BR076 - Sparrow, AnchorWatch, Exploding Pagers, Bitcoin Core Spam Attack, Ark goes mainnet, NBitcoin Secp256k1 Vulnerability + MORE ft. Craig, Rob & Ben
I’m joined by guests Craig Raw, Rob Hamilton and Ben Carman to go through the list.
Housekeeping
00:02:02 Coinkite Reseller Program 2024 update [Twitter post]
Now, every order placed takes into account your previous purchases in the past year combined.
We’ve made it easy to try different combinations to get the best pricing and maximize your margins and preferences.
You can now self-enroll in our reseller program!
New Coinkite npub [Announcement]
SATSBOY: a fun and opsec enhancing case for Coldcard Q [Geyser page]
New herecomesbitcoin.org Coldcard sticker available for Giphy, Signal and Telegram
00:01:46 Bitcoin Audible: Understanding The COLDCARD Mk4 Security Model by @TheGuySwann [Podcast]
00:01:34 Big COLDCARD Q news
Major/Urgent Vulnerability Disclosures
00:02:26 Bitcoin Core: Disclosure of memory DoS due to headers spam [Blog post]
Before Bitcoin Core v24.0.1, attackers could remotely crash nodes by spamming them with low-difficulty header chains. This memory-based DoS attack is considered a high-severity issue and affects any node storing blockchain headers in memory.
A solution is introduced with Bitcoin Core PR #25717, which requires nodes to verify that a presented chain has sufficient work before storing it, eliminating the need for checkpoint-based defenses.
00:04:15 NBitcoin library: Vulnerability found in musig implementation of NBitcoin.Secp256k1
“Because an empty sessionId was passed instead of null, the nonce wouldn’t be randomly generated, using a constant zero byte sessionId leading to nonce reuse… Nonce reuse is as good as leaking private keys so this is a critical bug.” [Pull request #1228]
00:06:55 Supply chain attack: Lebanon’s explosions point out to a long-planned operation, possibly rigging explosives into communication devices while in-transit, before import to Lebanon [AFP article]
Bitcoin
Software Releases & Project Updates
00:33:55 Bitcoin Core v28.0-rc2
This release candidate brings a fix for a performance regression related to block storage
00:34:14 Sparrow Wallet v2.0.0
Support recovering SLIP39 mnemonic shares (File > New Wallet > Software Wallet)
Trezor Safe 5 support
Ledger Stax and Flex support
Add menu items to the message sign dialog to save a text file for signing, and load a signed message file
Add missing previous outputs to a loaded PSBT if available from open wallets
Add optional BBQr selection for QR display on Krux wallets
Rewrite derivation paths on file and card imports for uniformity
Remove oxt.me as fee rates source
Improve performance of updating wallet transactions store
Add Passport Multisig to wallet import menu
Enable close button on the multisig backup dialog
Show a warning dialog before refreshing a passphrase wallet where all the history has changed
Show a warning dialog when sweeping a private key that contains insufficient funds for the given fee rate
Show a warning dialog on broadcast if a transaction has a fee rate beyond the range slider maximum
Show a warning dialog when sighash none is selected
Show a warning if data is too large for display as static QR
00:42:55 BDK v1.0.0-beta.3
Add function for sorting wallet transactions
Add option to change default BNB fallback coin selection
Fix transaction creation to not skip unused addresses
00:43:11 HWI v3.1.0
Add new Ledger udev rules and model IDs
Add support for Trezor Safe 5
00:43:22 Nunchuk Android v1.9.51
Support reproducible build
00:43:28 Liana v7.0 - Welcome to the jungle
This release introduces support for Liana Connect as an optional backend for the Liana GUI and Electrum server as an optional node interface for the Liana daemon.
