I’m joined by guests Rob Hamilton & Rijndael to go through the list.

Listen on your favorite podcast app:

Housekeeping

  • 00:01:09 OP_Next recap

Bitcoin

Software Releases & Project Updates

  • 00:15:18 Coldcard
    • Shared Improvements - Both Mk4 v5.4.2 and Q v1.3.2Q
      • New Feature: Multisig transactions are finalized when sufficiently signed. Allows use of PushTX with multisig wallets
      • New Feature: Signing artifacts re-export to various media. Now you have the option of exporting the signing products (transaction/PSBT) to different media than the original source. Incoming PSBT over QR can be signed and saved to SD card if desired.
      • New Feature: Multisig export files are signed now
      • Enhancement: NFC export usability upgrade: NFC keeps exporting until CANCEL/X is pressed
      • Enhancement: Add Bitcoin Safe option to Export Wallet
      • Enhancement: 10% performance improvement in USB upload speed for large files
      • (Q only) Enhancement: Always choose the biggest possible display size for QR
    • Two New Heavyweight Features
      • CCC: COLDCARD can now Co-sign like collaborative multisig HSMs, no centralized servers needed
      • KeyTeleport: Send secrets on a video call to other COLDCARD! Securely move seeds, secure notes/passwords, multisig PSBTs, even full backups (full clone), between two Q using QR or NFC
  • 00:42:53 Bitcoin Core v29.0
    • Notable changes
      • P2P and Network Changes
        • Support for UPnP was dropped
        • libnatpmp was replaced with a built-in implementation of PCP and NAT-PMP
        • When the -port configuration option is used, the default onion listening port will now be derived to be that port + 1 instead of being set to a fixed value
        • Upon receiving an orphan transaction, the node will attempt to download missing parents from all peers who announced the orphan
      • Mempool Policy and Mining Changes
        • Ephemeral dust is a new concept that allows a single dust output in a transaction, provided the transaction is zero fee
      • Updated RPCs
        • The RPC testmempoolaccept response now includes a reject-details field in some cases, similar to the complete error messages returned by sendrawtransaction
        • Duplicate blocks submitted with submitblock will now persist their block data even if it was previously pruned
        • getmininginfo now returns nBits and the current target in the target field. It also returns a next object which specifies the height, nBits, difficulty, and target for the next block
        • getblock and getblockheader now return the current target in the target field
        • getblockchaininfo and getchainstates now return nBits and the current target in the target field
        • the getblocktemplate RPC curtime (BIP22) and mintime (BIP23) fields now account for the timewarp fix proposed in BIP94 on all networks
      • New RPCs
        • getdescriptoractivity can be used to find all spend/receive activity relevant to a given set of descriptors within a set of specified blocks
      • Updated Settings
        • The maximum allowed value for the -dbcache configuration option has been dropped due to recent UTXO set growth
        • Starting with v28.0, the -mempoolfullrbf startup option was set to default to 1. With widespread adoption of this policy, users no longer benefit from disabling it, so the option has been removed, making full replace-by-fee the standard behavior
        • Setting -upnp will now log a warning and be interpreted as -natpmp. Consider using -natpmp directly instead
        • As a safety check, Bitcoin core will fail to start when -blockreservedweight init parameter value is lower than 2000 weight units. Bitcoin Core will also fail to start if the -blockmaxweight or -blockreservedweight init parameter exceeds consensus limit of 4,000,000 WU
      • Build System
        • The build system has been migrated from Autotools to CMake
  • 00:47:21 BDK v1.2.0
    • TxBuilder add_recipient function now accepts anything that implements Into<ScriptBuf>
    • The wallet considers a coinbase output eligible for selection if it will mature in the next block
    • Wallets persisted with a rusqlite::Connection are checked to be thread-safe
    • The bdk_chain dependency is updated to version 0.21.1, plus a number of internal cleanups
  • 00:48:12 Coinswap v0.1.1
    • Core Protocol & Performance Improvements
      • UTXO Management: A major source of latency due to frequent Core RPC calls have been removed by having custom in-memory UTXO indexes. These maps are also persisted in the disk, reducing wallet sync time.
      • Coin Selection: State of art coin-selection algorithms, similar to Bitcoin Core, is integrated, making various kind of tx creation more efficient.
      • Fidelity Management: Fidelity bond management tasks, like bond expiry checks, redemtion, recreation, is now automated in the maker servers. Reducing user responsibilities of managing Fidelity Bonds.
      • Taker Liveness: A new message WaitingFundingConfirmation have been introduced to mainatin swap connections between Takers and Makers to handle variable block confirmation delay
    • User Experience & Compatibility
      • Compatibility: The crate and the apps are now fully compatible with Mac
      • Tor: Tor operation is streamlined providing faster and more resilient tor connections. Tor addresses are now deterministically linked with the wallet seed, ensuring constant onion address across system reboots
      • UI/UX: Improved display of various user facing structures like, balances, utxos, offer data, fidelity bonds and overall improvements in system logs. Making the apps more fun to play with
      • API Design: Streamlined various transaction creation routines to use a single common API. Reducing technical debts and removing redundant code
      • Protocol Spec Documentation: Details how CoinSwap breaks the transaction graph and improves privacy through routed swaps and amount splitting. Includes diagrams for clarity
  • 00:48:56 Electrum Wallet
    • NIP47 plugin
      • Implements Nostr Wallet Connect (NIP47) plugin, which supports remote control of Electrum lightning wallet through Nostr protocol as a plugin with CLI and QT gui compatibility.
      • Users can set a 24-hour budget and connection expiry date when connecting Electrum as a funding source for clients like Amethyst, Alby, Bitbanana, and lnbits.
    • Userspace plugins
      • The next release of Electrum Wallet will make it possible to install plugins developed and distributed by third-parties.
  • 00:52:45 BTCPay Server v2.1.0
    • Add better MultiSig flow when all users are using BTCPay Server
    • Remove ZCash and Monero from core code
    • Disable cold wallet creation by default
    • Add support for RBF and improve UX for CPFP
    • Greenfield: Add refundBOLT11Expiration to Get/Update store endpoint
    • Greenfield: Add invitationLink and disabled properties to user APIs
  • 00:53:33 Nunchuk Android
    • v1.9.67
      • Option to disable key path spending in Taproot/MuSig2 multisig wallets
      • Fee estimates for key path spend versus script path spend
      • Option to export transaction history to CSV file
      • Option to create a Software key now and back up later
      • Fee settings
    • v1.9.66
      • New and improved encrypted group wallet
  • 00:54:04 Liana v10.0
    • This version does not introduce any breaking changes in the database schema
