I’m joined by guests Harry Sudock, Pablo & Rijndael to go through the list.

Listen on your favorite podcast app:

Housekeeping

Vulnerability Disclosures

  • 00:46:19 Trezor announces security breach at third-party support portal. Up to 66K users possibly exposed to phising attacks [Trezor Blog]
    • “We are investigating a security incident that occurred on January 17th, 2024, where there was unauthorized access to the third-party support ticketing portal we use.”
    • “On January 17th, 2024, 20:20 CET, we identified unauthorized access to the third-party support portal we use. This breach occurred at the level of that third-party service provider we are currently engaged with. We are amidst a thorough investigation into the scope of this incident, along with the third-party service provider.”
    • “Based on the ongoing investigation of the incident and our communication with the third-party service provider there is a potential that the contact details of up to 66000 users, customers who have interacted with Trezor Support since December 2021, may have been accessed.”
    • “During our investigation, we were alerted to the fact that the individual contacted 41 of our users directly via email, requesting sensitive information related to their recovery seeds.”
    • “We have reviewed these interactions and alerted each of the contacted users within an hour of the incident. No recovery seed phrases have been disclosed.”
    • “Furthermore, we also believe 8 people who created accounts on our trial discussion platform hosted by the same third-party vendor might have had their contact details compromised too. All 8 people have been directly contacted by our support team and made aware of the incident.”
  • Disclosure of fixed consensus failure in btcd
    • Niklas Gögge disclosed a consensus failure in older versions of btcd related to signed transaction version numbers.
    • Negative version numbers were not handled correctly, leading to a potential chain split.
    • The issue was responsibly disclosed, and a fix is available in btcd v0.24.0. Users are urged to upgrade.
  • 00:47:54 Disclosure of past vulnerability in Core Lightning:
    • Read full disclosure
    • Matt Morehouse responsibly disclosed a vulnerability in Core Lightning versions 23.02 through 23.05.2.
    • The vulnerability, discovered during follow-up testing on fake funding fixes, triggered a race condition that crashed CLN.
    • CLN had fixed the original fake funding vulnerability but couldn’t safely include a test for it before the vulnerability was disclosed.
    • A quick patch was merged in CLN to prevent the race condition.
  • 00:49:09 Scam Bitcoin Wallets Are Still Reigning Free on Apple’s App Store Despite Multiple Reports [No Bullshit Bitcoin]
    • Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.
    • “There is still a scam ‘Sparrow Wallet’ app on the Apple App Store, despite myself and others having reported it weeks ago. Worse, you have to install it to report it” - Craig Raw
    • Fake Sparrow, Samurai and Electrum apps all recently on the app store
  • 00:50:36 GitLab warns of critical zero-click account hijacking vulnerability bleepingcomputer
    • GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.
    • The most critical security issue GitLab patched has the maximum severity score (10 out of 10) and is being tracked as CVE-2023-7028. Successful exploitation does not require any interaction.
    • It is an authentication problem that permits password reset requests to be sent to arbitrary, unverified email addresses, allowing account takeover. If two-factor authentication (2FA) is active, it is possible to reset the password but the second authentication factor is still needed for successful login.
  • Bitcoin self-custody: 12 vs 24-word mnemonic seed phrases by Bitcoin Gandalf
    • 12 vs 24-word mnemonic? Discuss

