 Hello, my name is Andrea Alexander and this teaser is about state moisture application under changing network conditions, which is joint work with Erica Bloom, Jonathan Katz and Julian Boss. So what is state moisture application and why do we care about it? State moisture application protocols have recently received a considerable attention in the context of blockchain protocols as they specify how a set of parties can jointly agree on a continuous growing order of transactions. This agreement should hold at all honest parties despite Byzantine parties being involved in the protocol. And state moisture application is related to the problem of Byzantine agreement but not subsumed by it as Byzantine agreement enables the one-shot agreement on a single bank. The network model has a significant impact on the security and efficiency of state moisture application protocols and several models have been studied. In the case where the network is synchronous state moisture application protocols have been proposed for a security threshold of n over two corruptions. When the network is asynchronous the targeted corruption threshold is n over three. In this work we focus on what is called the network agnostic model where the network might be either synchronous or asynchronous without knowing the case in advance. Therefore we would like to design a state moisture application protocol which is secure regardless of the network state and targets potentially more corruptions than the asynchronous case if the network is synchronous. Look at all proves that the optimal threshold for network agnostic security between the tolerated corruptions in the synchronous case and the tolerated corruptions in the asynchronous case is two times ds plus da less than n the total number of parties. The feasibility question has been answered positively before and we now ask whether we can achieve the same communication complexity as in the asynchronous case. Also, what if the network is moody and keeps changing from synchronous to asynchronous and vice versa, but we don't know whether it stabilizes in a synchronous or an asynchronous state. If the network transitions from synchronous to asynchronous and the adversary still holds control over TS parties, then we lose security because of well known impossibility results through it to the asynchronous model. So we need to assume that the corruption capability of the adversary also decreases when the network becomes asynchronous and that parties have the capability of rebooting and keeping out the adversary. Nevertheless, the adversary will still know the states of the parties it has previously corrupted, including whatever keys they have. So the question is, can we still get security under key exposures. The literature for a single and a state machine replication, both for static and adaptive adversaries achieve a QB communication complexity when outputting and transactions. This means a quadratic amortized communication complexity per transaction. On the other hand, the 30 grades network agnostic protocol by blown at all for an adaptive adversary has a higher total and amortized communication complexity. If we relax the security assumption, the static protocol upgrade can achieve a linear amortized communication cost per transaction, but only when outputting a quadratic number of transactions which is very large. So in this work, we present two protocols that improve the state of the art results. Update is adaptive is secure for optimal corruption thresholds and has QB communication complexity for committing a block of and transactions. This is an order of an improvement of our target grade. Update is statically secure for near optimal corruption thresholds and has quadratic communication complexity to commit a block of and transactions, obtaining a linear amortized communication for only and transactions. We show that our protocols are also secure when the network and transition between asynchronous and asynchronous behavior, and that the adversary can do mobile between epochs but is limited to corrupting at most TS unique parts. And also please note the main points we thought very hard about them. Here is the roadmap of the paper and of the longer presentation Asia crypto tentative. We first describe update which uses error correcting codes through this communication complexity, and is based on two protocols work agreement and asynchronous common subset, which complement each other regardless of the network state. We then briefly describe upstate, which is the statically secure version of update which with almost optimal corruption threshold, which affects two types of smaller committees. Going forward, we look at what happens when there can be arbitrary changes of the network state, and the adversary can be mobile. Since our protocols use threshold crypto systems, we look at the security of asynchronous proactive secret sharing with refresh and prove that without future further restrictions, it is impossible to achieve. What if I did this negative result we constrain the adversary's capability to be mobile only inside the fixed set of parties and show that our protocols can achieve security despite key exposures. Finally, we will outline some open problems. Thanks and hope to see you there.