Bitcoin Review Podcast BR087 - ColliderScript, BTCPay Server, OpenSecret, Matrix, Lottie player JS Attack, the Bullish Case for Vaults, LN Payment Censorship , EmailBTC, secp256k1-node vulnerability + MORE ft. Justin & Paul
Iâm joined by guests Justin Moon & Future Paul & to go through the list.
Quote of the Day
00:00:48 âNobody knows anything.â
Housekeeping
- 00:06:00 New COLDCARD Tutorials:
- How to Use the Secure Notes function on the COLDCARD Q: Allows your COLDCARD the ability to store free-form text securely.
- How to Use the Passwords function on the COLDCARD Q: Allows your COLDCARD to function as a password manager.
Urgent Vulnerability Disclosures
- 00:06:26 Critical severity: Private key extraction vulnerability in secp256k1-node affecting ECDH [Security advisory]
- A vulnerability in the secp256k1-node libraryâs ECDH functionality allows private key extraction by exploiting specific crafted public keys, affecting versions 3.8.0 and earlier.
- Attackers can retrieve private keys using low-order curve points through only 11 ECDH sessions.
- 00:08:01 Medium severity: Disclosure of hindered block propagation due to stalling peers [Public disclosure]
- Before Bitcoin Core v25.1, a vulnerability allows an attacker to delay block downloads by stalling peer nodes. The affected node waits up to 10 minutes before attempting another block download, leading to possible network degradation and mining delays.
Bitcoin
Software Releases & Project Updates
- 00:08:40 Bitcoin Core v27.2
- net: fix race condition in self-connect detection
- init: change shutdown order of load block thread and scheduler
- RPC: Fix cases of calls to FillPSBT errantly returning complete=true
- psbt: Check non witness utxo outpoint early
- test: fix constructor of msg_tx
- ci: move ASan job to GitHub Actions from Cirrus CI
- ci: remove unused bcc variable from workflow
- 00:09:11 Electrs v0.10.7
- Support testnet4
- Enable LTO in release build
- Donât sync mempool when bitcoind mempool is not yet loaded
- 00:10:22 BTC Pay Server
- v2.0.2
- Critical vulnerability disclosure for Nostr or Blink plugin users: Without it, an attacker with access to a pull payment could drain the Lightning wallet without limit.
- v2.0.0
- New feature:
- Interface localization
- New sidebar navigation
- Improved onboarding flow
- Improved branding options
- Support pluginable rate providers
- User: Add name and profile picture
- Greenfield: Manage notifications
- Greenfield: Add file endpoints and upload
- New feature:
- v2.0.2
- 00:11:57 libsecp256k1 v0.6.0
- Added:
- New module
musig
implements the MuSig2 multisignature scheme according to the BIP 327 specification. See:- Header file
include/secp256k1_musig.h
which defines the new API - Document
doc/musig.md
for further notes on API usage - Usage example``examples/musig.c`
- Header file
- New CMake variable
SECP256K1_APPEND_LDFLAGS
for appending linker flags to the build command
- New module
- Changed:
- API functions now use a significantly more robust method to clear secrets from the stack before returning
- Any type
secp256k1_foo
can now be forward-declared usingtypedef struct secp256k1_foo
secp256k1_foo
- Organized CMake build artifacts into dedicated directories to improve build output structure and Windows shared library compatibility
- Added:
- 00:14:18 Bitcoin Keeper
- Mobile v1.2.18
- Select Electrum servers during app setup
- Add support for TwentyTwoâs Portal
- USB option enabled for Coldcard and Jade via the desktop app
- TAPSIGNER - Verify initial status and backups count
- Receive screen now enables multiple addresses management and address labeling
- Send experience overhauled
- Major design updates to UTXO management and transaction details
- Desktop v0.1.3
- Support Trezor Safe 5 and Ledger Stax and Flex (updating HWI to 3.1.0)
- Fix unlocking Jade on testnet
- Mobile v1.2.18
- 00:14:56 Liana v8.0 - A Template Haven
- Liana daemon/library: A new field
last_poll_timestamp
was added to the wallet table in order to track the last time the wallet was updated by the poller - Liana GUI:
- The new Bitcoind 28.0 version is now downloaded by the GUI
