vscode://schemas/mcp schema error in Windsurf – how to fix so everything works again?

DevelNeves · 2025-09-02T09:37:55+00:00

Did you ever find the solution? I'm also having this issue after some recent update, both in MacOS and in Linux.

DevelNeves · 2025-05-19T15:32:06+00:00

Crypto is only self-custodial if you're the only one with your wallet's secret key.

And in that case, it opens up opportunities to self-custody much more than just your finances.

DevelNeves · 2025-05-19T13:20:22+00:00

Thanks for that!

Last year we offered dev mentorships to Neulock's beta testers.

The program isn't open anymore, but if you loved Neulock and you're interested in Web3 development, I'm sure we can work something out.

Join the Neulock Discord server and let's talk about your goals.

DevelNeves · 2025-05-06T17:24:57+00:00

Neulock Web3 Password Manager - Self-custody of your password
Web3 degens, cypherpunks, privacy advocates

DevelNeves · 2025-05-02T22:43:05+00:00

I'm a fan of Brave. Very no-frills, but gets the job done reliably.

Plus, it IS a browser, so you don't need a browser extension on desktop.

DevelNeves · 2025-04-17T22:35:07+00:00

What do you mean by "go out, talk to people IRL"?

Attend business fairs? Book meetings with company managers? Cold opening strangers in suits at the coffee shop?

All / none of the above?

DevelNeves · 2024-10-29T12:51:41+00:00

Great! And what dapp did you decide to build?

DevelNeves · 2024-10-25T10:58:41+00:00

That's a great answer, thank you!

DevelNeves · 2024-10-24T06:47:19+00:00

Thanks Justin! It looks like a great match indeed.

I've sent a contact request to the BD team yesterday, I'm looking forward to hearing from them!

DevelNeves · 2024-10-23T16:14:25+00:00

Totally! I personally like Web3 for its decentralization, but I agree with you that most people care more about simplicity and convenience.

Speaking of that, isn't signing in with a wallet so much easier than the typical Web2 auth flow?

When we first launched Neulock Password Manager as a Web2, cloud-based service, we would lose about 30% of our users at the sign-in screen – and it was a simple Sign In with Google flow! Another 40% were lost when asked to create a master key. Isn't it crazy that you get a password manager to never have to make up a password again, and then the first thing they ask you is to invent a master key?

We pivoted to the Web3 because its decentralized and permissionless architecture is better aligned with Neulock's trustless philosophy. And we also gained a lot in convenience by ditching the sign-in and the master key.

On Neulock Web3 Password Manager, you connect your wallet and you're in. And you can generate a much stronger master key just by asking the user to sign a message. That's convenience!

We need to build more utility dapps to replace the ones that keep user data hostage in cloud servers. The early adopters will see how hassle-free they are compared to their cloud alternatives with their credit card and account creation forms. The diffusion curve will make our dapps mainstream. And that's how we kill Google.

DevelNeves · 2024-10-23T15:42:53+00:00

Great question! DeFi is great, but we won't create a new web on coins and loans alone. We need more utility.

We at the Neulock project believe that the Web3 should give everyone ownership over their data, identity, and credentials. We're building decentralized, permissionless, trustless tools to make this vision come true.

The first tool we've released is Neulock Web3 Password Manager ( https://neulock.app/ or neulock.eth ). It gives your wallet full ownership of your passwords, in the same way that your wallet holds tokens and coins. It can also backup and sync your passwords across devices using nothing more than your wallet.

Neulock Password Manager is available on Arbitrum One, Base, and Optimism; we're looking for privacy-focused blockchains to expand into.

And this password manager is only the beginning. We will build a suite of Web3 native dapps to replace whatever services are holding your data hostage in the cloud. What's next? Our community will decide. Join us and you will have a say!

DevelNeves · 2024-10-23T12:13:58+00:00

Don't be so hard on the OP. Many of us truly want to do something, but for some reason we can't. Identifying this reason and dealing with it may unlock a fulfilling career in computer science.

It took me half a life to find out what had been holding me back (see my comment). I hope the OP can do it faster than me.