  • 00:51:51 OP_CAT is the vulnerability

Bitcoin

Software Releases & Project Updates

  • 1:06:47 Coldcard Edge Firmware v6.2.2X
    • New Feature: Miniscript USB interface
    • New Feature: Named miniscript imports. Wrap descriptor in json {“name:”n0”, “desc”:”"} with name key to use this name instead of the filename. Mostly usefull for USB and NFC imports that have no file, in which case name was created from descriptor checksum.
    • Enhancement: Allow keys with same origin, differentiated only by change index derivation in miniscript descriptor.
    • Enhancement: HSM wallet rule enabled for miniscript
    • Enhancement: Add msas in to the share_addrs HSM rule to be able to check miniscript addresses in HSM mode.
    • Enhancement: HW Accelerated AES CTR for BSMS and passphrase saver
    • Integration with Liana
    • Users can export xpubs via Advanced/Tools -> Export Wallet -> Generic JSON or Settings -> Multisig Wallets -> Export XPUB
    • xpub from step 1. can be imported to liana UI when policy is created
    • copy liana generated miniscript descriptor, paste it to file on SD card and import via Settings -> Miniscript -> Import From File (or via NFC, or VDISK)
    • Once miniscript wallet is registered, users can sign (PSBTs)
  • 1:11:55 Sparrow v1.8.2
    • Improve input and output labels in the transaction tree and their respective detail panel headers
    • Reduce server calls on opening a transaction tab by using open wallet history when performing spent output lookups
    • Support loading coinbase transactions when connected to Bitcoin Core via Cormorant
    • Support creating wallets from descriptors containing master xprvs
    • Display effective fee rate next to transaction fee rate when constructing a CPFP transaction (in addition to existing tooltip)
    • Support reading QRs containing revised BC-UR tags in the 40000 range, including v3 output descriptors
    • Encrypt Electrum wallet exports including private keys where a wallet password is available
    • Toggle the bitcoin unit on any label with a bitcoin value by clicking on it (@krzyczak)
    • Add the calculated master fingerprint to the passphrase entry dialog in Sparrow Terminal
    • Increase the payments tab header width on the Send tab
    • In Cormorant, round up the calculated wallet range to avoid frequent rescans with a large gap limit
  • 1:13:26 Electrum
    • v4.5.1
    • Lightning:
    • Better handle dataloss
    • allow manually requesting force-close in WE_ARE_TOXIC state
    • fix some timing issues
    • QML GUI (Android):
    • Properly refresh history if addresses are deleted from imported wallets
    • Qt Desktop GUI:
    • also support unfinished wallets when opened through File>Open
    • v4.5.0
    • General:
    • make number of logfiles to keep configurable
    • incremental writes of wallet file
    • add warnings and prompt users when signing txs with non-default sighashes
    • add option to merge duplicate outputs
    • fix: consider bip21 URIs as invalid if they contain unknown req-* param
    • Lightning:
    • fix BOLT-04 “MUST set short_channel_id to the short_channel_id used by the incoming onion”
    • add support for hold invoices
    • add support for bundled payments
    • support large channels
    • new flow for normal submarine swaps
    • QML GUI (Android):
    • port to Qt6
    • show private key in address details
    • show tx inputs in TxDetails and other dialogs2
    • label sync plugin toggle
    • message sign & verify
    • allow never expiring payment requests
    • add coins/UTXOs to addresses list, add filters
    • delete addresses from imported wallet
    • add support for lightning address and openalias
    • Qt Desktop GUI:
    • option to use extra trampoline for legacy payments
    • send change to lightning option for on-chain payments
    • Plugins:
    • swapserver plugin
  • 1:13:53 Robosats
    • v0.5.4-alpha
    • Coordinator serves robot hash_ids needed for >v0.6.0 client side robot identity generator.
    • Recommended and minimum onchain fees for payouts are now more accurate.
    • Devfund node has moved. The new node now has public access to the invoices services.
    • Perf increase on coordinator image build by @proof-of-reality
    • Build new full integration tests on testnet.
    • New currency Albanian LEK.
    • v0.6.0 pre-release Announcement
    • The new version introduces a significant enhancement known as the RoboSats Federation, that effectively fully decentralizes RoboSats into many independent and fully redundant coordinators that will compete to host your orders.
    • Includes:
    • Multiple Coordinators: Coordinators will now compete to provide users with the best fees, support, uptime and reliability and overall user experience. Lightning node runners can become RoboSats coordinator in the federation, given they gain the trust of the users.
    • Decentralized Instances: By spawning new instances, we increase the robustness of the platform. In order to fully stop the p2p market of RoboSats, every single instance must be stopped
    • Know Your Coordinator: You can find a lot about them in the profile such as ways to get in contact for private support, what fees they apply to the trades, what their privacy and data policies are, their lightning node pubkeys, and much more
    • DevFund Revenue: Coordinators can freely opt to not donate Sats for development
  • 1:14:51 BlueWallet v6.4.15
    • macOS Add Wallet menu item
    • Haptic feedback on Android
    • Allow importing a QR Code image from other sources
  • 1:15:18 Agora Desk v1.1.16
    • Moved the payment method selection button to the main screen.
    • Fixed the iOS push notifications bug.
    • Fixed the UI issue where the amount and payment method were overlapping with other text.
  • 1:15:28 ESP-miner
    • v2.0.7
    • Power management will now use the board version to distinguish capabilities
    • New Stratum password field
    • Version rolling now properly configured by stratum server
    • v2.0.5
    • Network resets2
    • Removed password from REST Get
    • Lowered voltage danger warning threshold
    • Added script to merge config into factory file
  • 1:18:55 Nunchuk Desktop v1.9.27
    • Byzantine 3-of-5
    • Added request-for-signature feature
  • 1:19:06 BitcoinTreasuries.net
    • contributor notifications
    • all EFTs added
    • reorder chart
    • API improvements and availability
    • Functionality to add mods and entity owners
    • Charts water mark; sorry, not sorry
    • Looking for ideas
  • 1:22:52 Parmanode v3.24.0
    • You can now CHOOSE to compile #Bitcoin from source (or stick with pgp verified binaries), add an ordinals filter patch, or even use LukeDashjr’s Knots version of Bitcoin instead
  • 1:23:01 Trezor v24.1.2
    • New Features
    • Trezor Suite introduces a new wipe code feature. Entering this wipe code instead of the PIN will erase all data on the Trezor device, offering increased security as a protective measure.
    • Improvements
    • Easily paste transaction details in CSV format directly into the Send form without the need for file creation or uploads.