    • Two new features are implemented: Backup and Third party keys fetching during the install
    • Liana GUI
      • During the install process, the xpub of a key provider can be fetch from a Wizardsardine service by entering a token
      • This Xpub can be used as a “Safety Net”, a paid product where a third party keeps a recovery key for you in case you lose your access to your funds
      • We changed the default value of the “standard” recovery paths to ~1y, so the safety net can be quickly set with the maximum timelock without conflicting with an other recovery path
      • Due to rust-miniscript compiler changes, for the same keys setup the output descriptor may differ from one generated by a v9 Liana. Both descriptors are supported by Liana v9 and v10 versions
      • A new backup system for wallet configurations, including descriptors, has been introduced
      • Users can now back up their wallet configurations by downloading a file during the wallet creation process
      • They can also update their backup (for changes in labels, aliases, etc.) by downloading it from the Wallet settings
      • This backup file can be used to restore the wallet or keep it synchronized across different devices
      • This backup does not include hot keys (computer generated mnemonics)
      • A new “Export/Import” section will be available in the settings, consolidating all export and import options
      • This section will include the backup and restore wallet functions, as well as new features like “Export Labels” and “Export Descriptor.”
      • The export of labels adheres to the BIP329 standard, both in the wallet backup and the “Export Labels” function
      • Replace by fee action can now be executed on transactions without any related PSBT in the database
  • 00:54:51 The Mempool Open Source Project v3.2.0
    • Highlights:
      • Support for v3 transactions
      • Support for anchor outputs
      • New UTXO bubble chart on the address page
      • DATUM miner tags
      • Tags to identify runestone messages and inscriptions
      • Package broadcast
      • Stratum job data visualizations
      • Taproot multisig labels
      • Transaction & PSBT preview feature
      • Address poisoning detection
      • And more
  • Cove v0.3.0
    • Upgrade BIP329
    • Check for the next 30 addresses for txns even if not revealed
    • TAPSIGNER setup initial pin
    • TAPSIGNER import already initialized card
    • TAPSIGNER change PIN
    • TAPSIGNER create download backup
    • Readable card ident
    • Sign PSBT using TAPSIGNER
    • Watch for changes on unconfirmed txns
  • 00:57:01 BoltzExchange boltz-web-app v1.7.3
    • Include rescue key in backup
    • Add Portuguese translations
    • Improve UX for copying address/invoice on click
  • 00:57:16 RoboSats v0.7.6
    • For Users
      • Dispute statement now requires a contact method to be submitted
      • Coordinator rating over nostr (BETA)
      • Token input now clears up blank spaces
      • Add some messages to the trade workflow to answer the most common questions
    • For Coordinators
      • Add cancel_status param to the cancel order action
  • 00:57:21 Bitcoin Safe
    • v1.2.3
      • Expand QR SignMessage Compatibility: SignMessage now supports all QR-UR-compatible hardware signers, including SpecterDIY, KeyStone, Passport, and Jade (additional to previous supported Coldcard Q)
      • Wallet Import via QR: Add the ability to import wallet-export-files via QR code, ensuring compatibility with Keystone’s latest firmware
    • v1.2.2
      • Add Address poisoning detection and warning
      • Nostr sync&chat alias now also appears in share menu of the TX/PSBT
  • 00:57:58 Blockstream Green
    • Android v4.1.8
      • Add Language preference in App Settings
      • Enable Android data backup for disaster recovery
      • Allow setting custom Electrum gap limit with default server
    • iOS v4.1.8
      • Rename L-BTC to LBTC
      • Improve notifications translations
      • Persist wallet list across app reinstallation
      • Reduce login time
      • Improve background lightning payments
  • 00:58:08 Rust Payjoin v0.23.0
    • This release features a first-class persistence abstraction, wire protocol changes for RFC 9540 support, and better compliance with the BIP78 specification. It also pays back a whole bunch of tech debt including enhanced error handling, expanded functionality with new modules and additive features, and improved test infrastructure. There are breaking API and protocol changes as a result.
    • Changelog
      • Make features additive
      • Make receiver errors replyable to the sender
      • Introduce “directory” feature module
      • Accomodate updated BIP78 spec
      • Introduce experimental multiparty sender behind the “_multiparty” feature flag
      • Add support for RFC 9540
      • Add first-class persistence abstraction
      • Add many more tests, significantly improving test coverage
  • 01:01:15 Zaprite v2025.04.14
    • Added
      • Client Updates: Add new messaging in the browser to alert users when a new version of Zaprite is available
      • API: Add a new disablePaymentNotifs option to our API Order creation fields
    • Changed
      • New Organizations: Add the Organization Name field to the New Organization form to make it easier to identify Organizations after being created
  • 01:01:41 ESP Miner v2.6.1
    • New Features
      • Wi-Fi
        • SSID WiFi lookup
        • Expose Wifi RSSI to API endpoint
        • Init AxeOS AP mode
      • User Interface (UI)/Display
        • feat: add tooltip for pwm invert and flip screen by @WantClue (#709)
        • Add sorting switch to swarm page for hostname and ip
        • Show share reject reasons
        • Add asic failure status screen
      • Mining/Pool/Stratum
        • Keep old pool config synchronized until reboot
        • Add support for extranonce2_len<4
        • Improve pool fallback code
        • Update confusing connect to pool log message
        • Refactor Stratum code for Seamless Failover
      • Hardware/Power/Overclocking
        • Use url params to unlock overclock
        • Overclock url params
        • GammaTurbo support and HW abstraction
        • Create TPS546 VCORE alerts
        • Get combined current (power) for multi-phase TPS546
      • And more: API/Backend, Development/Build/Testing, Configuration/System, Documentation/Miscellaneous, and Fan Control.
  • 01:01:48 Krux Update
    • Krux achieves first air-gapped PGP signature using secp256r1 NIST P256 curve, which requires a coordinator for metadata support.
    • The developer chose secp256r1 for “size and efficiency for running on microcontrollers” after abandoning RSA due to processing-intensive steps.
  • 01:02:29 Iris Wallet Desktop v0.2.0
    • RLN Node Compatibility: The app now checks if the RLN node version is compatible at startup
    • Backup and Restore Improvements: Backup and restore now use a temporary folder, which gets deleted automatically after the process finishes
    • Error Reporting: Add an error dialog to report issues when unlocking the node
    • Data Directory Separation: Separate data storage paths for the application and the RLN node
    • Logs Cleanup: Remove unnecessary QProcess logs of the RLN node to reduce logs
    • GitHub Actions Update: Update GitHub Actions workflow to build the RLN node using a specific commit ID
  • 01:02:46 Bitcoin Core Config Generator Update
    • Now compatible with Bitcoin Core v29.0
  • 01:02:52 UTXOracle is Now live