- Bitbox02 devices can now be part of a Taproot descriptor set-up if their firmware version is greater than or equal to 9.21.0
- The install process now includes examples of setups with fixed templates and explanatory descriptions to guide the user
- Hardware wallets with the app not open had a confusing warning message about outdated version
- Button for the pagination of past transactions was sometimes missing because of a wrong calculation of the page size
- Resend authentication token request did not work for already created account
- Liana daemon/library: A new field
- 00:17:30 Bitcoin Safe
- v1.0.0b3
- Enable exporting of diagrams in SVG format for better quality and scalability
- Add a portable exe for Windows
- Users can now open file TX, PSBT, and wallet files directly via file associations
- v1.0.0b2
- Add German Language
- Add GIF export for animated QR codes
- Sync tab, which allows chat, synchronization and backup of labels, is now called SyncTalk
- v1.0.0b3
- 00:20:08 RoboSats
- v0.7.2
- Improve recovery robot form
- Fast generate robot -> fast generate order
- Add Nostr order books
- Add coordinator Alias to invoice description
- v0.7.1
- Multiple performance improvements
- Better and faster web notifications
- Add Android notification disable button
- Remove Experimental and Satstralia coordinators
- v0.7.2
- 00:21:10 Bitkey Firmware v1.0.91
- Faster transaction signing: Hardware now signs transactions up to 5x faster
- 00:21:20 Raspiblitz v1.11.3
- Optimized to run on plain Debian 12 Linux for Proxmox/VM and x86 systems
- Add Publicpool for solo mining
- Add Telegraf for Grafana monitoring
- Add Tailscale
- Connect Zeus to CLN via CLNrest
- 00:21:37 ESP-Miner v2.3.1b1
- Re-work how we publish artifacts when releasing new builds
- Use the same espressif/idf release for github and vscode
- Add all in one factory file script
- Replace default address with a prompt
- 00:22:14 BoltzExchange
- boltz-client v2.2.0 - Offer accepted
- Add Bolt12 support for submarine swaps
- Add support for amountless chain swaps
- boltz-web-app v1.5.0
- Add Bolt12 support for submarine swaps
- Implement Discount CT
- Fetch BIP-353 with DNSSEC prover
- Validate invoices fetched for offers
- Add Ledger and Trezor support
- Hardware custom derivation paths
- Loading indicator for wallet selection
- Remember custom derivation paths for swaps
- Show EVM lockup transactions
- boltz-backend v3.8.0 - An offer you canât refuse
- Support for a new CLN hold invoice plugin rewritten from scratch with a focus on performance
- Amounts for Chain Swap can be renegotiated in case they are over- or underpaid. Also, the creation of Chain Swaps without an amount
- Paying BOLT 12 invoices in submarine swaps and an API endpoint for fetching invoices for offers
- boltz-client v2.2.0 - Offer accepted
Project spotlight
- 00:22:21 Frost: A flexible, round-optimized threshold signature library for BIP340 taproot [Github]
- 00:23:12 ColliderScript: Covenants in Bitcoin via 160-bit hash collisions [Research paper]
- The paper introduces a method for enforcing covenants on Bitcoin outputs using hash collisions in SHA-1 and RIPEMD-160, allowing covenants without Bitcoin protocol changes.
- 00:27:44 GreatRSI: Great Restored Script Interpreter [Github]
- The repository contains an experimental partial interpreter for the Great Script Restoration, a proposal aimed at re-enabling and refining Bitcoin script opcodes.
- It also provides an implementation of the Winternitz One-Time Signature scheme (W-OTS) in Bitcoin Script, written in Bitcoin Script using the Great Script Restoration.
- 00:28:16 Boltzmann TS monorepo: A Typescript library computing the entropy of Bitcoin transactions and the linkability of their inputs and outputs. [Github]
- 00:28:55 Bitcoin hackerspace and community accelerator PlebLab, launches PlebDevs, a new Bitcoin developer education platform built on Lightning and Nostr. [Announcement]
- 00:29:51 SatSale: A lightweight Bitcoin payment processor with the option of connecting to your own Bitcoin node or Lightning network node [Github]
- Lightweight Bitcoin payment processor written in easily deployable Python.
