I’m joined by guests Mike Schmidt & Rijndael to go through the list.

Listen on your favorite podcast app:

Housekeeping

Vulnerability Disclosures

  • 00:04:18 Security researcher leveraged a flaw in recent UX change on cryptocurrency exchange Kraken, crediting their account with $3+ million in various assets [The Hacker News]
    • The flaw would allow an attacker to “initiate a deposit onto our platform and receive funds in their account without fully completing the deposit.” [Kraken’s CISO explainer]
  • 00:10:08 Ransomware Group LockBit Threatens to Leak Federal Reserve Data TFTC
    • The ransomware group LockBit claims to have hacked the Federal Reserve and threatened to release 33 terabytes of sensitive banking information.
  • 00:10:50 PSA: Multiple Fedimints are experiencing severe DNS issues, significantly degrading functionality Mutiny
    • DNS Issues:
      • Some guardians have an XYZ domain taken over by the DNS registrar.
      • Freedom One and Bitcoin Principals each have one guardian offline.
    • Guardian DNS Problem:
      • Server and keys for these guardians are intact, but DNS cannot be swapped out after setup.
      • This has affected multiple federations.
    • Critical State:
      • With one out of four guardians permanently offline, it’s crucial to withdraw funds immediately if you have them in these federations.
      • Withdraw to another lightning or on-chain wallet as there are no other known public federations.
    • Connectivity Issues:
      • Intermittent issues may occur with guardians, leading to errors if not all three remaining guardians are consistently online.
      • No other guardians have XYZ domains.
    • Mutiny Wallet Response:
      • Removing the federation setup flow in the UI as a first step due to the critical situation.
      • Apologies for the inconvenience.
  • 00:17:08 Bitcoin Core vulnerability disclosure policy discussions report [Antoine Poinsot’s Gist]
    • A discussion is in progress amongst Bitcoin Core developers on how to improve the tracking and disclosing of security-critical bugs.
  • 00:21:32 DoS disclosure: LND Onion Bomb [Delving Bitcoin discussion]
    • “LND versions prior to 0.17.0 are vulnerable to a DoS attack where malicious onion packets cause the node to instantly run out of memory (OOM) and crash.”
  • BtcTurk, Turkey’s largest cryptocurrency exchange, victim of a cyber attack [BtcTurk status page]
    • Unauthorized withdrawals have been processed on June 22, 2024, leading to a portion of the hot wallets to be affected. According the status report, the assets held in the exchange’s cold wallets remain secure.
  • 00:25:06 BitcoinLink: critical vulnerability exploit results in user’s wallet to be drained [Developer’s announcement]
    • BitcoinLink is an open source non-custodial payment service that allows you to send bitcoin using a one-time-use reward links redeemable via lightning, using Nostr Wallet Connect (NWC). [Github]
    • The hacker was able to obtain a valid user-generated link and grab its secret, then obtain the encrypted NWC from the developer’s unprotected endpoint. Once decrypted, the funds could be drained.
  • 00:27:40 DISGOMOJI: newly discovered Linux malware controlled through emojis sent from Discord [Bleeping Computer]
    • The malware used emojis to avoid detection by security software generally looking for string-based malware commands.
  • 00:28:11 Physical attack in London, England: three armed men force Ethereum developer to transfer 1,000+ ETH [Archived Twitter post]
  • 00:29:36 Cryptocurrency influencer and three other people kidnapped in Montreal, Canada, the events are allegedly related to a previous ‘pump and dump’ scheme [La Presse]
  • 00:30:16 Compromised address: 0.5 bitcoin lost to fees in a bidding war after funds were sent to a compromised address [@mononautical’s Twitter post]