Project spotlight

  • 01:04:14 SwiftSync: Smarter synchronization with hints [Discussion]
    • SwiftSync provides near-stateless, fully parallelizable validation of the Bitcoin blockchain using hints about unspent outputs (<100MB total), verifying validity through a hash aggregate that equals zero when successful.
    • Unlike traditional Bitcoin Core validation, SwiftSync eliminates database lookups, reduces memory usage, and enables parallel processing.
  • 01:04:43 PrivatePond: A Bitcoin Payjoin application to optimize transaction rails for services, such as deposits, withdrawals, and automated wallet rebalancing [Github]
    • Private Pond optimizes Bitcoin transactions by queuing withdrawals and processing them at fixed intervals, enabling batching while user deposits can fund withdrawals through Meta Payjoin, reducing hot wallet liquidity requirements.
  • 01:05:00 JoinMarket Fidelity Bond Simulator: A tool for JoinMarket makers to evaluate their competitive position in the market based on fidelity bonds [Github]
    • Features include simulating maker selection probability using real orderbook data, calculating bond values based on amount and lock time, and comparing different bond strategies.
  • 01:05:52 DahLIAS: Discrete Logarithm-Based Interactive Aggregate Signatures [Research paper]
    • DahLIAS allows multiple signers to produce a single constant-size signature that verifies all messages simultaneously.
    • The scheme features a two-round signing protocol with possible preprocessing and verification that is asymptotically twice as fast as batch verification of individual Schnorr signatures.
    • DahLIAS supports key tweaking for Bitcoin applications and is proven secure under the algebraic one-more discrete logarithm assumption in the random oracle model.
  • 01:06:00 Satoshi Escrow (scrow): A Bitcoin non-custodial peer-to-peer dispute resolution using only Nostr keys [Github]
    • Satoshi Escrow offers Bitcoin transactions through 2-of-2 multisig addresses where buyers and sellers lock BTC using only their Nostr keys (nsec/npub)
    • The system utilizes Pay-to-Taproot multisig technology and can be used offline on air-gapped computers
  • 01:06:12 Taplocks: Verifiable but Unspendable Tapleafs via Hashlock Mechanism
    • A recent proposal introduces Taplocks, a method to enforce unspendability of Taproot script paths containing OP_SUCCESS before opcode activation. The technique prevents premature spending while allowing smooth migration to new opcodes (e.g., CAT, CTV, or OP_WASM).
    • Key Mechanism:
      • Problem: Post-Taproot, OP_SUCCESS makes any script containing it immediately spendable, even before intended opcode activation.
      • Solution: A hashlock-like construct is applied over the script (not within it) using SHA-256 length extension.
    • The oracle pre-images a secret, which must be revealed to construct a valid spending script.
    • A ZKP (e.g., STARK) proves the script header contains only a data push and padding, ensuring no hidden malicious logic.
    • Benefits:
      • Eliminates manual UTXO migration post-activation.
      • Maintains security under the same trust assumptions as signing oracles.
    • Rijndael Explainer
    • Full technical details available on Github.
  • Censorship Resistance Threshold: A calculator estimating how many guerrilla miners are required to secure Bitcoin against censorship
    • The tool factors in existing guerrilla hashrate and calculates additional miners needed to reach the critical 51% threshold for censorship resistance.
  • 01:15:48 bitcoin.softforks.org: Easily compare various features, facts, and figures for the many soft fork proposals under consideration [Github]
    • The website serves as a research database educating the Bitcoin community about active soft fork proposals and helping evaluate them comparatively.
  • 01:15:52 CTV and CSFS Enabled Bitcoin Node: Mutiny Signet Docker Setup [Github]
    • “A Docker-based Bitcoin node configured with CheckTemplateVerify (CTV) and CheckSigFromStack (CSFS) capabilities enabled.”
    • “This node runs on a special signet (MutinyNet) that allows developers to test and build applications using these proposed Bitcoin protocol upgrades.”
  • 01:16:03 UTXOscope: A text-only BTC price heatmap built only from UTXOs, inspired by UTXOracle [Github]
    • UTXOscope analyzes newly created UTXOs to visualize Bitcoin price trends without relying on external exchanges or price feeds.
  • 01:16:13 Block Bitcoin Treasury: A visualization of Block’s Bitcoin treasury holdings [Github]
    • Block launches a bitcoin corporate holdings dashboard with BTC-to-USD real-time price quote API on GitHub, enabling companies to track bitcoin treasury assets.
  • 01:16:47 Waye: A website to discover tools, programs, and support systems designed to help open-source developers thrive. Waye empowers builders to stay clear-headed, motivated, and aligned for long-term impact [Github]
    • The OS Waye Foundation operates as a 501(c)(3) nonprofit providing tools, research, and frameworks to support open-source developers in the decentralized ecosystem.
  • 01:17:08 Sovereign Craft: A bitcoin-based Minecraft server offering an educational gaming experience
    • Sovereign Craft is a Minecraft server integrating Bitcoin as in-game currency that functions in the real world through custom wallets powered by LNBits

(Not) a Vulnerability Disclosure

  • 01:17:17 Pay-to-Anchor outputs now exploited for blockchain spam [Twitter post]
    • Pay-to-Anchor outputs in Bitcoin’s Lightning Network, designed to allow fee adjustments for channel closures, are being used to spam the blockchain with low-value transactions.

Vulnerability Disclosures

  • 01:18:10 CVE-2025-27840: New ESP32 vulnerability threatens Bitcoin security? [Daily CyberSecurity]
    • Researchers at Crypto Deep Tech discover a cryptographic vulnerability in ESP32 microcontrollers that could put of IoT devices and Bitcoin-related hardware at risk.
    • Six major flaws are identified, including invalid private key acceptance, weak random number generation, and signature forgery capabilities, with researchers demonstrating a successful attack recovering a private key from a wallet.
  • 01:20:49 Breaking ECDSA with two affinely related nonces [Research paper]
    • Researchers demonstrate a new vulnerability in ECDSA where private keys can be compromised when two nonces have an affine relationship, even if they are distinct and used for the same message.
    • The attack method requires only two signatures and uses algebraic techniques without needing lattice reduction or brute-force searches when the relationship between nonces is known.
    • Additional resource: Why Schnorr signatures should be preferred over ECDSA [Schnorr vs. ECDSA]
  • 01:21:02 Chinese SHOWJI phones contain pre-installed malware targeting cryptocurrency users [The Hacker News]
    • Cheap Chinese Android phones, particularly SHOWJI brand models, ship with pre-installed trojanized apps disguised as WhatsApp and Telegram that swap cryptocurrency wallet addresses during conversations.
    • The malware campaign has stolen approximately $1.6 million in cryptocurrency over two years, with attackers using about 30 domains and 60 command-and-control servers to manage the operation.
  • 01:21:44 X users discover hidden data access beyond official API [Security Express]
    • Users access hidden X data through browser developer tools by filtering network requests for “UserByScreenName” responses, revealing comprehensive datasets for public accounts.
    • The technique exposes sensitive metadata including NSFW flags, regional restrictions, and “protected” account status, plus access to direct messages including from blocked or deleted users.