Project spotlight

  • 1:23:30 GroupHug Server by Peach
    • Batching server that allows combining PSBT into a single batched transaction.
    • The PSBTs have to be payouts in full (ie no change). Otherwise, the change output can be stolen. In other words, only PSBTs with 1 input and 1 output are accepted. The PSBT inputs have to be signed with SINGLE ANYONECANPAY sig hash.
    • The batching server collects all PSBTs and when a threshold is reached, all PSBTs are combined, an extra fee output added and then each input is signed by the server with the default ALL sig hash.
    • The batching server will also add one additional output for optional donations to the service. The extra output value is calculated by summing up all inputs and subtracting the mining fees.
  • 1:23:40 Semaphore: Crowdfunding with Bitcoin by supertestnet
    • What is it?
    • Crowdfunding app utilizing Bitcoin’s smart contracting for fund recovery if the goal isn’t met.
    • How It Works:
    • Two ways to contribute: irreversible (straight to bitcoin address) or reversible (smart contract with fund recovery option).
    • Reversible option involves a smart contract with two spending paths.
    • Contributor creates a transaction sending money to the recipient, contingent on the fundraiser reaching the goal.
    • Signatures required for valid contributions, ensuring funds are only accessible if the goal is met.
    • Demo / Github
    • View Existing Fundraiser

Nostr

Software Releases & Project Updates

  • 1:24:11 nsecBunker v0.10.0 - Codename: nostr, an oauth-like protocol
    • This is a significant release that provides the ability to run OAuth-like bunkers which will allow registration in your bunker to new accounts.
    • It also integrates with LNBits + Nostrdress to provide the ability for new nostr users to be able to immediately receive zaps
    • LNBits
    • Nostdress for zap receives 👀 (thanks Don’t ₿elieve the Hype 🩊 (npub1nxa
a6q8))
    • NIP-89 announcement on each nsecbunker boot
  • 1:27:35 nos.social v0.1.2 (153)
    • Discover screen can now search notes by id.
    • Added pagination to Profile screens.
    • Migrate to Apple-native string catalog and codegen LocalizedStringResources with xcstrings-tool-plugin.
  • 1:27:37 rust-nostr v0.27.0
    • ffi(nostr): complete types module
    • nostr: add support to anonymous and private zaps
    • sdk: add ClientSigner
    • Add NIP07 support
    • Preserve Event de/serialization JSON field order
    • ffi(nostr): complete nips module
    • MSRV
    • add try_from implementation for filemetadata from tags vector
    • Add contrib/check-*.sh scripts
    • contrib: add scripts/check-book.sh
    • sdk: replace wait_for_connection option with connection_timeout
    • Init some nostr book sections
  • 1:27:40 nostr-wallet-connect v0.4.2
    • make timestamps numbers to follow NIP-47
    • new index for latest event by app_id
  • 1:27:42 Mostro
    • v0.9.6
    • lightning address support
    • v0.9.5
    • No currency exchange rate
    • Add validation
    • add get_fee() function to get mostro fee from amt
  • 1:27:44 nostream
    • v2.0.0
    • NIP-26 support has been removed. Delegated events will not be handled differently.
    • v1.26.0
    • add nodeinfo support
    • event_tags: Add event_tags table and migration script
  • 1:28:13 Amethyst
    • v0.83.7
    • New Signup screen
    • Reduces the size of the following icon
    • v0.83.5
    • Flare.pub support
    • Creating the benchmark build type on the modules as well.
    • Adds spotless
    • Improves the speed of contains
    • Initializing the isHidden state for the note correctly
    • Avoiding the creation of modifiers.
    • Adds support for displaying video events.
    • Add write support for NIP-10 deprecated positional tags in text notes to maximize backwards compatibility
  • 1:28:20 Coracle
    • 0.4.0
    • Add NIP 44 encryption support
    • Add NIP 24 chat support with NIP 04 backwards compatibility
    • Add NIP 72 community support
    • Add NIP 87 closed community support
    • Add NIP 51 calendar event support
    • Add NIP 99 classifieds support
    • Support cross-posting
    • Limit number of replies shown on feed
    • Search results sorted by relevance weighted by WoT
    • Add anonymous zaps
    • Strip hash from media urls
    • Add bitcoin connect support
    • Remove Apps page, move NIP 89 support to note info dialog
    • Publish NIP 89 client tag
    • Remove Explore page, move NIP 32 support to profile collections
    • 0.3.14
    • NIP 52 time-based calendar events publish/render
    • NIP 99 classifieds publish/render
    • Add support for bunker://
    • Improve theme switching reactivity
    • Re-work replies, note rendering, and feed controls
    • 0.3.13
    • Update lists to use new 30003 user bookmarks kind
    • Add NIP 96 file storage (thanks to @quentintaranpino)
    • Add NIP 98 auth support (thanks to @quentintaranpino)
    • Add DIP 01 imeta tag creation
    • Re-work keys page, include group keys
    • Add anonymous posting
    • Add note options dialog to replies
    • Add support for reposts and cross-posts
    • Conservatively load from cache when on a slow network
    • Add refresh button to feeds
    • Add image previews to note reply