Bitcoin

Software Releases & Project Updates

  • 00:31:40 COLDCARD WIP release (Thursday Target)
    • Shared Improvements - Both Mk4 and Q
      • New Feature: PushTX: once enabled with a service provider’s URL, you can tap the COLDCARD and your phone will open a webpage that transmits your freshly-signed transaction onto the blockchain. See Tools > NFC Push Tx to enable and select service provider, or your own webpage. More at https://pushtx.org. You can also use this to broadcast on any transaction on the MicroSD card (See Tools > NFC Tools > Push Transaction)
      • New Feature: Transaction output explorer: allows view all output details of larger txn (10+ output) transactions before signing.
      • New Feature: New setting to enable always showing XFP as first item in home menu.
      • Enhancement: Add Sign PSBT shortcut to NFC Tools menu
      • Enhancement: Stricter p2sh-p2wpkh validation checks.
      • Enhancement: Mention the need to remove old duress wallets before locking down temporary seed.
      • Enhancement: Add Theya option to Export Wallet
      • Enhancement: Signing UX - show sum of outgoing value on top. Always show number of inputs/outputs.
      • Bugfix: Display max 20 change outputs in main signing story. Use Transaction output explorer.
      • Bugfix: Fix PSBTv2 PSBT_GLOBAL_TX_MODIFIABLE parsing.
      • Bugfix: Decrypting Tapsigner backup failed even for correct key.
      • Bugfix: Clear any pending keystrokes before PSBT approval screen.
      • Bugfix: UX shows only 10 outputs with the biggest value on screen, other values available after a keypress.
      • Bugfix: Calculate progress bar correctly in Address Explorer after first page.
      • Bugfix: Search also Wrapped Segwit single sig addresses if P2SH address provided, not just multisig (multisig has precedence for P2SH addresses)
    • Mk4 Specific Changes 5.3.2 - 2024-06-XX
    • Bugfix: Displaying change address in Address Explorer fails if NFC and Vdisk not enabled.
    • Q Specific Changes 1.2.2Q - 2024-06-XX
      • Enhancement: Coldcard multisg export/import format detected in Scan Any QR Code.
      • Bugfix: Exporting BIP-85 derived entropy via NFC was offered even when NFC disabled,
      • leading to a Yikes error.
      • Bugfix: Support newer-version QR scanner modules.
  • 00:43:40 bbqr-ffi: iOS/MacOS and Android bindings for BBQr library using uniFFI [Github]
  • 00:45:31 Nunchuk Key Replacement for Multisig Wallets
    • Simple Initiation: Start the replacement process with a few clicks from within the existing wallet interface.
    • Guided New Wallet Creation: Step-by-step guidance ensures correct key replacement while maintaining multisig integrity.
    • Semi-Automated Fund Transfer
      • System prepares a rollover transaction to move funds to the new wallet.
      • Users verify and sign the transaction, maintaining control.
    • Inheritance Plan Preservation (Honey Badger and Byzantine wallets only):
      • Inheritance plans remain intact if the replaced key isn’t part of the plan.
      • Non-KYC process ensures privacy.
    • Benefits:
      • Minimized Stress: Transforms a stressful situation into a manageable process.
      • Maintained Security: Users retain control of their Bitcoin.
      • Real-World Applications:
        • Quickly replace lost hardware signing devices.
        • Swiftly replace compromised keys.
      • Seamlessly perform routine key rotations for enhanced security.
  • 00:54:30 Bitcoin Core v27.1
    • Miniscript: Don’t assume we are parsing a sane TapMiniscript
    • RPC:
      • Enforce maximum value for setmocktime
      • Reword SighashFromStr error message
      • Move UniValue in blockToJSON
    • Gui:
      • Fix create unsigned transaction fee bump
      • Don’t permit port in proxy IP option
    • Test: Fix failing univalue float test
    • P2P: Detect addnode cjdns peers in GetAddedNodeInfo()
    • Build:
      • Fix mingw-w64 Qt DEBUG=1 build
      • Fix false positive CHECK_ATOMIC test
      • Fix build of Qt for 32-bit platforms with recent glibc
      • Disable asan for sha256_sse4 with clang and -O0
      • Fetch miniupnpc sources from an alternative website
