BR056 - Breez, Mutiny, Unleashed.chat, 56 BTC hack, Ocean.xyz + MORE ft. Roy, Carman & Rijndael
I’m joined by guests Roy, BentheCarman & Rijndael to go through the list.
Quote of the Day
“Hardware: The part of a computer that you can kick.” - Jeff Pesis
Housekeeping
00:01:51 OpenSats long-Term Support For Will Clark
Will is a Chaincode alumnus and BTrust (formerly Qala) mentor who has been contributing to Bitcoin Core for several years.
His main focus areas are issue and PR triage, contributing fixes for issues and PR review, as well as user support and communication.
Since his onboarding to Bitcoin development, he has been systematically addressing both old and new issues, ensuring they are accurately diagnosed, resolved, or closed as necessary.
In addition to his work on Bitcoin Core, Will has also been pivotal in the creation of Warnet, a tool that helps to monitor and analyze the emergent behaviors of Bitcoin networks.
00:01:57 Unleashed.chat open for signups beta and taking sats4gen
Fast & Private
Sats4Gen
2x 8k models, 33b&70b
Context Embedding (PDF/TXT) 3x10MB [1Gb+ soon]
Coming:
180b
DVM API I/O
json/csv upload
Nostr DB
Fine tuning
Full segregation
Not for trivia like OpenAI, it doesn’t have internet access (yet)
Vulnerability Disclosures
00:03:38 Ledger user lost BTC after upgrade
“I have 5 year old Ledger Nano
October 23d upgraded firmware to 2.69.0
Tried to send some amount with specific UTXO with Coin Control
Got an error and decided to send BTC without specifying UTXO and the same problem again - error.
Few hour later found out all BTC was sent to unknown address.
Got 2 new txs (time of txs in logs matches txs attempted to send):
First one merged all UTXOs into one (possible Coin Control bug)
Second one sent correct amount, as I wanted to the recipient and change was sent to address they still can’t generate. Tried 10kk accounts and over 1 billion addresses (visible and change) on each account.
Other assets still on ledger
Seed phrase never been written on PC and phone or any kind of online services to store notes.”
00:08:20 Attacker managed to steal almost 56 BTC (while paying 83.7 BTC fee). [Mononaut]
“Most likely explanation is that the wallet was generated from bad entropy - perhaps a brainwallet, or too few dice rolls/coin flips, or an insecure PRNG”
“It’s unclear why the transaction was quickly fee-bumped using RBF. If it was a low-entropy wallet, perhaps multiple attackers were competing to steal the funds?”
“This might also explain the initial high fee. It could make sense for automated low-entropy wallet sweeping scripts to be configured to spend a high percentage of the value in fees to hinder competitors (or victims) trying to broadcast replacements.”
“83.7 BTC fee was exactly 60% of the stolen UTXO value. Seems like reasonable evidence for an automated script set to pay a fixed 60% of the value in fees to steal coins sent to vulnerable addresses. The original version of the transaction paid 71.10672932 BTC in fees, which was exactly 51% of the value.”
Twitter account @83_5BTC signed a message claiming to be the victim. Nifty vouches that it is in fact the victim and not the attacker.
83_5BTC has spoken to Antpool to try to get the fee returned.
00:15:50 New BLUFFS attack lets attackers hijack Bluetooth connections [Bleeping Computer]
Researchers at Eurecom have developed six new attacks collectively named ‘BLUFFS’ that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.
