Bitcoin Review Podcast BR058 NDK, Vuln BTCPay & TrueType, Unleashed.chat, Faaans, Nostr DDoS +MORE ft. Craig, Pablo, Odell
Iâm joined by guests Craig Raw, Pablo & Odell to go through the list.
Housekeeping
- 00:10:34 Unleashed.chat
- 1,000 users achieved!
- Moved nostr vector DB to redis, much faster now
- Upgraded infrastructure a bit to handle more traffic
- Improved nostr integration
- API ready soon
- Looking at bitcoin blocks data next
- Faster nostr search
- 00:13:11 OpenSats
- Fourth Wave of Nostr Grants gives 7 more grants to the following nostr projects:
- Lume
- Flockstr
- Camelus
- noStrudel
- ZapThreads
- NIP-44 Cryptography Audit
- NIP-90 Data Vending Machine Framework
- Long-Term Support For Tobin Harding
- Tobin Harding is the latest LTS grantee welcomed by OpenSats.
- His inspiration to contribute to kernel patching sparked at the Perth LCA kernel mini-conf nine years ago.
- Backed by the LTS grant, Tobin continues to achieve significant milestones for rust-bitcoin.
- His contributions hold importance for projects like Fedimint, LDK, BDK, and electrs.
- 00:13:30 Faaans v0.0.1 announced by Pablo!
- NIP-46 oauth flow
- DVM-based Nostr wallet connect
- NIP-29 group chats
- NIP-88 Supporter tiers
- NIP-71 video support
Vulnerability Disclosures
- 00:22:10 Nostr DDoS Attack
- âA DDoS attack on Primalâs infrastructure started around 8pm Belgrade time on New Yearâs eve. We are back for now, but our services might get disrupted again in the coming days.â ~ Miljan
- âMr Primal Sir, I think my relay is under attack too. But I donât have the tools to analyze it. Can you share your findings? Is the whole network under attack? Been going on for days now.â ~ Alex Gleason
- âOurs was a classic network-level DDoS attack, where we were getting overwhelmed with requests from about 4000 different IPs. The requests were nonsensical, not trying to exploit our app, just overwhelm the network layer. We begrudgingly setup cloudflare as a temporary solution until we deploy something more sophisticated. Seems to have fixed the issue for now.â ~ Miljan
- 00:28:40 4-year campaign backdoored iPhones using possibly the most advanced exploit ever [arstechnica]
- âTriangulationâ infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
- Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.
- âThe exploitâs sophistication and the featureâs obscurity suggest the attackers had advanced technical capabilities,â Kaspersky researcher Boris Larin wrote in an email. âOur analysis hasnât revealed how they became aware of this feature, but weâre exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.â
- 00:42:50 A critical security vulnerability has been found in LNbank, external plugin v1.9.0. [BTCPay Server Announcement]
- âTo mitigate, all users using this plugin are urged to update immediately.â
- âThis security vulnerability only affects users using LNbank plugin, if you donât have it enabled ,youâre safe and no further actions are needed.â
- âLNbank plugin is also being phased out in 1.9.2.â
- LNbank is sunsetting
- âI am discontinuing the development of LNbank because for now there is no way for me to guarantee the safety of its usage.â ~ d11n
Bitcoin
Software Releases & Project Updates
- 00:45:59 Electrs v0.10.2
- Use batched RPC to fetch mempool entries & transactions (#979)
- Avoid redundant recomputation of fee histogram bins (#971)
- Explain behavior of config file loading (#964)
- Donât flush when nothing is written to DB (#958)
- Allow setting RocksDB log directory (#959)
- Upgrade bitcoin to 0.31.0 (#941)
- BTCPay Server
- v1.12.1
- A disabled plugin can now be uninstalled in the UI
- v1.12.0
- Release Highlights:
- .NET 8 Upgrade: Upgraded to .NET 8, requiring Docker engine version >= 20.10.10 for deployments.
- Docker Engine Update: Users are advised to manually upgrade Docker engine if encountering issues after the update.
- Under-the-Hood:
- Lightning integrations made extendible by plugins.
- Preparing migration of Altcoins to plugins.
- Plugin users may find them disabled; update compatible versions for BTCPay Server v1.12.
- Postgresql 11 End of Support: Ended support for Postgresql 11 due to its 5-year EOL. While it should still work, compatibility wonât be maintained.