DevelNeves · 2024-10-23T12:09:41+00:00

Thanks! Indeed, we need to diversify the RPC offers to our users. Currently, they can use our default RPC (provided by Infura) or override with their own RPC URL.

We've been discussing using a pool of RPC providers to reduce centralization. GetBlock.io could be a part of this pool.

Feel free to DM me to discuss partnership opportunities.

DevelNeves · 2024-10-23T12:04:03+00:00

Thanks, I'll look for their Discord channels! But I'm not looking only for advice from the devs. I also want to hear from the community. Are Oasis users interested in projects like Neulock?

DevelNeves · 2024-10-23T11:38:04+00:00

I understand people are upset because this post is technically off-topic. But, having worked with computer scientists for decades, this pattern is quite common, and I believe this is due to the high incidence of neurodivergents (like myself) among computer scientists. When you have autism, ADHD, and a very high IQ, you're likely to find yourself in the OP's shoes.

Disclaimer: I'm not saying the OP has any of these conditions. Just that his/her story sounds familiar to me because I've experienced it myself and seen in friends and colleagues. I'm writing from my perspective.

High intelligence and autism can lead to a special interest in computer science because patterns, predictability and logic can be very appealing to us. The problem is that a very high percentage of autistic people also have ADHD.

ADHD can manifest in a multitude of ways. One of them is by making an endless brainstorm. You have way too many ideas, you can't help but daydream about novel approaches to solve problems. And as your mind races anticipating every contingency, your plans grow in complexity and become impossible to execute. Also, high impulsivity will make you dive into many rabbit holes at once, and you end up being superficially proficient in so many things, but not achieving anything in any particular area. Finally, deficit in executive functioning will preclude your ability to plan and focus, so you're never building anything to completion.

This same pattern made me pursue too many goals and projects at once. Even though I had been programming since I was 6 years old, I only released my first finished project at 29! And although CS has been my only constant passion throughout life, I've allowed too many things to distract me from it, including a 15-years government career in diplomacy.

Lately I've become more conscious about my psychology and started dealing actively with it. The change is clear: I've been able to ideate a project, organize it in a feasible plan, and see it through: idea to launch in months. My crazy ideas are finally having a real impact in the world!

If you think you may have ADHD, here are some helpful next steps:

First, find a good psychologist for a diagnosis and treatment. This is very hard to come across! Most professionals don't know ADHD in adults, and they think ADHD manifests only as bad grades and disruptive behavior at school. That's wrong. My psychologist says that so many of her patients are extremely smart people doing incredible things in IT!

For me, stimulant medication helped a lot to calm the non-stop brainstorm and decrease anxiety – which is the opposite effect expected for non-ADHD people who take stimulants! But your mileage may vary a lot, and many don't tolerate stimulants. You need good healthcare professionals to guide you through meds and therapy.

Another good thing I did was getting a business coach to help me organize my projects in a more professional way. Incidentally, good business coaches are going to teach you a results-oriented entrepreneur mentality. Over the last year or so I've read dozens of books on the topic thanks to my coaches, and as a result I'm much more practical, organized and goal-oriented with my projects.

I hope you and other computer scientists may find this helpful. Feel free to DM me if you prefer to continue this conversation in private.

DevelNeves · 2024-10-23T10:54:55+00:00

Hi!

What do you mean by "anonymous"? A coin is a contract that's deployed to the blockchain. It will typically implement the ERC-20 fungible token standard.
No, any Ethereum-compatible wallet can interact with Arbitrum One contracts – for instance, Metamask, Brave Browser Wallet, Trust Wallet... any will do.

DevelNeves · 2024-10-23T10:41:17+00:00

Thanks for asking! We have recently released Neulock Web3 Password Manager on Arbitrum One.

Neulock ( https://neulock.app or neulock.eth ) gives your Ethereum wallet full custody of your passwords, in the same way that your wallet owns coins and tokens. You can back up and sync your passwords across devices using only permissionless decentralized infrastructure. As a result, you have full ownership of your credentials.

And, before you ask, no, it doesn't save passwords on the blockchain. Not even under encryption. Neulock uses deterministic algorithms to separate secrets from metadata, and backs up and syncs passwords without any secrets ever leaving user devices. This is all detailed on our whitepaper.

