I’m joined by guests Nifty, Nadav & Vivek to go through the list.

Listen on your favorite podcast app:

Quote of the Day

  • “Books don’t need batteries.” ~ Nadine Gordimer

Housekeeping

Vulnerability Disclosures

  • 00:02:22 BitForge: Fireblocks researchers uncover vulnerabilities in over 15 major wallet providers [Blog Post]
    • The Fireblocks cryptography research team has uncovered BitForge – a series of zero-day vulnerabilities in some of the most widely adopted implementations of multi-party computation (MPC) protocols, including GG-18, GG-20, and Lindell17.
    • Specifics:
    • The BitForge vulnerabilities, if left unremedied, would enable attackers to exploit a newly discovered flaw in the GG18 and GG20 protocols by exfiltrating the full private key due to a missing zero-knowledge proof. The Lindell17 protocol vulnerability stems from wallet providers’ deviating from the academic paper, creating a backdoor for attackers to expose part of the private key when signing fails. The exploits were validated on major open-source implementations, and a working POC was built on the open libraries.
    • The MPC-CMP and MPC-CMPGG protocols implemented by Fireblocks are not affected by the BitForge vulnerabilities as they utilize the required Zero Knowledge Proofs to validate all secret key material throughout the key generation, signing, and storage processes. In addition, Fireblocks adopts a multi-layer security approach by combining hardware security and MPC to reduce the attack surface and the feasibility of real-world exploits.
  • 00:03:58 Electrum v4.4.6 release fixes several lightning-related security issues “We will disclose these in 3 weeks; in the meantime, please upgrade.” [Electrum]

Bitcoin

Software Releases & Project Updates

  • 00:10:04 Electrum v4.4.6
    • Lightning:
    • Fix: Cannot sweep from channel after local-force-close, if using imported channel backup
    • Added a new field (local_payment_pubkey) to the channel backup import/export format and bumping its version number (v0->v1).
    • When you force close a channel, the GUI will prompt you to save a backup. In that case, you must export the backup using the updated Electrum, and not rely on a backup made with an older release of Electrum.
    • Hardware wallets:
    • Trezor: support longer than 9 character PIN codes
    • Jade: support more custom-built DIY Jade devices
    • Builds/binaries: Include AppStream metainfo.xml in tarballs
    • Fix: Exceptions in some callbacks got lost and not logged
  • 00:11:03 nix-bitcoin
    • Nifty to talk about this
  • 00:20:59 Blockstream Green iOS v4.0.11
    • Updated gdk to 0.0.65
    • Improved signing on Ledger
    • Improved bluetooth scanning
    • Added address authentication for singlesig software wallets
    • UI improvements to lightning accounts
  • 00:25:11 Bitcoin Tribe v2.2.1
    • Now use Border Wallets to create and restore Tribe
  • 00:25:19 Bitcoin Keeper v1.1.4
    • Now create Collaborative Wallet without subscription
    • UX improvements to the flow
  • 00:25:28 Ronin UI v2.2.0
    • Better Whirlpool CLI status, ability to log-in/out of Whirlpool CLI
    • Ability to (un)install Mempool Space Visualizer
    • Ability to switch between indexers (addrindexrs, electrs, fulcrum)
    • Ability to enable/disable Bisq connection
    • Every log section now has it’s own URL
  • 00:25:51 10101 v1.2.1
    • Add support for push notifications.
    • Added new setting to coordinator to configure max channel size to traders.
    • Speed up DLC channel setup and settlement by checking for messages more often.

Interlude: Opcodes affecting L2 🧨

  • 00:28:19 The guests discuss the different opcodes and specifically how they will affect L2.

Bitcoin (Continued)

Software Releases & Project Updates (Continued)

  • 00:44:20 Trezor v23.8.1
    • New feature: Coinjoin now available for all Trezors including Trezor Model One 🎉
    • New feature: Little Hodler wallpapers in the Trezor Model T homescreen gallery
    • Improvement: Reboot to bootloader without needing to reconnect the Trezor Model T
    • Improvement: Just Stop in place of Pause and Cancel in coinjoin account
    • Improvement:Coinjoin confirmation page with Terms & Conditions only shown once per T&C version
    • Improvement: Reduced installation file size
  • Geyser
    • You can now install Geyser as a Progressive Web App [Announcement]
  • LabelBase
    • Added support for “origin” and “spendable” fields in BIP-329 format.
    • Resolved minor bug in the list overview API calls.
    • Released a Python guide for easy Labelbase API integration:
    • Self-hosted version of the service coming soon.