- New Features:
- Webhooks: Added support for Payment Requests, Payouts, and extendibility by plugins.
- BIP129 Multisig Wallet Import: Added support.
- POS Keypad: Added plus and change clear functionality.
- Forms: Added support for adjusting invoice amount by multiplier, enabling percentage-based discount codes.
- Boltcard Management: Can pair or reset a Boltcard to a pull payment.
- Plugins Management: Allowed scheduling installs/updates of future plugins.
- 00:50:55 Ocean block templates update
- Available immediately, OCEAN is offering đşđđšđđśđ˝đšđ˛ đŻđšđźđ°đ¸ đđ˛đşđ˝đšđŽđđ˛ đ˝đźđšđśđ°đśđ˛đ, giving miners control over what blocks they are mining.
- The three options are:
- OCEAN Recommended (most real financial transactions and least spam)
- Bitcoin Core with the âOrdisrespectorâ spam filter
- Unmodified Bitcoin Core (same as other pools with fewest financial transactions and most spam)
- OCEAN will continue its 0% promotional pool fee for options 1 & 2 while there will be a competitive pool fee of 2% for option 3.
- 00:51:29 libsecp256k1 v0.4.1
- This release slightly increases the speed of the ECDH operation and significantly enhances the performance of many library functions when using the default configuration on x86_64.
- Changed:
- The point multiplication algorithm used for ECDH operations (module ecdh) was replaced with a slightly faster one.
- Optional handwritten x86_64 assembly for field operations was removed because modern C compilers are able to output more efficient assembly. This change results in a significant speedup of some library functions when handwritten x86_64 assembly is enabled (âwith-asm=x86_64 in GNU Autotools, -DSECP256K1_ASM=x86_64 in CMake), which is the default on x86_64. Benchmarks with GCC 10.5.0 show a 10% speedup for secp256k1_ecdsa_verify and secp256k1_schnorrsig_verify.
- 00:54:13 Wasabi Wallet v2.0.5
- Buy Anything Button: The release introduces a âBuy Anythingâ button in Wasabi Wallet, enabling users to purchase a wide range of items directly through the wallet.
- Partnership with ShopinBit: Wasabi Wallet has partnered with ShopinBit.com, Europeâs Biggest Bitcoin Store.
- Process:
- Initiation: Users can initiate a chat conversation with ShopinBitâs professional concierge team by clicking the âBuy Anythingâ button next to the âSendâ and âReceiveâ buttons in the wallet.
- Order Confirmation: After providing detailed information about the desired product, users wait for 24-48 hours for ShopinBitâs team to check and provide an offer. Once accepted, payment is made through a bitcoin invoice.
- Shipping and Tracking: If the product is physical, users enter shipping details, and the order can be tracked through a provided link. Shipping times vary based on the product and destination.
- 00:54:24 Nunchuk v1.9.38
- Support for recurring payments (Byzantine only)
- Add UX flows for properly reusing Coldcard or Tapsigner between wallets by suggesting user to switch to new accounts (Byzantine only)
- 00:54:44 Electrum v4.5.0 (in beta/rc)
- New feature: send the change of your on-chain transaction to a lightning channel, using a submarine swap.
- Full release notes
- 00:55:35 BlueWallet v6.4.12
- RON currency for widget
- See currency when tap and hold on balance
- Tool to generate last mnemonic word
- 00:55:48 Smart Vaults v0.4.0
- Custom policy path.
- Added support for UTXOs and addresses labeling.
- Added Manager.
- Frozen UTXOs used in proposals.
- Spend timelock validation.
- Implemented FromStr trait for the Amount type.
- Enabled serialization for the PolicyPathSelector enum.
- Added Key Agent.
- Added KeyAgentPayment proposal.
- Deterministic identifier for Signer Offerings.
- Nostr Database.
- FFI: Used uniffi pro-macro instead of UDL.
- Added SmartVaultsStorage.