Project spotlight

  • 1:29:39 Nostr NFC Art Cards
    • NFC Cards with designs from Artists that are on Nostr, and using only Nostr Native Commerce to distribute it to plebs.
  • 1:29:54 Flash - LND Node Management TUI
    • Open source command line tool for managing Lightning Network Daemon (LND) nodes.
    • Aims to provide features found in web-based UI tools but with advantages in speed, lightness, security, and flexibility.
    • Planned Features:
    • Channel Management
    • Payment tools
    • Encrypted credentials storage
    • Node performance metrics
    • Fully open source
    • Current State:
    • Started as a proof-of-concept.
    • Potential usefulness identified.
    • Seeking crowdfunding for further development.
    • What to Expect:
    • Early stage of development.
    • Regular updates on progress.
    • Contributions made upstream to LND-related projects.
    • Project is open source, and packages will be published after implementing base features.
  • 1:30:14 Nostr image host by supertestnet
    • Upload and view images on the web without an api key
    • What is it?
    • It’s an image host, like imgbb.com or imgur, except you don’t need an api key to use it in your development projects. Instead, you just need some javascript.
    • How does it work?
    • It works by dividing up the image into small chunks, uploading each chunk to a nostr relay as a note, and then reassembling them piece by piece.
    • Demo
  • 1:30:29 Hermes: A Lightning Address Messenger w/Fedimint
    • Hermes is an asynchronous lightning address server that uses Fedimint Ecash on the backend.
    • Registration:
    • Users register Nostr public key and username on Hermes server.
    • Lightning address is created during registration, requiring a small fee in ecash or lightning.
    • Receiving Payments:
    • Sender follows lnurlp protocol, triggers Fedimint Lightning Gateway transaction.
    • Hermes server generates an invoice, sender pays, and gateway locks ecash to receiver’s public key.
    • Hermes notifies receiver, and Fedimint Client updates pubkey-locked ecash on connection.
  • 1:30:37 stargazr
    • Explore lyrics, interpretations & connect with other fans
    • Uncover the stories behind your favorite songs, share your interpretations, and connect with a vibrant community of music lovers.
    • Fans:
    • Connect with artists and fellow fans to share a passion for music.
    • Engage in conversations, comment on lyrics, and celebrate artistry together.
    • Authentic Interactions
    • Genuine connections with fans and artists through Zaps.
    • Save and share beloved lyrics, connect with friends.
    • Artists:
    • Independence
    • Share music, lyrics, and stories directly with fans.
    • No platform lock-in; all content, fans, and interactions move with the artist.
    • Value for Value:
    • Utilize Bitcoin Lightning Network for direct fan support with a zap.
    • Stargazr empowers reciprocal support between artists and fans.
  • 1:30:43 Dmpling
    • Upload, set a price, get a link, share and get paid.
    • For creators, owners and distributors.
  • 1:30:49 Flockstr
    • Uses the NIP-52 kinds to create a meetup.com/eventbrite-style experience on Nostr.
    • Users can create calendar events, share announcements, RSVP to events, and much more.
    • Soon to integrate lightning to handle paid events and ticketing.
    • Built as a progressive web app
    • Demo
    • Seeking feedback.
    • Bounty: 100K sats to integrate Flockstr’s events (Meetup Calendars) on Amethyst by Vitor

Privacy Software

Software Releases & Project Updates

  • 1:35:07 Unleashed.chat
    • v0.1.9
    • You can now try our beta API! Key generation and more information at https://unleashed.chat/app/account.
    • v0.1.8
    • Improved spam filtering on Nostr content, which should lead to better search results in Nostr mode.
    • Chat window now differentiates between AI and user messages more clearly
    • Other UI and layout tweaks.
    • v0.1.7
    • Nostr mode improvements:
    • Implemented relevance score threshold when searching for a topic, i.e. you should see less irrelevant results when you ask about some topic or keywords.
    • Chat bot now has some knowedge about note authors and dates (TBD how reliable this is)
    • Allow specifying USD amount on LN invoice – for wallets that don’t support 0-amount invoices
    • v0.1.5
    • First phase of API rollout
    • Implemented /models and /chat/completions endpoints
    • Trying to keep it compatible with OpenAI API schema (should work with their libraries etc.)
    • SDK https://github.com/UnleashedChat/unleashed-sdk
    • Early API access (invite only)
    • v0.1.4
    • API key auth Implemented
    • Improvements to #Nostr mode:
    • Added 1000+ more user profiles to Nostr name lookup
    • You can now just ask for “latest notes” without mentioning names or a search topic (currently returns up to 15 notes at a time, more coming soon).
  • 1:36:05 SimpleX Chat
    • v5.4.3
    • fixed incoming calls.
    • stabilized iOS notifications.
    • additional diagnostics for message delivery.
    • v5.4.4
    • improved message delivery stability.
    • reduced battery usage on bad Internet connections.