“Everything is susceptible.” ~ add_BTC chart
00:18:15 Wallet of Satoshi shuts down to US users [Announcement]
00:18:16 Nodeless.io has been shut down
“I knew this day would probably come, but didn’t expect it so soon. I am being investigated for running an illegal money transmission business in Canada (nodeless). Under the advice of my lawyers I need to shut down the main instance of it.” ~ utxo_one
Bitcoin
Software Releases & Project Updates
00:36:35 Sparrow v1.8.1
Add oxt.me as fee rates source (configure in Preferences)
Add historical fiat values to the transactions CSV (from Export Wallet or the Transactions tab) where an exchange source is configured
Increase and decrease maximum limit on fee rate slider where fee rate equals or exceeds current range
Add QR display (with save to PDF) to the Export Wallet > Output Descriptor option
Set non-mainnet fallback fee rates to 1 sat/vb
Switch from HttpUrlConnection to Jetty HTTP client for all external HTTP calls to avoid spurious DNS query
In Cormorant, check the wallet gap limit and increase the Bitcoin Core descriptor range if necessary
Set a smaller increment amount on the fee range slider for keyboard adjustments
Use fallback fee rate estimates if the connected server returns an error estimating fee rates
Show an error dialog on attempting CPFP where no outputs are spendable
Add Krux to the Import Wallet options
00:37:04 Floresta v0.5.1
Manual Peer Connections: You can now manually connect to a specific peer using the addnode RPC (#77 and #78).
Socks5 Support: Florestad now supports connecting with peers over multiple transports, including socks5, enabling use behind a socks proxy like Tor (#76).
Enhanced RPCs: Updated some RPCs like getblockchaininfo and getrawtransaction to provide more useful data, approaching Core’s functionality. getblockchaininfo now includes Utreexo-related data (#82).
ZMQ Block Notification: Subscribe over ZMQ to receive new blocks as they are accepted by the chainstate (#93).
BIP-158 Compact Block Filters: Implemented the creation and storage of Compact Block Filters for easy wallet rescan and UTXO discovery. Filters are built locally and exposed through a new rpc getfilter, aiming to reduce disk usage. Future phases may incorporate p2p-provided filters during initial sync-up for an optimal balance of functionality and storage efficiency (#89).
00:38:26 Nunchuk Android v1.9.37 / Desktop v1.9.25 / iOS v1.9.31
Byzantine roll-out (The collaborative custody platform for bitcoin advisors)
Features:
Byzantine allows bitcoin advisors and their clients to create multi-user multisig wallets easily. Clients have control of their bitcoins, while advisors hold a backup key for security.
Byzantine provides tools for collaboration, wallet and key management, advisory services, and long-term inheritance planning to enhance your advisory services.
For security, Byzantine uses cold storage exclusively for keys and supports various hardware signing devices.
00:39:08 Libwally Core v1.0.0
The library version number is now available as compile time constants (WALLY_MAJOR_VER, WALLY_MINOR_VER, WALLY_PATCH_VER, WALLY_BUILD_VER), and at runtime via wally_get_build_version.
Added support for wallet policies
Added support for iterating and querying keys in descriptor/policy expressions, including support for key origin information such as fingerprint and path.
The library allocation functions (which may be overridden by the caller at runtime) are now exposed as wally_[malloccallocfreestrdupstrdump_n]. Libraries using wally that wish to respect the callers allocation strategy can use these to avoid having to expose their own customizable allocator.
Added support for encrypted request/response protocols using ephemeral keys via wally_aes_cbc_with_ecdh_key.
The PyPI wheel uploads now include an sdist source distribution, allowing install on otherwise-unsupported architectures.
00:39:40 Citadel
New website - https://nirvati.org.
00:39:46 Blockstream Green iOS v4.0.19
Add watch-only import scanning Jade animated QR codes
Add delegated Lightning account for Jade
00:39:58 Blockstream Green Android v4.0.20
Support Lightning with Jade air-gapped BIP85 mnemonic
Support Jade watch-only import by scanning BCUR animated QR codes
Enable 2FA call method as an SMS backup
00:40:23 HODL HODL
New design release is live:
New contract flow
Improved chat messaging
Easy page navigation
More informative contact stages
Easier trading experience
00:40:33 ESP-Miner v2.0.4
Swarm view in AxeOS. Monitor and administrate all your AxeOS devices from a single view.
00:40:50 Peach 0.3.4
Updated how user reputation is calculated under the hood
Hungarian now incorporated
You can now delete your custom payout address
Rules to use PayPal have been relaxed
Project spotlight
00:41:03 Apollo II home miner by futurebit
Apollo OS 2.0
Built In Stratum Solo Pool
5nm ASICs
6-10TH/s Hashrate
As low as 28W/TH
200-400 Watts of Power
Starting at $799
00:42:27 BBQr - Better Bitcoin QR
Encodes larger files into a series of QR codes so they can cross air gaps.