Liana daemon / library:
Transactions are now created with fee sniping protection
You can now remotely connect to your node using Electrum, as an alternative to running Bitcoin Core locally
Liana GUI
The user does not have to select a network at start up anymore, the launcher looks for an installed network in the following order:
mainnet,testnet,signet,regtestThe launcher reads the
settings.jsonfile and provides information about the installed wallet or provides the user with a choice to create or add a walletWhen creating or adding a wallet for the selected network, user has the choice to use his local node or an Electrum server or the Liana Connect service as a backend for the Liana GUI
User can share his hardware wallets xpubs by clicking on “Share xpubs” from the launcher
Wallet policy description was added to the installer and in the wallet settings
If using the Wizardsardine servers as remote backend, a user can provide access to a wallet to an other user by sending him an invitation with the invitee email in the wallet settings
Coldcard and Specter DIY can now be used with taproot descriptors
00:43:55 Keeper Desktop v0.1.1
Use with the Bitcoin Keeper mobile app to: Add device, perform healthcheck, verify address, and sign transactions.
Integration with Ledger, Trezor, and Bitbox02 hardware wallets
Cross-platform support (Windows, macOS, Linux)
00:44:11 RoboSats v0.7.0
Android built-in torified notifications
Desktop App for Windows / Mac / Linux
Order book is now Nostr enabled and shared with Mostr
Add new currency DZA
00:44:19 Wasabi Wallet v2.2.0.0
Taproot receive addresses: Users can now choose taproot when generating a new receiving address
Faster transaction broadcasting: Transactions are now broadcast to multiple nodes in parallel (through the Tor network) and fail more quickly if the transaction is rejected by the network
Help to setup and find a coordinator: A new message is now shown when no coordinator is configured
More accurate CPFP fee estimation: The CPFP feature now takes into account the fee paid by the parent transaction
Safer protocol: In order to avoid introducing unknown incentives and to limit risk to users, the coordination fee concept has been removed
Backend optimizations: Users who run a Wasabi backend can now do so with a pruned node and significant CPU/RAM savings
Bullbitcoin-mobile v0.3.2
More stable chain swaps
Better handling of refunds
00:51:53 SwissBitcoinPay
00:51:57 BoltzExchange client v2.1.6 - Ball still low, pain still high
Add listswaps pagination
Allow specifying all tenant
Include fix for a race condition which can occur when creating multiple swaps at once
00:52:02 Padawan Wallet v0.14.1 - Resilient Rebel
Update chapter 1 (signet) and translate chapter 8
Translate to portuguese Chapter9.xml
00:57:25 LiveWallet
Make app buildable for linux
Improve dynamic styles
Add logout button from application dropdown
Consolidation mode, a feature to help in consolidating utxos:
Choose your input utxos and and compare them against the new consolidated utxo in various fee rate environments, helping you understand the benefit of the consolidation before going through with it.
You then can save the psbt and load it into any bitcoin wallet to sign and broadcast to complete the consolidation.
00:57:33 BIP39-XOR v.6.0.0
New feature: option -s (substitute BIP-39 checksum)
Update busybox-w32 version FRP-5398-g89ae34445
00:59:06 ESP-Miner v2.2.0
Initial release of the firmware supporting the gamma, including self tests
Add Gamma support
Add frequency rampup bm1368
Add transition to power management
Remove invalid IPv4 validation in DNS code
Project spotlight
00:59:32 Mutation Core: A mutation testing tool for Bitcoin Core. [Github]
00:59:45 Dana Wallet: a simple silent payment-native bitcoin wallet to receive donations [Github]
Dana is a flutter app used for accepting bitcoin donations. It uses silent payments, a new static payments protocol, to receive donations while preserving on-chain privacy.
00:59:52 BitVotr: a P2P computer protocol that can be used by democracies to run elections that result in a provably honest count [Github]
“Each voter has a unique identifier which is a public key (for vote publishing), and also doubles as an onion address for P2P communication, and voting network organisation.”
1:00:13 SwapMarket: Decentralized Marketplace for Boltz-Compatible Bitcoin Swap Providers [Github]
SwapMarket is a “fork of the official Boltz Web App served at boltz.exchange, which allows non-custodial swaps between different layers of Bitcoin.”
1:00:20 NOIST: a non-interactive, single-round t-of-n threshold signing scheme [Blog post]
NOIST enables untrusted parties to collaboratively create a group key and generate signatures in constant time, preventing a disruptive participant from causing a round to be restarted. The final output is a 64-byte BIP-340 compatible Schnorr signature.