Audience Questions

  • Thanks to everyone who sent in questions. Remember to send yours to questions@bitcoin.review.
    • 01:23:46 “How do we use open time stamps for transfer of assets using two party integrity between holders?” -@AVERAGE_GARY
    • 01:24:50 “Does Cove have testnet4?” -@AVERAGE_GARY
    • 01:25:15 “Can you explain like I’m 5 what opcodes are, how they are used on the network, and the level of optionality that applies to them?” -@anon
    • 01:26:49 “Please discuss this idea: Block-based TOTP for bitcoin wallet passphrase validation [Note]” -@anon

Privacy & Other Related Bitcoin Projects

Software Releases & Project Updates

  • 01:28:48 Tor Browser v14.5
    • Connection Assist now on Android
    • Add Belarusian, Bulgarian & Portuguese
    • Improve log readability
    • Better performance when quitting the app
  • 01:28:51 TailsOS
    • v6.14.2
      • Update Linux to 6.1.133, which fixes multiple security vulnerabilities that may lead to a privilege escalation or information leaks.
      • Update perl to 5.36.0-7+deb12u2, which fixes a heap-based buffer overflow vulnerability, which may result in denial of service, or potentially the execution of arbitrary code.
    • v6.14.1
      • Improve confinement technology used to protect files from possible security vulnerabilities in Tor Browser.
        • With Tails 6.14.1, you can safely access any folder in your Home folder or Persistent Storage from Tor Browser.
  • 01:28:53 NymVPN v2025.6 - Rhubarb release
    • Connection
      • Connection times have been reduced by registering Wireguard keys entry and exit gateways in parallel to improve NymVPN connection times
      • An always-on kill switch toggle has been added to settings so you can be sure unprotected traffic is blocked
      • NymVPN for Linux, macOS and Windows will launch without network connectivity to improve connection time by using available networks and caching the network environment between app run times
    • Improve in-app assistance
    • Improvements to existing features
      • Linux and Windows: Auto-start for NymVPN and nym-vpnd at device startup
      • Mixnet mode enhancements: New changes to ensure privacy and improve performance in Anonymous Mode (e.g., with fixes to Poisson delays, backpressure, SURBs)
  • 01:28:55 MapleAI [Update]
    • Maple AI chat product is now available as native apps for macOS and Linux users, offering end-to-end encryption, secure enclaves, and cross-device syncing.

Project spotlight

  • 01:28:59 Git With Me: Peer-to-peer, encrypted, ephemeral Git collaboration (git daemon with encryption) [Code repository]
    • Git withme provides a way for a single host to invite numerous peers with short, one-time secure codes. The peers connect directly via Dilated Magic Wormhole channels, allowing collaborators to git clone git://localhost/.

Lightning + L2+

Project spotlight

  • 01:29:17 Misty Breez: A hybrid Lightning and Liquid network wallet built with the Nodeless Breez SDK [Github]
    • The wallet supports multiple payment options including BOLT 11/12 invoices, LNURL-Pay, Lightning Addresses, BTC addresses, and offline payments via mobile notifications.
  • 01:29:25 Sovereign Tools: A comprehensive Bitcoin and Lightning Network wallet comparison tool built with React, Express, and TypeScript [Github]
    • The platform currently evaluates 18 Lightning Network wallets across 43 features including platform availability, invoice compatibility, payment routing, and privacy features.
  • 01:29:28 Silk Road on Lightning: A marketplace for legal items and services using Bitcoin on the Lightning Network
    • The platform requires no KYC for registration, withdrawals, or purchases.
    • Sellers receive all payments in Bitcoin through the Lightning Network, even when buyers pay in USD. The platform automatically converts USD payments to Bitcoin.
  • 01:29:37 Cashu Token Decoder: A web tool for parsing and editing Cashu tokens