      • Fix building fuzz binary on on SunOS / illumos
      • Update Boost download link
    • Doc: Add LLVM instruction for macOS < 13
    • Misc:
      • Change Luke Dashjr seed to dashjr-list-of-p2p-nodes.us
      • Renew Windows code signing certificate
  • 00:57:27 BDK v1.0.0-alpha
    • Upgrade to rust-bitcoin 0.32 and rust-miniscript 0.12.0
    • Constructing a Wallet now requires two descriptors (external and internal)
    • Remove db field from Wallet
    • Staged changes can be persisted via a blocking or async data store
  • BTCPay Server v1.13.3
    • Pull payment: Enable CORS for LNURL request
  • 00:59:06 Rust Payjoin v0.17.0
    • Prepare Payjoin PSBT with no output keypaths
    • Restore sender UTXOs before Payjoin Signing
    • Deserialize url::Url with url/serde feature instead of custom deserializer
  • 00: 59:25 Umbrel v1.2.0
    • Wi-Fi: Connect your Umbrel to Wi-Fi by going to Settings > Wi-Fi and choosing your network.
    • Live Usage: Real-time CPU and memory usage charts, along with faster and more accurate usage results.
    • NVMe and USB Boot Support for Raspberry Pi 5: Boot directly from an NVMe SSD or a USB drive connected to Raspberry Pi 5
  • 00:59:28 Bisq v1.9.16
    • Improve network resilience and stability
    • Add getdaostatus API, expose failed trades in API, and support XMR auto conf in API
    • Buyers can pay using SEPA QR codes
    • Restore QR code scanner for mobile notification app pairing
  • 00:59:32 WasabiWallet v2.0.8.1 - Soteria
    • Introduce MaxAllowedCoinjoinMiningFeeRate setting: set maximum coinjoin mining fee rate
    • IntroduceMaxAllowedCoordinationFeeRate setting: set maximum coinjoin coordination service fee
    • Assert that effective fee rate is at least what was agreed on: verify coinjoin mining fee matches requested rate
    • Introduce Coordinator Tab
  • 1:00:11 Joinstr pre-alpha release v0.1.0
    • Pools using encrypted channels: Electrum plugin is now using pools using nostr encrypted channels. Users can create or join existing pools for coinjoin.
    • Riseup VPN: Riseup VPN is used which connects to a server based on config. This ensures all the peers in a pool use the same IP address to connect with relays and publish nostr events.
    • Use of ANYONECANPAY sighash: All participants sign PSBT using SIGHASH_ALL SIGHASH_ANYONECANPAY flag in the input registration phase.
    • Support for paid nostr relays: Paid nostr relays can be used for pools in which members need to pay a one-time fee to join the pool.
  • 1:01:21 Seedhammer v1.3.1
    • Removing SH01 support: every engraving that would have used SH01 will now use the SH02 plate size instead.
    • Optional protective plates: removes the prompt to install a protective plate during machine setup.
    • Switch from CompactSeedQR to SeedQR: Devices such as the Coldcard Q don’t support QR codes containing binary data. This release switches to the slightly less efficient SeedQR format.
  • 1:03:02 Labelbase
    • v2.2.2
      • Add QR scanner: ability to scan addresses from your favorite hardware wallet, QR codes from your mobile device, or even from a SATSCARD to label them directly in your own instance of Labelbase.
    • v2.2.1
      • Housekeeping release: integration into RaspiBlitz
  • 1:04:47 Blockstream Green
    • iOS v4.0.30
      • Allow redeposit of expired utxos in bitcoin multisig accounts
      • Improvements in liquid assets caching, send UI and transaction details
    • Android v4.0.30
      • Re-enable expired 2FA UTXOs
    • QT v2.0.7
      • Setting to remember devices
      • Improve asset registry loading
  • 1:05:33 Peach v0.5.0 - GroupHug For Everyone
    • “Fund from peach wallet” checkbox remains checked
    • Reduce reputation penalty for unmatching from 48h to 12h
    • New Batching Model
  • 1:05:43 ESP-miner v2.1.8
    • Fix for possible over heat situation if the WiFi goes down
    • Add software version string to the stratum mining.subscribe
    • Add quick link to stats when mining on OCEAN
    • Mov the DNS lookup inside the stratum connection retry loop
    • Optimization: i2c factorization
    • Pressing the boot button will cycle the info screen