1:09:14 Shielded CSV: Private and Efficient Client-Side Validation [White paper]
A private client-side validation protocol that hides transaction history while ensuring efficient on-chain costs.
1:09:46 Vinteum introduces Bitcoin Dev Launchpad, a three-month program for Brazilian developers to enhance their skills in Bitcoin and the Lightning Network. [Blog post]
1:09:57 The Bitcoiner’s Intro to Rust is now publicly available [Announcement]
The course is completely free and uses “recorded lectures, visual diagrams, quizzes and practice challenges to help you master the fundamentals of Rust.”
1:13:23 Silent Payment Faucet: Bitcoin silent-payment faucet using Signet coins
1:13:29 Ashigaru: A self custodial, open source and secure Bitcoin wallet that is private by design. [Code repository (Tor only)]
Ashigaru is a fork of Samourai Wallet with a similar UI and new added functionalities
1:14:42 Bitcoin Scoresby: Retro movie posters turned into Bitcoin ads
The shop offers a wide range of posters accross different themes
1:14:50 BConf: Discover all Bitcoin conferences happening worldwide in one place [Github]
Vulnerability Disclosures
1:15:14 PIXHELL Attack: Acoustic data leaks from LCD screen noise [Bleeping Computer]
The PIXHELL attack exploits noise from LCD screens to leak sensitive data, even in air-gapped systems. Malware modulates pixel patterns to emit acoustic signals, captured by nearby devices like smartphones.
The attack works within a 2-meter range, transmitting data at 20 bps, sufficient for small files or keylogging, but too slow for large data transfers. The signals, mostly inaudible to humans, make detection difficult.
1:15:49 Marko Polo: Cybercriminals launch global infostealer campaign targeting crypto users [Insikt Group report]
The group primarily targets cryptocurrency users and influencers, gaming personalities, and tech professionals, demonstrating the effectiveness of social engineering techniques. Its use of varied malware, such as HijackLoader and Atomic macOS Stealer, highlights its adaptability across platforms.
Over 30 distinct scams and 50 unique malware payloads have been uncovered, compromising tens of thousands of devices.
1:16:42 Five dollar wrench attack:
The leader of a group involved in violent home invasions targeting cryptocurrency owners across the U.S. is sentenced to 47 years in prison, while his accomplices receive sentences ranging from 5 to 20 years. [U.S DoJ]
An Houston elderly has been robbed of US $19,000 while being scammed out of US $80,000 through a cryptocurrency ATM scheme. [ABC13]
1:16:56 Social engineering attack:
How a group of threat actors targeted a single Genesis creditor on August 19, 2024 and relieved them of ~4000 bitcoin [Investigation Twitter thread]
Junseth inteviews a third social engineering scammer, ‘Demetri’, and discuss the structure of their industry, the competition and more [Podcast]
1:18:28 German law enforcement agencies have performed successful timing analysis attacks against Tor users [NDR article]
German authorities reportedly surveil Tor nodes, using timing analysis to deanonymize users by monitoring data packet timings across the network.
The technique succeeded in dismantling the illegal darknet platform “Boystown,” leading to multiple arrests, including its administrator, Andreas G.
1:19:13 The Tor project addresses concerns over a law enforcement attack targeting the outdated Ricochet application, confirming Tor Browser remains secure [Blog post]
The attack exploited old software lacking modern protections, such as Vanguards-lite, introduced in 2022 to prevent timing-based de-anonymization.
1:19:21 Supply chain attack (cont.)
Privacy & Other Related Bitcoin Projects
Software Releases & Project Updates
1:20:37 SimpleX (Released updates after being blocked in Russia: with support for SOCKS proxies both in iOS (via TestFlight) and Android (via Github releases as direct APK download)).
forward multiple messages
support generic SOCKS proxies
new UI for switching user profiles
1:20:40 Tails v6.7 - Major update of OnionShare
Update Tor Browser to 13.5.3.
Update Thunderbird to 115.15.0.
Update OnionShare from 2.2 to 2.6, which includes a feature to create an anonymous chat room.
1:20:44 SideBand
This release improves opportunistic message delivery in topologies where clients roam to and from AP and roaming-mode interfaces.