Software Releases & Project Updates

  • CLN v25.02.1 - Onion Packet Filler Accreditation II
    • Several bug-fixes were addressed in this release, including:
      • wallet: we could miss our own returned outputs on mutual closes if our peer didn’t support option_shutdown_anysegwit
      • lightningd now properly handles duplicate HTLCs on closing and no longer spams the log
      • Unilateral closes now calculate fees with the correct HTLC timeout and no longer pay egregious fees
      • topology crash on invoice creation if a peer had a really high feerate
      • make cleans up the old clnrest directory prior to building and installing the new rust version of the plugin
  • LNbits v1.0.0 - Alan Bits
    • Key Highlights
      • LNbits now at v1.0.0: the software is stable, hardened, and production-ready
      • Vue 3 migration: a complete frontend overhaul for performance and long-term maintainability
      • WebSocket payments: faster and more efficient, replacing older SSE and long-polling methods
      • New lnbits.sh install script: simplifies setup and local deployment
      • Access Control Lists (ACL): token-based permissions for powerful role and scope control
      • Admin tools:
        • Admin payments overview
        • Toggle outgoing payments
        • View payments from deleted wallets
      • NWC (Nostr Wallet Connect) support
      • Login with Nostr or OAuth: expanding integration and authentication options
  • 01:29:48 Zeus
    • v0.10.1
      • NameDesc/bLIP-11 support: add receiver name to invoices
      • Locales: Hindi
      • UI: Add dynamic background/text colors to Android NFC modal
    • v0.11.0 - Rolling out to community sponsors and contributors
      • PR #2946 introduces support for Cashu
        • Add support for an optional Cashu ecash wallet for Embedded LND users
        • Add support for all backends to sweep Cashu tokens to self-custody
        • New Cashu Lightning addresses added alongside our existing Zaplocker address (switch between as you wish)
        • New ZEUS Pay+ service for premium features, incl. custom handles, web POS, early access, LSP discounts
        • Modal messages to prompt users to upgrade to self-custody
  • 01:29:49 LDK v0.1.2 - “Foolishly Edgy Cases”
    • API Updates
      • lightning-invoice is now re-exported as lightning::bolt11_invoice
    • Performance Improvements
      • rapid-gossip-sync graph parsing is substantially faster, resolving a regression in 0.1
      • NetworkGraph loading is now substantially faster and does fewer allocations, resulting in a 20% further improvement in rapid-gossip-sync loading when initializing from scratch
      • ChannelMonitors for closed channels are no longer always re-persisted immediately after startup, reducing on-startup I/O burden
  • LNDg v1.10.0
    • Improve performance with LND using an updated forwards query
    • AutoFees now uses aggregated pubkey metrics for those that have multiple channels with the same peer
    • New metrics page: Unprofitable/Stuck Channels
    • Automates inbound fee updates when using AutoFees (enable with AF-InboundFees)
    • Batch Open Warnings
    • P&L Chart updated with on-chain costs
    • Advanced settings added for those who would like their channel db size to be read remotely (default remains local)
  • Alby
    • Js-SDK v5.0.0
      • In this release, we introduce a new LN class which makes it even easier to get quickly started sending and receiving bitcoin payments. We also add a NWCWalletService class which allows wallet developers to add NWC support without having to implement the low-level NWC code of creating and signing events, relay connection, etc.
      • Features
        • feat: add NWC Wallet Service
        • feat: add simpler LNClient class
    • Hub v1.16.0 - Rop Gonggrijp
      • Features
        • Alby pro subscriptions
        • Add bitrefill to app store
        • New sidebar
        • App store submission: ZEUS
        • Add lightning messageboard to app store
        • Improve settings pages UI
        • Add healthcheck alert
        • Add update button to what’s new widget
        • Show channel duration on open channel pages
        • Add funding txid and amount to LDK channel closed event
        • Show date on lightning messageboard messages
    • Go v1.12.0
      • Wallet switcher to swap wallets during payments, withdrawals, and connections
      • Enhance number formatting for locales that use decimal commas
  • Ark v0.5.4 - New SubscribeForAddress API, Fixes and Optmiziations
    • SubmitRedeemTx: remove useless extra PSBT decode
    • Add SubscribeForAddress explorer API
    • hotfix: TapscriptsVtxoScript.Decode returns an error in case array is empty
    • hotfix: GetTaprootTree use bytes.Contains instead of bytes.Equal
    • hotfix: CLTV locktime decoding
    • [Server] Move db write ops to background
  • Ark Labs HQ wallet-sdk
    • v0.0.12
      • DefaultVtxo.Script add default exit timelock
    • v0.0.11
      • VtxoScript abstraction
      • Mark as side-effect-free to allow Tree Shaking
      • Add ArkNote class
      • Reveal tapscripts in virtual transactions
      • SubscribeForAddress RPC + service worker database
      • feat: optimize ESM and CommonJS dual package support
      • ServiceWorker: support concurrent calls
  • Fedimint
    • v0.7.0 - Going Full-Stack
      • Highlights
        • Initial recurring payment support through LNURL (to be extended to BOLT12)
        • Integrated guardian and setup UI to simplify deployment
        • Beta support for running fedimintd behind firewalls and NAT routers without opening ports and registering domains
        • Lower on-chain fees through better estimation
    • v0.6.2
      • Allow overwriting blockchain API supplied to clients
      • Add parse_invite_code function in fedimint-client-wasm
      • Expose additional backup metrics via prometheus
  • Breez SDK v0.8.0 - Nodeless
    • Add WASM support (Node.js and Web)
    • Lower the minimum payment amount for sending
    • Enable fee payments in USDT
  • BlitzWallet v0.4.3-beta
    • Ecash Improvements
      • Increased eCash Limits: Users can now customize their maximum receive and balance amounts for eCash transactions. Previously, eCash payments were restricted below the minimum Boltz swap amount of 1,000 sats. Now, users can define:
      • Expanded Manual Swap Options: The manual swap page now supports:
        • Liquid to eCash transfers
        • eCash to Lightning transfers
        • eCash to Liquid transfers
      • Store Payments with eCash: Users can now pay for items in supported stores using eCash.
      • Wallet Balance Visibility: The remove wallet function now displays the entire eCash balance when enabled.
    • Payment Experience
      • SMS Payment Update Messages: Users receive SMS updates on payment progress, improving transparency of background progress.
      • Direct Tip Payments: Employees who use an LNURL or Blitz contact name can now be sent tips directly from the app.
      • Improved App Access with LN Issues: If the Lightning Network (LN) connection fails and LN is enabled, users can still access the app instead of being locked out.
    • Performance Optimizations
      • Optimized Transaction Sorting: Transaction processing has been improved for better app performance.
      • Bulk Requests for Contact Address Updates: Instead of making multiple single requests, the app now processes contact address changes in bulk, reducing network usage by 10x.
  • CDK v0.9.0
    • Features
      • Added
        • Amountless invoices NUT PR
        • create_time, paid_time to mint and melt quotes PR
        • cdk-mint-rpc: Added get mint and melt quotes ttl PR
      • Changed
        • cashu: Move wallet mod to cdk-common
        • Export Mint DB Traits PR
        • Move Mint and Melt quote to cdk commit from cashu PR
  • 01:31:40 Minibits Wallet v0.2.2-beta.5
    • This is a new native Minibits release with huge amount of changes needed to adjust the project to the planned release on iOS devices. However, it still comes with useful features and fixes for Android as well, notably:
      • New feature to lock ecash to a receiver’s pubkey
      • Faster confirmations of ecash minting and payments thanks to websockets
      • Major upgrade of all libraries, switch to React native’s new architecture
      • Planned iOS release-related platform checks and changes for android
  • 01:31:42 Hydrus v0.2.0
    • Channels routing policies adjustments= Channels routing policies are adjusted based on the channel state (capacity, local balance) and the amount of satoshis forwarded in the last activity period (agent.intervals.routing_policies).
    • CLI commands: Agent instructions and scores queries now have their own command to execute them separately. To run all agent tasks (open/close/updates) use the agent run command.
    • Built-in tasks scheduling: Choose how often to open/close channels or update routing policies without having to use systemd timers or cron jobs.
    • New open heuristic: This release introduces a new open channel heuristic called channels.block_height.

