BR059 - Quantumcats, Bitcoin Truths, COLDCARD, Mercury Layer, Statechain, nsecbunker, Trezor Hack + MORE ft. Harry, Pablo & Rijndael
I’m joined by guests Harry Sudock, Pablo & Rijndael to go through the list.
Housekeeping
00:05:20 EU official reseller now available
00:12:20 Thanks to No Bullshit Bitcoin
00:12:39 SeedXOR - go try it!
Bitcoin is a SoV!
00:36:14 Quantumcats.xyz
Vulnerability Disclosures
00:46:19 Trezor announces security breach at third-party support portal. Up to 66K users possibly exposed to phising attacks [Trezor Blog]
“We are investigating a security incident that occurred on January 17th, 2024, where there was unauthorized access to the third-party support ticketing portal we use.”
“On January 17th, 2024, 20:20 CET, we identified unauthorized access to the third-party support portal we use. This breach occurred at the level of that third-party service provider we are currently engaged with. We are amidst a thorough investigation into the scope of this incident, along with the third-party service provider.”
“Based on the ongoing investigation of the incident and our communication with the third-party service provider there is a potential that the contact details of up to 66000 users, customers who have interacted with Trezor Support since December 2021, may have been accessed.”
“During our investigation, we were alerted to the fact that the individual contacted 41 of our users directly via email, requesting sensitive information related to their recovery seeds.”
“We have reviewed these interactions and alerted each of the contacted users within an hour of the incident. No recovery seed phrases have been disclosed.”
“Furthermore, we also believe 8 people who created accounts on our trial discussion platform hosted by the same third-party vendor might have had their contact details compromised too. All 8 people have been directly contacted by our support team and made aware of the incident.”
Disclosure of fixed consensus failure in btcd - Niklas Gögge disclosed a consensus failure in older versions of btcd related to signed transaction version numbers. - Negative version numbers were not handled correctly, leading to a potential chain split. - The issue was responsibly disclosed, and a fix is available in btcd v0.24.0. Users are urged to upgrade.
00:47:54 Disclosure of past vulnerability in Core Lightning:
Matt Morehouse responsibly disclosed a vulnerability in Core Lightning versions 23.02 through 23.05.2.
The vulnerability, discovered during follow-up testing on fake funding fixes, triggered a race condition that crashed CLN.
CLN had fixed the original fake funding vulnerability but couldn’t safely include a test for it before the vulnerability was disclosed.
A quick patch was merged in CLN to prevent the race condition.
00:49:09 Scam Bitcoin Wallets Are Still Reigning Free on Apple’s App Store Despite Multiple Reports [No Bullshit Bitcoin]
Apple’s App Store continues to publish fraudulent apps that mimic popular Bitcoin wallets, leading to the theft of money from unsuspecting users.
“There is still a scam ‘Sparrow Wallet’ app on the Apple App Store, despite myself and others having reported it weeks ago. Worse, you have to install it to report it” - Craig Raw
Fake Sparrow, Samurai and Electrum apps all recently on the app store
00:50:36 GitLab warns of critical zero-click account hijacking vulnerability bleepingcomputer
GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.
The most critical security issue GitLab patched has the maximum severity score (10 out of 10) and is being tracked as CVE-2023-7028. Successful exploitation does not require any interaction.
It is an authentication problem that permits password reset requests to be sent to arbitrary, unverified email addresses, allowing account takeover. If two-factor authentication (2FA) is active, it is possible to reset the password but the second authentication factor is still needed for successful login.
Bitcoin self-custody: 12 vs 24-word mnemonic seed phrases by Bitcoin Gandalf
12 vs 24-word mnemonic? Discuss…
00:51:51 OP_CAT is the vulnerability
Bitcoin
Software Releases & Project Updates
1:06:47 Coldcard Edge Firmware v6.2.2X
New Feature: Miniscript USB interface
New Feature: Named miniscript imports. Wrap descriptor in json {“name:”n0”, “desc”:”"} with name key to use this name instead of the filename. Mostly usefull for USB and NFC imports that have no file, in which case name was created from descriptor checksum.
Enhancement: Allow keys with same origin, differentiated only by change index derivation in miniscript descriptor.
Enhancement: HSM wallet rule enabled for miniscript
Enhancement: Add msas in to the share_addrs HSM rule to be able to check miniscript addresses in HSM mode.