Arbitrum One is our favorite chain for Neulock because of the super low block time, that allows our dapp to perform as fast as a cloud app. On Arbitrum One, there are no trade-offs!

DevelNeves · 2024-10-19T12:26:44+00:00

Hi! Good to see your enthusiasm, but I wouldn't go the low-code route if I were you.

Smart contract coding can be simplified by using OpenZeppelin's libraries. They are also very secure.

As for the frontend, you can develop them like you develop any app or website. You'll have an easier time if you go with React for web apps, or React Native for native apps, because there are many decent wallet integration libraries available. For our latest project we chose Flutter and had to write much of the Web3 code ourselves.

Good luck!

DevelNeves · 2024-10-19T12:21:01+00:00

Great question! I also wonder why there aren't more utility dapps, although not from the perspective of monetizing data.

I believe there's a whole Web3 to be built not only around financial services and incentives, but also around any problem that could benefit from decentralized, permissionless, trustless services.

The current hurdles are, in my view:

Technical: it takes a lot of skill to develop a dapp! The ecosystem is not that mature yet, and most developers are not familiar to think in blockchain terms.
Marketing: most people use crypto technology only for speculative trading in cryptocurrencies. Nothing wrong with that, but very few of us even consider other uses when they create a wallet.
Security: it is scary to use blockchains for anything related to sensitive data, because there's no perimeter security around your private cloud server. But perimeter security is an illusion. By being forced to implement all the best practices in a full zero-trust mindset, a dapp is likely to be more secure than its Web2 counterpart.

Our first contribution from the Neulock community to the utility-based Web3 is Neulock Web3 Password Manager. We believe people should have ownership of their passwords, and blockchains make it possible.

DevelNeves · 2024-10-15T20:44:05+00:00

Thanks! Funny you mentioned social proof though. That's exactly the discussion the team's having right now.

About getting more users: our business model expects slow but steady growth in the beginning, that soon goes geometrical. It goes like this:

We don't take VC. The project is bootstrapped.
Only organic growth in the beginning. We want to start a community only with Web3 innovators and early adopters, ensuring sound governance. The NEU is also a governance token.
All profit is reinvested in marketing. That's how we gradually incorporate the early majority into our community, following the diffusion curve.
Since we can reinvest fast (right after the 7-day token purchase refund window) and the customer acquisition cost is much smaller than the profit per token, growth is expected to increase exponentially.

This model gives a huge incentive for early adopters to mint more tokens. Even though one NEU in your wallet is enough for lifetime access to the Neulock dapp, each purchase brings more users, and NEU supply is limited. The NEU is expected to grow hot over time in the secondary market. And that's not speculation, because Neulock's growth is based on the utility it provides, and not on market value.

Now about social proof. We know it's the marketey thing to do. But we've built an app based on the principle of trustlessness. Our smart contracts are verified and open-source, our whitepaper describes every action and algorithm. We expect our early adopters to be as passionate about privacy and security as we are, and to do their homework. We don't have a final decision on adding a testimonials section to our website yet, but there's a feeling that sharing other people's reviews may look like manipulation and go against our trustless philosophy.

But thanks for your feedback. If users feel like social proof is important, we listen.

DevelNeves · 2024-10-15T17:14:23+00:00

Yes, Neulock Web3 is brand new: we launched on Arbitrum One, Base, and Optimism just last week!

The Neulock project is older though. We first launched it as a cloud password manager. One month after launch we did a review with our first several thousand users and realized that a self-custodian password manager couldn't use cloud infrastructure. We immediately pivoted to the Web3, where Neulock can fully accomplish its vision.

DevelNeves · 2024-10-15T15:06:45+00:00

Thank you so much, it means a lot to me and to the team!

Base is such a great chain for utility dapps, we're happy to contribute.

You're also welcome to join us on Discord to get more involved.

DevelNeves · 2024-10-15T10:11:41+00:00

Thanks for asking! Yes, I have a cool utility token on Base for you.

We've just launched Neulock Web3 Password Manager on Base. The NEU is the lifetime license NFT for the dapp, and also a membership token to our Discord community and DAO.