Nostr

Project spotlight

  • 01:31:44 Atomic Signature Swaps over Nostr: A protocol for exchanging Schnorr signatures using Nostr events
    • The protocol supports applications like paid Nostr events, payment receipts, contract signing, asset exchanges, and credential access tokens through specific event kinds (455, 456, 457, and 30455).
    • The cryptographic mechanism allows two parties to swap signatures by having one party provide a public nonce and the other provide an adaptor signature, with safeguards needed for Taproot UTXOs and Cashu tokens.
  • 01:31:51 Lantern: A layered annotations noting tool and emphasizer of readables on nostr [Code repository
    • “Lantern is a fork of Hypothesis that publishes page notes, annotations and highlights to Nostr.”
    • “URLs are normalized and we follow NIP-84 for Highlights and NIP-22 for replies, annotations and page notes. NIP-65 relay lists are used for publishing the events in the common case and NIP-51 relay sets for custom relay groups of annotations.”
  • 01:31:59 Promenade: Provider of multisig for events on nostr and destroyer of encryption [Github]
  • Loudr: Reference client implementation that uses Atomic Signature Swaps over Nostr for sponsoring the publication of Nostr events [Github]
    • “A reference client that implements the Atomic Signature Swap NIP for sponsoring the publication of Nostr events in exchange for Cashu payments.”
  • 01:32:09 Noauth-enclaved: A safe Nostr nip46 signer to be deployed on AWS Nitro Enclave [Github]
    • Noauth-enclaved is a NIP46 signer deployed in AWS Nitro Enclaves, providing isolated compute environments where clients can verify code integrity cryptographically.
    • Users can verify instance attestations containing code hashes and builder/launcher identities, manage app permissions through encrypted Nostr events, and communicate with the service using end-to-end encryption via Nostr relays.
  • 01:32:27 GM Swap: Atomic exchange of GM notes using Schnorr adaptor signatures [Github]
    • “A proof of concept implementation of the Atomic Signature Swaps NIP. This project enables users to swap GM notes, ensuring that both parties’ signatures are exchanged simultaneously or not at all.”
  • Nostr Event Synchronizer: Syncs past events to your designated write and read relays based on NIP-65
    • The service synchronizes nostr events between relays using the outbox model, retrieving past events chronologically and republishing them only to relays where they’re missing.
  • Aegis: A simple and cross-platform Nostr signer that supports multiple connection methods [Github]
  • Morning Glory: A paid blossom server that only stores blobs for a day
 just like the flower [Github]
  • Nostr4j: A high-performance Nostr library for the JVM, crosscompilable to javascript [Github]
  • Flotilla-Budabit: A fork of Flotilla which aims to provide a first class, git-centric community experience for developers [Github]
    • The platform offers eleven core features including repository browsing, branch views, issues tracking, patch threads, and real-time git chat for enhanced collaboration.
  • Zark: A tool to send sats to npub using Bark [Gitlab]
  • Nostr Game Engine: A game engine and framework for building games and applications integrated with the Nostr ecosystem [Github]
    • NGE is an open-source, royalty-free game engine designed for building games and applications integrated with the Nostr ecosystem
  • Bitcoin Calendar Bot: Archiving and relaying every Bitcoin milestone [Github]
    • Bitcoin Calendar Bot is an open source Go-based application that tracks and posts historical Bitcoin events daily to Nostr.

Software Releases & Project Updates

  • rust-nostr v0.41.0
    • Breaking changes
      • nostr: add optional relay URL arg to Tag::coordinate
      • nostr: update TagStandard::Label and EventBuilder::label
      • nostr: update custom field type in Metadata struct
      • pool: remove Error::Failed variant
      • pool: returns Output instead of an error if the message/event sending fails for all relays
      • pool: add reason field to AdmitStatus::Rejected variant
    • Changed
      • lmdb: enable POSIX semaphores for macOS and iOS targets
      • ndb: bump nostrdb to 0.6.1
      • pool: extend unit tests
      • pool: better handling of CLOSED message for REQs
      • relay-builder: send CLOSED if all possible events have been served
    • Added
      • nostr: add NIP-C0 (Code Snippets) support
      • nostr: add TagKind::u constructor
      • nostr: derive Copy for HttpMethod
      • nostr: add nip98::verify_auth_header
      • nostr: add push, pop, insert and extend methods to the Tag struct
      • nostr: add nip47::Notification
      • nostr: add MachineReadablePrefix::as_str method
      • nostr: derive Hash for EventBuilder and Metadata
      • pool: add Relay::ban method
      • pool: add AdmitPolicy::admit_connection method
      • keyring: add NostrKeyring
  • Primal iOS v2.1.49
    • Support for animated GIF uploads
    • Resolve issues with zap.stream URLs
    • Improve deep linking to threads
    • Fix rendering of mentioned events with unknown kinds
  • Nostur v1.20.0
    • Add support for Lists (kind 30000)
    • Show preview of feed from list
    • Turn list into feed tab with 1 tap
    • Subscribe toggle to keep updating the feed from original maintainer, or keep list as-is
    • Share List: Toggle to make list public
    • Lists tab on Profile view
    • ‘Add all contacts to feed/list’ post menu item
    • Discover tab now shows Lists shared by your follows
    • Enable manual ordering of custom feeds/tabs
    • New Top Zapped feed
    • New onboarding screens
    • New default color scheme/adjusted backgrounds
    • Lower delays and timeouts for fetching things
    • Improved hellthread handling
    • Support for comment on highlights (kind 9802)
    • Toggle to post to restricted/locked relay when starting post from single relay feed
    • Support relay auth for bunker/remote signer accounts
    • And more
  • Keychat App
    • v1.31.9 - Multi browser tabs
      • Multi browser tabs for desktop
      • Add pull_refresh to room list
      • Update style for browser home page
    • v1.31.2 - MLS Group && Macos dmg
      • Support desktop layout: Add DMG file for Mac OS
      • Desktop: Support pasting images and files into input fields
  • Nostr PHP v1.7.0
    • Add support for NIP-19 encoding and decoding bech32-encoded entities with identifiers and metadata.
    • Features
      • Implement NIP-19
      • Notes on naddr decoder (NIP-19)
      • Support all encodings, especially naddr
  • Citrine v0.7.3
    • Improve performance when exporting events
    • Improve memory usage when downloading your events
    • Improve query performance
  • Pokey v0.1.6
    • Now notifications include NIP-05 mentions
  • Nstart Update
    • Nstart is now multilingual: Currently available in English, Español, Italiano, Français, Deutsch and æ—„æœŹèȘž.

Boosts

  • 01:33:04 Thanks to everyone who streamed sats, and shoutout to our top boosters:
    • [🏆 TOP BOOSTER] @Rod Palmer Bugle News (10,000 sats) “PODCONF ✅”
    • @pink monkey (1,000 sats) “Whoa! đŸ”„đŸ‘ŒđŸ’ŻđŸ‘â€
    • @btconboard (300 sats) “Happy to discover this AI and coding podcast”
    • @jespada (100 sats) “Feeding the show to DVM rn, then asking o1 to write the spec then cursor = profit đŸ„‰â€
    • @AVERAGE_GARY (200 sats) “Does ecash enable blinded auditing for bitcoin books? đŸ€”â€ “First 30min is đŸ€ŒđŸ€đŸ”„â€
    • @larryoshi finkamoto (100 sats)

Tech Tips of the Day

  • Hide My Email (with Cloudflare): A browser extension to create unique, random email addresses that forward to your real inbox [Github]
    • Create up to 200 anonymous emails
    • Instantly creates new mailboxes
    • Works on any OS
  • Terms of Service; Didn’t Read, a website that helps users decipher complicated ToS, has just released an Android app for mobile users