Enhancement: HW Accelerated AES CTR for BSMS and passphrase saver
Integration with Liana
Users can export xpubs via Advanced/Tools -> Export Wallet -> Generic JSON or Settings -> Multisig Wallets -> Export XPUB
xpub from step 1. can be imported to liana UI when policy is created
copy liana generated miniscript descriptor, paste it to file on SD card and import via Settings -> Miniscript -> Import From File (or via NFC, or VDISK)
Once miniscript wallet is registered, users can sign (PSBTs)
1:11:55 Sparrow v1.8.2
Improve input and output labels in the transaction tree and their respective detail panel headers
Reduce server calls on opening a transaction tab by using open wallet history when performing spent output lookups
Support loading coinbase transactions when connected to Bitcoin Core via Cormorant
Support creating wallets from descriptors containing master xprvs
Display effective fee rate next to transaction fee rate when constructing a CPFP transaction (in addition to existing tooltip)
Support reading QRs containing revised BC-UR tags in the 40000 range, including v3 output descriptors
Encrypt Electrum wallet exports including private keys where a wallet password is available
Toggle the bitcoin unit on any label with a bitcoin value by clicking on it (@krzyczak)
Add the calculated master fingerprint to the passphrase entry dialog in Sparrow Terminal
Increase the payments tab header width on the Send tab
In Cormorant, round up the calculated wallet range to avoid frequent rescans with a large gap limit
1:13:26 Electrum
Lightning:
Better handle dataloss
allow manually requesting force-close in WE_ARE_TOXIC state
fix some timing issues
QML GUI (Android):
Properly refresh history if addresses are deleted from imported wallets
Qt Desktop GUI:
also support unfinished wallets when opened through File>Open
General:
make number of logfiles to keep configurable
incremental writes of wallet file
add warnings and prompt users when signing txs with non-default sighashes
add option to merge duplicate outputs
fix: consider bip21 URIs as invalid if they contain unknown req-* param
Lightning:
fix BOLT-04 “MUST set
short_channel_idto theshort_channel_idused by the incoming onion”add support for hold invoices
add support for bundled payments
support large channels
new flow for normal submarine swaps
QML GUI (Android):
port to Qt6
show private key in address details
show tx inputs in TxDetails and other dialogs2
label sync plugin toggle
message sign & verify
allow never expiring payment requests
add coins/UTXOs to addresses list, add filters
delete addresses from imported wallet
add support for lightning address and openalias
Qt Desktop GUI:
option to use extra trampoline for legacy payments
send change to lightning option for on-chain payments
Plugins:
swapserver plugin
1:13:53 Robosats
Coordinator serves robot hash_ids needed for >v0.6.0 client side robot identity generator.
Recommended and minimum onchain fees for payouts are now more accurate.
Devfund node has moved. The new node now has public access to the invoices services.
Perf increase on coordinator image build by @proof-of-reality
Build new full integration tests on testnet.
New currency Albanian LEK.
v0.6.0 pre-release Announcement
The new version introduces a significant enhancement known as the RoboSats Federation, that effectively fully decentralizes RoboSats into many independent and fully redundant coordinators that will compete to host your orders.
Includes:
Multiple Coordinators: Coordinators will now compete to provide users with the best fees, support, uptime and reliability and overall user experience. Lightning node runners can become RoboSats coordinator in the federation, given they gain the trust of the users.
Decentralized Instances: By spawning new instances, we increase the robustness of the platform. In order to fully stop the p2p market of RoboSats, every single instance must be stopped
Know Your Coordinator: You can find a lot about them in the profile such as ways to get in contact for private support, what fees they apply to the trades, what their privacy and data policies are, their lightning node pubkeys, and much more
DevFund Revenue: Coordinators can freely opt to not donate Sats for development
1:14:51 BlueWallet v6.4.15
macOS Add Wallet menu item
Haptic feedback on Android
Allow importing a QR Code image from other sources
1:15:18 Agora Desk v1.1.16
Moved the payment method selection button to the main screen.
Fixed the iOS push notifications bug.
Fixed the UI issue where the amount and payment method were overlapping with other text.
1:15:28 ESP-miner
Power management will now use the board version to distinguish capabilities
New Stratum password field
Version rolling now properly configured by stratum server
Network resets2
Removed password from REST Get
Lowered voltage danger warning threshold
Added script to merge config into factory file
1:18:55 Nunchuk Desktop v1.9.27
Byzantine 3-of-5
Added request-for-signature feature
1:19:06 BitcoinTreasuries.net
contributor notifications
all EFTs added
reorder chart
API improvements and availability
Functionality to add mods and entity owners
Charts water mark; sorry, not sorry
Looking for ideas
1:22:52 Parmanode v3.24.0
You can now CHOOSE to compile #Bitcoin from source (or stick with pgp verified binaries), add an ordinals filter patch, or even use LukeDashjr’s Knots version of Bitcoin instead
1:23:01 Trezor v24.1.2
New Features
Trezor Suite introduces a new wipe code feature. Entering this wipe code instead of the PIN will erase all data on the Trezor device, offering increased security as a protective measure.