Project spotlight

  • 00:45:01 Smart Vaults (formally Coinstr)
    • Smart Vaults is a Bitcoin native application that unlocks the power of miniscript, taproot and schnoor signatures enabling the creation of advanced policies with control over weights, waits and thresholds. Nostr relays are used for the discovery and coordination of signatures.
    • Released the BETA version of Smart Vaults for testnet. Looking for a handful of people to test the vault creation and spending process. (Earn 100k sats!)
    • Dependencies (defaults to public relays/nodes)
    • Nostr relay (strfry) to share encrypted messages between signers
    • Bitcoin core node
    • Compile time: BitcoinDevKit and rust-nostr, among others
    • Compatible with public relays but leaves non-chain metadata, such as the custom event types.
    • Event types:
    • Introduction of several new event kinds
    • 9288 - 9295; for types such as shared signers, proposals, policies/vaults, etc.
    • See github for more details: https://github.com/coinstr/coi…ants.rs#L9
    • Signing
    • Smart vaults includes a mobile app and desktop app for signing. They can both be connected to the web app via Nostr-Connect (NIP-46).
    • The PSBTs are encrypted and relayed to other signers via the Nostr relay.
    • Both apps include functionality for Nostr signatures and Bitcoin signatures. The user can also login to web using a browser plugin but of course cannot sign bitcoin transactions with that.
    • Applications:
    • Desktop application is in open BETA
    • iOS mobile app is releasing to TestFlight by mid-August. (DM to be on wait list)
    • Web application (advanced vault editor) releases in September.
  • 00:46:00 Nodeyez [Website / Github]
    • Contains a variety of python scripts to produce images based on your Bitcoin Node
    • Images can be displayed to video output such as an attached screen on a Raspberry Pi, as well as to a website dashboard for browser based access.
    • Some scripts have support for reporting data to a local Blockclock Mini.
    • Scripts can be run on their own, or run continuously in the background as a service on system startup.
  • 00:46:30 Satoshi Agent: A chatbot trained on all of Satoshi’s public statements using LangChain [Demo / Github (Frontend) / Github (Backend)]
    • The chat charges 10 sats using WebLN for each user interaction.
  • 00:46:52 Royllo Explorer: A open source search engine for Taproot Assets living on the Bitcoin blockchain [Github]
    • The Key features include:
    • Search for Taproot assets and proofs using our user-friendly web interface.
    • Add your proofs to our database to let the world discover and learn about your assets.
    • Add universe servers to let us discover new data automatically (Work in progress).
  • 00:47:20 Sovereign Stack
    • Sovereign Stack is a complete network solution enabling you to deploy Bitcoin-centric website infrastructure among one or more of your home or office locations.
    • It consists of this website which documents the project, and the Sovereign Stack code. Together these contain all the information you might need to create and operate your own Value4Value websites based on Bitcoin/Lightning.
  • 00:47:37 SeedHammer
    • Steel Backup Specialized for Bitcoin Multisig Wallets
    • Self-contained: Recover with Minimum of Shares.
    • QR Codes for Easy Recovery and Air Gapped Signing.
    • Works with all signers and hardware wallets.
  • 00:48:27 Chaincase - Free your coins from their linear public history without ever taking control Website/Github
    • Chaincase frees your coins from their linear public history without ever taking control
    • Tor Network Privacy, Neutrino Private Sync, CoinJoin & Coin Control Blockchain Privacy

Interlude: Privacy Solutions

  • 00:49:10 The guests discuss their thoughts on different privacy solutions

HAM stuff lunch break

  • 00:54:31 M17
    • M17 is a community of open source developers and radio enthusiasts building understandable systems in support of the hackers and experimenters’ history of ham radio.
    • M17 is developing a new digital radio protocol for data and voice, made by and for amateur radio operators.
    • Protocol’s voice mode uses the free and open Codec 2 voice encoder. (No patents, no royalties, and no licensing or legal barriers to scratch-building your own radio or modifying one you already own.)

Lightning & L2(+)