Bitcoin Optech Newsletter

  • Highlights from recent Bitcoin Optech Newsletters
    • 349
      • SwiftSync speedup for initial block download: Sebastian Falbesoner posted to Delving Bitcoin a sample implementation and performance results for SwiftSync
    • 348
      • News
        • Educational and experimental-based secp256k1 implementation: Sebastian Falbesoner, Jonas Nick, and Tim Ruffing posted to the Bitcoin-Dev mailing list to announce a Python implementation of various functions related to the cryptography used in Bitcoin.
      • Changing consensus
        • Multiple discussions about quantum computer theft and resistance: several conversations examined how Bitcoiners could respond to quantum computers becoming powerful enough to allow stealing bitcoins.
        • Multiple discussions about a CTV+CSFS soft fork: several conversations examined various aspects of soft forking in the OP_CHECKTEMPLATEVERIFY (CTV) and OP_CHECKSIGFROMSTACK (CSFS) opcodes.
        • OP_CHECKCONTRACTVERIFY semantics: Salvatore Ingala posted to Delving Bitcoin to describe the semantics of the proposed OP_CHECKCONTRACTVERIFY (CCV) opcode, link to a first draft BIP, and link to an implementation draft for Bitcoin Core.
        • Draft BIP published for consensus cleanup: Antoine Poinsot posted to the Bitcoin-Dev mailing list a link to a draft BIP he’s written for the consensus cleanup soft fork proposal.

News & Noteworthy

Bitcoin

  • Bitcoin entropy puzzles: 68-bit challenge solved for 6.8 BTC [Twitter post]
    • The 68-bit puzzle was solved on April 7, 2025, by the same team that cracked the 67-bit puzzle in February, earning them 6.8 BTC.

Business & Finance

  • ACINQ resumes making its products available to customers in the United States, mentioning the “Ending Regulation By Prosecution” memo issued by the U.S. Deputy Attorney General [Announcement]
  • Bull Bitcoin launches in Mexico, allowing users to send pesos instantly to Mexican bank accounts using self-custodial BTC, LN, or Liquid wallets [Announcement]
  • Tether plans to implement OCEAN’s DATUM Gateway across global mining operations [Press release]
  • U.S.-based Bitcoin mining chip designer Auradine raises $153M in series C funding for Bitcoin and AI expansion [The Miner Mag]
  • Bakkt investors sue over revenue loss from non-renewed contracts [Coin Telegraph]
    • Investors file class-action lawsuit against Bakkt Holdings, alleging the crypto firm violated securities laws by failing to disclose its heavy dependence on Webull and Bank of America contracts.
  • BitGo and Voltage partner to scale Lightning Network for Bitcoin payments [Press release]
    • The partnership aims to bridge institutional security with Lightning infrastructure, allowing exchanges, neobanks, and fintech platforms to integrate instant Bitcoin payments.
  • Voltage announces Voltage Payments, a new API for bitcoin and stablecoin transactions [Announcement]
    • The service features flexible custody models, USD settlement options, and built-in compliance with SOC 2 Type II certification.
  • Bitcoin Keeper introduces Keeper Private, a premium self-custody service for high-net-worth individuals and organizations seeking long-term Bitcoin holdings guidance [Blog post] and Keeper Learn, a service offering a three-session educational program teaching Bitcoin fundamentals to beginners and teams.
  • Theya launches Bitcoin management solutions for businesses [Announcement]
    • The platform features flexible vault architecture supporting single-key or 2-of-3 multisig vaults for both cold storage and daily operations
  • Bitcoin on-ramp and custody service Magnolia completes Lightning Network implementation and will support it from launch, pending regulatory approval [Announcement]

Funding

  • OpenSats announces two new grant waves:
    • The Fourth Wave of Education Grants, supporting three projects that make Bitcoin education more accessible, practical, and useful: LibrerĂ­a de Satoshi, Crack the Orange, and FREE Madeira
    • The Eleventh Wave of Nostr Grants, supporting five projects focused on decentralized live streaming, off-grid connectivity, web-of-trust infrastructure, private messaging, and open tools for game development: Swae, HAMSTR, Vertex, Nostr Double Ratchet, and Nostr Game Engine
  • Brink announces supporting Bitcoin developer Sebastian Falbesoner (@theStack)’s transition to full-time open source work and that Eugene Siegel is joining Brink as an open source engineer for Bitcoin Core, bringing security experience from Lightning Network work and previous vulnerability disclosures.
  • Spiral announces @L0RINC as its newest grantee for his work on Bitcoin Core, “emphasizing performance benchmarking and optimizations, along with code quality enhancements, code reviews, block download time reductions, memory optimization, and code refactoring.”
  • Vinteum renews grant to now appointed BDK maintainer Leonardo Lima for his contributions to BDK and Fedimint [Announcement]
  • Einundzwanzig grants funding to Bitcoin Safe [Announcement]
    • Bitcoin Safe, created by former Specter developer Andreas Griffin, receives 1,000,000 satoshis funding to continue development of this open-source multisig wallet.
  • The Human Rights Foundation announces 1 billion satoshis in gifts from its Bitcoin Development Fund to support 20 projects worldwide: NetBlocks, TollGate, Vinteum, BTCPay Server, Africa Bitcoin Institute, Bitcoin Core Graphical User Interface (GUI), Rkrux, Elsat, Relay Wizard, Waye, Hashpool, Cashu KVAC, Brandon Black (Rearden), Tony Klausing’s Stable Channels, Bitsacco, The Core, Bitcoin Babies, East Asia Bitcoin Developer Apprenticeship Program, TalentLand 2025, Base58’s Bitcoin Live Action Role Play (LARP), BTCenEspañol, Bitcoin researcher Daniel Batten, and Bitcoin for Good.
  • Instant exchange eXch announces a 50 BTC open-source fund to support privacy-enhancing projects [Bitcoin Talk Announcement]
    • eXch is shutting down operations and changing owners on May 1st, 2025 after learning they are the target of a transatlantic operation aiming to prosecute them for money laundering and terrorism.
  • OpenCash Association offers a 2 million satoshi bounty for developing an open-source BTCPayServer plugin for Cashu payments
    • The plugin must include features to melt incoming tokens automatically to Lightning wallets and allow whitelisting of trusted mints to mitigate risks for merchants.
  • 256 Foundation announces 2025 open-source Bitcoin mining grant projects: Ember One hashboard, Hydra Pool, Libre Board, and Mujina Firmware, each led by specialized developers.
    • Grant cycles for the projects begin in April/May 2025 with end dates ranging from September to December, while a fifth project called Block Watcher is paused.
  • BDK Foundation adds AnchorWatch, CleanSpark, and Proton Foundation as new corporate members for 2025, joining founding members Spiral and OpenSats [Announcement]
    • Corporate membership dues fund open source developers who maintain BDK libraries and related FOSS projects supporting Bitcoin technology.
  • Bitcoin Legacy Project: A new funding initiative for Bitcoin ecosystem by Unchained [Blog post]
    • Financial commitments include $50,000 to the Bitcoin Policy Institute, $150,000 for a university endowment at University of Austin, and up to $250,000 in research grants through the Bitcoin Scholars program.
  • Project Eleven launches Q-Day Prize offering 1 BTC to the first team that breaks bitcoin’s elliptic curve cryptography using Shor’s algorithm on a quantum computer before April 2026 [Bitcoin Magazine]

Mining

  • Bitcoin Mining Centralization in 2025: A new publication by researcher B10c reveals that six pools control 95% of the network
    • Currently, Foundry (30%) and AntPool (19%) dominate Bitcoin mining, with the top four pools controlling 75% of the hashrate compared to a more decentralized era in 2017.
    • When accounting for “AntPool & friends” proxy pooling, the centralization becomes even more extreme, with six mining pools mining 96-99% of all blocks in 2025.