Improvements
Easily paste transaction details in CSV format directly into the Send form without the need for file creation or uploads.
Project spotlight
1:23:30 GroupHug Server by Peach
Batching server that allows combining PSBT into a single batched transaction.
The PSBTs have to be payouts in full (ie no change). Otherwise, the change output can be stolen. In other words, only PSBTs with 1 input and 1 output are accepted. The PSBT inputs have to be signed with SINGLEANYONECANPAY sig hash.
The batching server collects all PSBTs and when a threshold is reached, all PSBTs are combined, an extra fee output added and then each input is signed by the server with the default ALL sig hash.
The batching server will also add one additional output for optional donations to the service. The extra output value is calculated by summing up all inputs and subtracting the mining fees.
1:23:40 Semaphore: Crowdfunding with Bitcoin by supertestnet
What is it?
Crowdfunding app utilizing Bitcoin’s smart contracting for fund recovery if the goal isn’t met.
How It Works:
Two ways to contribute: irreversible (straight to bitcoin address) or reversible (smart contract with fund recovery option).
Reversible option involves a smart contract with two spending paths.
Contributor creates a transaction sending money to the recipient, contingent on the fundraiser reaching the goal.
Signatures required for valid contributions, ensuring funds are only accessible if the goal is met.
View Existing Fundraiser
Nostr
Software Releases & Project Updates
1:24:11 nsecBunker v0.10.0 - Codename: nostr, an oauth-like protocol
This is a significant release that provides the ability to run OAuth-like bunkers which will allow registration in your bunker to new accounts.
It also integrates with LNBits + Nostrdress to provide the ability for new nostr users to be able to immediately receive zaps
LNBits
Nostdress for zap receives 👀 (thanks Don’t ₿elieve the Hype 🦊 (npub1nxa…a6q8))
NIP-89 announcement on each nsecbunker boot
1:27:35 nos.social v0.1.2 (153)
Discover screen can now search notes by id.
Added pagination to Profile screens.
Migrate to Apple-native string catalog and codegen LocalizedStringResources with xcstrings-tool-plugin.
1:27:37 rust-nostr v0.27.0
ffi(nostr): complete types module
nostr: add support to anonymous and private zaps
sdk: add ClientSigner
Add NIP07 support
Preserve Event de/serialization JSON field order
ffi(nostr): complete nips module
MSRV
add try_from implementation for filemetadata from tags vector
Add contrib/check-*.sh scripts
contrib: add scripts/check-book.sh
sdk: replace wait_for_connection option with connection_timeout
Init some nostr book sections
1:27:40 nostr-wallet-connect v0.4.2
make timestamps numbers to follow NIP-47
new index for latest event by app_id
1:27:42 Mostro
1:27:44 nostream
1:28:13 Amethyst
New Signup screen
Reduces the size of the following icon
Flare.pub support
Creating the benchmark build type on the modules as well.
Adds spotless
Improves the speed of contains
Initializing the isHidden state for the note correctly
Avoiding the creation of modifiers.
Adds support for displaying video events.
Add write support for NIP-10 deprecated positional tags in text notes to maximize backwards compatibility
1:28:20 Coracle
Add NIP 44 encryption support
Add NIP 24 chat support with NIP 04 backwards compatibility
Add NIP 72 community support
Add NIP 87 closed community support
Add NIP 51 calendar event support
Add NIP 99 classifieds support
Support cross-posting
Limit number of replies shown on feed
Search results sorted by relevance weighted by WoT
Add anonymous zaps
Strip hash from media urls
Add bitcoin connect support
Remove Apps page, move NIP 89 support to note info dialog
Publish NIP 89 client tag
Remove Explore page, move NIP 32 support to profile collections
NIP 52 time-based calendar events publish/render
NIP 99 classifieds publish/render
Add support for bunker://
Improve theme switching reactivity
Re-work replies, note rendering, and feed controls
Update lists to use new 30003 user bookmarks kind
Add NIP 96 file storage (thanks to @quentintaranpino)
Add NIP 98 auth support (thanks to @quentintaranpino)
Add DIP 01 imeta tag creation
Re-work keys page, include group keys
Add anonymous posting
Add note options dialog to replies
Add support for reposts and cross-posts
Conservatively load from cache when on a slow network
Add refresh button to feeds
Add image previews to note reply
Project spotlight
1:29:39 Nostr NFC Art Cards
NFC Cards with designs from Artists that are on Nostr, and using only Nostr Native Commerce to distribute it to plebs.
1:29:54 Flash - LND Node Management TUI
Open source command line tool for managing Lightning Network Daemon (LND) nodes.
Aims to provide features found in web-based UI tools but with advantages in speed, lightness, security, and flexibility.