Significantly improve message delivery performance and efficiency from LXMF 0.5.2
Send messages opportunistically if destination ratchets are available
Add delivery method icons to message view
Improve announce details display
Improve feedback when closing app on desktop
Dispatch messages via background service on Android
Add configuration option for ignoring messages with invalid stamps
Add outbound stamp cost handling and generation
Add inbound stamp cost settings to preferences
Add message details dialog
Add message encryption information to message details
Add ratchet information to object details
Add stamp cost information to object details
Add delivery ticket information to object details
Sideband will now automatically include delivery tickets to trusted peers
1:21:59 reticulum-meshchat v1.12.0
Add the ability to set a custom display name for conversations when clicking the existing display name
Add the ability to use MeshChat as a Propagation Node
Add the ability to automatically send failed messages to a Propagation Node
Add syncing/downloading of messages from Propagation Nodes
Add new message info dialog when clicking an inbound message timestamp or outbound message delivery state
Signal Quality, RSSI and SNR stats have been moved to the new message info dialog
Messages are now sent opportunistically if a link is not yet established and encryption ratchets are available
The timestamp under received messages now shows when they were received instead of when they were sent
1:22:01 NomadNet v0.5.2
Add configuration options and guide entries for LXMF stamps
Project spotlight
1:22:07 rPGP: OpenPGP implemented in pure Rust, permissively licensed [Github]
1:22:13 Discord introduces the DAVE protocol, offering E2EE for voice calls, group DMs, and live streams. Messages remain excluded from this encryption. [Restore Privacy]
Lightning + L2+
Project spotlight
1:22:22 Brick wallet: A simple wallet and web frontend for NWC [Github]
1:22:27 lnrecc: A tool for streamlining recurring lightning payments [Github]
Software Releases & Project Updates
1:24:53 Phoenix Wallet v2.3.9
This release fixes a few UI issues, including a fix for #616 which prevented scanning QR codes for Lightning addresses when they used an URI prefix.
Legacy mode and channels closing: Phoenix v2 was released 1 year ago and v1 legacy channels will soon be closed. The v2 upgrade notices in the v1 legacy mode have been updated. Users that are still using the legacy mode should migrate as soon as possible. Note that this migration to v2 is automated, and free.
1:25:02 LNbits v0.12.11
Add exclude_to list for btcprice providers
Add bitpay and yadio fiat rate providers + increase precision of blockchain.info fiat rate provider
Add a copy wallet button
Set a maximium sleep time when retrying to connect to the funding source by @blackcoffeexbt in #2622
Add release flow for release candidates
Invoice creation UI: Replace input mask with pattern and inputmode by @blackcoffeexbt in #2623
Add Breez SDK wallet
Add boltz client fundingsource
Add rate endpoint per currency
Add generic lnurl error response handler
Add baseurl to admin ui settings
Add detailed CSV export option
1:25:13 minibits-wallet
Better transactions UX: show sender profile picture, show link to zapped note
Revert pending SEND transaction in 1 tap
Share mint URL via QRcode, improved UX of mint info and transaction detail screens
1:25:23 LNDg v1.9.0
Inbound fees can be set from the /advanced page (negative values only)
Inbound fees will be shown next to successful forwards when LNDg detects the inbound fee was used
Unify logs between docker and manual installers
Add setting LND-DisableMPP to force rebalances to not use MPP (available at: /api/settings/)
Stop dashboard auto-refresh if user is hovering an item
Add a consolidate UTXOs button
1:25:40 Lightning Terminal v0.13.4
Add build flag
litd_no_uifor building litd without the ui, accessible withmake go-build-nouiandmake go-install-nouiAdd a
--versionflag to litd which can be used to obtain version information of the daemonLND: Update the integrated LND version to v0.18.3-beta
Loop: Update the integrated Loop version to v0.28.7-beta
1:25:43 Aqua Wallet
1:25:50 Second announces first Ark mainnet transactions
Nostr
Project spotlight
1:27:01 nostr-social-graph: Build a social graph from Nostr follow events [Github]
“You can query followed users, followers and follow distances. You can change the graph root user, efficiently calculating new follow distances.”