Lightning + L2+

Software Releases & Project Updates

  • 1:36:36 Phoenix
    • 2.1.0
    • Can now add liquidity with the peer. This is especially useful if you keep receiving LN payments ; instead of having to splice-in (and incur on-chain fees) every time, you can plan ahead and save on fees for these LN payments.
    • 2.0.8
    • Added fallback to device passcode when biometrics fail
  • 1:37:03 rust-lightning v0.0.120 “Unblinded Fuzzers”
    • API Updates:
    • The PeerManager bound on UtxoLookup was removed entirely.
    • LDK now exposes and fully implements the route blinding feature.
    • The lightning-transaction-sync crate no longer relies on system time without the time feature.
    • lightning::onion_message’s module layout has changed.
    • Event::ChannelClosed now includes the channel_funding_txo.
    • CandidateRouteHop variants were destructured into individual structs, hiding some fields which were not generally consumable.
    • Security:
    • 0.0.120 fixes a denial-of-service vulnerability which is reachable from untrusted input from peers if the UserConfig::manually_accept_inbound_channels option is enabled.
    • A peer that sent an open_channel message with the channel_type field unfilled would trigger a reachable unwrap since LDK 0.0.117 (#2808).
    • In protocols where a funding output is shared with our counterparty before it is given to LDK, a malicious peer could have caused a reachable panic by reusing the same funding info in (#2809).
  • 1:37:08 Mutiny Node
    • v0.5.5
    • E2EE remote ecash backup, breaks previous ecash backups.
    • v0.5.4
    • Handle payjoin errors according to BIP 78
    • Only auto-label lnurls if no labels were given
    • Verify fedimint network
    • Sync non-nostr contacts
    • Log wrapped invoice from LSP
    • Return error for expired invoices
    • RBF fee bumping utilities
    • Set invoice labels after fedimint payment
    • Log dropped anyhow errors
    • Add some more fedimint logs
    • Add utilities for nip05
    • v0.5.2
    • Better bitcoin price API
    • Better lightning node peer connection logic
    • v0.5.1
    • Better bitcoin address gap management
  • mutiny-startos
    • v0.5.3
    • New Send UI!
    • Improved bitcoin price api, more currencies added
    • v0.5.1
    • Experimental support for Fedimint
    • Experimental support for Multiple LSPs using the LSPS spec
    • Increase on-chain gap limit when resyncing
    • Better multi-device support
    • Removed unused redshifts page
    • Better address gap management
  • 1:39:30 Alby
    • Launched Anser: A web wallet for Liquid by Alby
    • Self-custodial wallet for Liquid network.
    • Compatible with Alby browser extension.
    • Privacy Focus:
    • Functions as a client-side wallet.
    • Delegates transaction signing to Alby Browser Extension.
    • Private key securely stored on user’s device.
    • Getting Started:
    • Add a master key to Alby Extension for transaction signing.
    • Launch and connect to Anser.
    • Developer Friendly:
    • Available as a standalone library for web app integration.
    • Open Source
    • Live instance here (also on IPFS) or learn how to self-host your instance.
  • 1:40:14 Wallet of Satoshi
    • Launched WoS POS
    • Receive Bitcoin via the Lightning Network at your shop or market stall with our Point of Sale Partner App.
    • No Login Required - Receive only
    • Lightning Network / LNURL Enabled
    • Supports NFC Bolt Cards
  • 1:40:19 Clams Remote v2.0.0
    • New interface design.
    • Full refactor of codebase to include a local data set, utilizing a local DB for advanced and efficient queries.
    • Performance improvements to handle nodes with large data sets (> 100k payments).
    • New Native Desktop Application available for download.
    • Manage multiple CLN nodes connections at the same time.
    • Full onchain support including a new dedicated UTXOs route and intelligent payment summaries.
    • Passphrase encrypted sessions to improve security.
    • Advanced sorting and filtering options for payments, UTXOs, channels, offers and forwards.
  • 1:40:26 Fountain Android v1.0.2
    • App is now considerably faster
    • Audio playback issue causing gaps in dialogue fixed.
    • Skip silences feature in roadmap, coming soon.
    • Library Customization:
    • Customize library view for quick access.
    • Choose which quick links to display or hide at the top.
    • Swipe Gestures:
    • Added swipe gestures for managing episodes, clips, and playlists.
    • Swipe right to star or add to queue.
    • Swipe left to mark as played or remove from library.
    • Other Improvements:
    • Add nostr link to profile for easy following.
    • Nostr account integration from Fountain app settings.
    • Podcast splits manager bug fixes and UI improvements.
    • Toggle autoplay next in queue for bookmarking items without autoplay.
  • 1:40:30 Mercury Layer launched
    • Mercury Layer is a Layer 2 protocol for Bitcoin that enables the self-custodial transfer of coins (UTXOs) without on-chain transactions.
    • Not packaged as a fully consumer ready wallet.
    • It is being released as a library and CLI tool other wallets can integrate.
    • Docs
  • 1:43:16 Plasma Core Lightning Wallet launched on the App Store
    • Plasma uses LNSocket to connect to your node directly over the lightning network!
    • Connect to your Core Lightning node directly over the Lightning network with Plasma!
    • Scan a LNLink QR code and remotely manage your node, Plasma is lightning fast.
    • All it requires is your nodes public ID and a rune to connect.
  • 1:43:19 Bitcoin Connect v3.2.0-alpha
    • add currency switcher
    • add webln provider config
    • add api function to get connector config
  • 1:43:22 Blockstream Green
    • iOS v4.0.23
    • Improved QRCode readability
    • Watch-only wallets: disallowed changing preferences
    • Removed close channel on lightning accounts
    • Android v4.0.23
    • Improve build reproducibility
  • 1:43:24 Swiss Bitcoin Pay v2.0.2
    • Update German translations
    • Add Lint file
    • Improves Connect’s QR backwards compatibility
  • 1:43:27 Mash launches Rewards
    • Mash introduces a new feature to online media that allows communities to claim Bitcoin rewards through a “Reward Page.” The link to this page can be strategically placed, such as within a recent article, to incentivize community members to read through the content. Mash prioritizes ease of use, enabling creators to generate Reward Pages without coding, and community members can claim rewards using any Lightning wallet.
  • 1:43:30 Stackernews launches attach wallet
    • As part of its transition to a “half-custodial wallet,” StackerNews has introduced a new feature called “attach wallet.” This feature allows users to link an external wallet, preferably self-custodial, to automatically receive funds sent to them on the platform.
  • 1:43:53 Peerswap web UI
    • A new Web UI for PeerSwap has been introduced, offering support for Lightning <> Onchain swaps and Lightning <> Liquid swaps.