- 00:59:30 Peach 0.4
- Introduced instant trade feature
- Streamlined offer creation process
- Enhanced visibility of past trade partners
- Modified match card format for smoother navigation
- Addressed loading problems from purged transactions in Peach Wallet
- Improved CSV export for trade history
- Edit private messages post-offer publication
- Updated currency display in header
- 00:59:41 Hodl Hodl
- 00:59:45 SatoshiGPT
- Now LIVE on the OpenAI GPTs Marketplace. [Announcement]
- Features:
- Answer any Bitcoin question
- Ask Bitcoin price
- Halving Estimator
- Bitcoin Mining Data
- Check Bitcoin transactions on Mempool
- Find Bitcoin merchants
- 00:59:54 Blockstream Green iOS v4.0.22
- Open all external links using a web view in the app
- Update Breez SDK to 0.2.12
- Improve bluetooth scanner
- Show login view at launch if user only has one wallet
- 1:00:20 Trezor v23.12.3
- Addresses can now be displayed in a spaced format, presenting them in user-friendly chunks of 4 characters.
- German and Spanish have been added as new official languages.
Project spotlight
- 1:05:13 TopBuilder: An intense competition designed to discover the next wave of innovators in the Bitcoin ecosystem.
- Apply before Jan. 13th to participate in this unique Bitcoin competition.
- Win up to $15K in Bitcoin
- Presented by Wolf and PlebLab
- This 8-week educational program is an exciting blend of builder sessions, workshops, announcements, and speaker panels, all designed to foster learning and growth within our community.
- 1:01:40 The Bitcoiner Test
- A 21-minute, 64 question rapid fire quiz about everything Bitcoin related. The aim of the test is to quickly sort people who understand Bitcoin from those who donât. This is particularly useful when you need to hire Bitcoiners and want to be sure youâre getting the real deal and not just a fast talker.
- Testing: The questions are multiple choice and the test has to be completed very quickly to avoid candidates using Google or AI to cheat.
- Payment: Payment is made via Bitcoin lightning payments only.
- Grading: You need to score 50% or higher to pass the test and receive a Certificate of Achievement. Those who score over 70% will receive a certificate with merit and those who score over 80% are deemed to have passed with distinction and this will be reflected on their certificate.
- Leaderboard: Once you complete and pass the test, your details will be immediately added to the leaderboard.
- 1:05:06 Bitcoiner Freelance: Find freelancers that accept Bitcoin
- 1:07:07 Rhino Bitcoin App: A comprehensive financial app that allows users to manage Bitcoin transactions, pay bills, borrow money, and invest in retirement accounts
- Trade and safeguard Bitcoin
- Pay bills and invoices
- Secure loans
- Invest in Bitcoin for your retirement
- 1:07:17 Orange Clock: An open source bitcoin timepiece for everyone
- What Makes Up an OrangeClock?
- Raspberry Pi Pico WH (Wireless w/ Headers already installed)
- Waveshare 2.9 inch eInk/ePaper Display Module for Raspberry Pi Pico (296 x 128 pixels)
- Follow this link to the correct display. It must have âPicoâ in the product name.
- Enclosure and 4 x m2.5 screws (6mm length) â either purchase an enclosure or print one yourself from these models
- 1:07:48 Economically Unspendable Bitcoin UTXO Calculator
- This tool makes it simple for anyone to determine the fee rate at which a given UTXO will cost more to spend than itâs worth.
- For anyone who is regularly receiving on-chain BTC deposits, such as via mining payouts or automated cost averaging.
- Github Repo
- 1:20:46 Loan shark: Fully collateralized bitcoin only loans without custodians, escrows, or margin calls
Lightning + L2+
Software Releases & Project Updates
- 1:21:46 Alby v3.6.0 đ Rainbow Aurora over Icelandic Waterfall
- NWC Connector: Added NWC connector as a feature.
- Allowance Warning: Included allowance warning for HTTP sites.
- Payment Summary Styles: Fixed styles for payment summary.
- Test Fixes and Icon Removal: Addressed test issues and removed the buy bitcoin icon.
- Welcome Screen and Connect Button: Fixed heading and connect button on the welcome screen.
- Responsive Tip Cards: Introduced responsive tip cards.
- Core-Lightning APIs: Fixed issues with core-lightning APIs.
- Preimage Return for LN Settlement: Updated Galoy connector to return preimage for LN settlement.
- New Onboarding: Implemented a new onboarding process.
- Centralized Images and Icons: Centralized image and icon display for smaller screens.