“This protocol enables files larger than can fit into a single QR to be sent as a series of QR codes (an “animated QR”). The target file types are PSBT (BIP-174) and signed Bitcoin transactions, but it also supports CBOR, JSON and Text options for general purpose use.”
“We carefully consider the data inside QR codes, and apply a deep knowledge of how QR codes work, so that no pixel nor byte is ever wasted! Internally it supports HEX and Base32 serializations and a constrained ZLIB option for data compression. This is all done with an eye to embedded implementations on very contrained devices (ie. hardware wallets), which may not have enough memory to keep more than a single QR code around.”
00:55:18 OCEAN: Bitcoin mining as it was meant to be
Relaunch of Eligius Pool
Raised $6.2million in seed funding, led by Jack Dorsey, Accomplice, Barefoot Bitcoin Fund, MoonKite, NewLayer Capital, the Bitcoin Opportunity Fund, and other strategic partners
Non custodial: Miners paid directly by the network
Publishes block templates before solving them: Other pools do not permit their hashers to know what the block will look like until after/when/if it’s irreversibly solved
Transparent Index of Distinct Extended Shares - TIDES: Gives miners the ability to verify they are getting the exact reward that they should be as and when blocks are found.
In 2024, OCEAN will incorporate a marketplace where miners can sell their unrewarded proof of work (PoW) directly to buyers over Lightning for immediately spendable bitcoins.
Phase 2 will also permit miners to construct their own block templates. This radically increases the scope of a miner who uses OCEAN such that they become a solo miner who simply enjoys a more consistent income.
01:02:56 bitcoinminiguides.com: Bitcoin Mini Guides for Beginners.
01:04:52 libreriadesatoshi.com
“Translated to Satoshi’s Library, their mission is to make Bitcoin technical education accessible to a large number of Spanish-speaking people, allowing each of them to become bitcoin developers, bitcoin technical educators and entrepreneurs in the ecosystem.”
“Through a series of courses and seminars, from the basics of Bitcoin to the most advanced specifications of the lightning network, students are guided through a learning journey consisting of online lessons, asynchronous supplementary readings, practical workshops , tutoring hours and more.” ~ Alby
01:05:05 Truevote: Open, fully digital, tamper-proof, verifiable voting system [Demo / Whitepaper]
Secured by Bitcoin: Data is hashed into the Bitcoin blockchain, assuring each vote cannot be altered – forever immutable.
Voter Accounts: Each voter has an account on TrueVote. For each election, eligibility is determined by jurisdiction and registration status.
Election Administration Portal (EAP): Configurable portal to create and maintain each election and ballot
Data Privacy: All voting data is anonymized and unlinked. Only voters can see their name associated with a ballot.
Data Availability: All non-user identifiable data is downloadable for reporting, auditing, and analysis.
Open and Transparent: All core TrueVote code is Open Source on GitHub, MIT license. Community contributions welcome.
Easy to Use: Using the TrueVote app is as simple as filling out an online survey.
Multilingual: TrueVote is a worldwide service.
Lightning + L2+
Software Releases & Project Updates
01:05:22 Breez
01:20:30 Phoenix 2.0.7
Add button in receive screen to open scanner and read LNURL withdrawals requests
Grace period for swap-ins is now displayed in Wallet Info
01:10:26 Mutiny Wallet
iOS Testflight version is now available to Mutiny+ subscriber. Have released a guide for migrating from the Progressive Web App (PWA) to our native iOS or Android app
ZEUS zaps:
Disabled the ability to zap ZEUS due to “force closed channels due to stuck payments to Zeus due to their work arounds with locked payments. Which harm both the user experience and other lightning nodes on the network.”
Later re-enabled through an optional setting.
01:19:04 Mutiny Node
More reliable payments when sending, use full inbound capacity when receiving invoices, stop zapping zeus addresses which result in possible force closed channels.