Privacy

  • Gmail introduces simplified E2EE for business customers [Google Blog post]
    • Gmail offers end-to-end encryption without complex S/MIME implementation, allowing users to send encrypted emails with just a few clicks regardless of recipient.
  • UK Court rejects secret hearing in Apple encryption challenge [Open Rights Group]
    • The Investigatory Powers Tribunal rejects the Home Office’s application for a secret hearing in Apple’s challenge against UK Government demands to break encryption.
  • European Commission unveils ProtectEU, a strategy aiming to establish Europol as “a truly operational police agency” for investigating cross-border threats [The Record]
    • The Commission plans to create roadmaps for lawful access to encrypted data while “safeguarding cybersecurity and fundamental rights” despite potential controversy and member states’ reluctance to surrender sovereignty.

Security

  • CISA renews MITRE’s Common Vulnerabilities and Exposures Program contract hours before expiration [NextGov]
    • The CVE Program, a 25-year global standard for cataloging cybersecurity vulnerabilities, faces uncertainty as a subset of the CVE Board plans to form an independent CVE Foundation.
    • CISA faces potential budget reductions amid political scrutiny. Homeland Security Secretary Noem aims to make CISA “much more effective, smaller, more nimble, to really fulfill their mission.”
  • The European Union Agency for Cybersecurity launch its own CVE database, the [European Union Vulnerability Database (EUVD)]
    • It serves as a centralized platform for the collection, management, and dissemination of information regarding vulnerabilities in information and communication technology products and services.
  • Android adds auto-reboot security feature after three days of inactivity [TechCrunch]
    • Google updates Android with new security feature that automatically reboots phones locked for three consecutive days, following Apple’s similar implementation last year.

Protocol

  • Bitcoin Core #31363: cluster mempool: introduce TxGraph [Merged]
  • Bitcoin Core #31278: wallet, rpc: deprecate settxfee and paytxfee [Merged]
  • Rust Bitcoin #4302: Add push_relative_lock_time() and deprecate push_sequence() [Merged]
  • LND #9669: Downgrade to legacy coop close for taproot channels [Merged]
  • LND #9620: chain: add testnet4 support [Merged]
  • LDK #3670: Handle receiving payments via Trampoline [Merged]
  • LDK #3593: [RFC] Implement a way to do BOLT 12 Proof of Payment [Merged]
  • Eclair #3045: Optional payment_secret in trampoline outer payload [Merged]
  • Eclair #2963: Use package relay for anchor force-close [Merged]
  • BOLTs #1242: Make payment_secret mandatory and ASSUMED [Merged]
  • NIPs #1881: Allow multi-user AUTH [Open]
  • NIPs #1875: Add Diff and Permalink kinds [Open]
  • NIPs #1873: Add guidelines tag to NIP-29 group metadata [Open]

Quantum

  • OpenSSL v3.5.0 introduces post-Quantum cryptography support [Cyber Security News]
    • OpenSSL v3.5.0 integrates three major post-quantum cryptography algorithms: ML-KEM, ML-DSA, and SLH-DSA
    • The update enhances TLS support with hybrid PQC Key Encapsulation Mechanism groups and adds server-side QUIC protocol support
    • Version 3.5.0 introduces new configuration options including no-tls-deprecated-ec and enable-fips-jitter, while changing default encryption from des-ede3-cbc to aes-256-cbc for some applications

Government & Political

  • Justice Department dismantles cryptocurrency enforcement team as part of Trump’s regulatory pullback [Fortune Crypto]
    • The DOJ disbands its National Cryptocurrency Enforcement Team (NCET), established in 2021 under Biden that prosecuted major crypto-related felonies including Tornado Cash and North Korean laundering operations.
    • Deputy Attorney General Todd Blanche calls for ending “regulation by prosecution,” but the memo contains numerous caveats that may still allow prosecution of developers if their services are deemed to facilitate criminal activity [The Rage]
  • Trump signs resolution to repeal IRS DeFi reporting requirements [Reuters]
    • President Trump signs H.J.Res.25, nullifying Biden-era IRS regulations that would have required non-custodial cryptocurrency service providers to file Form 1099 reports beginning in 2026.
  • Local authorities across China engage private companies to convert confiscated bitcoin into cash amid regulatory uncertainty [Reuters]
  • Panama City Council approves cryptocurrency payments for municipal services, including taxes, fees, and permits [Bitcoin Magazine]

Events

  • BTC Prague, Swan and GW University launch BTC in D.C., the Bitcoin conference in Washington D.C.
    • September 30 to October 1st, 2025 in Washington, D.C., U.S.
  • Chiang Mai approves Bitcoin Marathon and Festival, The World’s First Bitcoin Half Marathon
    • November 1-2, 2025 in Chiang Mai, Thailand
  • Bitcoin Designathon, a global online event organized by the Bitcoin Design Community to encourage designers and artists to collaboratively improve Bitcoin’s UX and accessibility through creative, open-source design projects. ​
    • May 4-18, 2025

Reads

  • Here’s a list of our top recently published reads:
    • A simple backup scheme for wallet accounts, by Salvatore Ingala [Delving Bitcoin]
    • Bitcoin Address Poisoning Attacks, by Jameson Lopp [Cypherpunk Cogitations]
    • A Brief History of Wallet Clustering, by @not_nothingmuch [The Scroll #3]
    • How Coinkite Defines Cypherpunk Bitcoin Security [Bitcoin Magazine]
    • Who pays for Bitcoin wallets?, by @Scoresby [Stacker News]
    • Three Staged Assassinations, by BitMEX Research [Blog post]
    • The Unwritten Rule, by Alekos Filini [Blog post]
    • DVMs were a mistake, by hzrd149 [Note]
    • Transacting with ecash while offline, by Gandlaf21 [Note]

Episode submission ideas

  • We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.

Get in touch with the pod

Did I get anything wrong above? Help me correct it producer@coinkite.com