Planned Features:
Channel Management
Payment tools
Encrypted credentials storage
Node performance metrics
Fully open source
Current State:
Started as a proof-of-concept.
Potential usefulness identified.
Seeking crowdfunding for further development.
What to Expect:
Early stage of development.
Regular updates on progress.
Contributions made upstream to LND-related projects.
Project is open source, and packages will be published after implementing base features.
1:30:14 Nostr image host by supertestnet
Upload and view images on the web without an api key
What is it?
It’s an image host, like imgbb.com or imgur, except you don’t need an api key to use it in your development projects. Instead, you just need some javascript.
How does it work?
It works by dividing up the image into small chunks, uploading each chunk to a nostr relay as a note, and then reassembling them piece by piece.
1:30:29 Hermes: A Lightning Address Messenger w/Fedimint
Hermes is an asynchronous lightning address server that uses Fedimint Ecash on the backend.
Registration:
Users register Nostr public key and username on Hermes server.
Lightning address is created during registration, requiring a small fee in ecash or lightning.
Receiving Payments:
Sender follows lnurlp protocol, triggers Fedimint Lightning Gateway transaction.
Hermes server generates an invoice, sender pays, and gateway locks ecash to receiver’s public key.
Hermes notifies receiver, and Fedimint Client updates pubkey-locked ecash on connection.
1:30:37 stargazr
Explore lyrics, interpretations & connect with other fans
Uncover the stories behind your favorite songs, share your interpretations, and connect with a vibrant community of music lovers.
Fans:
Connect with artists and fellow fans to share a passion for music.
Engage in conversations, comment on lyrics, and celebrate artistry together.
Authentic Interactions
Genuine connections with fans and artists through Zaps.
Save and share beloved lyrics, connect with friends.
Artists:
Independence
Share music, lyrics, and stories directly with fans.
No platform lock-in; all content, fans, and interactions move with the artist.
Value for Value:
Utilize Bitcoin Lightning Network for direct fan support with a zap.
Stargazr empowers reciprocal support between artists and fans.
1:30:43 Dmpling
Upload, set a price, get a link, share and get paid.
For creators, owners and distributors.
1:30:49 Flockstr
Uses the NIP-52 kinds to create a meetup.com/eventbrite-style experience on Nostr.
Users can create calendar events, share announcements, RSVP to events, and much more.
Soon to integrate lightning to handle paid events and ticketing.
Built as a progressive web app
Seeking feedback.
Bounty: 100K sats to integrate Flockstr’s events (Meetup Calendars) on Amethyst by Vitor
Privacy Software
Software Releases & Project Updates
1:35:07 Unleashed.chat
You can now try our beta API! Key generation and more information at https://unleashed.chat/app/account.
Improved spam filtering on Nostr content, which should lead to better search results in Nostr mode.
Chat window now differentiates between AI and user messages more clearly
Other UI and layout tweaks.
Nostr mode improvements:
Implemented relevance score threshold when searching for a topic, i.e. you should see less irrelevant results when you ask about some topic or keywords.
Chat bot now has some knowedge about note authors and dates (TBD how reliable this is)
Allow specifying USD amount on LN invoice – for wallets that don’t support 0-amount invoices
First phase of API rollout
Implemented /models and /chat/completions endpoints
Trying to keep it compatible with OpenAI API schema (should work with their libraries etc.)
SDK https://github.com/UnleashedChat/unleashed-sdk
Early API access (invite only)
API key auth Implemented
Improvements to #Nostr mode:
Added 1000+ more user profiles to Nostr name lookup
You can now just ask for “latest notes” without mentioning names or a search topic (currently returns up to 15 notes at a time, more coming soon).
1:36:05 SimpleX Chat
Lightning + L2+
Software Releases & Project Updates
1:36:36 Phoenix
1:37:03 rust-lightning v0.0.120 “Unblinded Fuzzers”
API Updates:
The PeerManager bound on UtxoLookup was removed entirely.
LDK now exposes and fully implements the route blinding feature.
The lightning-transaction-sync crate no longer relies on system time without the time feature.
lightning::onion_message’s module layout has changed.
Event::ChannelClosed now includes the channel_funding_txo.
CandidateRouteHop variants were destructured into individual structs, hiding some fields which were not generally consumable.
Security:
0.0.120 fixes a denial-of-service vulnerability which is reachable from untrusted input from peers if the UserConfig::manually_accept_inbound_channels option is enabled.
A peer that sent an open_channel message with the channel_type field unfilled would trigger a reachable unwrap since LDK 0.0.117 (#2808).
In protocols where a funding output is shared with our counterparty before it is given to LDK, a malicious peer could have caused a reachable panic by reusing the same funding info in (#2809).