Adds a config option if a user still wishes to pay hodl invoices
Fixes a small sorting issue with activity
Starts using LDK in std mode
Better feedback on device locks, with 60s limits instead of 120s. Show balance on force closed transactions before they are confirmed yet.
01:20:43 Alby v3.4.0 🪐 Stereo Jupiter near Opposition
Overhauled transaction lists & detail views
German translations
01:20:55 alby-js-sdk
Adds the ability to use the Alby API to decode invoices
01:21:03 Blixt Android v0.6.9-420
Added Lightning Box support.
Lightning Box is a Lightning Address provider, giving you an address to receive from. This works in conjunction with Persistent Mode.
Register your Lightning Box account from left menu -> Advanced -> Lightning Box
Added LUD-18 (identifier) support for Lightning Box
Added LUD-12 comment support for Lightning Box
Clams v2.0.0-beta.1
First public beta release for v2
Features:
All features that were included in v1 have been ported over to v2
New interface design.
Full refactor of codebase to include a local data set, utilizing a local DB for advanced and efficient queries.
Performance improvements to handle nodes with large data sets (> 100k payments).
New Native Desktop Application available for download.
Manage multiple CLN nodes connections at the same time.
Full onchain support including a new dedicated UTXOs route and intelligent payment summaries.
Passphrase encrypted sessions to improve security.
Advanced sorting and filtering options for payments, UTXOs, channels, offers and forwards.
1:25:26 BitBanana v0.7.0
Balance details on home screen
Added peer management (enable it in settings if needed)
More statistics on routing summary
Keysend messages
Opt in for invoicing without specific amounts
Improved error messages
Character count indication on payment comments
Translation updates
1:25:35 10101
Public beta launched including “Lightning’s First Self-Custodial Stablecoin” (USDP) and Non-Custodial Trading.
Add collab revert support without channel
Move backup button to settings
Refresh lightning wallet on received payment event
Move thermostat status to settings
Spawn blocking on force-close and close channel
Spawn backup tasks from static tokio runtime
Spawn blocking on send payment
Return to the correct screen after returning from settings
Increase back arrow clickable space on settings
Do not call periodic check twice
Add support for rapid gossip sync
Add collab revert support without channel
1:28:08 CLN v23.11: Bitcoin Orangepaper
Highlights for Users:
‘Check’ command now more powerful, checking parameters and potential system alterations.
Runes have enhanced access control with an additional restriction field and ‘last_used’ for ‘showrunes’.
Users can verify emergency backups with the ‘decode’ command.
‘Invoices-onchain-fallback’ adds taproot fallback addresses for onchain payments.
Highlights for the Network:
Default ‘large-channels’ setting is now ‘on’ (Wumbology).
Dual-funding process stores state during commitment_signed for funding continuation.
New ‘–commit-fee-offset’ flag reduces feerate update disagreements.
Plugins can register and send unknown messages, with splice bugfixes.
Highlights for Developers:
Wait and pagination API now supports ‘listsendpays’ and ‘listforwards’.
New ‘recover’ command retrieves unused nodes from ‘hsmsecret’.
‘Datastoreusage’ command shows a plugin’s database space.
Rust bindings receive expanded coverage.
Core-Lightning can’t be built with ‘–developer-enabled’; use ‘./configure –enable-debugbuild’ and set ‘–developer’ for features.
1:28:20 lnbits v0.11.2
New service fee settings that lets you earn a transaction fee for all internal or external transaction on an LNbits instance. Set these environment variables in your .env file or use the Admin-UI to enable this feature:
LNBITS_SERVICE_FEE: The service fee in percent
LNBITS_SERVICE_FEE_WALLET: The wallet that fees go to
lLNBITS_SERVICE_FEE_MAX: The maximum fee per transaction in satoshis
LNBITS_SERVICE_FEE_IGNORE_INTERNAL: Disable fees for internal transactions
lnbits-cli can now manage extensions
use Alby wallet as a funding source
Node Management via .env file without Admin-UI
1:28:29 lnd v0.17.2
Functional Enhancements
RPC Additions
lncli Additions
1:28:40 Cashu Nutshell v0.14.0
Well-known spending conditions: Nutshell now supports NUT-10 spending conditions including P2PK. This is a standardized way to create complex contracts between two Cashu users, if the mint supports a certain type of contract.