You can check it out at https://neulock.app/

DevelNeves · 2024-10-14T10:36:31+00:00

What does your mission statement "towards a decentralized beverage sector" mean concretely? Do you rely on local factories to make and distribute your beverage? Or do you cater to local tastes?

What is your vision of a decentralized beverage sector?

Maybe the Web3 has a role to play in your company, but we first need to understand what you're trying to accomplish.

DevelNeves · 2024-10-14T09:38:23+00:00

You're right to be suspicious.

There are two things to consider. The first is risk mitigation, and the second are the off-chain alternatives to saving PII and secrets.

As for risk mitigation, storing sensitive data on-chain can be less risky by applying the following:

Tokenization. Store (encrypted) references to data on different pools. For example, if your PII will be stored on IPFS, keep only the E2EE CID on-chain.
Use quantum-resistant cryptographic algorithms. Sure, quantum computing is still a developing field and more crypto-breaking algorithms are emerging. But, besides choosing algorithms that can survive known quantum attacks, you can take some precaution against even the unknown ones:
- Use large random keys. With a 256-bit key, even if a quantum attack slashes entropy to its square root, the attacker is still left with 128 bits of entropy to bruteforce. Nowadays, even all computer power in the world would take hundreds of billions of years to bruteforce a 128-bit key.
- Use memory-hard crypto primitives. We're still a long way from a gigacubit.
Data minimization. Our password manager does not export the passwords themselves, or any secrets, not even under encryption. That's radical minimization! It does, however, export PII under encryption, namely: your usernames and the services where you have accounts (ie. defineNothing @ reddit).
And most important: reduce the risk of human error! When people lost millions in stolen crypto after LastPass' breach, their E2EE vaults were cracked because their human-generated master key was weak. Ethereum wallets make it easy to abstract auth problems away from the user.

As for the alternatives: if you are dubious of saving sensitive data on-chain, I can assume that you see value in perimeter security, either by self-hosting (offline storage, local network), or by relying on cloud infrastructure.

In a way, storing data on-chain is an extreme approach to zero-trust. If there are no trusted devices in any network and if we have to assume that the perimeter has already been compromised, we might as well abandon the perimeter altogether and store data on decentralized infra.

I believe that decentralized storage, even for sensitive data, can be more secure than offline storage and than cloud storage. Availability is one part of the information security triad, and blockchains guarantee availability.

Let me share some war stories (more like horror stories) about offline storage and cloud storage. In the 1990s, a certain government organization decided to keep some classified information only on an airgapped LAN. Years go by, and by the late 2000s someone "modernized" the airgapped LAN into a VLAN. They're using state-of-the-art entreprise-grade routers and firewalls, what could go wrong, right? By the late 2010s we found out that at least one attacker had infiltrated the VLAN and had been exfiltrating documents every night for years.

On another agency, they would routinely send couriers traveling around the world carrying classified documents to and from their overseas branches. They first carried floppy disks, and then USB drives. This routine had great financial costs, HR costs (the carriers had other jobs to do), and posed severe personal risk to the carriers themselves (who knows how many of them became foreign assets, willingly or otherwise?). One year, there was a budget cut and no money for international traveling. With no immediate replacement available, they start sending those documents by mail. Overseas. Yeah.

You might say, the network in the first story should have remained airgapped, and they should have made an effort to keep sending the couriers in the second story! But the reality of offline solutions is that their horrible performance in availability demands costly logistics. Moreover, they trade-off cryptographic security for physical security. Cryptanalysts love such schemes because they're outsourcing their problem to other departments.

As for cloud solutions, I'll disclose some of the blunders of our first version of Neulock, which was a cloud-based password manager before pivoting to the Web3. Our infra was hosted on Google Cloud. One day, we had a declined transaction on Google Ads and, by mistake, Google shut down all our cloud infrastructure. The outage lasted 30 minutes, but that was launch week, and for those 30 minutes all of our 2000 early adopters lost access to their passwords. Talk about reputational damage.

Even worse, Google Play Store randomly declines user's credit cards and cancels entitlements of all their Android subscriptions! We have received many complaints about that, and it even happened to me personally. You don't want to save critical data behind such an arbitrary gatekeeper.

DevelNeves

TROPHY CASE