1:27:08 Wherostr: official release of a new nostr client that supports native location pinning and check-ins [Announcement
1:27:16 gitworkshop.dev: a decentralized git workflow on nostr for freedom lovers [Github]
gitworkshop.dev is a web client to collaborate on issues and code proposals for git repositories via nostr, pairs with sister project ngit (cf next project).
1:27:26 ngit: a command-line tool to send and review patches via nostr [Github]
1:29:52 SatShoot: A freelance app for freedom-lovers, using nostr [Github]
Find freelancers for any job or earn sats as a freelancer by leveraging your nostr network, pay or get paid in sats using Lightning and eCash in the near future.
1:29:57 Known Nostr Attack: A curated list of known public attacks on the Nostr network [Github]
1:30:04 Foro.Wiki: a forum theme inspired long-form Nostr client [Github]
1:30:16 Whitenoise: Secure Messaging over Nostr [Github]
White Noise is a secure & private messenger client for Nostr. It’s built with Tauri, Rust, and Svelte.
1:31:34 Pollerama: a nostr based polls app with Proof of Work/Contact Lists filtering
Pollerama is a polls client where polls can be created and answered anonymously. Filtering out results and adding a required PoW on your own polls is possible to reduce spam.
1:31:41 ZapD (Zap Delivery): a new food delivery app built on Nostr [Geyser page]
Riders can choose their own jobs, set their own prices, Restaurants can set their own terms, communicate directly with customers, customers can pay with bitcoin.
1:31:46 Nostr Personality Analyzer: Discover insights from your Nostr posts
1:31:59 Alphaama releases 3 micro-apps: [Announcement]
Bitcoin (cont.)
Software Releases & Project Updates
1:32:19 Anchorwatch
Nostr
Software Releases & Project Updates
rust-nostr v0.35.0
Add gossip model support
Deprecate SQLite database in favor of LMDB (fork of pocket database)
Add support to negentropy v1 (old version is still supported!)
Add MockRelay (a local disposable relay for tests)
Allow usage of embedded tor client on mobile devices
Coracle v0.4.10
Show loading when sending note reply
Support rendering zap responses
Speed up web of trust calculation and search page
Reduce extra encrypt/decrypt calls when updating lists
Apply mute keywords to usernames as well as note content
Add profile picture to DMs
Add pubkey to profile name, fix wot info on mobile
Keychat v1.19.7
Add nsec login
Add medium group based on the Signal protocol
Modify the notification system to use Google FCM
Voyage v0.14.0
Optionally show usernames in feeds
Set q tags when mentioning other events
Show indexed topics in post details
Optionally add client tag to posts and replies
Strfry
Add a special
--friedmode for import and export that greatly (10x or more) speeds up the process.Remove prefix matching on ids and authors fields. This was removed from NIP-01. Now, you must use exactly 32 byte (64 hex character) values.
Upgrade negentropy to protocol version 1.
Advertise NIP-77 support (negentropy syncing). The negentropy version is now also indicated in the NIP-11 relay information and the HTML landing page.
--friedsupport from 1.0.0 was back-ported, allowing export of DBs in a fried format for efficient import by 1.0.0+ relays.A
limitationentry is now included in the NIP-11 output. This exposes configured relay limits such as max message size.Node info support added: The relay now replies to requests to /nodeinfo/2.1 and /.well-known/nodeinfo.
NIP-70 support: Events with a “_” tag are considered protected and relays should only allow them to be posted by their author. Since strfry does not yet support AUTH, these events are always rejected.
Preliminary FreeBSD support.
Switch import to use WriterPipeline, allowing strfry import be used as a general-purpose non-relay event ingester.
Nostrudel v0.41.0
Add option to wipe wasm relay database
Update
@snort/worker-relayWASM relayAdd Support for embedding HLS videos
Support pinning articles
Add relay discovery map
Add option to disable keyboard shortcuts
Iris launches new.iris.to, a new client offering a ReplyGuy-free Nostr experience [Announcement]
“When logged in, it hides replies from people who are not in your social graph. You can display the hidden messages by clicking on the button underneath.”