Project spotlight

  • 1:06:40 Brollups: Bitcoin-native rollup design that operates with a native Bitcoin peg, enforceable on-chain and redeemable at any time unilaterally. [Burak’s Blog post]
    • “Brollups use the Bitcoin block space as their data availability layer, similar to sovereign rollups.”
  • 1:07:02 Stratum.work: Websocket-based web app that streams realtime mining pool stratum messages to a table for analysis. [Github]
  • 1:07:33 Satonomics: fully FOSS self-hostable on-chain data generator [Codeberg]
    • Satonomics is an open-source suite of tools that computes, distributes, and displays on-chain data, making it freely available for anyone to use
  • 1:07:45 Volt: A modern descriptor-based financial freedom bitcoin wallet aimed at restoring sovereignty to global bitcoiners [Github]
  • 1:08:11 Mempool Research: newly established home of bitcoin analysis, led by mempool.space researchers @mononautical and @orangesurfbtc [Announcement]
  • 1:08:59 Moosig: simple script to test the implementation of MuSig2 support in the BIP-388-compliant wallet policies that are supported in the Ledger bitcoin app (experimental). [Github]
  • 1:09:22 SLIP-39 Wallet “Seed” Generation & Backup
    • Provides a robust 20-word backup method for wallets, improving security and recovery processes over the legacy standard. -Allows you to split the seed between 1, 2, or more groups of several mnemonic recovery phrases.
  • Seamless Upgrade: Transition smoothly from Single-share to Multi-share Backup.
    • Eliminates Single Point of Failure: Distributes risk, ensuring no single failure compromises the backup.
    • *ustomizable Redundancy: Users can specify how many shares are required to recover the backup.
    • Flexible Allocation: Backup shares can be distributed across different locations or people.
  • Future-Proof and Secure:
    • Evolving Security: Adaptable to future security needs for long-term protection.
    • Enhanced Protection: Provides strong defenses against potential threats and vulnerabilities.

Privacy & Other Related Bitcoin Projects

Software Releases & Project Updates

  • 1:10:42 SimpleX v5.8.1
    • Fixes in sending/receiving files
    • Better error reporting when connecting to desktop app
    • Prevent forwarding to conversations where conversation preferences do not allow message
    • Android and desktop apps:
      • Support transparent theme colors for chat message bubbles
      • Do not reset changed network settings when switching SOCKS proxy on/off
  • 1:10:45 Tails v6.4 - Random seed
    • Tails now stores a random seed on the USB stick to strengthen all cryptography.
    • Having a secure random number generator is critical to some of the cryptography used in Tails, for example, in the Persistent Storage, Tor, or HTTPS.
    • This random seed is stored outside of the Persistent Storage so that all users can benefit from stronger cryptography.
  • 1:11:05 Tor Browser v13.5
    • Android
      • New connection experience: a step in building Connection Assist, a feature to automatically circumvent censorship of the Tor network.
      • Rebuild and relocate Tor logs to a new section within Settings called “Connection Settings”
    • Desktop
      • Improve letterboxing
      • Enhance bridge settings
      • Simplify onion site errors

Project spotlight

  • 1:11:11 OpenCoordinator: WabiSabi Bitcoin coinjoin coordinator
    • The project is an alternative coinjoin coordinator for Wasabi Wallet 2.x., without country and UTXO blacklists.
  • 1:11:23 Librechat: FOSS AI chat platform, compatible across both remote & local AI services [Github]