Project spotlight

  • 1:44:03 Aqua Wallet: A user-friendly, non-custodial Bitcoin wallet
    • Full SegWit support for reduced fees, a Lightning wallet for instant transactions
    • A Liquid Bitcoin wallet for faster transactions with lower fees
    • A Tether USDt wallet supporting multiple blockchains
    • Unique Bitcoin Chip feature for transferring assets and a planned marketplace for various financial services.
    • Available globally for iOS and Android
  • 1:44:05 Fiatlink by Breez
    • The goal of this project is to provide a unified API specifications for Fiat on-ramps to create interoperability and easier integration of multiple on and offramps into apps.
    • As first priority we want to support on and off ramps standardization with lightning.
  • 1:44:06 OPAGO Lightning POS Terminal
    • The LIGHTNING POS Terminal and our service are designed to make handling as easy as possible, allowing you to fully focus on your business.
    • You can create an OPAGO Online Account and set up the Terminal, linking it to your individual Lightning Wallet to receive payments.
    • Technical Specifications:
    • NFC payments via LNURLw or Boltcard (possible with the next firmware update)
    • Online payments via QR-Code over WLAN or hotspot
    • Offline payments via QR-Code + PIN
    • Compatible with all popular Lightning Wallets
    • Receive directly into your own Lightning Wallet
    • USB-C charging cable included
    • Durable 3.7 V battery
  • 1:44:10 Nutband – a post fiat apocalypse Cashu client working over Reticulum
    • Experimental minimalistic python-only user interface for cashu, using cashu nutshell implementation.
    • A demo of Reticulum, Cashu and my project Nutband that combines them, in order to use a Cashu mint over Reticulum mesh network – in this case over long range radio, and without internet.
    • Demo video / Github
  • 1:44:35 Autonode: A cloud-init template to build Bitcoin nodes automatically.
    • Autonode offers seamless automation for setting up new Bitcoin and Lightning nodes, eliminating the need for manual installations with each new instance. By utilizing cloud-init, a widely accepted standard for customizing and deploying cloud instances, Autonode streamlines the process of deploying nodes on preferred cloud platforms. Additionally, local deployment, including on devices like Raspberry Pis, is straightforward.
    • This tool includes all the essential software for a modern node, encompassing Bitcoin Core, an Electrs server, a Core Lightning node, and more. Users can precisely adjust installation details, such as software versions, using the provided template generator.
  • 1:44:48 BitcoinVoucherBot: A Telegram bot to purchase bitcoin and receive directly to your Alby lightning address.
  • 1:44:55 Satsforads
    • Satsforads allows you to get paid by advertisers.
    • Do you have a Lightning Address? Get paid by advertisers.
    • Want to advertise your service / product to Lightning Users? Create a targeted Lightning Address campaign to reach potential users.
  • 1:44:58 Lightning Weather App [Website / Github]
    • Demonstration of L402 API capabilities.
    • Showcases the power of the Lightning Network for application development.
    • Represents a shift towards a digital economy without reliance on traditional advertising or data harvesting.
    • Utilizes L402 APIs to emphasize a future where user experience and privacy take precedence.
    • Purpose:
    • Focuses on creating native applications prioritizing user privacy and a seamless experience.
    • The Lightning Weather App serves as a model, operating independently of advertising and invasive data collection.
    • A blueprint for developers aiming to build innovative, user-centric applications on the Lightning Network.
  • 1:45:57 Marina Wallet: Liquid Network browser extension [Github / Chrome App]
    • Pay and get paid via âšĄïž #LightningNetwork directly with your Liquid BTC balance.
    • No channels, no routing errors, and no force close fees.
    • Demo

Boosts

  • 1:46:01 Thanks to everyone who streamed sats, and shoutout to our top boosters:
    • [🏆 TOP BOOSTER] @garykrause_ (15,000 sats) “😮”
    • @apemithrandir (7,777 sats) “I hear Craig Raw I boost”
    • @qxotk (2,121 sats) “suoer useful, appreciate you and your guests and johnny”
    • @vake (2,000 sats) “Bitcoin is exciting and there is always so much happening!”
    • @wartime (1,000 sats) “thx! đŸ»đŸ§Ąâ€

