securitysupply-chainformatsfuzzing

Signing Is Not Sealing

Post-quantum signatures are entering supply-chain infrastructure. Any ML artifact signing profile that adopts ML-DSA should get one deployment detail right before it ships: randomized mode opens a 256-bit hidden command channel that no deployed verifier can inspect.

ml-securitysupply-chaincryptographymanta

Two RAG systems, same injection rate, different problems

Two RAG systems with the same headline injection rate can need opposite defenses. Why a single number isn't enough, and what to report instead.

ml-securityragevaluationmethodology

Channel, Decoder, Substrate: A Vocabulary for ML Attacks

An ML attack is the composition of three things: a channel that carries information, a decoder that reads the channel, and a substrate that runs the decoder. Naming the shape changes how you think about both offense and defense.

ml-securityframeworksmantasupply-chain

2024

Creating an EMUX Environment With Ludus

Let's spin up a virtual environment with all the EMUX emulated environments.

iothardwareemulationludus