Lightning + L2+

Software Releases & Project Updates

  • 1:11:36 Core Lightning v24.05 - The Infinitely Divisible Satoshi
    • Highlights for users:
      • New rune restrictions can now be applied to invoices with the pinv restriction
      • Documentation is more thorough and up-to-date as much of it is now generated from the schemas
      • Stability fixes to gossip and anchor channel spends
      • Increased file descriptor limits for large nodes
      • Pruned node operation is better supported by bcli with more robust block fetching
    • Highlights for developers:
      • A plethora of grpc methods have been backfilled
      • Pay can now pay part of an invoice with the partial_msat parameter. Get someone else to pay the remainder
      • Check can now be used to validate setconfig settings and values. It can also check for approval by the hsmd of keysend payments
    • Highlights for the network:
      • Offers will now make an outgoing connection if necessary to reply to an invoice request
      • Offer invoices now correctly use the node_id and the final cltv delta in blinded paths
  • 1:11:44 LDK v0.3.0
    • Add support for creating and paying BOLT12 offers and refunds
    • Add support for Anchor channels
    • Add support for sourcing inbound liquidity via LSPS2 just-in-time (JIT) channels
    • The node’s local view of the network graph can now be accessed via interface methods
    • A new next_event_async method was added that allows polling the event queue asynchronously
    • A default_config method was introduced that allows to retrieve sane default values, also in bindings (#242).
    • All available balances outside of channel balances are now exposed via a unified list_balances interface method
    • The fee paid is now exposed via the PaymentSuccessful event (#271).
    • The payment APIs have been restructured to use per-type payment handlers which can be accessed via corresponding Node::{type}_payment methods
    • Add ability to register and claim from custom payment hashes generated outside of LDK Node
  • 1:11:49 Phoenix
    • Android v2.2.4 / iOS v2.2.6
      • Fix regression causing payment failures when on-the-fly liquidity is needed: This prevented receiving payments over Lightning with low liquidity, because the on-the-fly channel creation would fail.
    • Android v2.2.3
      • Add +-5% buttons to easily add a tip when paying over Lightning
      • Improve payment error messages
      • Add new messages regarding liquidity
      • Add a screen to spend expired swap-ins
  • 1:11:50 Mutiny Node v1.7.8
    • Make sure LSP url is a valid url when switching
    • Re-enable zaps if disabled
  • 1:11:53 RGB v0.11.0-beta
    • The APIs are now stable, and feature-freeze has been reached: no further consensus-level or standard library breaking changes are planned.
    • Audit and refactoring of commitments workflows. Vesper support
    • RCP-240227B: Make issuer identity part of genesis
    • Improvement RGB Isa instructions
    • Add rgb_commit_deterministic method
    • Add electrum support
    • Commitment layouts and vesper description
    • Introduce log feature
    • Commitment layouts with Vesper
    • Contract: add timestamp and issuer to genesis
    • RCP-240227A: Make timestamp part of genesis
    • Add support for deterministic entropy
  • 1:13:07 Lightning Terminal v0.13.0
    • This release packages LND v.18.0-beta, Taproot Assets Daemon v.3.3-alpha, Loop v.28.5-beta, Pool v.6.5-beta, and Faraday v0.2.13-alpha.
    • firewall: session-dependent privacy flags
    • accounts: address pendingPayments issues & add tracer
  • 1:13:10 Ride-The-Lightning v0.15.1
    • Integration with mempool.space api to display prevailing fee rates on various channel open/close modals
    • Links enabled for viewing transactions on mempool.space from modals of on-chain transactions and channel info
    • Add a new config param blockExplorerUrl to customize for a local/testnet instances of mempool.space
    • LND updates:
      • CPFP enabled on pending on-chain receive transactions (including funds expected from coop close)
      • Simplification of pending channel open fee bumping modal
  • 1:13:15 minibits-wallet v0.1.8-beta
    • Optional push notifications delivered even app is closed/backgrounded
    • Firebase messaging is used only as a data carrier. Notification shown is constructed only on device
    • All data encrypted to keys living on device only
    • Ecash is never sent through notification, it is claimed by wallet on wakeup using api sending all claimable tokens as a batch over TLS, with tokens encrypted to device keys again, so that MITM or some api auth leak won’t leak your ecash to an attacker
    • Claiming fully works without notifications enabled
  • 1:13:20 Clams Remote v2.2.0
    • Close channels
    • Bitcoind and lightningd sync status warnings
    • Option to expose private channels when creating invoices
    • “Spend all” option when opening channels
    • Add Alby proxy as an option to the wallet connection flow to simplify use for Tor lightning nodes
  • 1:13:24 BitBanana v0.8.2
    • Support for Core Lighting 24.05
    • Add support to generate Taproot addresses for Core Lightning 24.05 and above
    • Display on-chain transactions in transaction history for Core Lightning 24.05 and above