- 00:31:58 EmailBTC: Send Bitcoin to anyone that has an email address [Contract repository]
- No wallet is needed to use the service, send Bitcoin to any email.
Vulnerability Disclosures
- 00:33:21 XSS attack: Lottie player JS, a popular open-source npm package for web players, was compromised with a wallet drainer, impacting projects such as nostr client Primal and DeFi platform 1inch [Github issue]
- âBlockchain threat monitoring platform Scam Sniffer reports that at least one victim allegedly lost $723,000 worth of Bitcoin (10 bitcoin) due to the LottieFiles supply chain compromise.â [Bleeping Computer]
- 00:38:38 Hackers misuse emergency data requests to access user data [TechCrunch]
- Hackers gain access to user data by exploiting emergency data requests using hacked law enforcement email accounts to bypass usual warrant requirements. They misuse legitimate communication channels to pose as police and request private information from tech companies.
- 00:41:15 Tor relays targeted in IP spoofing campaign causing widespread disruptions [Blog post]
- A recent IP spoofing attack targeted the Tor network, impersonating non-exit relay IPs to trigger abuse complaints and temporarily disrupt operations. Although no Tor users were affected, relay operators faced hosting issues due to unwarranted blocklists.
- 00:41:22 Critical zero-click flaw exposes Synology storage devices to ransomware and data theft [Wired]
- Security researchers reported that attackers could bypass authentication through Synologyâs QuickConnect service, which lets users remotely access their devices. Even if not directly connected to the internet, many devices are still exploitable.
- 00:42:03 Hidden Risk: North Korean hacker group BlueNoroff, deploy a new macOS malware campaign, targeting cryptocurrency firms. [Bleeping Computer]
- The attacks use phishing emails disguised as crypto news to lure victims, and employs a persistence technique by modifying the â.zshenvâ file, allowing it to evade macOS detection systems.
- 00:44:45 Five dollar wrench attacks:
- Targeted break-in: Bitcoin host and narrator Guy Swann reflects on the break-in which happened at the Lugano Plan B conference, where an intruder entered his hotel room, likely aiming to find valuables often associated with Bitcoiners [Twitter post]
- A 23-year-old Ukrainian tourist visiting Phuket was ambushed in his friendâs hotel room by armed men. The attackers, threatening to break his fingers, demanded $500,000 in digital currency. [Bangkok Post]
- The tourist transferred 250,000 USDT, after which the robbers left without harming him. He later reported the incident to authorities.
- A Toronto cryptocurrency CEO, Dean Skurka, was kidnapped and held for ransom in a daylight incident. The kidnappers forced him into a vehicle downtown and demanded a $1 million ransom, which was later paid, leading to Skurkaâs release. [CoinDesk]
- A gunman fatally shoots AntĂ´nio VinĂcius Lopes Gritzbach, a cryptocurrency businessman, and injures three others at SĂŁo Pauloâs international airport. Police link the attack to the First Capital Command (PCC), a powerful Brazilian crime syndicate. [The Guardian]
Privacy & Other Related Bitcoin Projects
Software Releases & Project Updates
- 00:52:50 Reticulum MeshChat v1.13.2
- Add bandwidth and spreading factors for 2.4GHz SX1280 RNode interfaces
- Add the ability to select Direct, Opportunistic or Propagated delivery methods before sending a message
- 00:53:14 Matrix v2.0
- Instant login, instant launch, and instant sync (aka Simplified Sliding Sync, MSC4186)
- Next Generation Auth (aka Native OIDC, MSC3861)
- Native Matrix Encrypted Multiparty VoIP/Video (aka MatrixRTC, MSC4143)
- Invisible Encryption (MSC4153 & friends)
Lightning + L2+
Project spotlight
- 00:54:52 Podcaster Boost Dashboard: Convert core-lightningâs listinvoices output to a podcasting 2.0 dashboard [Github]
- âThis is a simple Python script that converts core lightningâs listinvoices output into a podcasting 2.0 dashboard.â
- 00:55:06 zPay.live: Monetise virtually any digital content with Lightning paywalls
- A LN Paywall service that recently shifted its focus to the V4V model, and plans to implement the following features:
- CrowdWall: When a target is reached, content unlocks for everyone
- V4V Paywalls (Flexible price) : Buyers can choose their own price, & creators can set limits if they want
- Blossom built-in storage & multiple file/folder upload option
- A LN Paywall service that recently shifted its focus to the V4V model, and plans to implement the following features:
- 00:55:14 BullishNuts: A bullish Cashu PWA wallet [Github]
- 00:55:19 Athenut: A privacy-preserving web search powered by Kagi and Cashu [Github]
- The service includes an integrated Cashu wallet and offers a privacy-friendly pay-per-query web search engine using bitcoin through the Kagi API.