Pay to Pubkey (P2PK): Allows you to lock a token to a specific pubkey. That way, only the intended receiver can redeem a token and nobody else. The recipient receives the token by providing a valid signature when redeeming it with the mint. The contract is enforced by the mint.
DLEQ proofs: Discrete-log equality (DLEQ) proofs are now generated by the mint and handed over to wallets. Wallets can use these to verify the signature of the mint given their public key.
1:31:06 eNuts v0.1.2-beta
Spanish and Hungarian translations
Updated layout to adapt to different smartphone sizes and dpi
Improve UX for Nostr search function
1:31:27 Stacker News
Login by pasting magic link
Project spotlight
1:31:32 acceptln.com: Every email address now accepts Bitcoin Lightning
Type any email address — instantly send it Bitcoin Lightning
Accept payments on behalf of email addresses and we notifies them
Claim payments back within 60 days with no service fee
Nostr
Software Releases & Project Updates
1:31:57 NDK 2.2.0: OAuth unleashed
This release includes new features that will be proposed for NIP-46 that create an OAuth experience.
More things:
NDK is now 13x faster
NDK-Svelte-Components event rendering now neatly renders images as a carousel when appropriate
Tons of bugfixes
Notary DVM: Notarize nostr events with OpenTimeStamps and NIP-03. You can now anchor any nostr event to the bitcoin blockchain.
NIP-88 Recurring Subscriptions: Defines how to create recurring subscription events and subscribing/unsubscribing from these recurring events.
Nostr Wallet Connect DVM: The foundation to get asynchronous recurring payments. This DVM can accept a NWC secret and pay all your NIP-88 recurring events automatically. Now any nostr app can create an asynchronous subscription without dealing with requiring the user to come online to perform payments
1:34:27 rust-nostr v0.25.0
add extra nip11 fields
Negentropy Syncing
Custom time of reconnect options added
sdk: allow to change Key
sdk: fix stop and start
sdk: fix pong not match if connect method called multiple times
sdk: add Limits
Filters
Impl Display and FromStr for Method
1:34:32 Damus v1.6
Custom built, embedded C WASM interpreter (nostrscript), which will be used for custom algos, filters and lists
Longform note support
Hashtag following
Configurable reactions
New Live user status NIP (music, general)
Adjustable font sizes
A very long list of bug fixes and performance improvements
Fast and persistent profile searching using nostrdb
1:34:36 Amethyst v0.81.3
Massive refactoring to unify our internal signer with Amber’s signer in all supported events
Adds NIP-88 NOTIFY request support
Migrates our Block list to kind:10000
Adds default encryption and decryption permissions to the Amber login call to avoid multiple Amber screens open at once
Adds support for sending/receiving/approving multiple events at once
Adds a chat with seller flow to ShopStr’s event rendering.
Immediatly force-closes the WebSocket when leaving the app
Adds a geohash mipmap to event tags
Reduces multiple reconnections to relays when the app cold starts.
Adds back arrow button to the top of the Nav bar of the Thread view.
Adds a cache of the total amount of Zaps per note
1:34:43 YakiHonne now available for testing on Android and iOS
1:34:48 Nosotros
Now you can use Nostros offline
Update NIP-51: Adopted the recent changes for NIP-514
NIP-42: Nostros is now compatible with Relay authentication
Reduce refresh timings
Split Zaps
Exports
Pagination for invoices
1:34:52 Coracle v0.3.12
Add support for kind 30311 (streams)
Open relay detail page for relay links in content
Include mutes in WoT score calculation
Add setting to disable likes/reactions
Move some utilities to paravel
Add experimental DVM code
Disable NIP 24 messages for now
Use NIP 85 for relay reviews
Improve feed controls UX
Add rendering support for kind 1986
1:34:55 Yana v0.12.0
gossip (outbox/inbox) model see https://github.com/frnandu/yana/blob/master/GOSSIP.md for details
keep feed/notification subscription open with live new events popping up as soon as they’re broadcasted.