Project spotlight

  • 1:13:30 Storm.pub: a lightning-enabled version of YouTube [Announcement]
    • How it works:
      • Copy the URL of any YouTube video.
      • Paste it into http://Storm.pub.
      • Watch, like, and make it rain sats to support creators!
    • Value 4 Value: Support Storm.pub
    • Telegram: Join the community on Telegram to request features and give feedback
    • The project plans to evolve into a Nostr client, allowing users to watch videos, comment, and zap on the Nostr network.
  • 1:13:39 Ecash by sound: a proof-of-concept to transfer bitcoin sats as ecash via sound using the Cashu protocol
    • The method involves using PSK31 as the text-via-sound protocol allowing for “upper and lowercase characters which is necessary for a Cashu token.”
  • 1:16:02 Nutmix: golang implementation of ecash mint [Github]
  • 1:16:07 DotNut: a C# library implementing the CashuBTC protocol [Github]

CardoCheck

Nostr

Software Releases & Project Updates

  • 1:21:12 rust-nostr v0.32.0
    • Add async/future support to Python, Kotlin and Swift
    • Add automatic authentication to relays (NIP-42, can be deactivated in client options)
    • Improvements to relay limits
    • Fix: relays not auto reconnect, wrong query order for SQLite, tokio panic when using SQLite database in bindings
  • 1:21:13 Primal v0.100.7
    • Video uploads
    • Adjust note font size
    • Notifications facelift
    • Implemented invoice rendering feeds & chats
    • Faster feed loading time
    • NIP-92 support with image dimensions and mime-type
    • Clickable nostr:naddr links
  • 1:21:15 Damus TestFlight release
    • Chat thread feature: a way to view the entire thread as a conversation (for purple members)
  • 1:21:18 Amethyst
    • v0.88.0
      • Add performance mode on Settings
      • Add login with NIP-05 address
      • Add outbox relays to zap request: sender, receiver and author relays.
      • Add the NIP-65 relay to zap split tag instead of kind3 relays.
      • Add support for AVIF images
      • Add flare.pub videos to the media tab
      • Replace the post view count for a Share icon in the main feed
    • v0.87.7
      • Revert Image dialogs to have a separate save button
      • Add save button to video player
    • v0.87.6
      • Add query by hashtag in reposted notes
    • v0.87.5
      • Re-normalize all relays urls before connecting to reduce duplications
      • Normalize all new relays in the edit screens
      • Add flare.pub videos to the media tab on Amethyst
      • Improve rendering of chat messages
      • Improving the detection of image types on the Media Feed
  • 1:21:19 Coracle
    • v0.4.7
      • Show toast when offline
      • Use new indexeddb wrapper
      • Add k tag to deletions
      • Allow users to choose where to publish their profile when using a white-labeled instance
      • Add “open with” link populated by nip 89 handlers
      • Add reports using tagr-bot
      • Open links to coracle in same tab
      • Add global feeds
      • Add feed favorites
    • v0.4.6
      • Improve search results loading indicator
      • Make zaps prettier with bitcoin-connect
      • Improve DM loading and deliverability
      • Add ability to search other people’s lists and feeds
      • Limit recursive quotes
      • Derive profiles, relay selections, follows, and mutes from event repository
      • Use new welshman content parser
      • Remember nip04/44 preference per conversation
      • Improve feed loading speed, avoid prioritizing cached results
      • Include more results in suggestions
      • Avoid requesting zaps a zillion times
  • 1:21:20 nos.social
    • v0.1.18
      • Updated the recommended relays list
      • Add a message to the top of the Relays screen explaining that Nos works best with 5 or fewer relays
      • Add “Send To Nos” private reporting for profiles
      • Add our third cohort of creators and journalists to the Discover tab
      • New accounts automatically follow the nos.social and Tagr-bot accounts
    • v0.1.17
      • Add support for opening njump.me content in Nos
    • v0.1.16
      • Add feedback to the copy button in Settings
  • 1:21:22 Oxchat v1.2.8
    • Add Moment (public/private notes)
    • Support NIP-42
    • Set npub.cash address as the default payment address if the user has not set an LNURL address
    • Support claiming eCash from npub.cash
    • Add the ability to send Lightning Zaps in chat
    • Add @ feature in Moments, supporting filters and search
  • 1:21:24 Voyage v0.6.0
    • Bookmark posts
    • Rebroadcast notes
    • Show your contact and topic list
    • Add navigation drawer for your contact & topic list, bookmarks and relays
    • Parse and open naddr URIs in browser
    • Open lighting address in wallet
  • 1:21:25 Mostro v0.12.1
    • Add range order docs
    • Add contributing guide
    • Add maker rating on new order creation
  • 1:21:26 Citrine
    • v0.2.7
      • Remove support for import nostr.sync backup files
      • Show import/export progress
      • Add Chinese, French and German translations
    • v0.2.6
      • Add support for import nostr.sync backup files
      • Add support for translations
    • v0.2.5
      • Add support for export/import the database