- Payments are processed with locked ecash in the X-Cashu HTTP header, linking search and payment in one step.
- 00:55:33 TinyPine: A simple LN and CASHU ecash POS system for merchants [Github]
Software Releases & Project Updates
- 00:55:41 Fedimint
- 00:56:34 Zeus v0.9.2-rc2
- Activity: Export transaction history to spreadsheets
- Improved BIP-353 and BOLT 12 support
- Fix UI issues indicating BOLT 12 support
- Fall back to BOLT 11 lightning address if not supported or not found
- Support BIP-353 on-chain addresses
- Support BOLT 12 offers encoded in BIP-21 URIs
- Spooky theme
- Settings: Payments: add âSlide to Payâ threshold
- Hardware wallet and external signer improvements
- 00:58:19 Alby Go v1.7
- LNURL-withdraw support
- Improve currency selection
- Boostagram info in transaction details
- 00:58:28 Ride-The-Lightning v0.15.3
- Add support to send payments for AMP invoices on LND
- Add mempool information on on-chain Send Funds modal
- Add Fee Rate Information on Send Funds Modal
- 00:58:37 CLBOSS v0.14.1-rc2 - Hand at the Grindstone
- Add
--lightning-dir
option to the contrib scripts - Add Nix Support: introduce
contrib-shell.nix
to facilitate running contrib scripts within Nix environments
- Add
- 00:58:40 Nutshell v0.16.1
- Add support for LND via gRPC for LndRPCWallet
- NUT-15 Multinut payments for CLNRestWallet
- Stability improvements
- 00:59:00 Geyser November 2024 - Email Enhancement
- Creators can now:
- Choose between 9 different types
- Link Posts to Rewards and Goals
- Link posts to Goals
- Send Posts by email
- All Posts have been migrated to Markdown from Rich Text Editor
- Creators can now:
- 00:59:24 Clams Remote v2.4.0
- Add UI for BOLT12 Prism plugin
Nostr
Project spotlight
- 00:59:36 SnapNostr: Create clean, customizable screenshots of Nostr posts for seamless sharing [Github]
- âSnapNostr is an open-source web app designed for Nostr enthusiasts inspired by poet.so. It allows users to create visually appealing, customizable screenshots of Nostr posts. With a focus on simplicity and a clean user experience.â
- 00:59:42 OpenLibrarian: A website for tracking and sharing a love of books [Github]
- OpenLibrarian utilizes the Nostr protocol and allow users to bring their profile and connections, or leave to other applications on the network
- 00:59:49 Jumble: Yet another nostr desktop client [Github]
- Originally a feature of the nostr-relay-tray project, Jumble is now a standalone application with:
- Relay-Based Browsing: Explore content directly through relays without following specific users
- Relay-Friendly Design: Minimized and simplified requests ensure efficient communication with relays
- Relay Groups: Easily manage and switch between relay groups
- Originally a feature of the nostr-relay-tray project, Jumble is now a standalone application with:
- 00:59:54 Honeypot: A âmultiple wallets, multiple currenciesâ project by PABLOF7z [Note]
- 1:00:00 Mutestr: Live Nostr muted list monitor
- âMonitor Nostr muted lists in real-time. Check who muted you, track mute list changes, and explore muting patterns across the Nostr network.â
- 1:00:08 Nostr Gadgets: High-level utils for developing Nostr clients based on nostr-tools [Github]
- 1:00:16 Mostro Tools: Typescript Mostro library for developing Mostro clients [Github]
Software Releases & Project Updates
- NDK v2.10.5
- Fix reconnection bug
- Rust nostr v0.36.0