Software Releases & Project Updates

  • 00:56:18 Core Lightning v23.08rc3 “Satoshi’s Successor” [Announcement]
    • Taproot address support for #CoreLightning developed by @theinstagibbs
    • Introduction of Renepay developed by Eduardo Quintana & @renepickhardt
    • Splice funds in or out of a live channel - developed by @niftynei & implemented by @dusty_daemon
  • 01:03:31 Phoenix Android v2.0.0
    • Switch the LN engine from eclair to lightning-kmp
    • Support for splicing and dual-funding
    • Improved fiat currencies support
    • Export payments history
  • 01:05:27 LND
    • Merge simple taproot channels staging branch into master [Merged]
  • 01:11:46 Zeus v0.8.0 [Announcement / Demo]
    • “Opening up Zeus v0.8.0 MAINNET alpha builds to community supporters (those who have donated on https://zeusln.app/about) - reach out if you need access!”
    • “This release features our new embedded, in-app node and LSP.”
  • 01:12:10 Alby v3.1.0 🌌 A Cosmic Embrace
    • Every user is now able to sign transaction on the liquid network a Bitcoin layer-2 with smart contract capability and pay with bitcoin over the lightning network.
    • Web apps are now able to ask users for the wallet balance and display it in their app.
  • 01:14:33 Mutiny Node
    • v0.4.12
    • Adds safe mode, if our backend services are down, safe mode can be enabled to skip them and use mutiny in an on-chain only context
    • v0.4.10
    • Handle bad metadata when syncing nostr contacts
    • Allow anon zaps to lnurls
    • v0.4.9
    • Fixes a long standing bug where we would need to resync our on-chain history on boot every time. This will make startup faster and will allow our syncing of our on-chain state to be more efficient.
  • 01:15:39 Wallet of Satoshi v2.2.5
    • Re-instate external Buy and Sell BTC Links.
  • 01:16:02 Blink v2.2.111
    • Paycode to use bitcoin wallet as receiving descriptor
  • 01:16:10 Clams v1.8.3
    • Improves the offer creation flow by adding a description and examples for each type (pay, withdraw) so it is clear what each one does.
    • Fix for when pays / invoices do not have a valid timestamp which was causing infinite error notifications.
  • 01:20:19 BitBanana v0.6.6
    • Build changes to support F-Droid release
    • Changing the language no longer needs an app restart
    • Added support for region specific languages (e.g. Portuguese (Brazil) & Portuguese (Portugal))
  • validating-lightning-signer [v0.10.0 - Beta 2]
    • Added support for the Redb database and deprecated the sled based storage system.
    • Introduced the KEYSEND_PRUNE_TIME to expedite keysend transaction pruning.
    • Cached approved keysend and invoice requests in the proxy for up to 60 seconds.
    • Implemented a function, Persist::delete_channel, to address specific concerns.
    • Enabled block streaming in the frontend to optimize memory usage.
    • Implemented the ability to sign P2TR (Pay-to-Taproot) outpoints.
    • Improved efficiency by pruning stubs from failed channel openings after 6 blocks.
    • Implemented channel closure event monitoring.
    • Enhanced handling of spending anchors.
    • Introduced storage for counterparty revocation secrets.
    • Added a new sign_tagged_message method for raw signatures.
  • 01:20:32 Lightning Terminal v0.10.5-alpha
    • Update to the integrated Loop version
    • UI update use the correct unit for Loop Out swap deadlines
  • 01:20:50 Osmo v2.5.0
    • Improved experience by downloading your custom lightning address
    • Improvements in the conversion receipt
  • 01:21:07 Stacker News
    • Anon Accounts - Zap/post/comment without account
    • nostr login, zap metadata, comment/reply highlighting
    • Nostr login
    • Nostr zap metadata in notifications when your wallet receives a nostr zap
    • Link to the npub of the nostrich that zapped you and note that was zapped
    • Include a zap message if there is one
    • Recognize Zapple Pay zaps and correctly link to the zapping nostrich
    • Highlighting of new comments when you return to a thread
    • Better highlighting of replies in threads when you click on them from notifications
  • 01:21:23 Joltz Rewards
    • Bitcoin rewards API announced.
    • Allows any entity to incorporate Bitcoin rewards over lightning into their app, website, or business.

Project spotlight

  • 01:21:47 StaticWire: Rent Internet Protocol Subnets Using Bitcoin’s Lightning Network
    • StaticWire is an initiative to keep the Distributed Charge project distributed, but its usefulness is much greater, helping many other products and services overcome their connectivity problem.
    • StaticWire offers dedicated public static IPv4 addresses through WireGuard technology, with easy setup and bitcoin lightning network payments. -Ideal for bitcoin lightning node operators who self-host hardware, need remote access, and manage inbound lightning channels.
    • It enables automated payments and IP address delivery using bitcoin lightning network, supporting decentralized internet principles.
    • Supports routing subnets smaller than 256 addresses, with latency trade-offs for self-hosting internet services.
    • Built on WireGuard, allows seamless roaming between different connections and prepares for future transitions like IPv6.
  • 01:21:58 Lnshort.it
    • A URL shortening service that offers the convenience of Lightning payment integration.
    • Users can create short links that redirect to their desired webpage for a specified duration.
    • Pricing starts from 5 satoshis for a week of redirection and ranging up to 100 satoshis for a year.
  • 01:22:18 Lightning-GPT [Website / Github]
    • Pay XXX amount of Satoshis for a XXXms session with ChatGPT-4.
  • 01:22:31 Bitmatrix
    • Bitmatrix is a trustless exchange protocol on the Liquid Network that allows direct asset swaps without giving up the custody of funds. The protocol consists of a collection of covenant-based liquidity pools where each immutably lives on the network and enforces the trustless execution of trades.
    • Liquidity pools have custody of pooled assets, set prices according to a mathematical formula, and are always willing to trade those assets at those prices.
  • 01:22:43 Voltpay [Website / iOS / Android]
    • Lightning Point of Sale for businesses
    • Free subscription tier for all users
  • 01:22:51 Emeralize
    • Buy and sell educational resources for bitcoin
    • It’s like Substack x Udemy x meets Lightning Network