Project spotlight

  • 1:21:29 Notedeck: A multiplatform Nostr client by Damus [Github]
    • Notedeck is a work in progress, works on Android and Desktop.
  • 1:21:37 Keypub: new Nostr client by hodlbod, to “help surface posts by infrequent posters.” [Note]
  • Oracolo: lightweight minimalist Nostr blog that consists of a single html file [Github]
    • Blogs are automatically updated using any Nostr client supporting long format posts.
  • 1:23:00 Relay Runner: A guide to setup a Nostr relay [Github]
    • Relay Runner helps you learn why and how to set up a Nostr relay for both a personal or public use.
  • 1:23:04 Nostr Pay: mobile application client that enables users to connect to remote Lightning wallets using the Nostr Wallet Connect protocol. [Github]

Boosts

  • 1:23:56 Thanks to everyone who streamed sats, and shoutout to our top boosters:
    • BR069
      • [🏆 TOP BOOSTER] @vake (7,000 sats) “Not enough ETF and price discussion on the show.”
      • @pippellia (1,000 sats) “fucking Amazing episode”
      • @wotsit (1,000 sats) “Very interesting. I don’t understand much but am slowly learning by osmosis.”
    • BR068
      • [🏆 TOP BOOSTER] @seedor (21,000 sats) “ONLY since Satoshi found digital gold—any real liberty can exist! Few.”
      • @vake (10,000 sats) “Bitcoin is so boring, I’ve saved millions of sats not buying Ambien by listening to this podcast.”
      • @apemithrandir (7,777 sats)
      • @bencoin (2,100 sats) “love you”
      • @zdoxed (100 sats) “exciting to see coldcard rgb asset integration coming soon”

Audience Questions

  • 1:25:34 “When we have covenants, is the address type different depending on the spending conditions? If not, how does a normie verify that their wallet has generated an address with the spending conditions they expected, and there are no hidden conditions?” - STACK TO THE FUTRE

Bitcoin Optech Newsletter

  • 1:30:44 Highlights from recent Bitcoin Optech Newsletters
    • 308
      • Disclosure of vulnerability affecting old versions of LND: Disclosure announced by Matt Morehouse on Delving Bitcoin: “LND versions prior to 0.17.0 are vulnerable to a DoS attack where malicious onion packets cause the node to instantly run out of memory and crash”
      • Continued discussion of PSBTs for silent payments: several developers have been discussing adding support for coordinating the sending of silent payments using PSBTs.
    • 307
      • Draft BIP for quantum-safe address format: developer Hunter Beast shared on Delving Bitcoin a rough draft proposing a P2QRH BIP towards a quantum resistant soft fork.
    • 306
      • Upcoming disclosure of vulnerabilities affecting old versions of Bitcoin Core: a policy has been proposed by members of the Bitcoin Core project for disclosing vulnerabilities that would affect older versions of Bitcoin Core.
      • BIP and experimental implementation of testnet4: draft BIP
      • Functional encryption covenants: Jeremy Rubin posted to Delving Bitcoin his paper about theoretically using functional encryption to add a full range of covenant behavior to Bitcoin with no required consensus changes.
      • Updates to propo sed soft fork for 64-bit arithmetic: Chris Stewart posted to Delving Bitcoin to announce an update to his earlier proposal to add the ability to work with 64-bit numbers in Bitcoin Script.
      • OP_CAT script to validate proof of work: Anthony Towns posted to Delving Bitcoin about a script for signet that uses OP_CAT to allow anyone to spend coins sent to the script using proof of work.
      • Proposed update to BIP21: proposal by Matt Corallo