Bitcoin Optech Newsletter

  • 1:46:37 Highlights from recent Bitcoin Optech Newsletters:
    • 286
    • Proposed changes to LN for v3 relay and ephemeral anchors:
    • Bastien Teinturier proposed changes to Lightning Network (LN) to optimize v3 transaction relay and ephemeral anchors.
    • Changes include anchor swap, reducing delays, trimming redirect, and other simplifications.
    • Discussion highlights reduced UTXO requirements, imbued v3 logic, and a request for max child size in v3 relay.
    • New documentation repository (BINANA):
    • Anthony Towns announced BINANA, a new repository for Bitcoin protocol specifications.
    • Current specifications include OP_CAT, Heretical Deployments, OP_CHECKSIGFROMSTACK, and OP_INTERNALKEY.
    • Bitcoin Optech added BINANA to monitored documentation sources alongside BIPs, BOLTs, and BLIPs.
    • 285
    • New LNHANCE combination soft fork proposed:
    • Read proposal details
    • Brandon Black proposed a soft fork combining OP_CHECKTEMPLATEVERIFY (CTV), OP_CHECKSIGFROMSTACK (CSFS), and OP_INTERNALKEY.
    • OP_INTERNALKEY simplifies taproot internal key handling and potentially makes scripts more reusable.
    • Enables LN-Symmetry, Ark-style joinpools, reduced-signature DLCs, vaults without presigned transactions, and more.
    • Technical discussion on enabled protocols. Listen to podcast discussion
    • Proposal for 64-bit arithmetic soft fork:
    • Read BIP draft
    • Chris Stewart posted a draft BIP for enabling 64-bit arithmetic operations in a future Bitcoin soft fork.
    • 64-bit values useful for operations on satoshis paid in an output (e.g., joinpool exit protocols).
    • Discussion on proposal details, encoding, taproot upgrade, and opcode upgrades. Listen to podcast discussion
    • Overview of cluster mempool proposal:
    • Read overview
    • Suhas Daftuar summarized the cluster mempool proposal, focusing on CPFP carve-out issues.
    • CPFP carve-out conflicts with cluster mempool policy; proposed solution using v3 transaction relay.
    • Major change consideration for Bitcoin Core’s mempool management algorithms. Listen to podcast discussion
    • Updated specification and implementation of Bitcoin transaction compression:
    • Read specification
    • Tom Briar posted an updated draft specification and proposed implementation of compressed Bitcoin transactions.
    • Changes include relative block height instead of nLocktime grinding and a second kind of variable integer.
    • Enables more practical relay through bandwidth-constrained mediums. Listen to podcast discussion
    • Discussion of Miner Extractable Value (MEV) in non-zero ephemeral anchors:
    • Read discussion
    • Gregory Sanders discussed concerns about non-zero satoshis in ephemeral anchor outputs.
    • Analyzes security problems with using trimmed HTLC amounts in ephemeral anchor outputs.
    • Proposed solutions include relaying only fully miner incentive-compatible transactions and burning trimmed value. Listen to podcast discussion
    • 284
    • Discussion about LN Anchors and v3 Transaction Relay Proposal
    • Antoine Poinsot posted to Delving Bitcoin to foster discussion about the proposals for v3 transaction relay policy and ephemeral anchors.
    • Listen to podcast discussion
    • Frequent use of exogenous fees may risk mining decentralization:
      • Ideal Bitcoin protocol rewards miners proportionately to hashrate.
      • Exogenous fees, like out-of-band fees, may risk mining centralization.
      • Actively used protocols like LN-Anchors allow exogenous fees, raising concerns.
    • Implications of exogenous fees on safety, scalability, and costs:
      • Designs like LN-Anchors require users to keep extra UTXOs, impacting scalability.
      • Endogenous fees considered more efficient than exogenous fees in new protocols.
    • Ephemeral anchors introduce a new pinning attack:
      • Minor pinning attack against ephemeral anchors discussed.
      • Users may face higher fees due to attacker’s actions.
    • An alternative: use endogenous fees with presigned incremental RBF bumps:
      • Alternative approach suggested by Peter Todd.
      • Challenges and concerns about endogenous fees discussed.
    • Overall conclusions:
      • Ongoing discussion; Peter Todd suggests phasing out anchor outputs.
      • Rusty Russell proposes efficient exogenous fees in new protocols.
      • Developers defend anchors in Delving Bitcoin thread.
    • LN-Symmetry Research Implementation
    • Gregory Sanders posted to Delving Bitcoin about a proof-of-concept implementation he made of the LN-Symmetry protocol (originally called eltoo) using a software fork of Core Lightning. LN-Symmetry provides bi-directional payment channels that guarantee the ability to publish the latest channel state onchain without a need for penalty transactions. However, they require allowing a child transaction to spend from any possible version of a parent transaction, which is only possible with a soft fork protocol change such as SIGHASH_ANYPREVOUT.
    • Listen to podcast discussion
    • Simplicity:
      • LN-Symmetry protocol is simpler than LN-Penalty/LN-Anchors.
    • Pinning:
      • Pinning challenges explored; insights applied to package relay and ephemeral anchors.
    • CTV:
      • CTV emulation considered for simple and fast forwards in LN-Symmetry.
    • Penalties:
      • Penalties not deemed necessary for LN-Symmetry; complexity and fund reservation concerns.
    • Expiry Deltas:
      • LN-Symmetry requires longer HTLC expiry deltas for safety.
    • Conclusion:
      • Sanders is currently working on making improvements to Bitcoin Core’s mempool and relay policy that will make it easier to deploy LN-Symmetry and other protocols in the future.