- Reduced atomic operations and switched to async concurrency
- Add NostrSigner trait, better methods and struct names
- Add LocalRelay and allow to easily serve it as hidden onion service with the embedded tor client
- Allow to keep track of negentropy sync progress, almost halved the weight of JavaScript SDK bindings
- Primal Miljanâs Note
- âPrimal feeds are now available on Amethyst, Nostrudel, and any other Nostr client that supports DVM feeds. Yeah. We have a functional feed marketplace on Nostr.â
- Lume
- Mostro v0.12.8 - b4os
- Relays scheduled job publish only connected relays
- Rabbit insipired unwrap removal
- Implement request_id on mostro messages
- Trick to avoid getting older events republished
- Optional request id
- Avoid sending unsolicited request-id
- YakiHonne v2.0
- Onboarding: add create a non-custodial wallet with Npub & Nsec, experience zapping, or browse as a guest
- Home & Discover: âDiscoverâ is designed for creators, focusing on rich formats like long-form content, videos, and curated works
- Wallet: Simple setup with easy creation, direct YakiHonne node linking, and multi-wallet support
- Dashboard: Manage all published and drafted content, check stats, and pick up right where you left offâall in one place
- Notifications: Reactions, Reposts, Mentions, Zaps, Comments, and Follows now appear in clear, categorized cards
- Haven v1.0.0
- Allow gift wrapped messages in chat relay
- Remove kind 4 support
- Add support for configurable binding address
- Add gcp bucket backup
- Add delete to inbox relay
- Blossom Support
- Pokey
- v0.0.6
- Publish inbox relay lists
- You get a notification when your inbox list is too big
- Better relay authorization
- v0.0.5
- Zaps now display more info
- Relay list manager
- Configuration tab
- Disable event device broadcast
- v0.0.4
- New follow notification
- NIP-42 Auth to Relays
- Broadcast your inbox events to other apps in your device
- v0.0.6
- Oxchat v1.4.0
- Enhance UX for a Telegram-like experience
- Update message and calling sounds
- Add support for CashuB tokens in Cashu wallet
- Add support for
input_fee_ppk
in Cashu wallet - Add compatibility with Android 9
- Enable support for
kind 15
encrypted file messages
- Kyoto v0.5.0
- Client may fetch a
Header
at a particular height - Support for Testnet4 with new example
- Client may fetch a
- Citrine v0.5.5
- Only store 1 replaceable event
- Temporally remove the restore contacts feature
- Nostr-PHP v1.5.0
- Add NIP-42 support for client to relay authentication within the library
- Set generic tags on filter for requestMessages + websocket client to relay improvements
- Keychat v1.20.3
- Set room relays
- Change sentry to firebase
- Fountain v1.1.6
- New Audio APIs
- New Performance Upgrades
- Add Nested Navigation
- Nak v0.7.9
- Build arm binary for Raspberry Pi 32bit
Boosts
- 1:08:57 Thanks to everyone who streamed sats, and shoutout to our top boosters:
- [đ TOP BOOSTER] @Ape Mithrandir (2,112 sats) âNot long enough, was still awake at the endâ
- @btconboard (1,000 sats) âGreat podâ
- @VonPhoto (1,000 sats)
- @AVERAGE_GARY (100 sats) âRed/green colorblind. Rekt from @NVKâs trading advice.â
Tech Tips of the Day
- 1:10:45 LocalSend: An open-source cross-platform alternative to AirDrop [Github]
- LocalSend enables secure communication between devices using a REST API and HTTPS encryption, and doesnât require an internet connection or third-party servers.