- Alby v3.2.0
- Add NWC listTransactions method
- 1:27:03 Fountain v1.0
- A new player design that gives you quick access to powerful features
- A new library design that makes it easier to find and organise your content
- A new clip editor that makes it quicker and easier to share clips
- A new way to explore clips that other listeners have shared
- A new home feed design that surfaces conversations happening right now
- A new and improved playlist feature that supports episodes, clips and tracks
- Partnered with Strike. Top up your Fountain wallet instantly using your preferred currency.
- 1:27:45 Mutiny Node v0.5.0
- Added initial Fedimint support for alpha testing
- Added support for the LSP spec
- Increase on chain gap when resyncing
- Require wallet restart when another device accesses same wallet when another is backgrounded
- 1:32:14 boltz-web-app
- 1:32:17 LNDg v1.8.0
- Auto-refresh of home page every 21 seconds (this can be toggled off from the top right corner of the dashboard)
- Adds unified backend controller - no longer need to setup each service individually (adds trading service)
- Trading page to setup and manage trading of custom or selected node data (using trade-secrets)
- Trade buys and sells can also be completed using the trade.py file from the command line
- Logs page has been added at /logs and displays the last few lines of the controller output
- Improved Auto-Fee logic
- Recycle connection for peers with expiring htlcs within 13 blocks
- More granular volume scores for suggested peers and shared trading data
- Adds the oTarget% column to the active channels table on the home page
- Expanded âLoad Moreâ feature to payments and invoices
- Routing volume stats next to active channels on the home page and now highlighted with a color gradient
- Sign message api improvement and QR code generation
- Adds a page at /reset that will allows users to see internal table counts and reset table data
- Future dates are now shown as a proper relative time and no longer as Just now
- Added Inflight and Pending rebalance sections to the lists on /rebalances
- Disconnect peer button added on the /peers page
- FeeLog has been added to the available api data endpoints
- Adds a Logout button to the bottom of every page
- Updated README file and added postgres setup doc
- Added many hover tool tips for more insights and tips
- Set a custom cookie expiration with initialize.py using the -sessionage or âsessioncookieage flag
- The keysend.py file now accepts command line arguments instead of being interactive
- Added fee bumps for pending sweeps
- 1:32:22 Amboss
- Introducing the Ghost Address [Announcement]
- A Ghost Address is a lightning address for receiving money directly to your own lightning node (self-custody) without running a separate Lightning Address server.
- Ghost Addresses use special Phantom Payments that donât require any additional node permissions or macaroons to receive bitcoin to a static lightning address endpoint.
- The destination included in a Ghost Address invoice is a Phantom Node. This node does not exist. Instead, your node will intercept payments to the Phantom Node destination using secrets provided by the Amboss API.
- Each invoice generated by the Ghost Address will include your node in the route hints allowing you to intercept the payment.
- Ghost Addresses are intended to replace using custodial Lightning Addresses, which are not private and reveal payment sizes, payment proof, and subsequent transactions.
- Payments made to a Ghost Address use invoices that Amboss generates, which reveal the amount of a theoretical payment. Amboss would be unable to provide proof of any completed payment using a Ghost Address.
- To improve privacy further and not expose theoretical payment amounts, a self-hosted Lightning Address server would be required.
- IMPORTANT: Matt Corallo raised some concerns
- âAm I correct in understanding your new design now deanonymizes both senders and recipients to Amboss, putting Amboss in the process of sending and receiving payments? This seems like a pretty big step backwards.â
- Also, this design allows AMBOSS to steal money any time one of these payments happens to route through a node you control. This seems like a pretty major issue for something billed as âself-custodialâ.
- 1:32:28 Swiss Bitcoin Pay app v2.0.0
- Open source - Code is now publicly available on Github
- Web support (PWA) - Now fully cross platform between iOS/Android/Web. Same codebase for all apps and web.
- In-app self-custodial wallet - When you register, there is now an option to create a self-custodial wallet in-app, using the most secure libraries and hardware pieces available on your device. Seed phrase is encrypted, stored locally on your device and never sent to Swiss Bitcoin Pay appâs server.
- Seamless ownership signature - When creating your account with the in-app self-custodial wallet, the ownership signature that is required (for legal reasons) is automatically done and sent to the servers in the background.
- Ability to split payouts to receive a % in bitcoin / % in fiat - Merchants now have the ability to split their payout and keep a part of their payments in Bitcoin, and auto-sell the rest in fiat.