show in which relays a note was loaded from
login as…. use any accounts as read-only from your favorite users
choose to which relays to broadcast
local cache for events using https://github.com/isar/isar DB (native rust lib)
use https://github.com/relaystr/dart_ndk as relay connectivity
new promo landing page at https://yana.do (web demo app now lives at https://app.yana.do)
register nostr: in android so that nostr links give yana option as an app to open
generic mute lists (nip-51) for profiles, hashtags, words with either public or private elements.
separate search/blocked relay lists (nip-51), so you don’t need to keep your search relays on your main list
1:35:03 Nostree.me v.0.1.5 “That’s sexy”
Theme system allowing users to define and display their preferred theme automatically when others visit their page.
New modern, stylish look with polished interface components and enhanced accessibility.
Responsive Design: Nostree now adapts seamlessly to various screen sizes.
List Templates: Introduction of blank list creation or selection from suggested templates.
Redesigned Components and Shortcuts: Interface component redesign with added user feedback elements.
Introduction of keyboard shortcut (Ctrl+k or command+k on macOS) for the integrated search engine.
Improved ‘share on nostr!’ button with a modal for easy list sharing.
Bitcoin Whitepaper: Addition of the Bitcoin whitepaper to the root of the website.
1:35:11 Nos.social
Added the option to copy the text content while browsing a note.
Updated layout for search results and mention autocomplete cards.
Show reposts in stories.
Added a content warning when a user you follow has reported the content
Added toggles to the settings screen to disable report-based and network-based content warnings
Changed copied links to notes and authors to open in njump.me.
Added the ability to initiate USBC transactions and check your balance if you have linked a Universal Name to your profile with an attached USBC wallet.
Add Stories view to the Home Feed
Redesigned the Universal Names registration flow
1:35:19 Spring - The Nostr Browser (nostr-universe) v0.10.0
Full-screen feeds
Geo-location permissions declared
1:35:27 0xchat v1.2.2-release
Privacy and Security:
Private Group
Self-destruct messages (Ensure the relay supports NIP-40)
Default DMs changed from normal DM to gift-wrapped DM.
Encrypted local database
Features:
NWC support
NIP-07 support, internal browser opening nostr app can require authorization for signing from 0xchat.
Support for opening ‘nostr:’ links with njump.me
Homepage search optimization
Added option for auto-theme
Added vibration feedback and message sound setting
Long press on images to support QR code scanning
Insert content support
Project spotlight
1:35:41 Kind0.io: Manage your Nostr identity migration using NIP-41.
1:35:49 dtan.xyz: Torrents over Nostr
Both the torrent discovery and front end are decentralized
Privacy Software
Software Releases & Project Updates
1:36:30 Simplex Chat v5.4.0
Link mobile and desktop apps via secure quantum-resistant protocol.
Better groups:
Faster to join and more reliable.
Create groups with incognito profile.
Block group members to hide their messages.
Prohibit files and media in a group.
Better calls:
Connect faster and more stable (still far from great).
Screen sharing in video calls in desktop app.
Other improvements:
Profile names now allow spaces.
When you delete contacts, they are optionally notified.
Previously used and your own SimpleX links are recognised by the app.
Project spotlight
1:38:40 CBDC Tracker by Human Rights Foundation
Shows information on each country’s central bank digital currency project
1:38:44 GPT4All
A free-to-use, locally running, privacy-aware chatbot. No GPU or internet required.
Boosts
1:40:43 Thanks to everyone who streamed sats, and shoutout to our top boosters:
[🏆 TOP BOOSTER] @apemithrandir (7,777 sats) “v4v”
@vake (3,500 sats)”bitcoin is boring and nothing happens”
@dubravko
(1,320 sats) “I like my Canadians free and unregistered. Also, Truck Fudeau (it’s French). 🚛🚚”
(1,310 sats) “Been meaning to mention, I hope you registered your podcast like a good Canadian…”
Bitcoin Optech Newsletter
1:41:22 Highlights from recent Bitcoin Optech Newsletters
Update to the liquidity ads specification
Nifty announced an update to the liquidity advertisements specification in Core Lightning, with ongoing work for Eclair. This feature enables nodes to express willingness to contribute funds to a dual-funded channel. When another node accepts, an upfront fee is paid, allowing nodes in need of incoming liquidity, like merchants, to connect with well-connected peers using open source software and the decentralized LN gossip protocol.