1:37:08 Mutiny Node
E2EE remote ecash backup, breaks previous ecash backups.
Handle payjoin errors according to BIP 78
Only auto-label lnurls if no labels were given
Verify fedimint network
Sync non-nostr contacts
Log wrapped invoice from LSP
Return error for expired invoices
RBF fee bumping utilities
Set invoice labels after fedimint payment
Log dropped anyhow errors
Add some more fedimint logs
Add utilities for nip05
Better bitcoin price API
Better lightning node peer connection logic
Better bitcoin address gap management
mutiny-startos
1:39:30 Alby
Launched Anser: A web wallet for Liquid by Alby
Self-custodial wallet for Liquid network.
Compatible with Alby browser extension.
Privacy Focus:
Functions as a client-side wallet.
Delegates transaction signing to Alby Browser Extension.
Private key securely stored on user’s device.
Getting Started:
Add a master key to Alby Extension for transaction signing.
Launch and connect to Anser.
Developer Friendly:
Available as a standalone library for web app integration.
Live instance here (also on IPFS) or learn how to self-host your instance.
1:40:14 Wallet of Satoshi
Launched WoS POS
Receive Bitcoin via the Lightning Network at your shop or market stall with our Point of Sale Partner App.
No Login Required - Receive only
Lightning Network / LNURL Enabled
Supports NFC Bolt Cards
1:40:19 Clams Remote v2.0.0
New interface design.
Full refactor of codebase to include a local data set, utilizing a local DB for advanced and efficient queries.
Performance improvements to handle nodes with large data sets (> 100k payments).
New Native Desktop Application available for download.
Manage multiple CLN nodes connections at the same time.
Full onchain support including a new dedicated UTXOs route and intelligent payment summaries.
Passphrase encrypted sessions to improve security.
Advanced sorting and filtering options for payments, UTXOs, channels, offers and forwards.
1:40:26 Fountain Android v1.0.2
App is now considerably faster
Audio playback issue causing gaps in dialogue fixed.
Skip silences feature in roadmap, coming soon.
Library Customization:
Customize library view for quick access.
Choose which quick links to display or hide at the top.
Swipe Gestures:
Added swipe gestures for managing episodes, clips, and playlists.
Swipe right to star or add to queue.
Swipe left to mark as played or remove from library.
Other Improvements:
Add nostr link to profile for easy following.
Nostr account integration from Fountain app settings.
Podcast splits manager bug fixes and UI improvements.
Toggle autoplay next in queue for bookmarking items without autoplay.
1:40:30 Mercury Layer launched
Mercury Layer is a Layer 2 protocol for Bitcoin that enables the self-custodial transfer of coins (UTXOs) without on-chain transactions.
Not packaged as a fully consumer ready wallet.
It is being released as a library and CLI tool other wallets can integrate.
1:43:16 Plasma Core Lightning Wallet launched on the App Store
Plasma uses LNSocket to connect to your node directly over the lightning network!
Connect to your Core Lightning node directly over the Lightning network with Plasma!
Scan a LNLink QR code and remotely manage your node, Plasma is lightning fast.
All it requires is your nodes public ID and a rune to connect.
1:43:19 Bitcoin Connect v3.2.0-alpha
add currency switcher
add webln provider config
add api function to get connector config
1:43:22 Blockstream Green
1:43:24 Swiss Bitcoin Pay v2.0.2
Update German translations
Add Lint file
Improves Connect’s QR backwards compatibility
1:43:27 Mash launches Rewards
Mash introduces a new feature to online media that allows communities to claim Bitcoin rewards through a “Reward Page.” The link to this page can be strategically placed, such as within a recent article, to incentivize community members to read through the content. Mash prioritizes ease of use, enabling creators to generate Reward Pages without coding, and community members can claim rewards using any Lightning wallet.
1:43:30 Stackernews launches attach wallet
As part of its transition to a “half-custodial wallet,” StackerNews has introduced a new feature called “attach wallet.” This feature allows users to link an external wallet, preferably self-custodial, to automatically receive funds sent to them on the platform.
1:43:53 Peerswap web UI
A new Web UI for PeerSwap has been introduced, offering support for Lightning <> Onchain swaps and Lightning <> Liquid swaps.
Project spotlight
1:44:03 Aqua Wallet: A user-friendly, non-custodial Bitcoin wallet
Full SegWit support for reduced fees, a Lightning wallet for instant transactions
A Liquid Bitcoin wallet for faster transactions with lower fees
A Tether USDt wallet supporting multiple blockchains
Unique Bitcoin Chip feature for transferring assets and a planned marketplace for various financial services.
Available globally for iOS and Android
1:44:05 Fiatlink by Breez
The goal of this project is to provide a unified API specifications for Fiat on-ramps to create interoperability and easier integration of multiple on and offramps into apps.