Privacy Software

Software Releases & Project Updates

  • 01:24:15 SimpleX Chat v5.2.3
    • Faster app loading.
    • Android: fully remove system backup.

Boosts

  • 01:25:06 Thanks to everyone who streamed sats, and shoutout to our top boosters:
    • [🏆 TOP BOOSTER] @cumr0cket (69,420 sats) “😴😴😴🚽😴”
    • @transisto (50,000 sats) “Marty didn’t do the work. 1) The amount of money chain analitics makes from wasabi is a microscopic part of their revenue. 2) they don’t send anything to them that they can’t already know from looking at the chain. 3) Wabisabi doesn’t have arbitrary denomination they just have many that are multiples of a few base so to increase composability. As a user, dust generation is absolutely not a problem, it has the extra benefit of not producing any toxic change. Anonscore is extremely conservative…”
    • @apemithrandir (7,777 sats) “two RHRs in one week! you’re spoiling me”
    • @dubravko
    • (1,000 sats) “Very funny format, starting off adversarialy, getting a dig (What wallet can you do that with?), great follow up with the guys making the case FOR the other technology.”
    • (1,000 sats) “Here is Texas, even the liberals get guns for X-Mas 😂🤣”
    • @chunky (2,121 sats) “This is why I trust the good people of Robinhood to hold all my sats”
    • @michaelmatulef
    • (2,100 sats) “I 🧡 list show podcasts”
    • (1,000 sats) “🥊🥊”
    • @garykrause_ (1,000 sats) “🪦”

Bitcoin Optech Newsletter

  • 01:27:23 Highlights from recent Bitcoin Optech Newsletters
    • 264
    • Adding expiration metadata to silent payment addresses:
    • Peter Todd posted to the Bitcoin-Dev mailing list a recommendation to add a user-chosen expiration date to addresses for silent payments. Unlike regular Bitcoin addresses that result in output linking if used to receive multiple payments, addresses for silent payments result in a unique output script every time they are properly used. This can significantly improve privacy when it’s impossible or inconvenient for receivers to provide spenders with a different regular address for each separate payment.
    • Serverless payjoin:
    • Dan Gould posted to the Bitcoin-Dev mailing list a draft BIP for serverless payjoin. By itself, payjoin as specified in BIP78 expects the receiver to operate a server for securely accepting PSBTs from spenders. Gould proposes an asynchronous relay model that would start with a receiver using a BIP21 URI to declare the relay server and symmetric encryption key they wanted to use for receiving payjoin payments. The spender would encrypt a PSBT of their transaction and submit it to the receiver’s desired relay. The receiver would download the PSBT, decrypt it, add a signed input to it, encrypt it, and submit it back to the relay. The spender downloads the revised PSBT, decrypts it, ensures that it is correct, signs it, and broadcasts it to the Bitcoin network.
    • 263
    • Denial-of-Service (DoS) protection design philosophy
    • Anthony Towns posted to the Lightning-Dev mailing list in response to the channel jamming part of the notes for the recent LN developers meeting. The notes said “the cost that will deter an attacker is unreasonable for an honest user, and the cost that is reasonable for an honest user is too low [to deter] an attacker.”
    • Towns suggested an alternative to trying to price out attackers: make the costs paid by both attackers and honest users reflect the underlying costs paid by the node operators providing the service. That way, a node operator who is earning a reasonable return on providing services to honest users will continue earning reasonable returns if attackers begin using those services. If the attackers try to deny services to honest users by consuming an excess amount of node resources, the nodes providing those resources have an incentive—greater income—to scale up the resources they provide.
    • HTLC endorsement testing and data collection:
    • Carla Kirk-Cohen and Clara Shikhelman posted to the Lightning-Dev mailing list to announce that developers associated with Eclair, Core Lightning, and LND were implementing parts of the HTLC endorsement protocol in order to begin collecting data related to it. The help this, they’re proposing a set of data that will be useful for test nodes to collect for researchers.
    • Proposed changes to Bitcoin Core default relay policy: Peter Todd started two threads on the Bitcoin-Dev mailing list related to pull requests he’s opened to change Bitcoin Core’s default relay policy.
    • Full RBF by default
    • Removing specific limits on OP_RETURN outputs