- 1:10:54 Disable 2G mobile connectivity for iPhone devices using Lockdown mode, helping protect against downgrade attacks from IMSI catchers or fake cell towers that exploit GSM vulnerabilities. [HaxRobâs Twitter thread]
Bitcoin Optech Newsletter
- Highlights from recent Bitcoin Optech Newsletters
- 328
- Disclosure of a vulnerability affecting Bitcoin Core versions before 25.1: Antoine Poinsot announced to the Bitcoin-Dev mailing list the final vulnerability disclosure predating Bitcoin Coreâs new disclosure policy.
- 327
- Timeout tree channel factories: ZmnSCPxj posted to Delving Bitcoin and discussed with Optech contributors a proposal for a new multi-layer channel factory design named SuperScalar.
- Draft BIP for DLEQ proofs: Andrew Toth posted to the Bitcoin-Dev mailing list a draft BIP and a link to an implementation for generating and verifying proofs of discrete log equality (DLEQ) for the elliptic curve used by Bitcoin (secp256k1).
- 328
News & Noteworthy
Bitcoin
- Lists.linuxfoundation.org is no longer active, all archives are now unavailable. The bitcoin-dev mailing list was moved earlier in 2024 in preparation for this. [List moderator Bryan Bishopâs announcement]
Lightning + L2+
- 1:12:38 Charmaine Ndolo and Florian Tschorsch publish Payment Censorship in the Lightning Network Despite Encrypted Communication
- The research identifies that a network-level adversary, like an autonomous system (AS), can censor payments in the Lightning Network. The attack would leverage network-level information, including TCP headers, to track and interfere specifically with LN payment messages.
- The study demonstrates that an AS can detect and delay specific payment messages without affecting other LN operations, allowing plausible deniability.
- 1:14:01 Blockstream opens its newest research center in Lugano, Switzerland, focusing on Liquid and Lightning network advancements [Note]
- 1:14:05 CasaOS integrates Alby Hub, a self-custodial lightning wallet and lightning network node [Announcement]
Business & Finance
- 1:14:46 Block refocuses on bitcoin mining equipment and Bitkey, reduces investments in Tidal and shutdowns TBD, Blockâs decentralized Web5 project [CoinDesk] [Shareholder letter]
- 1:15:49 Fold App introduces insured deposits [Press release]
- The feature allow users to deposit and receive bitcoin into an âinstitution-grade cold storage custodyâ, insured up to $250M.
- 1:16:33 Strike introduces Bitcoin auto-withdrawals [Announcement]
- European Bitcoin store ShopinBit launches in Switzerland [Announcement]
- 1:18:52 Ten31 launches Bitcoin Alpha, its new podcast
- 1:19:13 CleanSpark finalized its acquisition of GRIID Infrastructure, a Bitcoin mining infrastructure provider, for $155 million [PR Newswire]
Nostr
- 1:19:25 Nos.social is now live in Australia and New Zealand [Announcement]
- âComplete with an updated onboarding workflow designed to help new users understand keys, find people to follow, and create their first post.â
Hyperbitconization
- UK pension scheme incorporates bitcoin in asset allocation strategy [Press release]
- Cartwright has advised a UK pension scheme to allocate 3% of its portfolio to bitcoin, a pioneering step for the industry
- Detroit plans to become the largest U.S. city to accept Bitcoin and cryptocurrency for taxes and fees by mid-2025 [TFTC]
- This initiative, supported by PayPalâs secure platform, aims to improve payment accessibility, especially for unbanked citizens. [Press release]
Funding
- 1:19:32 OpenSats announces its Eighth Wave of Nostr Grants, directed at five projects:
- Formstr
- Groups
- Coop
- Nostrability
- NIP-44 Libraries Audit
Mining
- 1:20:23 Deutsche Telekomâs subsidiary, MMS, collaborates with Bankhaus Metzler to pilot âDigital Monetary Photosynthesisâ, a Bitcoin mining initiative to manage surplus energy and stabilize Germanyâs power grid. [Press release]
Privacy
- 1:20:38 British activist and journalist Tommy Robinson, was sentenced to 18 months in prison after failing to unlock his phone for police under the Terrorism Act during a stop at the Channel Tunnel in July [Zero Hedge]
- 1:20:47 Former TD Bank anti-money laundering employee, is indicted for unlawfully distributing customersâ personal identifying information on Telegram [Press release]
- Evidence shows Sewell collected data from over 70 customers, including images of 255 checks, and advised accomplices on account-opening to deposit the checks, profiting from shared proceeds.