Key points:
Purpose: Facilitates finding well-connected peers for dual-funded channels, aiding nodes in need of incoming liquidity.
Implementation: Core Lightning and work in progress for Eclair.
Mechanism: Nodes willing to contribute funds announce availability, and accepting nodes pay an upfront fee.
Updates: Structural changes and increased flexibility in contract duration and forwarding fee ceiling.
Community Response: Several replies on the mailing list, with anticipated additional changes to the specification.
Challenge: Cryptographically proving contract violations remains an open problem in the current construction of liquidity advertisements and channel announcements. Designing a compact fraud-proof solution for contract compliance is a theoretical consideration.
Offers-compatible LN addresses:
t-bast explored creating email-style addresses for Lightning Network (LN) users, addressing issues with the current lightning address standard based on LNURL. The existing standard requires an always-available HTTP server, posing problems such as privacy concerns, theft risks, and infrastructure dependencies. Teinturier proposes three designs leveraging the offers protocol:
Linking Domains to Nodes:
DNS record maps a domain to an LN node identifier.
Spender requests an offer from the domain node, providing privacy and fraud protection.
Spender can associate addresses with offers for future payments.
Certificates in Node Announcements:
Modify LN node advertisement mechanism to include SSL certificates proving ownership.
Requires LN implementations to support SSL-compatible cryptography.
Store Offers Directly in DNS:
Multiple DNS records store offers for specific addresses.
Requires domain owners to create/update DNS records per user.
Teinturier emphasizes the simplicity of the first design and discusses the varying complexities of the other two, highlighting potential improvements for LN address systems.
Eliminating malleability from ephemeral anchor spends
Gregory Sanders proposed a modification to the ephemeral anchors concept on the Delving Bitcoin forum. The proposal involves enabling transactions to include a zero-value output with an anyone-can-spend output script. This allows for fee bumping via Child-Pays-For-Parent (CPFP) by anyone, offering convenience in multiparty contract protocols like the Lightning Network
News & Noteworthy
Lightning
1:52:00 Lightning Address in a Bolt 12 world proposal by t-bast
Proposal on how we could improve the lightning address protocol and fix its privacy drawbacks, while preserving the nice UX improvements that it brings.
1:52:04 ZBD and Beamable Launch a Joint Starter Kit for Simple and Secure Bitcoin Integration for Game Developers [Beamable]
ZBD’s plug-and-play API is a cost-effective, global payment solution built on the Bitcoin Lightning Network that makes it easy for developers to incorporate real-time microtransactions, rewards, and payments into their games. With the ZBD Beamable starter kit, the integration of Beamable with ZBD’s API adds an additional layer of security by keeping sensitive information separate from the client-side of the game.
Privacy
1:52:15 Six OFAC-sanctioned transactions missing [0xB10C]
In September and October 2023, the RSS feed of 0xB10C’s miningpool-observer reported six blocks missing an OFAC-sanctioned transaction. One block was mined by the ViaBTC mining pool, another by the Foundry USA pool, and four by F2Pool. An OFAC-sanctioned transaction is a transaction spending from or paying to an address sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control.
0xB10C concludes that four out of six transactions were likely filtered.
F2Pool’s co-founder, Chun, admitted to censoring transactios in Tweets that were later deleted [nobsbitcoin]
“Why do you feel surprised when I refuse to confirm transactions for those criminals, dictators and terrorists? I have every right not to confirm any transactions from Vladimir Putin and Xi Jinping, don’t I? Meanwhile, CZ is selling his soul for money. He deserves.”