News & Noteworthy

Lightning

  • Maypoles Protocol Proposed by Clara Shikhelman (Chaincode Labs) for Lightning Network.
    • Aims to enhance topological features and reduce channel management costs.
    • Focuses on improving the hub-and-spoke topology.
    • Benefits:
    • Enhanced resilience and privacy.
    • Reduces costs for “High Availability Channels” users (e.g., merchants).
    • Improved network decentralization and connectivity.
    • Hubs gain more routing volume with no added cost.
    • Aims to strengthen the network’s topology with an incentive-aligned algorithm.
    • Maypoles Paper
  • Feerate-Dependent Timelocks (FDTs) Proposal:
    • Proposed by John Law for Bitcoin, specifically to enhance Lightning Network security.
    • Introduces Feerate-Dependent Timelocks (FDTs) as a solution to on-chain congestion and high fees during channel force-closure.
    • Ongoing discussions around scalability challenges and potential solutions, including covenants.
    • Original Proposal by John Law
    • Ben Carman’s Piece on Lightning Limitations

Business & Finance

Funding

  • OpenSats Long-Term Support For RenĂ© Pickhardt
    • RenĂ© Pickhardt, a recipient of a Long-term Support Grant, is fervently advancing fundamental research to enhance Bitcoin’s utility as a payment system through the Lightning Network. Supported by accolades, including a scholarship from the German National Academic Foundation and multiple Bitcoin Developer Grants from BitMEX, RenĂ© is dedicated to giving back to the communities that have aided his journey.
  • Spiral new grantee - @joschisanbtc [Announcement]
    • He’s helping build out its consensus engine and will continue to do so as a grantee.
    • He will also enable increased reliability and latency by contributing to the next Fedimint Lightning integration.
  • Spiral new grantees - @bitgould and Esraa, two devs working to improve PayJoin, which allows parties transacting in bitcoin to coordinate payments before posting to the blockchain without third-party intermediaries.
  • ETFs supporting Bitcoin
    • VanEck Pledges 5% of Bitcoin ETF profits to Bitcoin Core [Announcement]
    • “We’re not Bitcoin tourists”.
    • Solidifies commitment with a $10k initial donation.
    • Pledges 5% of potential Bitcoin ETF profits to support Bitcoin Core developers for a minimum of 10 years.
    • Bitwise will donate 10% of the profits of the Bitwise Bitcoin ETF (ticker: BITB) to bitcoin open-source development. [Announcement]
    • Bitcoin is important to the future. We’re excited for $BITB to support its foundation

Mining

  • “In 2023, Bitcoin added 53,999 blocks, weighing a combined 210 billion weight units. Those blocks confirmed 153,415,993 transactions, and earned 23431.56748471 BTC in fees.” - mononautical
  • Crypto Miner Core Scientific to Exit Bankruptcy [Bloomberg]
    • Firm’s approved restructuring plan cuts $400 million in debt
    • Core Scientific said it plans to re-list on Nasdaq this month

Hyperbitcoinization

  • Bitcoin Victoria Falls launched as the first Bitcoin Circular Economy in Zambia. [Announcement]
    • “The initiative aims to drive financial empowerment, Bitcoin education, Bitcoin tourism, and economic opportunity.”

Government & Political

  • The SEC approved the listing and trading of 11 spot bitcoin exchange-traded product (ETP) shares. [SEC Announcement]
    • 3 out of 5 Commissioner’s voted for the ETFs to be approved, including the Chair Gary Gensler. [No Bullshit Bitcoin]
  • New US Tax Reporting for Crypto Rule flipflop
    • US Tax Reporting Requires an IRS Report for Every $10K+ Transaction [No Bullshit Bitcoin]
    • The Infrastructure Investment and Jobs Act, which passed Congress in November of 2021, included a provision amending the Tax Code to require anyone who receives $10,000 or more in cryptocurrency in the course of their trade or business to make a report to the IRS about that transaction. [Coin Center]
    • IRS says businesses don’t have to report certain crypto transactions until new regulations issued. [The Block]
    • “They state that the new crypto reporting obligations in the Infrastructure Investment and Jobs Act “requires the Treasury Department to issue regulations before it goes into effect.” There is nothing in that law that says this and we are unaware of any legal reasoning that would have this be the case.” [Jerry Brito]
  • The SECGov X account was allegedly compromised, and an unauthorized post was made announcing approval of the Bitcoin ETFs. [SECGov Tweet]
  • UN Report Attacks Tether for Facilitating Global Crime [No Bullshit Bitcoin]
    • “Online gambling platforms, and especially those that are operating illegally, have emerged as among the most popular vehicles for cryptocurrency-based money launderers, particularly for those using Tether or USDT on the TRON blockchain,” said the report by the UN Office on Drugs and Crime (UNOD).
    • Tether Challenges UN Report and Calls for Blockchain Education
  • EU provisionally agrees on stricter due diligence rules for crypto firms [The Block]
    • If approved, the proposed rules would require crypto firms to conduct “due diligence” on transactions worth at least $1,090.
  • India crackdown on cypto exchanges
    • Apple and Google have removed the apps of many crypto exchanges, including Binance and Kraken, from its App Store in India.
    • The Financial Intelligence Unit (FIU), an Indian government agency, issued show cause notices to these exchanges, alleging non-compliance with India’s anti-money laundering rules.

Reads

Episode submission ideas

  • We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.

Get in touch with the pod

Did I get anything wrong above? Help me correct it producer@coinkite.com