As first priority we want to support on and off ramps standardization with lightning.
1:44:06 OPAGO Lightning POS Terminal
The LIGHTNING POS Terminal and our service are designed to make handling as easy as possible, allowing you to fully focus on your business.
You can create an OPAGO Online Account and set up the Terminal, linking it to your individual Lightning Wallet to receive payments.
Technical Specifications:
NFC payments via LNURLw or Boltcard (possible with the next firmware update)
Online payments via QR-Code over WLAN or hotspot
Offline payments via QR-Code + PIN
Compatible with all popular Lightning Wallets
Receive directly into your own Lightning Wallet
USB-C charging cable included
Durable 3.7 V battery
1:44:10 Nutband – a post fiat apocalypse Cashu client working over Reticulum
Experimental minimalistic python-only user interface for cashu, using cashu nutshell implementation.
A demo of Reticulum, Cashu and my project Nutband that combines them, in order to use a Cashu mint over Reticulum mesh network – in this case over long range radio, and without internet.
1:44:35 Autonode: A cloud-init template to build Bitcoin nodes automatically.
Autonode offers seamless automation for setting up new Bitcoin and Lightning nodes, eliminating the need for manual installations with each new instance. By utilizing cloud-init, a widely accepted standard for customizing and deploying cloud instances, Autonode streamlines the process of deploying nodes on preferred cloud platforms. Additionally, local deployment, including on devices like Raspberry Pis, is straightforward.
This tool includes all the essential software for a modern node, encompassing Bitcoin Core, an Electrs server, a Core Lightning node, and more. Users can precisely adjust installation details, such as software versions, using the provided template generator.
1:44:48 BitcoinVoucherBot: A Telegram bot to purchase bitcoin and receive directly to your Alby lightning address.
1:44:55 Satsforads
Satsforads allows you to get paid by advertisers.
Do you have a Lightning Address? Get paid by advertisers.
Want to advertise your service / product to Lightning Users? Create a targeted Lightning Address campaign to reach potential users.
1:44:58 Lightning Weather App [Website / Github]
Demonstration of L402 API capabilities.
Showcases the power of the Lightning Network for application development.
Represents a shift towards a digital economy without reliance on traditional advertising or data harvesting.
Utilizes L402 APIs to emphasize a future where user experience and privacy take precedence.
Purpose:
Focuses on creating native applications prioritizing user privacy and a seamless experience.
The Lightning Weather App serves as a model, operating independently of advertising and invasive data collection.
A blueprint for developers aiming to build innovative, user-centric applications on the Lightning Network.
1:45:57 Marina Wallet: Liquid Network browser extension [Github / Chrome App]
Pay and get paid via ⚡️ #LightningNetwork directly with your Liquid BTC balance.
No channels, no routing errors, and no force close fees.
Boosts
1:46:01 Thanks to everyone who streamed sats, and shoutout to our top boosters:
[🏆 TOP BOOSTER] @garykrause_ (15,000 sats) “😴”
@apemithrandir (7,777 sats) “I hear Craig Raw I boost”
@qxotk (2,121 sats) “suoer useful, appreciate you and your guests and johnny”
@vake (2,000 sats) “Bitcoin is exciting and there is always so much happening!”
@wartime (1,000 sats) “thx! 🍻🧡”
Bitcoin Optech Newsletter
1:46:37 Highlights from recent Bitcoin Optech Newsletters:
Proposed changes to LN for v3 relay and ephemeral anchors:
Bastien Teinturier proposed changes to Lightning Network (LN) to optimize v3 transaction relay and ephemeral anchors.
Changes include anchor swap, reducing delays, trimming redirect, and other simplifications.
Discussion highlights reduced UTXO requirements, imbued v3 logic, and a request for max child size in v3 relay.
New documentation repository (BINANA):
Anthony Towns announced BINANA, a new repository for Bitcoin protocol specifications.
Current specifications include OP_CAT, Heretical Deployments, OP_CHECKSIGFROMSTACK, and OP_INTERNALKEY.
Bitcoin Optech added BINANA to monitored documentation sources alongside BIPs, BOLTs, and BLIPs.
New LNHANCE combination soft fork proposed:
Brandon Black proposed a soft fork combining OP_CHECKTEMPLATEVERIFY (CTV), OP_CHECKSIGFROMSTACK (CSFS), and OP_INTERNALKEY.
OP_INTERNALKEY simplifies taproot internal key handling and potentially makes scripts more reusable.
Enables LN-Symmetry, Ark-style joinpools, reduced-signature DLCs, vaults without presigned transactions, and more.