News & Noteworthy

Bitcoin

  • 1:33:46 Grokking Bitcoin is now open-source [Announcement]

Protocol

  • 1:33:52 Bitcoin Core #29325: begins storing transaction versions as unsigned integers. [Merged]

Lightning

  • 1:34:00 Multicoin app Cake Wallet to integrate Lightning payments using Breez SDK [Bitcoin Magazine]

Business & Finance

  • 1:34:09 Blink Wallet launches ‘Vouchers Alpha’, create USD/BTC vouchers and sell fiat for bitcoin [Announcement]
  • 1:34:13 RobinHood to acquire major european cryptocurrency exchange Bitstamp for $200 million [Press release]

Funding

  • 1:34:38 Open Cash Association: Support the open-source development of Digital Cash
    • The Swiss-based association will support projects building on the Cashu protocol.
  • 1:34:42 OpenSats announces long-term support for Calle (@callebtc) and William Cassarin (@jb55)
  • 1:34:48 Brink’s grant committee welcomes long time Bitcoin Core contributor Cory Fields [Announcement]
  • 1:34:55 Invincible Privacy Group: new fund aimed at supporting Bitcoin developers improving privacy [Announcement]
    • Developers are not required to identify themselves and only self-custodial projects will be eligible.

Mining

  • 1:36:36 Hosting provider Wilson Mining announced the opening of its own FPPS mining pool
    • The pool is a proxy of SBI crypto, has no hashrate minimum and base fees on the combined pool hashrate.
  • 1:36:43 Bitcoin miner Foundry launched a new division named Foundry Hardware [Press release]
    • Offers a suite of products which currently include a heavy-duty power supply unit, an immersion optimization kit and a control board.
  • 1:36:48 Bitdeer to acquire chip designer Desiweminer for $140 million [Press release]
  • Bitdeer launches Sealminer, its newest Bitcoin mining machine and the roadmap [Press release]
  • 1:37:02 Bitmain announces its latest Antminer: S21 XP Hydro [Announcement]
    • Shipping from Q4 2024 to Q1 2025, the miner has an efficiency of 473 Terrahash with an energy efficiency of 12 Joules per Terrahash.
  • 1:37:15 Marathon Digital Holdings launches a 2-megawatt pilot project in Finland, recycles heat for 11,000 local inhabitants [Bitcoin Magazine]

Privacy

  • 1:37:22 Proton is transitioning towards a non-profit structure [Press release]
    • The Proton Foundation has become Proton’s primary shareholder after having received donations from Proton’s founder, co-founder and first employee.
  • 1:37:26 Nigerian financial institutions to request customers social media handles as part of KYC processes, as per Lagos Federal High Court ruling [Forbes]

Government & Political

  • 1:37:34 Vote postponed for EU regulation ‘Chat Control 2.0’, a mass-scanning proposal to combat CSAM material in the EU, negotiations will continue. [Patrick Beyer’s article]
  • First report on encryption by the EU Innovation Hub for internal security [Europol’s report]
    • The report highlights the challenges european law enforcement is facing when it comes to the surveillance of encryption tools and cryptocurrencies, advocating for increased collaboration with academia and the broader private industry.
    • The report mentions the opportunities arising, such as the increased use of custodial wallets, the development of quantum-computing and the implementation of backdoors to bypass encryption.

Events

Reads

  • 1:37:51 Here’s a list of our top recently published reads:

Episode submission ideas

  • We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.

Get in touch with the pod

Did I get anything wrong above? Help me correct it producer@coinkite.com