- 9 new fiat conversion currencies - DKK, HKD, JPY, NOK, NZD, SEK, SGD, USD, ZAR
- New languages - Deutsch, Italian, Spanish and Portuguese
- 1:32:33 lnp2pBot v0.9.9
- New feature: Freeze orders
- Update pay to buyer
- 1:32:40 Mercury Wallet v0.10
- Mercury wallet is no longer supported.
- 1:32:42 Cashu Nutshell v0.14.1
- Stateless Mint: Nutshell mint can now be run âstatelessâ meaning that all state is in the database. This is a step towards being able to run multiple mints workers in parallel for heavy load scenarios.
- Max balance for mints: a new MINT_MAX_BALANCE environment flag makes sure that the mint can only hold a maximum amount.
- CLI: Create an invoice without blocking with cashu invoice
-n
Project spotlight
- 1:32:57 Bitcoin Connect by Alby: Just a simple bitcoin payments button
- A simple library that enables users to connect their wallet to lightning-powered websites on any browser through the power of WebLN, the open protocol for lightning on the Web.
- Easy to integrate and customize, bringing to life a sleek and tailored experience. Match your websiteâs both light and dark themes with only a few CSS variables.
- Request invoices on your website an let users pay in any way that is convenient to them: whether they want to connect their wallets to pay, scan the invoice or quickly open the payment request in their mobile wallet.
- 1:32:59 Sulu: Monetize your APIs using the fastest, most secure payment rails in the world
- Sets up your lightning paywall. From customized landing pages for your users, to analytics and insights for your team.
- Self-hosted or Managed
- Turn your data into actions.
- Reports: Get every team aligned.
- Features
- Built on top of LND
- Up to 1 trillion API calls a month
- Globally distributed
- Globally available
Nostr
Software Releases & Project Updates
- 1:33:10 NDK v2.3.2
- NIP-42 Support: One-liner relay authentication
- NIP-96 Support: Very easy media uploads
- [partial] NIP-29: Simple Groups
- Make Zaps more fault-tolerant
- Easier/better NIP-31 support
- Some last touches on the new NIP-46 OAuth-like flow
- 1:35:28 rust-nostr v0.26.0
- Nostr: Added NIP90 support.
- CI: Added support for aarch64 python wheels.
- SDK: Improved negentropy reconciliation.
- Nostr: Added GenericTagValue enum.
- Nostr: Implemented fmt::LowerHex for EventId.
- Nostr: Filtered out GenericTagValue variants that do not adhere to the spec.
- Nostr: Refactored EventBuilder::profile_badges.
- Database: Added support for event deletion by coordinates.
- Database: Improved NostrDatabase::count method.
- NIP-04: Allowed decrypting to raw bytes.
- Improved DatabaseIndexes::bulk_index performance.
- FFI: Used uniffi pro-macro instead of UDL.
- Implemented CLOSED messages.
- Nostr: Added support for NIP44 v2.
- Completed event module in nostr-ffi.
- Nostr: Added Tag::PublicKey.
- FFI: Added Keys::sign_schnorr.
- Added Nip19 for decoding any nip19 object.
- Nip19: Added nevent author.
- Stored deleted coordinates in DatabaseIndexes.
- Nostr: Fixed NIP44 v2.
- FFI (Nostr): Completed message module.
- 1:35:30 nostr-wallet-connect v0.4.0
- nwc connection page ui
- add manual migrations using gormigration
- add support both internal and public relay URL
- add get info method by
- add pay keysend method
- add list transactions to nwc
- Logged account will be shown to navbar at nwc.getalby.com
- UI Improvements & layout simplification
- 1:35:33 Primal iOS
- v1.1.15
- Transaction details screen
- Feed rendering improvements
- Better handling of insufficient funds
- v1.1
- Shiny new image viewer
- Improved feed rendering
- Solidified note editing
- Improved connectivity
- Solidified publishing
- 1:37:06 Amethyst v0.83.1
- Moves DMs to the audited NIP-44v2
- Adds support for NIP-31 alt tags
- Adds a k-tag to reactions
- Adds i18n for error messages when uploading images
- 1:37:10 Mostro
- v0.9.4
- Right status on message after addinvoice.
- Show users pubkeys after seller paid invoice.
- Shows right status.
- v0.9.3
- Update nip33 dispute event after admin action.