- 1:21:02 Kenya to require incoming passengers to declare phone IMEI numbers from 2025 [Android Kenya]
- Starting January 1, 2025, travelers entering Kenya must declare all mobile phone IMEI numbers via the F88 passenger form.
- 1:21:09 Apple adds âinactivity timerâ feature in iOS 18.1 that reboots iPhones after prolonged inactivity [404 Media]
- Researchers confirm the feature shifts iPhones from âAfter First Unlockâ to the more secure âBefore First Unlockâ state, where standard forensic tools struggle to extract data.
Protocol
- 1:22:16 Ren Crypto Fish, Steve Lee and Lyn Alden publish Analyzing Bitcoin Consensus: Risks in Protocol Upgrades
- The paper examines the evolution of Bitcoinâs consensus mechanisms and potential risks involved in future protocol upgrades from both economic and technical perspectives. It outlines historical trends, changes, and contentious periods in Bitcoinâs consensus development since 2009. [Github]
- 1:25:30 BIPs #1676: Updates the status of BIP85 to final, as it is now widely deployed and has reached a point where breaking changes are no longer introduced. This decision follows the recent merging and subsequent reversion of a breaking change. [Merged]
- 1:25:47 LDK #3207: Adds the ability to include invoice requests in the async paymentsâ onion message when paying static BOLT12 invoices as an always online sender. [Merged]
Government & Political
- 1:26:05 U.S. Department of Justice charges AurumXchange operator with laundering funds linked to Silk Road [Coin Telegraph]
- The DOJ accuses the former operator of AurumXchange, of laundering over $30 million, including funds from the Silk Road darknet marketplace. He allegedly failed to register with the U.S. Treasury and neglected AML requirements, processing transactions without proper oversight.
- 1:26:12 Bitcoin Fog alledged operator, Roman Sterlingov, has been sentenced to 12.5 years in prison for money laundering conspiracy [DoJ Press release]
- 1:26:34 Argentinaâs central bank hosts a live Bitcoin mining art exhibit titled âArt, Artificial Intelligence, and the Future of the Economyâ by Alberto Echegaray, becoming the first central bank to publicly mine bitcoin [Bitcoin News]
- 1:26:50 BIS to leave cross-border payments platform Project mBridge Reuters
- Project mBridge, launched in 2021 with central banks from China, Hong Kong, Thailand, and the UAE, was joined by Saudi Arabia in June. Despite reaching the âminimum viable productâ stage, BIS General Manager Carstens emphasized that it is not yet ready to begin operations and will require many more years of development.
- 1:26:56 Sovereignty concerns arise over digital euro as European Union and European Central Bank debate control [Politico]
- The digital euro project has sparked tension between EU governments and the ECB over control and authority. Countries like France and Germany express concerns about ECB overreach, fearing that its control over digital wallet limits could threaten the banking sectorâs stability.
Events
- 1:27:22 Btc Hel: The first ever large scale bitcoin conference in the Nordics.
- August 15-16, 2025 in Helsinki, Finland
Reads
- 1:27:46 Hereâs a list of our top recently published reads:
- On Ossification by Jameson Lopp [Blog post]
- Quantum Computing: Between Hope and Hype by Scott Aaronson [Blog]
- Analyzing Bitcoin Consensus: Risks in Protocol Upgrades by Ren Crypto Fish, Steve Lee and Lyn Alden [Github]
- Why Iâm Betting Big on Nostr by Hivemind Ventures [Blog]
- The case against edits by Fiatjaf [Note]
- Digital Gold: Evaluating a Strategic Bitcoin Reserve for the United States by Bitcoin Policy Institute [Research paper]
Episode submission ideas
- Weâre looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
- Podcast Twitter
- NVK Twitter
- Telegram
- Nostr & LN âĄnvk@nvk.org (not an email!)
Did I get anything wrong above? Help me correct it producer@coinkite.com