Technical discussion on enabled protocols. Listen to podcast discussion
Proposal for 64-bit arithmetic soft fork:
Chris Stewart posted a draft BIP for enabling 64-bit arithmetic operations in a future Bitcoin soft fork.
64-bit values useful for operations on satoshis paid in an output (e.g., joinpool exit protocols).
Discussion on proposal details, encoding, taproot upgrade, and opcode upgrades. Listen to podcast discussion
Overview of cluster mempool proposal:
Suhas Daftuar summarized the cluster mempool proposal, focusing on CPFP carve-out issues.
CPFP carve-out conflicts with cluster mempool policy; proposed solution using v3 transaction relay.
Major change consideration for Bitcoin Core’s mempool management algorithms. Listen to podcast discussion
Updated specification and implementation of Bitcoin transaction compression:
Tom Briar posted an updated draft specification and proposed implementation of compressed Bitcoin transactions.
Changes include relative block height instead of nLocktime grinding and a second kind of variable integer.
Enables more practical relay through bandwidth-constrained mediums. Listen to podcast discussion
Discussion of Miner Extractable Value (MEV) in non-zero ephemeral anchors:
Gregory Sanders discussed concerns about non-zero satoshis in ephemeral anchor outputs.
Analyzes security problems with using trimmed HTLC amounts in ephemeral anchor outputs.
Proposed solutions include relaying only fully miner incentive-compatible transactions and burning trimmed value. Listen to podcast discussion
Discussion about LN Anchors and v3 Transaction Relay Proposal
Antoine Poinsot posted to Delving Bitcoin to foster discussion about the proposals for v3 transaction relay policy and ephemeral anchors.
Frequent use of exogenous fees may risk mining decentralization:
Ideal Bitcoin protocol rewards miners proportionately to hashrate.
Exogenous fees, like out-of-band fees, may risk mining centralization.
Actively used protocols like LN-Anchors allow exogenous fees, raising concerns.
Implications of exogenous fees on safety, scalability, and costs:
Designs like LN-Anchors require users to keep extra UTXOs, impacting scalability.
Endogenous fees considered more efficient than exogenous fees in new protocols.
Ephemeral anchors introduce a new pinning attack:
Minor pinning attack against ephemeral anchors discussed.
Users may face higher fees due to attacker’s actions.
An alternative: use endogenous fees with presigned incremental RBF bumps:
Alternative approach suggested by Peter Todd.
Challenges and concerns about endogenous fees discussed.
Overall conclusions:
Ongoing discussion; Peter Todd suggests phasing out anchor outputs.
Rusty Russell proposes efficient exogenous fees in new protocols.
Developers defend anchors in Delving Bitcoin thread.
LN-Symmetry Research Implementation
Gregory Sanders posted to Delving Bitcoin about a proof-of-concept implementation he made of the LN-Symmetry protocol (originally called eltoo) using a software fork of Core Lightning. LN-Symmetry provides bi-directional payment channels that guarantee the ability to publish the latest channel state onchain without a need for penalty transactions. However, they require allowing a child transaction to spend from any possible version of a parent transaction, which is only possible with a soft fork protocol change such as SIGHASH_ANYPREVOUT.
Simplicity:
LN-Symmetry protocol is simpler than LN-Penalty/LN-Anchors.
Pinning:
Pinning challenges explored; insights applied to package relay and ephemeral anchors.
CTV:
CTV emulation considered for simple and fast forwards in LN-Symmetry.
Penalties:
Penalties not deemed necessary for LN-Symmetry; complexity and fund reservation concerns.
Expiry Deltas:
LN-Symmetry requires longer HTLC expiry deltas for safety.
Conclusion:
Sanders is currently working on making improvements to Bitcoin Core’s mempool and relay policy that will make it easier to deploy LN-Symmetry and other protocols in the future.
News & Noteworthy
Lightning
Maypoles Protocol Proposed by Clara Shikhelman (Chaincode Labs) for Lightning Network.
Aims to enhance topological features and reduce channel management costs.
Focuses on improving the hub-and-spoke topology.
Benefits:
Enhanced resilience and privacy.
Reduces costs for “High Availability Channels” users (e.g., merchants).
Improved network decentralization and connectivity.
Hubs gain more routing volume with no added cost.
Aims to strengthen the network’s topology with an incentive-aligned algorithm.
Feerate-Dependent Timelocks (FDTs) Proposal:
Proposed by John Law for Bitcoin, specifically to enhance Lightning Network security.
Introduces Feerate-Dependent Timelocks (FDTs) as a solution to on-chain congestion and high fees during channel force-closure.
Ongoing discussions around scalability challenges and potential solutions, including covenants.
Business & Finance
Stripe blackmails Rob at Bitsaga to stop selling #Bitcoin mining hardware.