Iris adds cashu.me wallet to beta.iris.to, send and receive zaps without configuring anything. As a new user, [npub]@npub.cash is set as your lightning address.
Boosts
Thanks to everyone who streamed sats, and shoutout to our top boosters:
[🏆 TOP BOOSTER] @Ape Mithrandir (7,777 sats) “Perfect summary of the show and my reason for listening to it at the end”
@vake (7,000 sats) “👍”
@user54549358 (5,000 sats) “great show!”
@tac_btc (5,000 sats) “Great conversation. Thank you”
@LITTLE (500 sats) “Thanks guys. I have no business listening to the show as I can’t understand half of it. But a very enjoyable listen while I drive truck all day.”
@btconboard (500 sats) “Boost before listening. Just appreciate the great technical info. Hard to find places to learn this stuff directly from experts.”
Tech Tips of the Day
Wayback Machine new feature: Access archived webpages directly through Google Search, now featuring a link to the Internet Archive’s Wayback Machine. [Blog post]
Use MacOS Sequoia iPhone mirroring feature to use the same SimpleX account on a Mac and an iPhone [Twitter post]
Bitcoin Optech Newsletter
Highlights from recent Bitcoin Optech Newsletters
Proving UTXO set inclusion in zero knowledge: Johan Halseth announced on Delving Bitcoin a proof-of-concept tool that enables a user to prove control over an output in the current UTXO set without disclosing which specific output.
LN offline payments: Andy Schroder posted to Delving Bitcoin outlining a communication method for an LN wallet to create tokens that can be used by an internet-connected wallet for payments.
DNS seeding for non-IP addresses: Developer Virtu announced on Delving Bitcoin a survey about the availability of seed nodes on anonymity networks and discusses ways for new nodes using those networks to find peers via DNS seeders.
Mutation testing for Bitcoin Core: Bruno Garcia announced on Delving Bitcoin a tool that automatically alters code in a PR or commit to check if the mutations cause existing tests to fail.
DLC-based loan contract execution: Shehzan Maredia shared on Delving Bitcoin the launch of Lava Loans, a loan contract that utilizes DLC oracles for bitcoin-collateralized loan price discovery.
News & Noteworthy
Bitcoin
10101, a self-custodial Bitcoin wallet and trading app, announces it will cease operations by November 3, 2024, due to limited user traction and technical scaling challenges. [Blog post]
Lightning + L2+
Nayuta Wallet shuts down its self-custodial Bitcoin and Lightning wallet due to CEO health concerns and challenges in adapting to custodial solutions dominating the Lightning Network [Blog post]
Nostr
Decentralized exchange Bisq joins Nostr and makes its npub a primary outlet for Bisq news and announcements [Announcement]
Business & Finance
Cryptocurrency exchange platform Kraken halts support for the Lightning Network for German customers [The Rage]
Kraken Germany stops supporting the Lightning Network following its switch to BaFin-regulated provider DLT Finance. Initially, Kraken cites regulatory changes as the reason for the halt.
Bitcoin-only exchange River introduces River Proof of Reserves [Blog post]
Cathedra Bitcoin, a Canadian bitcoin mining company, shifts from mining to a bitcoin acquisition strategy, focusing on predictable cash flows by developing data centers. [Press release]
The decision comes after volatile mining profits and the realization that most top mining firms hold less bitcoin per share today than three years ago.
Tradfi
ARK 21Shares Bitcoin ETF diversifies its custodians by adding BitGo and Anchorage Digital to improve security and reduce potential online threats, hacking and cyber-attacks. Coinbase remains a custodian as well. [Press release]
Funding
OpenSats announces:
Seventh Wave of Nostr Grants, the five projects of this funding wave are:
Nostr Arduino
White Noise
futr
Notedeck
Keystache
Long-term support for Mike Dilger, dedicated contributor in the nostr ecosystem, and Jason Donenfeld, creator of secure VPN protocol WireGuard.