- Settle order and tags updates.
- Fixes on dispute and settle orders.
- Dispute settle and cancel cases messages.
- v0.9.2
- Update nip33 event with new status after success.
- Crud update.
- Update specs adding json event examples.
- Update mostro core and refactoring.
- Avoid storing npub internally.
- Documentation: npub to hex.
- Removed fn add_order from db.rs.
- Change table tag to z.
- 1:37:11 yana
Project spotlight
- 1:37:46 Flare by Zach Meyer: A video sharing site built on Nostr!
- Like YouTube, Flare lets you upload, view, comment, and like videos from your favorite creators. BUT unlike YouTube, canât strike, shadow-ban, or demonetize you just because we disagree.
- Since Flare is built on Nostr, you are free to serve your content from anywhere and consume content from any kind 34235 client youâd like.
- 1:37:49 delphi.market: A prediction market based on the bitcoin lightning network
- Create your own binary markets
- Trading of YES and NO shares
- Interactive order book
- Running on Mutinynet
- Free & open-source software
- 1:38:14 Arc Map (mapstr): Tag and review locations you love. Share them with others via Nostr. Develop a following and earn Sats
- The aim of Arc Map is to allow as many people as possible to participate in a Bitcoin based value for value system where users share location information to both earn and send Bitcoin.
- Tag and review locations on Arc Map, share them via Nostr, build a following and earn Sats (BTC).
- Features:
- Create a location tag for shops, cafes and places you want to share with others.
- Review existing locations that youâve been to.
- Get paid (in Sats ie BTC) for the locations you create and review by other Arc Map users which appreciate your content.
- Find locations which accept Bitcoin as payment.
- Search worldwide for locations and find reviews and places made by other Arc Map users.
Privacy Software
Software Releases & Project Updates
- 1:38:31 SimpleX Chat
- v5.4.2
- faster sending messages to groups
- new GHC 9.6.3 compiler resulting in lower CPU usage (except Android armv7 devices).
- iOS:
- improved notifications
- image/video picker now supports sending multiple videos (showing/scrolling video messages is still slow, it will be improved).
- video compression and meta-data stripping.
- fixed iPhone 7 and older crashing when connecting to desktop app.
- Android:
- fix individual message crashing the app, preventing access to the conversation
- splash screen when opening the app now matches system light/dark mode (Android 12+)
- v5.4.1
- Android and Desktop:
- better error reporting of desktop-mobile connection.
- better error/crash handling on - please send information from the alert on any app errors.
- fix bug with image not showing when received.
- minimum Android version is set to 9.
- Desktop:
- allow linking mobile without creating a user profile on desktop.
- configure IP address and port used for connecting mobile to desktop, to simplify firewall configuration.
- iOS:
- fix calls not connecting on slow networks.
- add logo to QR code in contact address.
- faster app suspension when moving to background (improve notifications).
Project spotlight
- 1:41:37 Meshtastic: An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices
- Enables you to use inexpensive LoRa radios as a long range off-grid communication platform in areas without existing or reliable communications infrastructure.
- 100% community driven and open source
- Features:
- Long range (254km record by kboxlabs)
- No phone required for mesh communication
- Decentralized communication - no dedicated router required
- Encrypted communication
- Excellent battery life
- Send and receive text messages between members of the mesh
- Optional GPS based location features
- How it works:
- Radios automatically rebroadcast messages, creating a mesh network for group-wide communication. This mesh can support up to 80 device nodes. Each Meshtastic radio can be paired with a single phone, allowing friends and family to address messages to a specific radio. For a detailed technical overview, refer to the section below.