Funding
1:52:22 Bitcoin Design Foundation launched by the Bitcoin Design Community to organise funding for open-source bitcoin design work
1:58:01 Spiral
New grantee - @ZeroSync_
“ZeroSync is our first grantee to work on bitcoin proofs (think of them as zero-knowledge proofs for bitcoin), a mechanic which allows nodes to quickly sync compressed blockchain data without having to download hundreds of gigs worth of people testing new wallets.”
Ruben Somsen, WalletScrutiny and Validating Lightning Signer grants renewed.
Business & Finance
Blink announced a partnership with Distribuidora Morazán, supplier of 40,000 merchants in El Salvador. [nobsbitcoin]
Relai has partnered with Swissquote Bank, the leading Swiss provider of online banking and trading services [Relai]
Bittrex Global has decided to wind down its operations
Effective Monday 4 December 2023, all trading activity on Bittrex Global will be disabled. After that date, customers will only be able to withdraw assets as part of the winding down process.
Earlier this year Bittrex paid $24 million to the US Securities and Exchange Commission as part of a settlement related to unregistered securities allegations.
Binance and CEO Plead Guilty to Federal Charges in $4B Resolution [DOJ]
Binance Admits It Engaged in Anti-Money Laundering, Unlicensed Money Transmitting, and Sanctions Violations in Largest Corporate Resolution to Include Criminal Charges for an Executive
Bakkt has joined Unchained’s its network of collaborative custody partners [Unchained]
Xapo bank BTC Vault: Long-term Storage For Large Bitcoin Balances
Initiate Bitcoin transfers from your BTC Vault using PIN/biometric confirmation along with additional email verifications. After approving a transfer, a 48-hour withdrawal delay is activated, allowing you to cancel any Bitcoin transfer to your BTC account during this period
MCP wallets: Split the Master Private Key into smaller “key shards”, which are spread around the world in various discrete locations
Government & Political
Javier Milei wins Argentina’s presidency [Bloomberg]
Promises a radical shakeup to fix decades of policy mismanagement, a strategy that resonated with a populace suffering under a nosediving economy and one of the world’s fastest inflation rates.
With 99% of ballots counted after Sunday’s runoff election, Milei took 56% of the votes to 44% for Economy Minister Sergio Massa of the incumbent left-wing Peronist coalition, according to the official electoral authority.
SEC Charges Kraken for Operating as an Unregistered Securities Exchange, Broker, Dealer, and Clearing Agency [SEC]
According to the SEC’s complaint, since at least September 2018, Kraken has made hundreds of millions of dollars unlawfully facilitating the buying and selling of crypto asset securities. The SEC alleges that Kraken intertwines the traditional services of an exchange, broker, dealer, and clearing agency without having registered any of those functions with the Commission as required by law. Kraken’s alleged failure to register these functions has deprived investors of significant protections, including inspection by the SEC, recordkeeping requirements, and safeguards against conflicts of interest, among others.
“This is incorrect as a matter of law, false as a matter of fact, and disastrous as a matter of policy.” ~ Kraken
Mining
Stronghold Digital Mining Launches Carbon Capture Initiative
Initial Phase of Carbon Capture Project Underway at the Scrubgrass Plant. Stronghold and third-party engineering, design, and construction partners have developed direct air capture (“DAC”) technology to utilize the beneficial use ash to capture CO2. Field testing is in progress with initial results expected by December of 2023.
Demand Launches World’s First Stratum V2 Bitcoin Mining Pool [Bitcoin Magazine]
“This pool, built on the open-source Stratum Reference Implementation (SRI), aims to usher in a new era for mining by introducing enhanced security, flexibility, and performance.”
“The Stratum V2 protocol marks a significant leap forward from its predecessor, according to the release, offering a suite of improvements that not only elevate mining capabilities but also champion a more decentralized mining landscape.”
Two pools announce implementing Stratum V2 - dmnd.work & ocean.xyz [Stratum V2]
Hyperbitcoinization
Pouch’s CoopPay wallet which is made in collaboration with the coops of the Philippines is now actively being rolled out to its first users. [Oliver Koblížek]
Reads
2:04:25 Here’s a list of our top recently published reads:
Episode submission ideas
We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
Nostr & LN ⚡nvk@nvk.org (not an email!)