The Human Rights Foundation announces its latest round of Bitcoin Development Fund grants and selects 20 projects to be awarded a total of 10 bitcoin [Press release]
African Bitcoiners, Stratospher, Coracle, Harbor, The 256 Foundation, Kiveclair, Jeff Gardner, Silentium, BTC Shule, EttaWallet, Tor relay operator associations, Rikto Xonghoti, Yes Bitcoin Haiti, Bitcoin Indonesia, Bitcoin++, TABConf, Baltic Honeybadger, LaBitconf and Descentralizar, Satsconf and Solidarity Summit
Bitcoin Majlis announces Bitcoin Educational Grant to Muslim scholars and students [Blog post]
“Receive key books/resources, a hardware wallet, and 0.01 BTC (minimum) for completing the program. Dive into how Bitcoin can reshape our financial future.”
Investment fund Maelstrom awards first Bitcoin Developer Grant to Bitcoin Core contributor Rkrux [Announcement]
Crowdfunding platform Geyser announces it will no longer lists projects in sensitive conflict zones [Announcement]
Mining
Norway: shutdown of a bitcoin mining facility in Stokmarknes leads to a 20% increase in electricity bills for local residents [The Miner Mag]
Kryptovault, which accounted for 20% of the local energy company’s revenue, ceased operations after failing to renew its temporary permit.
Bitcoin developer and researcher 0xB10C updated his report dating from April 2024 on mining pool centralization [Block Template Similarities between Mining Pools]
Security
FBI reports cryptocurrency-related fraud led to over $5.6 billion in losses in 2023, a 45% increase from the previous year. [The Block]
Privacy
Samourai Wallet developers face discovery and bail challenges ahead of December hearing [The Rage]
Defense attorneys argue Samourai Wallet does not operate as a money transmitting business. Rodriguez’s bail modification requests are denied, including home detention and cryptocurrency restrictions.
Over 8TB of discovery data is yet to be fully reviewed. The defense highlights no evidence showing unlicensed money transmitting operations by Rodriguez or Hill.
Privacy-Preserving Proof of Assets via Taproot UTXOs by Adam Gibson [Github]
The auditor function enables privacy-preserving proof of Bitcoin asset ownership within a specific BTC range without disclosing individual UTXO details.
FINMA Report: Public Blockchains’ Potential and Regulatory Challenges
Financial authorities may push for permissioned blockchain systems with Know Your Customer (KYC) protocols, creating a divide between unrestricted and regulated blockchain networks.
AI agents expected to police on-chain transactions within 5 years, says Chainalysis CEO [Coin Telegraph]
Protocol
Murch shared a draft proposing a successor to BIP-2 by defining an updated BIP process [BIPS PR#2]
Bitcoin Core #29605: updates peer discovery to prioritize peers from the local address manager rather than relying on seed nodes, which reduces their impact on peer selection and limits unnecessary data sharing. [Merged]
Bitcoin Core #28358: removes the dbcache limit, as the previous 16 GB restriction was inadequate for completing an Initial Block Download (IBD) without transferring the UTXO set from RAM to disk, resulting in about a 25% speed increase. [Merged]
LDK #3140: introduces support for processing static BOLT12 invoices, enabling asynchronous payments as an always-online sender, as outlined in BOLTs #1149. However, it does not incorporate the invoice request in the payment onion message. [Merged]
Government & Political
The UK Parliament introduces bill recognizing Bitcoin and digital assets as personal property [Bitcoin Magazine]
The bill will classify digital assets as a third category of property, providing stronger legal protections against fraud and theft, aiding courts in disputes over digital assets, and attracting investment to the UK’s legal sector.
Events
Non-profit organization Btrust partners with the Africa Bitcoin Conference 2024 and announces the Btrust Developer Day, day-long conference designed to inspire African developers.
December 8, 2024 in Nairobi, Kenya
Reads
Here’s a list of our top recently published reads:
Cryptography, the Commons and Proof of Place by Nathan Day [Highlighter]
Bitcoin: A Unique Diversifier [BlackRock]
Bitcoin guide for new users [Proton Wallet]
Episode submission ideas
We’re looking for ideas for interesting panel conversations. To send Bitcoin related questions, just go to bitcoin.review and follow the contact links at the bottom of the page.
Get in touch with the pod
Nostr & LN ⚡nvk@nvk.org (not an email!)