Boosts
- 2:00:20 Thanks to everyone who streamed sats, and shoutout to our top boosters:
- [đ TOP BOOSTER] @winthrop (6,969 sats) âAs a regular listener, I frequently chuckle at the various âboring podcast/go take a napâ jokes But today when I woke up at 4:30 and couldnât drift off again, I thought, âhey, Iâll just ask NVK & company to lull me back into a blissful sleepâ nope. here I am, 7am, awake (although slightly delirious) and working extra hard to avoid typos. all that hype about a great nap, and nothing! At least Iâm caught up on recent news and developments in Nostr and Bitcoin. Iâve also been A+ entertained đâĄď¸â
- @vake (3,500 sats) âBitcoin is boring and nothing happens.â
- @dubravko (1,400 sats) âLedger makes me want to pull my fucking hair out.â
- @piez (1,000 sats) âMerry Xmas gentlemen!â
- @agichoote (555 sats) âI was about to complain that Bitcoin.review was not coming out often enough đŽâđ¨đŤ â
- @tym (500 sats) âvery helpful learning and napping contentâ
Bitcoin Optech Newsletter
- Highlights from recent Bitcoin Optech Newsletters:
- 283
- Disclosure of past LND vulnerabilities: Niklas GĂśgge posted to Delving Bitcoin about two vulnerabilities he had previously responsibly disclosed, which led to fixed versions of LND being released. Anyone using LND 0.15.0 or later is not vulnerable; anyone using an earlier version of LND should consider upgrading immediately due to these vulnerabilities and other known vulnerabilities affecting older releases.
- Fee-dependent timelocks: John Law posted to the Bitcoin-Dev and Lightning-Dev mailing lists with a rough proposal for a soft fork that could allow transaction timelocks to optionally only unlock (expire) when median block feerates are below a user-chosen level.
- Cluster fee estimation: Abubakar Sadiq Ismail proposed improving fee estimation in Bitcoin Core by using insights from cluster mempool design. The current algorithm may miscount fees due to Child-Pays-For-Parent (CPFP), where child transactions incentivize miners to confirm their parents. To address this, Ismail suggests tracking feerates of transaction chunks in cluster mempool, updating fee estimations based on confirmed chunks rather than individual transactions to provide more accurate predictions.
- How to specify unspendable keys in descriptors: Salvatore Ingala started a discussion on Delving Bitcoin about how to allow descriptors, particularly those for taproot, to specify a key for which no private key is known (preventing spending from that key). One important context for this is sending money to a taproot output that can only be spent via a scriptpath spend. To do this, the key that allows keypath spending must be set to an unspendable key.
- V3 transaction pinning costs: Peter Todd posted to the Bitcoin-Dev mailing list an analysis of the proposed v3 transaction relay policy on transaction pinning for contract protocols such as LN, claiming that transactions are still vulnerable to significant tx pinning griefing attacks.
- Descriptors in PSBT draft BIP: The SeedHammer team posted a draft BIP to the Bitcoin-Dev mailing list for including descriptors in PSBTs. The main intended use seems to be encapsulating descriptors in the PSBT format for transfer between wallets, as the proposed standard allows PSBTs to omit transaction data when a descriptor is enclosed. This could be useful for a software wallet to transfer output information to a hardware signing device or for multiple wallets in a multisig federation to transfer information about the outputs they want to create.
- Verification of arbitrary programs using proposed opcode from MATT: Johan TorĂĽs Halseth posted to Delving Bitcoin about elftrace, a proof of concept program that can use the OP_CHECKCONTRACTVERIFY opcode from the MATT soft fork proposal to allow a party in a contract protocol to claim money if an arbitrary program executed successfully. It is similar in concept to BitVM (see Newsletter #273) but simpler in its Bitcoin implementation due to using an opcode specifically designed for program execution verification
- Pool exit payment batching with delegation using fraud proofs: Salvatore Ingala posted to Delving Bitcoin a proposal that can improve multiparty contracts where several users share a UTXO, such as a joinpool or channel factory, and some of the users want to exit the contract at a time when other users are unresponsive (whether unintentionally or deliberately). The typical way to construct such protocols is by giving each user an offchain transaction that the user can broadcast in case they want to exit. That means, even in the best case, if five users want to exit, they each need to broadcast a separate transaction, and each of those transactions will have at least one input and one outputâa total of five inputs and five outputs. Ingala suggests a way those users could work together to exit with a single transaction that could have a single input and five outputs, giving them the typical payment batching reduction in transaction size by about 50%.
- New coin selection strategies: Mark Erhardt posted to Delving Bitcoin about edge-cases users may have experienced with Bitcoin Coreâs coin selection strategy and proposes two new strategies that address the edge cases by attempting to reduce the number of inputs used in wallet transactions at high feerates. He also summarizes the benefits and drawbacks of all the strategies for Bitcoin Core, both those implemented and those he has proposed, and then provides multiple results from simulations he performed using the different algorithms. The ultimate goal is for Bitcoin Core to generally select the set of inputs that will minimize the percentage of UTXO value that is spent on fees over the long term, while also not creating unnecessarily large transactions when feerates are high.