Funding
OpenSats Long-Term Support For René Pickhardt
René Pickhardt, a recipient of a Long-term Support Grant, is fervently advancing fundamental research to enhance Bitcoin’s utility as a payment system through the Lightning Network. Supported by accolades, including a scholarship from the German National Academic Foundation and multiple Bitcoin Developer Grants from BitMEX, René is dedicated to giving back to the communities that have aided his journey.
Spiral new grantee - @joschisanbtc [Announcement]
He’s helping build out its consensus engine and will continue to do so as a grantee.
He will also enable increased reliability and latency by contributing to the next Fedimint Lightning integration.
Spiral new grantees - @bitgould and Esraa, two devs working to improve PayJoin, which allows parties transacting in bitcoin to coordinate payments before posting to the blockchain without third-party intermediaries.
ETFs supporting Bitcoin
VanEck Pledges 5% of Bitcoin ETF profits to Bitcoin Core [Announcement]
“We’re not Bitcoin tourists”.
Solidifies commitment with a $10k initial donation.
Pledges 5% of potential Bitcoin ETF profits to support Bitcoin Core developers for a minimum of 10 years.
Bitwise will donate 10% of the profits of the Bitwise Bitcoin ETF (ticker: BITB) to bitcoin open-source development. [Announcement]
Bitcoin is important to the future. We’re excited for $BITB to support its foundation
Mining
“In 2023, Bitcoin added 53,999 blocks, weighing a combined 210 billion weight units. Those blocks confirmed 153,415,993 transactions, and earned 23431.56748471 BTC in fees.” - mononautical
Crypto Miner Core Scientific to Exit Bankruptcy [Bloomberg]
Firm’s approved restructuring plan cuts $400 million in debt
Core Scientific said it plans to re-list on Nasdaq this month
Hyperbitcoinization
Bitcoin Victoria Falls launched as the first Bitcoin Circular Economy in Zambia. [Announcement]
“The initiative aims to drive financial empowerment, Bitcoin education, Bitcoin tourism, and economic opportunity.”
Government & Political
The SEC approved the listing and trading of 11 spot bitcoin exchange-traded product (ETP) shares. [SEC Announcement]
3 out of 5 Commissioner’s voted for the ETFs to be approved, including the Chair Gary Gensler. [No Bullshit Bitcoin]
New US Tax Reporting for Crypto Rule flipflop
US Tax Reporting Requires an IRS Report for Every $10K+ Transaction [No Bullshit Bitcoin]
The Infrastructure Investment and Jobs Act, which passed Congress in November of 2021, included a provision amending the Tax Code to require anyone who receives $10,000 or more in cryptocurrency in the course of their trade or business to make a report to the IRS about that transaction. [Coin Center]
IRS says businesses don’t have to report certain crypto transactions until new regulations issued. [The Block]
“They state that the new crypto reporting obligations in the Infrastructure Investment and Jobs Act “requires the Treasury Department to issue regulations before it goes into effect.” There is nothing in that law that says this and we are unaware of any legal reasoning that would have this be the case.” [Jerry Brito]
The SECGov X account was allegedly compromised, and an unauthorized post was made announcing approval of the Bitcoin ETFs. [SECGov Tweet]
UN Report Attacks Tether for Facilitating Global Crime [No Bullshit Bitcoin]
“Online gambling platforms, and especially those that are operating illegally, have emerged as among the most popular vehicles for cryptocurrency-based money launderers, particularly for those using Tether or USDT on the TRON blockchain,” said the report by the UN Office on Drugs and Crime (UNOD).
Tether Challenges UN Report and Calls for Blockchain Education
EU provisionally agrees on stricter due diligence rules for crypto firms [The Block]
If approved, the proposed rules would require crypto firms to conduct “due diligence” on transactions worth at least $1,090.
India crackdown on cypto exchanges
Apple and Google have removed the apps of many crypto exchanges, including Binance and Kraken, from its App Store in India.
The Financial Intelligence Unit (FIU), an Indian government agency, issued show cause notices to these exchanges, alleging non-compliance with India’s anti-money laundering rules.
Reads
XX:XX:XX Here’s a list of our top recently published reads:
SURF THE BITCOIN REVOLUTION WITH AQUA by Jan3
Comprehensive guide on BTC Pay Server’s CoinJoin and PayJoin features by r0ckstardev
MERCURY LAYER: A MASSIVE IMPROVEMENT ON STATECHAINS by Bitcoin Magazine
Introducing FiatLink: A Lightning ↔ Fiat Standard by Roy Sheinfeld
Public Service Announcement for UK #Bitcoiners by Freddie New
Hashrate Index 2023 Year in-Review
Episode submission ideas
We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
Nostr & LN ⚡nvk@nvk.org (not an email!)