News & Noteworthy

Lightning & L2(+)

  • 01:30:25 LND and LDK successfully interop test blinded paths
    • Users of one implementation will be able to pay users of the other using Blinded Paths, and vice-versa.
  • The Liquid Federation fulfills long standing goal to open-source the functionary code, allowing anyone to audit the code and create their own Liquid-like network.
    • As of 15th August, the Liquid Network’s functionary source code is free and open-source to the public. The release allows anyone to audit the code that runs the functionaries and to create their own Liquid-like network with similar features.
    • With the functionary code, independent parties and users can now review how:
    • Unsigned Liquid blocks are produced (in Elements)
    • Liquid blocks are distributed and signed
    • DynaFed transitions, which update the set of functionaries who operate the network, are coordinated
    • Network parameters are added to the block headers to update consensus rules
    • UTXOs are swept back to the Federation address when they are close to expiring
    • Peg-outs are analyzed and delivered

Business

  • 01:30:37 Parker Lewis and Will Cole have joined Zaprite as Head of Business Development and Head of Product respectively [Press Release]
  • 01:30:45 Binance Becomes the First Fully Licensed Crypto Exchange in El Salvador [Press Release]
    • The exchange has been granted both a Bitcoin Services Provider license and the first non-provisional Digital Assets Services Provider license, allowing it to offer tailor-made products and services in the country.

Funding

  • 01:30:54 BitGo Secures $100M Series C Funding At $1.75B Valuation [Press Release]
    • BitGo announced today $100M Series C financing from new, outside strategic investors with a valuation of $1.75B.
    • The funds will be deployed to make strategic acquisitions and expand its secure and regulated custody, wallet, and infrastructure solutions globally.
  • Orange Pill App Raises $250K in Pre-Seed Funding for Bitcoin Social Networking [BTC Times]
    • Orange Pill App, a social networking platform designed to foster real-world connections among Bitcoin enthusiasts, announced a successful raise of $250,000 in pre-seed funding.
    • The investment round was spearheaded by Lightning Ventures and included participation from various angel investors, such as NBA star Matthew Dellavedova and the Barefoot Bitcoin Fund.

Mining

  • 01:31:37 Bitmain, Anchorage Expected to Take Equity in Bitcoin Miner Core Scientific as Part of Bankruptcy Plan [Coindesk]
    • The world’s largest crypto mining machine maker is set to take a $54 million stake in Core Scientific as the miner emerges out of Chapter 11 proceedings.
  • “The two largest bitcoin mining pools in the world - Foundry USA and Antpool - require identity verification on all miners that use them. 53% of global bitcoin hash rate has been doxxed between these two pools.” [Odell]

Political

  • 01:31:49 Pro-Bitcoin Candidate Javier Milei Snags Primary Presidential Elections in Argentina [Coindesk]
    • With 90% of the vote counted, Milei – of the “La Libertad Avanza” (Freedom Advances) party – had 30.5% of the votes versus candidates from “Juntos por el Cambio” (Together for Change) and “Unidos por la Patria” (United for the Homeland), who received 28% and 27%, respectively.
    • Argentina’s Milei Vows to Pay Country’s Debt While Shuttering the Central Bank [Bloomberg]

Reads

  • 01:33:05:07 Here’s a list of our top recently published reads:
    • Torq’s Twitter Thread on HTLCs
    • How Lightning Powers the Global AI Economy … Where the Machines Pay You⚡🤖🌎 by Ryan Gentry
    • Thoughts on scaling and consensus changes by JamesOB
    • GrapheneOS: De-Google your phone and improve your privacy by Bitcoiner.guide
    • Field Report: Implementing MuSig2 by Brandon Black from BitGo in [Bitcoin Optech]
    • How (Actually) Open AI Wins by Max Webster
    • Bitcoin’s Lighting Network: Fast, Cheap, And A Lifeline For Latin America by Mickey Koss
    • Looking Ahead: Lightning Payments in 2025 by River
    • No-Code + AI + Bitcoin: The Ultimate Trio for Future Workflows by Alby
    • Fiat Ruins Everything by Jimmy Song

Episode submission ideas

  • We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.

Get in touch with the pod

Did I get anything wrong above? Help me correct it producer@coinkite.com