News & Noteworthy
Funding
- Billionaire Tim Draper donated $150,000 to Brink to fund Bitcoin developers [Brink]
Business & Finance
- JAN3 launched JAN3 Financial to help nation-states, companies, and high-net-worth individuals all over the world buy, sell and store Bitcoin. [Announcement]
- Brazilâs largest private bank Itau Unibanco to launch #Bitcoin and crypto trading service [Bitcoin Magazine]
- Sam Altman-backed crypto startup Meanwhile seeks to raise $100 million for bitcoin private credit fund
- MicroStrategy picks up a further 14,620 bitcoin for $615 million [The Block]
- The company spent $615.7 million on its latest stash, according to a Form 8-K filing published to its website today, at an average price of $42,110 per bitcoin. The purchases were made between November 30 and December 26.
- MicroStrategy now owns 189,150 bitcoin, which it purchased at an average price of $31,168. The company spent $5.89 billion on its holdings, which are currently worth $8.1 billion â up $2.2 billion on paper.
- Barry Silbert Resigns as Grayscale Chairman, to Be Replaced by Mark Shifke [Coindesk]
- Shifke is the CFO of Silbertâs Digital Currency Group and will take over Jan. 1, Grayscale said in an SEC filing.
- Grayscale Investments, whose application to turn its Bitcoin Trust (GBTC) into a U.S. spot exchange-traded fund (ETF) is being considered by the Securities and Exchange Commission, said Barry Silbert resigned as chairman and will be replaced by Mark Shifke.
- Shikfe, DCGâs chief financial officer, will replace Silbert as of Jan. 1, Grayscale said in an SEC filing without giving a reason for the changes. Mark Murphy, DCGâs president, also resigned from the board.
- Wasabi Walletâs CTO Leaves to Focus on âNext-Gen Bitcoin Anonymity Technologyâ [No Bullshit Bitcoin / Blog Post]
- âThe winds of change are blowing, signaling itâs time for this old cypherpunk to leave the helm of this grand adventure. My job hereâs done. Iâve moved on to other things. Wasabi is in good hands,â wrote Wasabi Walletâs creator and CTO @nopara73 in a blog post.
- âWhich brings me to my last journey with Wasabi Wallet. I am planning to devote 100% of my attention to coming up with and implementing the next-generation anonymity technology for Bitcoin.â
Government & Political
- Argentina Minister of Foreign Affairs says âwe ratify and confirm that in Argentina contracts can be agreed in #Bitcoin.â [Bitcoin Magazine]
- The announcement signifies a significant leap towards #Bitcoin adoption within the South American nation.
- Warren sent a strongly-worded letter to Coinbase, Blockchain Association & Coin Center asking about the extent to which they employ ex-military officials and ex-members of Congress. [No Bullshit Bitcoin]
- States that US Bitcoin advocacy groups âundermine bipartisan efforts in Congress and the Biden administration.â
- âI write regarding a troubling new report that your association and other crypto interests are âflexing a not-so secret weapon: a small army of former defense, national security and law enforcement officialsâ1 to work on your behalf to undermine bipartisan efforts in Congress and the Biden Administration to address the role of cryptocurrency in financing Hamas and other terrorist organizationsâ
- Argentinaâs Milei Proposes Incentives for Declaring Domestic, Foreign Crypto Holdings in Draft Bill [Coindesk]
- Declaring domestic and foreign crypto holdings could win Argentines a favorable tax rate and legalize the use of those assets in the country, regardless of their origin or where they are held, under controversial draft bill by newly elected President Javier Milei.
- Cryptocurrencies are among assets ranging from cash to property captured under the proposed regularization regime, with reduced penalties for early declaration.
Reads
- Hereâs a list of our top recently published reads:
- Introducing Ghost Addresses by Amboss
- Economically Unspendable Bitcoin UTXOs by Jameson Lopp
- The Nexus of Bitcoin and AI by the Team at Spirit of Satoshi
Episode submission ideas
- Weâre looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
- Podcast Twitter
- NVK Twitter
- Telegram
- Nostr & LN âĄnvk@nvk.org (not an email!)
Did I get anything wrong above? Help me correct it producer@coinkite.com